synit
/
pmbootstrap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix #6: Make testcases run with Python 3.4 (Debian Jessie) 

For some reason, it was not possible to create the .tar.gz
archives with Python 3.4, that are used to simulate broken
or malicious apk downloads. I've rewritten the testcase,
so it creates the .tar.gz files inside the native Alpine
Linux chroot.
This commit is contained in:
Oliver Smith 2017-05-30 20:47:19 +02:00
parent 3ccaefef67
commit a12d345deb
No known key found for this signature in database
GPG Key ID: 5AE7F5513E0885CB
1 changed files with 31 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
test/test_apk_static.py
View File

@ -39,29 +39,50 @@ def args(request):
return args return args
def test_read_signature_info(tmpdir): def test_read_signature_info(args):
with tarfile.open(tmpdir + "/test.apk", "w:gz") as tar: # Tempfolder inside chroot for fake apk files
# No signature found tmp_path = "/tmp/test_read_signature_info"
tmp_path_chroot = args.work + "/chroot_native" + tmp_path
if os.path.exists(tmp_path_chroot):
pmb.chroot.root(args, ["rm", "-r", tmp_path])
pmb.chroot.user(args, ["mkdir", "-p", tmp_path])
# No signature found
pmb.chroot.user(args, ["tar", "-czf", tmp_path + "/no_sig.apk",
"/etc/issue"])
with tarfile.open(tmp_path_chroot + "/no_sig.apk", "r:gz") as tar:
with pytest.raises(RuntimeError) as e: with pytest.raises(RuntimeError) as e:
pmb.chroot.apk_static.read_signature_info(tar) pmb.chroot.apk_static.read_signature_info(tar)
assert "Could not find signature" in str(e.value) assert "Could not find signature" in str(e.value)
# Add signature file with invalid name # Signature file with invalid name
tar.add(__file__, "sbin/apk.static.SIGN.RSA.invalid.pub") pmb.chroot.user(args, ["mkdir", "-p", tmp_path + "/sbin"])
pmb.chroot.user(args, ["cp", "/etc/issue", tmp_path +
"/sbin/apk.static.SIGN.RSA.invalid.pub"])
pmb.chroot.user(args, ["tar", "-czf", tmp_path + "/invalid_sig.apk",
"sbin/apk.static.SIGN.RSA.invalid.pub"],
working_dir=tmp_path)
with tarfile.open(tmp_path_chroot + "/invalid_sig.apk", "r:gz") as tar:
with pytest.raises(RuntimeError) as e: with pytest.raises(RuntimeError) as e:
pmb.chroot.apk_static.read_signature_info(tar) pmb.chroot.apk_static.read_signature_info(tar)
assert "Invalid signature key" in str(e.value) assert "Invalid signature key" in str(e.value)
# Add signature file with realistic name # Signature file with realistic name
path = glob.glob(pmb_src + "/keys/*.pub")[0] path = glob.glob(pmb_src + "/keys/*.pub")[0]
name = os.path.basename(path) name = os.path.basename(path)
path_archive = "sbin/apk.static.SIGN.RSA." + name path_archive = "sbin/apk.static.SIGN.RSA." + name
with tarfile.open(tmpdir + "/test2.apk", "w:gz") as tar: pmb.chroot.user(args, ["mv", tmp_path + "/sbin/apk.static.SIGN.RSA.invalid.pub",
tar.add(__file__, path_archive) tmp_path + "/" + path_archive])
pmb.chroot.user(args, ["tar", "-czf", tmp_path + "/realistic_name_sig.apk",
path_archive], working_dir=tmp_path)
with tarfile.open(tmp_path_chroot + "/realistic_name_sig.apk", "r:gz") as tar:
sigfilename, sigkey_path = pmb.chroot.apk_static.read_signature_info( sigfilename, sigkey_path = pmb.chroot.apk_static.read_signature_info(
tar) tar)
assert sigfilename == path_archive assert sigfilename == path_archive
assert sigkey_path == path assert sigkey_path == path
# Clean up
pmb.chroot.user(args, ["rm", "-r", tmp_path])
def test_successful_extraction(args, tmpdir): def test_successful_extraction(args, tmpdir):