acf9de4c94
Change the validation logic in "mktag" to use fsck's fsck_tag()
instead of its own custom parser. Curiously the logic for both dates
back to the same commit[1]. Let's unify them so we're not maintaining
two sets functions to verify that a tag is OK.
The behavior of fsck_tag() and the old "mktag" code being removed here
is different in few aspects.
I think it makes sense to remove some of those checks, namely:
A. fsck only cares that the timezone matches [-+][0-9]{4}. The mktag
code disallowed values larger than 1400.
Yes there's currently no timezone with a greater offset[2], but
since we allow any number of non-offical timezones (e.g. +1234)
passing this through seems fine. Git also won't break in the
future if e.g. French Polynesia decides it needs to outdo the Line
Islands when it comes to timezone extravagance.
B. fsck allows missing author names such as "tagger <email>", mktag
wouldn't, but would allow e.g. "tagger [2 spaces] <email>" (but
not "tagger [1 space] <email>"). Now we allow all of these.
C. Like B, but "mktag" disallowed spaces in the <email> part, fsck
allows it.
In some ways fsck_tag() is stricter than "mktag" was, namely:
D. fsck disallows zero-padded dates, but mktag didn't care. So
e.g. the timestamp "0000000000 +0000" produces an error now. A
test in "t1006-cat-file.sh" relied on this, it's been changed to
use "hash-object" (without fsck) instead.
There was one check I deemed worth keeping by porting it over to
fsck_tag():
E. "mktag" did not allow any custom headers, and by extension (as an
empty commit is allowed) also forbade an extra stray trailing
newline after the headers it knew about.
Add a new check in the "ignore" category to fsck and use it. This
somewhat abuses the facility added in efaba7cc77 (fsck:
optionally ignore specific fsck issues completely, 2015-06-22).
This is somewhat of hack, but probably the least invasive change
we can make here. The fsck command will shuffle these categories
around, e.g. under --strict the "info" becomes a "warn" and "warn"
becomes "error". Existing users of fsck's (and others,
e.g. index-pack) --strict option rely on this.
So we need to put something into a category that'll be ignored by
all existing users of the API. Pretending that
fsck.extraHeaderEntry=error ("ignore" by default) was set serves
to do this for us.
1. ec4465adb3 (Add "tag" objects that can be used to sign other
objects., 2005-04-25)
2. https://en.wikipedia.org/wiki/List_of_UTC_time_offsets
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
461 lines
9.3 KiB
Bash
Executable File
461 lines
9.3 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
#
|
|
|
|
test_description='git mktag: tag object verify test'
|
|
|
|
. ./test-lib.sh
|
|
|
|
###########################################################
|
|
# check the tag.sig file, expecting verify_tag() to fail,
|
|
# and checking that the error message matches the pattern
|
|
# given in the expect.pat file.
|
|
|
|
check_verify_failure () {
|
|
expect="$2"
|
|
test_expect_success "$1" '
|
|
test_must_fail env GIT_TEST_GETTEXT_POISON=false \
|
|
git mktag <tag.sig 2>message &&
|
|
grep "$expect" message
|
|
'
|
|
}
|
|
|
|
test_expect_mktag_success() {
|
|
test_expect_success "$1" '
|
|
git hash-object -t tag -w --stdin <tag.sig >expected &&
|
|
git fsck --strict &&
|
|
|
|
git mktag <tag.sig >hash &&
|
|
test_cmp expected hash &&
|
|
test_when_finished "git update-ref -d refs/tags/mytag $(cat hash)" &&
|
|
git update-ref refs/tags/mytag $(cat hash) $(test_oid zero) &&
|
|
git fsck --strict
|
|
'
