summaryrefslogtreecommitdiff
path: root/test/integration/test-releasefile-date-older
diff options
context:
space:
mode:
authorMichael Vogt <mvo@debian.org>2015-06-23 12:17:35 +0100
committerMichael Vogt <mvo@debian.org>2015-06-23 12:17:35 +0100
commit245dde96193702f7f51389d3583dee547f8ba366 (patch)
tree6cf8c191641c760bcc6a6c08fb0ff65d27e0cffd /test/integration/test-releasefile-date-older
parent5530255b5f3ad7de2e23dfcb39ce325001126501 (diff)
parentc8a4ce6cbed57ae108dc955d4a850f9b129a0693 (diff)
Merge remote-tracking branch 'donkult/debian/experimental' into debian/experimental
Diffstat (limited to 'test/integration/test-releasefile-date-older')
-rwxr-xr-xtest/integration/test-releasefile-date-older62
1 files changed, 62 insertions, 0 deletions
diff --git a/test/integration/test-releasefile-date-older b/test/integration/test-releasefile-date-older
new file mode 100755
index 000000000..5cdc34fac
--- /dev/null
+++ b/test/integration/test-releasefile-date-older
@@ -0,0 +1,62 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture 'i386'
+
+insertpackage 'wheezy' 'apt' 'all' '0.8.15'
+
+setupaptarchive --no-update
+
+# we don't complain as the server could have just sent a 'Hit' here and this
+# 'downgrade attack' is usually performed by out-of-sync mirrors. Valid-Until
+# catches the 'real' downgrade attacks (expect that it finds stale mirrors).
+# Scaring users with an error here serves hence no point.
+
+msgmsg 'InRelease file is silently rejected if' 'new Date is before old Date'
+rm -rf rootdir/var/lib/apt/lists
+generatereleasefiles 'now' 'now + 7 days'
+signreleasefiles
+testsuccess aptget update
+listcurrentlistsdirectory > listsdir.lst
+redatereleasefiles 'now - 2 days'
+testsuccess aptget update
+testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
+
+msgmsg 'Release.gpg file is silently rejected if' 'new Date is before old Date'
+rm -rf rootdir/var/lib/apt/lists
+generatereleasefiles 'now' 'now + 7 days'
+signreleasefiles
+find aptarchive -name 'InRelease' -delete
+testsuccess aptget update
+listcurrentlistsdirectory > listsdir.lst
+redatereleasefiles 'now - 2 days'
+find aptarchive -name 'InRelease' -delete
+testsuccess aptget update
+testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
+
+msgmsg 'Crisscross InRelease/Release.gpg file is silently rejected if' 'new Date is before old Date'
+rm -rf rootdir/var/lib/apt/lists
+generatereleasefiles 'now' 'now + 7 days'
+signreleasefiles
+find aptarchive -name 'Release.gpg' -delete
+testsuccess aptget update
+listcurrentlistsdirectory > listsdir.lst
+redatereleasefiles 'now - 2 days'
+find aptarchive -name 'InRelease' -delete
+testsuccess aptget update
+testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
+
+msgmsg 'Crisscross Release.gpg/InRelease file is silently rejected if' 'new Date is before old Date'
+rm -rf rootdir/var/lib/apt/lists
+generatereleasefiles 'now' 'now + 7 days'
+signreleasefiles
+find aptarchive -name 'InRelease' -delete
+testsuccess aptget update
+listcurrentlistsdirectory > listsdir.lst
+redatereleasefiles 'now - 2 days'
+find aptarchive -name 'Release.gpg' -delete
+testsuccess aptget update
+testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-03 12:48:23 +0000