[Rt-commit] rt branch, 4.4/provide-more-public-key-details, updated. rt-4.4.4-160-gc0c5d651f7

Dianne Skoll dianne at bestpractical.com
Fri Nov 13 09:29:53 EST 2020 

The branch, 4.4/provide-more-public-key-details has been updated
       via  c0c5d651f7f25243db12223545dde51780b63bc4 (commit)
      from  d89f0aa0a37caf5d0b5cfde09b5ac572b739b539 (commit)

Summary of changes:
 t/web/crypt-gnupg.t | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

- Log -----------------------------------------------------------------
commit c0c5d651f7f25243db12223545dde51780b63bc4
Author: Dianne Skoll <dianne at bestpractical.com>
Date:   Fri Nov 13 09:29:38 2020 -0500

    Add tests for our tooltip and for GnuPG public-key download link.

diff --git a/t/web/crypt-gnupg.t b/t/web/crypt-gnupg.t
index b106362618..bf17c4c85e 100644
--- a/t/web/crypt-gnupg.t
+++ b/t/web/crypt-gnupg.t
@@ -183,8 +183,28 @@ MAIL
 
     like($attachments[0]->Content, qr/Some other content/, "RT's mail includes copy of ticket text");
     like($attachments[0]->Content, qr/$RT::rtname/, "RT's mail includes this instance's name");
+    $m->get("$baseurl/Ticket/History.html?id=$id");
+    my $content = $m->content;
+    like($content, qr/<span title="Fingerprint: EC1E81E7DC3DB42788FB0E4E9FA662C06DE22FC2\nSignature Created: .*\nKey Expires: Never\nPublic Key Algorithm: DSA\nHash Algorithm: SHA-1">/m, "Tooltip was added");
+    like($content, qr{<a href=".*/Crypt/GetGPGPubkey.html\?Fingerprint=EC1E81E7DC3DB42788FB0E4E9FA662C06DE22FC2">}m, "Download link for public key was added");
+    $m->get("$baseurl/Crypt/GetGPGPubkey.html?Fingerprint=EC1E81E7DC3DB42788FB0E4E9FA662C06DE22FC2");
+    $content = $m->content;
+    like($content, qr/-----BEGIN PGP PUBLIC KEY BLOCK-----/, "Download link returned a public key");
 }
 
+# Try fetching a nonexistent pubic key
+$m->get("$baseurl/Crypt/GetGPGPubkey.html?Fingerprint=EC1E81E7DC3DB42788FB0E4E9FA662C06DE22FCEEEEEEE");
+like($m->content, qr/Could not find GnuPG public key with fingerprint EC1E81E7DC3DB42788FB0E4E9FA662C06DE22FCEEEEEEE/, "Got correct error message");
+
+# Try fetching with invalid fingerprint
+$m->get("$baseurl/Crypt/GetGPGPubkey.html?Fingerprint=wookie%3B%3C%3Erm%20/etc/passwd");
+like($m->content, qr{Could not find GnuPG public key with fingerprint wookie;<>rm /etc/passwd}, "Got correct error message (dangerous characters HTML-escaped)");
+
+# Try fetching with no fingerprint
+$m->get("$baseurl/Crypt/GetGPGPubkey.html?Irrelevant=3");
+like($m->content, qr/Fingerprint must be supplied to download a public key/,
+     "Got correct error message when no fingerprint supplied");
+
 $m->get("$baseurl/Admin/Queues/Modify.html?id=$qid");
 $m->form_with_fields('Sign', 'Encrypt');
 $m->field(Encrypt => 1);

-----------------------------------------------------------------------

More information about the rt-commit mailing list