* tests/openpgp/defs.scm (with-ephemeral-home-directory): Make
hygienic, use define-macro, do not change to the ephemeral home
directory.
* tests/gpgsm/setup.scm: Change to the ephemeral home directory.
* tests/openpgp/setup.scm: Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/defs.scm (percent-decode): New function.
(bin-prefix): New variable.
(installed?): Likewise.
(tool-hardcoded): Use the new variables.
(gpg-conf): Use the new function to decode the values.
(gpg-components): Do not use '--build-prefix' when 'installed?'.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/Makefile.am (TEST_FILES): Add new file.
* tests/openpgp/defs.scm (plain-files): Add 'plain-large'.
(all-files): New variable.
(create-sample-files): New function.
(create-legacy-gpghome): Use new function.
* tests/openpgp/plain-large.asc: New file.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/run-tests.scm: Use sequential test runner if only one
test is given.
--
This allows one to set the environment variable TESTFLAGS to
'--parallel' and enjoy faster test execution times without interfering
with stdio when one works on a single test.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/tofu.scm (GPGTIME): Define the "standard" base time.
(faketime): New function.
(days->seconds): Likewise.
(GPG): Use faketime.
(check-counts): Also check the number of expected days with signatures
and encryptions. Update callers. Extend tests.
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* g10/gpg.c (opts): Rename options.
(main): Update errors.
* doc/gpg.texi: Update accordingly.
--
I decided not to keep the old versions as aliases in the documentation
because the interface is a fairly recent addition.
GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
* common/homedir.c (gnupg_build_directory): New variable.
(gnupg_module_name_called): Likewise.
(gnupg_set_builddir): New function.
(gnupg_set_builddir_from_env): Likewise.
(gnupg_module_name): Support locating components in the build tree.
* common/util.h (gnupg_set_builddir): New prototype.
* tests/openpgp/defs.scm (tools): Drop 'gpg and 'gpg-agent.
(tool): Rename to 'tool-hardcoded.
(gpg-conf): New function, with accessors for the results.
(gpg-components): New variable.
(tool): New function.
* tools/gpgconf.c (enum cmd_and_opt_values): New key.
(opts): New option '--build-prefix'.
(main): Handle new option.
--
This change makes sure that the components from the build tree are
used, and not some older installed version in PATH. It also lets us
make GPGME use components from the build tree, making it possible to
execute GPGME's test suite with them.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/defs.scm (gpg-has-option?): New function.
(have-opt-always-trust): Use a simpler test for that option. This way
that is less distracting when we run the tests with verbose=3.
Signed-off-by: Justus Winter <justus@g10code.com>
* doc/gpg.texi: Document that fact.
* g10/keygen.c (quick_generate_keypair): Use a default value.
* tests/openpgp/quick-key-manipulation.scm: Test that fact.
GnuPG-bug-id: 2701
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/run-tests.scm (locate-test): New function.
(test): Factor-out the code starting the child process.
(test::binary): New function.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/quick-key-manipulation.scm: Do not update the trust
database, rather be more specific when filtering the user ids.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/tofu-2183839A-1.txt: Remove file.
* tests/openpgp/tofu-BC15C85A-1.txt: Remove file.
* tests/openpgp/tofu-EE37CF96-1.txt: Remove file.
* tests/openpgp/tofu-keys-secret.asc: Remove file.
* tests/openpgp/tofu-keys.asc: Remove file.
* tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F.gpg: New file.
* tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file.
* tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file.
* tests/openpgp/tofu/conflicting/README: New file.
* tests/openpgp/tofu.scm: Update accordingly.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
There are two motivations for this change. First, we decided that
test data should live in a subdirectory rather than in tests/openpgp.
Second, secret key material is password protected, and I don't
remember the password that I used. (The new data is not password
protected.) I have also added some new examples of signed messages.
* tests/openpgp/Makefile.am (sample_msgs): Add messages required for
the new test 'verify-multifile.scm'.
