diff options
author | Stan Hu <stanhu@gmail.com> | 2018-12-01 10:20:00 +0300 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2018-12-05 21:55:30 +0300 |
commit | 184240e86a72dee340e7b86e0e403a64ca6f766b (patch) | |
tree | 7b772af312fc3d0d2e05fb7d5cff4cc3a3c75383 /spec | |
parent | cfe484795d4ddb8c7b3247802547e3da74c64cf2 (diff) |
Gracefully handle unknown/invalid GPG keys
An unknown public GPG key will result in a GPGME::Error thrown from gpg,
which would cause an Error 500 on the signatures endpoint.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54729
Diffstat (limited to 'spec')
-rw-r--r-- | spec/lib/gitlab/gpg/commit_spec.rb | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/spec/lib/gitlab/gpg/commit_spec.rb b/spec/lib/gitlab/gpg/commit_spec.rb index 8c6d673391b..8229f0eb794 100644 --- a/spec/lib/gitlab/gpg/commit_spec.rb +++ b/spec/lib/gitlab/gpg/commit_spec.rb @@ -26,6 +26,28 @@ describe Gitlab::Gpg::Commit do end end + context 'invalid signature' do + let!(:commit) { create :commit, project: project, sha: commit_sha, committer_email: GpgHelpers::User1.emails.first } + + let!(:user) { create(:user, email: GpgHelpers::User1.emails.first) } + + before do + allow(Gitlab::Git::Commit).to receive(:extract_signature_lazily) + .with(Gitlab::Git::Repository, commit_sha) + .and_return( + [ + # Corrupt the key + GpgHelpers::User1.signed_commit_signature.tr('=', 'a'), + GpgHelpers::User1.signed_commit_base_data + ] + ) + end + + it 'returns nil' do + expect(described_class.new(commit).signature).to be_nil + end + end + context 'known key' do context 'user matches the key uid' do context 'user email matches the email committer' do |