diff options
author | Michael Vogt <mvo@debian.org> | 2015-06-23 12:17:35 +0100 |
---|---|---|
committer | Michael Vogt <mvo@debian.org> | 2015-06-23 12:17:35 +0100 |
commit | 245dde96193702f7f51389d3583dee547f8ba366 (patch) | |
tree | 6cf8c191641c760bcc6a6c08fb0ff65d27e0cffd /test/integration/test-apt-update-nofallback | |
parent | 5530255b5f3ad7de2e23dfcb39ce325001126501 (diff) | |
parent | c8a4ce6cbed57ae108dc955d4a850f9b129a0693 (diff) |
Merge remote-tracking branch 'donkult/debian/experimental' into debian/experimental
Diffstat (limited to 'test/integration/test-apt-update-nofallback')
-rwxr-xr-x | test/integration/test-apt-update-nofallback | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/test/integration/test-apt-update-nofallback b/test/integration/test-apt-update-nofallback index e82a976a6..2ded73122 100755 --- a/test/integration/test-apt-update-nofallback +++ b/test/integration/test-apt-update-nofallback @@ -8,6 +8,7 @@ set -e simulate_mitm_and_inject_evil_package() { + redatereleasefiles '+1 hour' rm -f $APTARCHIVE/dists/unstable/InRelease rm -f $APTARCHIVE/dists/unstable/Release.gpg inject_evil_package @@ -27,18 +28,19 @@ Description: an autogenerated evil package EOF # avoid ims hit touch -d '+1hour' aptarchive/dists/unstable/main/binary-i386/Packages + compressfile aptarchive/dists/unstable/main/binary-i386/Packages } assert_update_is_refused_and_last_good_state_used() { - testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq + testfailuremsg "E: The repository 'file:${APTARCHIVE} unstable Release' is no longer signed." aptget update assert_repo_is_intact } assert_repo_is_intact() { - testequal "foo/unstable 2.0 all" apt list -q + testsuccessequal "foo/unstable 2.0 all" apt list -q testsuccess aptget install -y -s foo testfailure aptget install -y evil testsuccess aptget source foo --print-uris @@ -86,18 +88,18 @@ test_from_inrelease_to_unsigned_with_override() { # setup archive with InRelease file setupaptarchive_with_lists_clean - # FIXME: is not what the server reported 4104 4106 - testsuccess aptget update #-o Debug::pkgAcquire::Worker=1 + testsuccess aptget update # simulate moving to a unsigned but otherwise valid repo simulate_mitm_and_inject_evil_package - generatereleasefiles + generatereleasefiles '+2 hours' + find $APTARCHIVE -name '*Packages*' -exec touch -d '+2 hours' {} \; # and ensure we can update to it (with enough force) testwarning aptget update --allow-insecure-repositories \ - -o Acquire::AllowDowngradeToInsecureRepositories=1 + -o Acquire::AllowDowngradeToInsecureRepositories=1 -o Debug::pkgAcquire::Worker=1 -o Debug::pkgAcquire::Auth=1 # but that the individual packages are still considered untrusted - testequal "WARNING: The following packages cannot be authenticated! + testfailureequal "WARNING: The following packages cannot be authenticated! evil E: There are problems and -y was used without --force-yes" aptget install -qq -y evil } @@ -149,7 +151,7 @@ test_subvert_inrelease() # replace InRelease with something else mv $APTARCHIVE/dists/unstable/Release $APTARCHIVE/dists/unstable/InRelease - testequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease Does not start with a cleartext signature + testfailureequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease Does not start with a cleartext signature E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq @@ -166,10 +168,10 @@ test_inrelease_to_invalid_inrelease() listcurrentlistsdirectory > lists.before # now remove InRelease and subvert Release do no longer verify - sed -i 's/Codename.*/Codename: evil!'/ $APTARCHIVE/dists/unstable/InRelease + sed -i 's/^Codename:.*/Codename: evil!/' $APTARCHIVE/dists/unstable/InRelease inject_evil_package - testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> + testwarningequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file:${APTARCHIVE} unstable InRelease: The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> @@ -193,7 +195,7 @@ test_release_gpg_to_invalid_release_release_gpg() echo "Some evil data" >> $APTARCHIVE/dists/unstable/Release inject_evil_package - testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable Release.gpg: The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> + testwarningequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file:${APTARCHIVE} unstable Release: The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> W: Failed to fetch file:${APTARCHIVE}/dists/unstable/Release.gpg The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> |