Fixes-commit: 12af8e84a32df728462da09a00a8bec24a487720
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/trustdb.c (tdb_utks): New function.
* g10/tofu.c (check_utks): New function.
(initdb): Call it.
* tests/openpgp/tofu.scm: Modify test to check the effective policy of
keys whose effective policy changes when we change the set of UTKs.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
If the set of ultimately trusted keys changes, then it is possible
that a binding's effective policy changes. To deal with this, we
detect when the set of ultimately trusted keys changes and invalidate
all cached policies.
* g10/tofu.c (initdb): Add column effective_policy to the bindings
table.
(record_binding): New parameters effective_policy and set_conflict.
Save the effective policy. If SET_CONFLICT is set, then set conflict
according to CONFLICT. Otherwise, preserve the current value of
conflict. Update callers.
(get_trust): Don't compute the effective policy here...
(get_policy): ... do it here, if it was not cached. Take new
parameters, PK, the public key, and NOW, the time that the operation
started. Update callers.
(show_statistics): New parameter PK. Pass it to get_policy. Update
callers.
(tofu_notice_key_changed): New function.
* g10/gpgv.c (tofu_notice_key_changed): New stub.
* g10/import.c (import_revoke_cert): Take additional argument CTRL.
Pass it to keydb_update_keyblock.
* g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL.
Update callers.
[USE_TOFU]: Call tofu_notice_key_changed.
* g10/test-stubs.c (tofu_notice_key_changed): New stub.
* tests/openpgp/tofu.scm: Assume that manually setting a binding's
policy to auto does not cause the tofu engine to forget about any
conflict.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
We now store the computed policy in the tofu DB (in the
effective_policy column of the bindings table) to avoid computing it
every time, which is expensive. Further, policy is never overridden
in case of a conflict. Instead, we detect a conflict if CONFLICT is
not empty.
This change is backwards compatible to existing DBs. The only minor
incompatibility is that unresolved conflicts won't be automatically
resolved in case we import a direct signature, or cross signatures.
* tests/openpgp/defs.scm (setup-legacy-environment): Do not call
'setup-environment' because that will start the agent, and hence
register the atexit function twice.
Fixes: a55393cb5f4b331cb3a715c7d9a8b91f7606f337
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/run-tests.scm (test): Add field 'logfd'.
(test::new, test::set-*): Adapt accordingly.
(test::set-logfd): New function.
(test::open-log-file): Likewise.
(test::run-sync): Use the new function.
(test::run-async): Likewise.
(test::report): Replay the log.
(run-tests-parallel): Reverse the results to restore the original
order.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/run-tests.scm (run-tests-parallel): Catch errors when
removing the working directory. On Windows this can fail if there is
still a process using one of the files there.
(run-tests-sequential): Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/tests.scm (log): New function.
* tests/openpgp/run-tests.scm (run-tests-parallel): Do not run the
startup and teardown scripts.
(run-tests-sequential): Likewise.
* tests/openpgp/setup.scm: Move all functions...
* tests/openpgp/defs.scm: ... here and make them less verbose.
(setup-environment): New function.
(setup-legacy-environment): Likewise.
(start-agent): Make less verbose, run 'stop-agent' at interpreter
exit.
(stop-agent): Make less verbose.
* tests/openpgp/finish.scm: Drop file.
* tests/openpgp/Makefile.am (EXTRA_DIST): Drop removed file.
* tests/openpgp/4gb-packet.scm: Use 'setup-environment' or
'setup-legacy-environment' as appropriate.
* tests/openpgp/armdetach.scm: Likewise.
* tests/openpgp/armdetachm.scm: Likewise.
* tests/openpgp/armencrypt.scm: Likewise.
* tests/openpgp/armencryptp.scm: Likewise.
* tests/openpgp/armor.scm: Likewise.
* tests/openpgp/armsignencrypt.scm: Likewise.
* tests/openpgp/armsigs.scm: Likewise.
* tests/openpgp/clearsig.scm: Likewise.
