Skip to content

Commit

Permalink
Check for Insecure=1 on PGP callbacks only during installation
Browse files Browse the repository at this point in the history
  • Loading branch information
@imobachgs
imobachgs committed Sep 7, 2017
1 parent b5ac3fb commit 7525e0f
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 12 deletions.
4 changes: 3 additions & 1 deletion library/packages/src/modules/PackageCallbacks.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -406,6 +406,7 @@ def ProgressPackage(percent)
# Handle GPG check result (pkgGpgCheck)
#
# If insecure mode is set to '1', the check result is ignored. Otherwise, no decision is made.
# When running on an installed system, it always return "".
#
# @param data [Hash] Output from `pkgGpgCheck` callback.
# @option data [Integer] "CheckPackageResult" Check result code according to libzypp.
Expand All @@ -416,7 +417,8 @@ def ProgressPackage(percent)
# a blank string is returned (so no decision is made).
def pkg_gpg_check(data)
log.debug("pkgGpgCheck data: #{data}")
Linuxrc.InstallInf("Insecure") == "1" ? "I" : ""
return "I" if Stage.initial && Linuxrc.InstallInf("Insecure") == "1"
""
end

# After package install.
Expand Down
36 changes: 25 additions & 11 deletions library/packages/test/package_callbacks_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -213,26 +213,40 @@

before do
allow(Yast::Linuxrc).to receive(:InstallInf).with("Insecure").and_return(insecure)
allow(Yast::Stage).to receive(:initial).and_return(initial)
end

context "when insecure is not set" do
let(:insecure) { nil }
context "during installation" do
let(:initial) { true }

it "returns ''" do
expect(subject.pkg_gpg_check(data)).to eq("")
context "and when insecure is not set" do
let(:insecure) { nil }

it "returns ''" do
expect(subject.pkg_gpg_check(data)).to eq("")
end
end
end

context "when Insecure is set to '1'" do
let(:insecure) { "1" }
context "and when Insecure is set to '1'" do
let(:insecure) { "1" }

it "returns 'I'" do
expect(subject.pkg_gpg_check(data)).to eq("I")
it "returns 'I'" do
expect(subject.pkg_gpg_check(data)).to eq("I")
end
end

context "and when Insecure is set but different to '1'" do
let(:insecure) { "0" }

it "returns ''" do
expect(subject.pkg_gpg_check(data)).to eq("")
end
end
end

context "when Insecure is set but different to '1'" do
let(:insecure) { "0" }
context "on an installed system" do
let(:initial) { false }
let(:insecure) { "1" }

it "returns ''" do
expect(subject.pkg_gpg_check(data)).to eq("")
Expand Down

0 comments on commit 7525e0f

Please sign in to comment.