# # # add_dir "tests/db_fix_certs" # # add_file "tests/db_fix_certs/__driver__.lua" # content [55a4202b7ecb04d41cb300cd5ebc2954bc14280c] # # add_file "tests/db_fix_certs/generate-db.sh" # content [41ddb4ad8b3984f11c60d3ab4a74468026249a59] # # add_file "tests/db_fix_certs/other_key" # content [f93195f0ee91a084fdeefec66fee7c10fb0e3426] # # add_file "tests/db_fix_certs/test.mtn" # content [00902b5f517cac5a6d61b41c52bc33e5831536d6] # # patch "database.cc" # from [6b4b27d8814b113925c95ce373fa8931d38903eb] # to [368b708cda872cc8c480464ae0bbe756252e2f4b] # # set "tests/db_fix_certs/generate-db.sh" # attr "mtn:execute" # value "true" # # set "tests/db_fix_certs/test.mtn" # attr "mtn:manual_merge" # value "true" # ============================================================ --- tests/db_fix_certs/__driver__.lua 55a4202b7ecb04d41cb300cd5ebc2954bc14280c +++ tests/db_fix_certs/__driver__.lua 55a4202b7ecb04d41cb300cd5ebc2954bc14280c @@ -0,0 +1,29 @@ +mtn_setup() + +get("test.mtn") +get("other_key") +getstd("test_keys") +check(mtn("-d", "test.mtn", "read", "test_keys"), 0, nil, false) + +check(mtn("-d", "test.mtn", "db", "execute", + "select 'There are '||count(*)||' certs' from revision_certs"), 0, true) +check(qgrep("There are 8 certs", "stdout")) + +check(mtn("-d", "test.mtn", "db", "migrate"), 0, nil, false) + +check(mtn("-d", "test.mtn", "db", "execute", + "select 'There are '||count(*)||' certs' from revision_certs"), 0, true) +check(qgrep("There are 8 certs", "stdout")) + +check(mtn("-d", "test.mtn", "read", "other_key"), 0, nil, false) + +-- should fix 1 (the one by the 'other' key we loaded) +check(mtn("-d", "test.mtn", "db", "fix_certs"), 0, nil, true) +check(qgrep("checked 8 certs, found 3 bad, fixed 1$", "stderr")) + +-- should drop 2 (one by a normal key we didn't load, and +-- one by a renamed copy of the standard key (when checking +-- against the standard key, that one will OK the sig, but +-- give a different cert hash)) +check(mtn("-d", "test.mtn", "db", "fix_certs", "--drop-bad-certs"), 0, nil, true) +check(qgrep("checked 8 certs, found 2 bad, fixed 0, dropped 2$", "stderr")) ============================================================ --- tests/db_fix_certs/generate-db.sh 41ddb4ad8b3984f11c60d3ab4a74468026249a59 +++ tests/db_fix_certs/generate-db.sh 41ddb4ad8b3984f11c60d3ab4a74468026249a59 @@ -0,0 +1,48 @@ +#!/bin/bash + +# run this to get the db and key files for this test +# this needs tests/test_keys to be copied to the directory it's run in +EXE=mtn-0.44 + +MTN="$EXE --confdir=. --keydir=keydir --root=. --db=test.mtn --rcfile test_hooks.lua" + +# (rm -rf scratch; mkdir scratch && cp tests/test_keys tests/test_hooks.lua scratch/ && cd scratch && ../tests/db_fix_keys/generate-db.sh) && ls -l scratch + +set -e +set -x + +mkdir keydir + +$MTN db init +$MTN setup . -b testbranch +echo data >file +$MTN add file + +# these certs should be fine +$MTN read other_key +$MTN dropkey address@hidden + +# this cert should not have a key to attach to +printf "address@hidden@test.net\n" | $MTN genkey address@hidden +$MTN cert $REVISION mycert missing +#$MTN pubkey address@hidden >missing_key +$MTN dropkey address@hidden + +$MTN read