|
|
}
|
|
|
|
###########################################################
|
|
# first create a commit, so we have a valid object/type
|
|
# for the tag.
|
|
test_expect_success 'setup' '
|
|
test_commit A &&
|
|
test_commit B &&
|
|
head=$(git rev-parse --verify HEAD) &&
|
|
head_parent=$(git rev-parse --verify HEAD~) &&
|
|
tree=$(git rev-parse HEAD^{tree}) &&
|
|
blob=$(git rev-parse --verify HEAD:B.t)
|
|
'
|
|
|
|
############################################################
|
|
# 1. length check
|
|
|
|
cat >tag.sig <<EOF
|
|
too short for a tag
|
|
EOF
|
|
|
|
check_verify_failure 'Tag object length check' \
|
|
'^error:.* missingObject:'
|
|
|
|
############################################################
|
|
# 2. object line label check
|
|
|
|
cat >tag.sig <<EOF
|
|
xxxxxx $head
|
|
type tag
|
|
tag mytag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure '"object" line label check' '^error:.* missingObject:'
|
|
|
|
############################################################
|
|
# 3. object line hash check
|
|
|
|
cat >tag.sig <<EOF
|
|
object $(echo $head | tr 0-9a-f z)
|
|
type tag
|
|
tag mytag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure '"object" line check' '^error:.* badObjectSha1:'
|
|
|
|
############################################################
|
|
# 4. type line label check
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
xxxx tag
|
|
tag mytag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure '"type" line label check' '^error:.* missingTypeEntry:'
|
|
|
|
############################################################
|
|
# 5. type line eol check
|
|
|
|
echo "object $head" >tag.sig
|
|
printf "type tagsssssssssssssssssssssssssssssss" >>tag.sig
|
|
|
|
check_verify_failure '"type" line eol check' '^error:.* unterminatedHeader:'
|
|
|
|
############################################################
|
|
# 6. tag line label check #1
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type tag
|
|
xxx mytag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure '"tag" line label check #1' \
|
|
'^error:.* missingTagEntry:'
|
|
|
|
############################################################
|
|
# 7. tag line label check #2
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type taggggggggggggggggggggggggggggggg
|
|
tag
|
|
EOF
|
|
|
|
check_verify_failure '"tag" line label check #2' \
|
|
'^error:.* badType:'
|
|
|
|
############################################################
|
|
# 8. type line type-name length check
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type taggggggggggggggggggggggggggggggg
|
|
tag mytag
|
|
EOF
|
|
|
|
check_verify_failure '"type" line type-name length check' \
|
|
'^error:.* badType:'
|
|
|
|
############################################################
|
|
# 9. verify object (hash/type) check
|
|
|
|
cat >tag.sig <<EOF
|
|
object $(test_oid deadbeef)
|
|
type tag
|
|
tag mytag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'verify object (hash/type) check -- correct type, nonexisting object' \
|
|
'^fatal: could not read tagged object'
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type tagggg
|
|
tag mytag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'verify object (hash/type) check -- made-up type, valid object' \
|
|
'^error:.* badType:'
|
|
|
|
cat >tag.sig <<EOF
|
|
object $(test_oid deadbeef)
|
|
type tagggg
|
|
tag mytag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'verify object (hash/type) check -- made-up type, nonexisting object' \
|
|
'^error:.* badType:'
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type tree
|
|
tag mytag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'verify object (hash/type) check -- mismatched type, valid object' \
|
|
'^fatal: object.*tagged as.*tree.*but is.*commit'
|
|
|
|
############################################################
|
|
# 9.5. verify object (hash/type) check -- replacement
|
|
|
|
test_expect_success 'setup replacement of commit -> commit and tree -> blob' '
|
|
git replace $head_parent $head &&
|
|
git replace -f $tree $blob
|
|
'
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head_parent
|
|
type commit
|
|
tag mytag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
test_expect_mktag_success 'tag to a commit replaced by another commit'
|
|
|
|
cat >tag.sig <<EOF
|
|
object $tree
|
|
type tree
|
|
tag mytag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'verify object (hash/type) check -- mismatched type, valid object' \
|
|
'^fatal: object.*tagged as.*tree.*but is.*blob'
|
|
|
|
############################################################
|
|
# 10. verify tag-name check
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag my tag
|
|