* tests/openpgp/conventional-mdc.scm: Likewise.
* tests/openpgp/conventional.scm: Likewise.
* tests/openpgp/decrypt-dsa.scm: Likewise.
* tests/openpgp/decrypt.scm: Likewise.
* tests/openpgp/default-key.scm: Likewise.
* tests/openpgp/detach.scm: Likewise.
* tests/openpgp/detachm.scm: Likewise.
* tests/openpgp/ecc.scm: Likewise.
* tests/openpgp/encrypt-dsa.scm: Likewise.
* tests/openpgp/encrypt.scm: Likewise.
* tests/openpgp/encryptp.scm: Likewise.
* tests/openpgp/export.scm: Likewise.
* tests/openpgp/finish.scm: Likewise.
* tests/openpgp/genkey1024.scm: Likewise.
* tests/openpgp/gpgtar.scm: Likewise.
* tests/openpgp/gpgv-forged-keyring.scm: Likewise.
* tests/openpgp/import.scm: Likewise.
* tests/openpgp/issue2015.scm: Likewise.
* tests/openpgp/issue2417.scm: Likewise.
* tests/openpgp/issue2419.scm: Likewise.
* tests/openpgp/key-selection.scm: Likewise.
* tests/openpgp/mds.scm: Likewise.
* tests/openpgp/multisig.scm: Likewise.
* tests/openpgp/quick-key-manipulation.scm: Likewise.
* tests/openpgp/seat.scm: Likewise.
* tests/openpgp/shell.scm: Likewise.
* tests/openpgp/signencrypt-dsa.scm: Likewise.
* tests/openpgp/signencrypt.scm: Likewise.
* tests/openpgp/sigs-dsa.scm: Likewise.
* tests/openpgp/sigs.scm: Likewise.
* tests/openpgp/ssh.scm: Likewise.
* tests/openpgp/tofu.scm: Likewise.
* tests/openpgp/use-exact-key.scm: Likewise.
* tests/openpgp/verify.scm: Likewise.
* tests/openpgp/version.scm: Likewise.
* tests/openpgp/issue2346.scm: Likewise and simplify.
--
The previous Bourne Shell-based test suite created the environment
before running all tests, and tore it down after executing them. When
we created the Scheme-based test suite, we kept this design at first,
but introduced a way to run each test in its own environment to
prevent tests from interfering with each other. Nevertheless, every
test started out with the same environment.
Move the creation of the test environment into each test. This gives
us finer control over the environment each test is run in. It also
makes it possible to run each test by simply executing it using gpgscm
without the use of the runner. Furthermore, it has the neat
side-effect of speeding up the test suite if run in parallel.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/getkey.c (struct pubkey_cmp_cookie): New type.
(key_is_ok, uid_is_ok, subkey_is_ok): New functions.
(pubkey_cmp): Likewise.
(get_best_pubkey_byname): Likewise.
* g10/keydb.h (get_best_pubkey_byname): New prototype.
* g10/keylist.c (locate_one): Use the new function.
* g10/pkclist.c (find_and_check_key): Likewise.
* tests/openpgp/Makefile.am (XTESTS): Add new test.
(TEST_FILES): Add new files.
* tests/openpgp/key-selection.scm: New file.
* tests/openpgp/key-selection/0.asc: Likewise.
* tests/openpgp/key-selection/1.asc: Likewise.
* tests/openpgp/key-selection/2.asc: Likewise.
* tests/openpgp/key-selection/3.asc: Likewise.
* tests/openpgp/key-selection/4.asc: Likewise.
--
When a name resembling a mail address is given to either --locate-keys
or --recipient, rank the search results and use only the most relevant
key.
This also lets us query which key will be used for encryption using
--locate-keys. However, note that --locate-keys may also return keys
incapable of encryption, though it will prefer keys that have an
encryption subkey.
GnuPG-bug-id: 2359
Signed-off-by: Justus Winter <justus@g10code.com>