renamed_key +$MTN dropkey address@hidden + +printf "address@hidden@test.net\n" | $MTN genkey address@hidden ============================================================ --- tests/db_fix_certs/other_key f93195f0ee91a084fdeefec66fee7c10fb0e3426 +++ tests/db_fix_certs/other_key f93195f0ee91a084fdeefec66fee7c10fb0e3426 @@ -0,0 +1,3 @@ +[pubkey address@hidden +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVZWTySLWZxJJNVWQlNrbeq2iToW+3zwAS0v0dGxvXHLt74HFw+iDwm/U7bB4RAveftjnmQmbk3cHt9eKW4CzcmVCKFGTboBaIpIDoaEit5gV8oVBj9MtH8XU0XA4HJc9H17JdvQzYu6xHEHqzh/H7uuP2RNe6Bpw5v2/icF43awIDAQAB +[end] ============================================================ # tests/db_fix_certs/test.mtn is binary ============================================================ --- database.cc 6b4b27d8814b113925c95ce373fa8931d38903eb +++ database.cc 368b708cda872cc8c480464ae0bbe756252e2f4b @@ -1236,24 +1236,27 @@ database::fix_bad_certs(bool drop_not_fi P(F("checking")); - ticker checked(_("checked"), "c", 25); - ticker bad(_("bad"), "b", 1); - ticker fixed(_("fixed"), "f", 1); - shared_ptr dropped; + ticker tick_checked(_("checked"), "c", 25); + ticker tick_bad(_("bad"), "b", 1); + ticker tick_fixed(_("fixed"), "f", 1); + shared_ptr tick_dropped; if (drop_not_fixable) - dropped.reset(new ticker(_("dropped"), "d", 1)); - checked.set_total(all_certs.size()); + tick_dropped.reset(new ticker(_("dropped"), "d", 1)); + tick_checked.set_total(all_certs.size()); + int num_bad(0), num_fixed(0), num_dropped(0); + for (vector >::const_iterator cert_iter = all_certs.begin(); cert_iter != all_certs.end(); ++cert_iter) { cert const & c(cert_iter->second); id const & certid(cert_iter->first); cert_status status = check_cert(c); - ++checked; + ++tick_checked; if (status == cert_bad) { - ++bad; + ++tick_bad; + ++num_bad; bool fixed = false; string signable; c.signable_text(signable); @@ -1263,11 +1266,20 @@ database::fix_bad_certs(bool drop_not_fi key_id const & keyid(*key_iter); if (check_signature(keyid, signable, c.sig) == cert_ok) { - imp->execute(query("UPDATE revision_certs SET keypair_id = ? WHERE hash = ?") - % blob(keyid.inner()()) % blob(certid())); - ++fixed; - fixed = true; - break; + key_name candidate_name; + rsa_pub_key junk; + get_pubkey(keyid, candidate_name, junk); + id chk_id; + c.hash_code(candidate_name, chk_id); + if (chk_id == certid) + { + imp->execute(query("UPDATE revision_certs SET keypair_id = ? WHERE hash = ?") + % blob(keyid.inner()()) % blob(certid())); + ++tick_fixed; + ++num_fixed; + fixed = true; + break; + } } } if (!fixed) @@ -1276,7 +1288,8 @@ database::fix_bad_certs(bool drop_not_fi { imp->execute(query("DELETE FROM revision_certs WHERE hash = ?") % blob(certid())); - ++(*dropped); + ++(*tick_dropped); + ++num_dropped; } } } @@ -1284,12 +1297,12 @@ database::fix_bad_certs(bool drop_not_fi if (drop_not_fixable) { P(F("checked %d certs, found %d bad, fixed %d, dropped %d") - % checked.ticks % bad.ticks % fixed.ticks % dropped->ticks); + % all_certs.size() % num_bad % num_fixed % num_dropped); } else { P(F("checked %d certs, found %d bad, fixed %d") - % checked.ticks % bad.ticks % fixed.ticks); + % all_certs.size() % num_bad % num_fixed); } }