diff --git a/fdroidserver/index.py b/fdroidserver/index.py index 8e5dafd7..24d4655d 100644 --- a/fdroidserver/index.py +++ b/fdroidserver/index.py @@ -66,10 +66,7 @@ def make(apps, apks, repodir, archive): """ from fdroidserver.update import METADATA_VERSION - if hasattr(common.options, 'nosign') and common.options.nosign: - if 'keystore' not in common.config and 'repo_pubkey' not in common.config: - raise FDroidException(_('"repo_pubkey" must be present in config.yml when using --nosign!')) - else: + if not hasattr(common.options, 'nosign') or not common.options.nosign: common.assert_config_keystore(common.config) # Historically the index has been sorted by App Name, so we enforce this ordering here @@ -1378,7 +1375,7 @@ def extract_pubkey(): """ if 'repo_pubkey' in common.config: pubkey = unhexlify(common.config['repo_pubkey']) - else: + elif 'keystorepass' in common.config: env_vars = {'LC_ALL': 'C.UTF-8', 'FDROID_KEY_STORE_PASS': common.config['keystorepass']} p = FDroidPopenBytes([common.config['keytool'], '-exportcert', @@ -1393,6 +1390,9 @@ def extract_pubkey(): msg += ' Is your crypto smartcard plugged in?' raise FDroidException(msg) pubkey = p.output + else: + raise FDroidException(_('Neither "repo_pubkey" nor "keystorepass" set in config.yml')) + repo_pubkey_fingerprint = common.get_cert_fingerprint(pubkey) return hexlify(pubkey), repo_pubkey_fingerprint diff --git a/tests/index.TestCase b/tests/index.TestCase index b101eb46..23b0560d 100755 --- a/tests/index.TestCase +++ b/tests/index.TestCase @@ -359,6 +359,49 @@ class IndexTest(unittest.TestCase): ) self.assertTrue(os.path.exists(os.path.join('repo', 'index.xml'))) + def test_v0_invalid_config_exception(self): + """Index v0 needs additional config values when using --nosign + + index.xml aka Index v0 includes the full repo public key in + the XML itself. So when running `fdroid update --nosign`, + there needs to be either repo_pubkey or a full keystore config + present. + + """ + tmptestsdir = tempfile.mkdtemp( + prefix=inspect.currentframe().f_code.co_name, dir=self.tmpdir + ) + os.chdir(tmptestsdir) + os.mkdir('repo') + repo_icons_dir = os.path.join('repo', 'icons') + self.assertFalse(os.path.isdir(repo_icons_dir)) + repodict = { + 'address': 'https://example.com/fdroid/repo', + 'description': 'This is just a test', + 'icon': 'blahblah', + 'name': 'test', + 'timestamp': datetime.datetime.now(), + 'version': 12, + } + requestsdict = {'install': [], 'uninstall': []} + + fdroidserver.common.options.nosign = False + with self.assertRaises(fdroidserver.exception.FDroidException): + fdroidserver.index.make_v0({}, [], 'repo', repodict, requestsdict, {}) + + fdroidserver.common.options.nosign = True + with self.assertRaises(fdroidserver.exception.FDroidException): + fdroidserver.index.make_v0({}, [], 'repo', repodict, requestsdict, {}) + + fdroidserver.common.config['repo_pubkey'] = 'ffffffffffffffffffffffffffffffffff' + self.assertFalse(os.path.exists(os.path.join('repo', 'index.xml'))) + self.assertFalse(os.path.exists(os.path.join('repo', 'index_unsigned.jar'))) + self.assertFalse(os.path.exists(os.path.join('repo', 'index.jar'))) + fdroidserver.index.make_v0({}, [], 'repo', repodict, requestsdict, {}) + self.assertTrue(os.path.exists(os.path.join('repo', 'index.xml'))) + self.assertTrue(os.path.exists(os.path.join('repo', 'index_unsigned.jar'))) + self.assertFalse(os.path.exists(os.path.join('repo', 'index.jar'))) + def test_github_get_mirror_service_urls(self): for url in [ 'git@github.com:foo/bar',