tagger . <> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'verify tag-name check' \
|
|
'^error:.* badTagName:'
|
|
|
|
############################################################
|
|
# 11. tagger line label check #1
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
|
|
This is filler
|
|
EOF
|
|
|
|
check_verify_failure '"tagger" line label check #1' \
|
|
'^error:.* missingTaggerEntry:'
|
|
|
|
############################################################
|
|
# 12. tagger line label check #2
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger
|
|
|
|
This is filler
|
|
EOF
|
|
|
|
check_verify_failure '"tagger" line label check #2' \
|
|
'^error:.* missingTaggerEntry:'
|
|
|
|
############################################################
|
|
# 13. allow missing tag author name like fsck
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger <> 0 +0000
|
|
|
|
This is filler
|
|
EOF
|
|
|
|
test_expect_mktag_success 'allow missing tag author name'
|
|
|
|
############################################################
|
|
# 14. disallow missing tag author name
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <
|
|
> 0 +0000
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'disallow malformed tagger' \
|
|
'^error:.* badEmail:'
|
|
|
|
############################################################
|
|
# 15. allow empty tag email
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <> 0 +0000
|
|
|
|
EOF
|
|
|
|
test_expect_mktag_success 'allow empty tag email'
|
|
|
|
############################################################
|
|
# 16. allow spaces in tag email like fsck
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tag ger@example.com> 0 +0000
|
|
|
|
EOF
|
|
|
|
test_expect_mktag_success 'allow spaces in tag email like fsck'
|
|
|
|
############################################################
|
|
# 17. disallow missing tag timestamp
|
|
|
|
tr '_' ' ' >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com>__
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'disallow missing tag timestamp' \
|
|
'^error:.* badDate:'
|
|
|
|
############################################################
|
|
# 18. detect invalid tag timestamp1
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com> Tue Mar 25 15:47:44 2008
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'detect invalid tag timestamp1' \
|
|
'^error:.* badDate:'
|
|
|
|
############################################################
|
|
# 19. detect invalid tag timestamp2
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com> 2008-03-31T12:20:15-0500
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'detect invalid tag timestamp2' \
|
|
'^error:.* badDate:'
|
|
|
|
############################################################
|
|
# 20. detect invalid tag timezone1
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com> 1206478233 GMT
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'detect invalid tag timezone1' \
|
|
'^error:.* badTimezone:'
|
|
|
|
############################################################
|
|
# 21. detect invalid tag timezone2
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com> 1206478233 + 30
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'detect invalid tag timezone2' \
|
|
'^error:.* badTimezone:'
|
|
|
|
############################################################
|
|
# 22. allow invalid tag timezone3 (the maximum is -1200/+1400)
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com> 1206478233 -1430
|
|
|
|
EOF
|
|
|
|
test_expect_mktag_success 'allow invalid tag timezone'
|
|
|
|
############################################################
|
|
# 23. detect invalid header entry
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com> 1206478233 -0500
|
|
this line should not be here
|
|
|
|
EOF
|
|
|
|
check_verify_failure 'detect invalid header entry' \
|
|
'^error:.* extraHeaderEntry:'
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com> 1206478233 -0500
|
|
|
|
|
|
this line comes after an extra newline
|
|
EOF
|
|
|
|
test_expect_mktag_success 'allow extra newlines at start of body'
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com> 1206478233 -0500
|
|
|
|
EOF
|
|
|
|
test_expect_mktag_success 'require a blank line before an empty body (1)'
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com> 1206478233 -0500
|
|
EOF
|
|
|
|
check_verify_failure 'require a blank line before an empty body (2)' \
|
|
'^error:.* extraHeaderEntry:'
|
|
|
|
############################################################
|
|
# 24. create valid tag
|
|
|
|
cat >tag.sig <<EOF
|
|
object $head
|
|
type commit
|
|
tag mytag
|
|
tagger T A Gger <tagger@example.com> 1206478233 -0500
|
|
|
|
EOF
|
|
|
|
test_expect_mktag_success 'create valid tag object'
|
|
|
|
test_done
|