summaryrefslogtreecommitdiff
path: root/test/integration
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2014-10-23 10:42:18 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2014-10-23 16:54:27 +0200
commitb0314abb0cbe5937d2d3cdcd6df9d322b69d03a0 (patch)
tree3d17a83a5e3324e6aa042af38860446c379b0965 /test/integration
parent03aa08472dcd689572a46ce6efdb1dccf6136334 (diff)
add test for Basic Authentication scheme
Git-Dch: Ignore
Diffstat (limited to 'test/integration')
-rw-r--r--test/integration/framework31
-rwxr-xr-xtest/integration/test-apt-cdrom7
-rwxr-xr-xtest/integration/test-authentication-basic106
3 files changed, 133 insertions, 11 deletions
diff --git a/test/integration/framework b/test/integration/framework
index 23ff0983b..fcaa4ddd3 100644
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -944,23 +944,35 @@ signreleasefiles() {
}
webserverconfig() {
- msgtest "Set webserver config option '${1}' to" "$2"
+ local NOCHECK=false
+ if [ "$1" = '--no-check' ]; then
+ NOCHECK=true
+ shift
+ fi
local DOWNLOG='rootdir/tmp/download-testfile.log'
- local STATUS='rootdir/tmp/webserverconfig.status'
+ local STATUS='downloaded/webserverconfig.status'
rm -f "$STATUS" "$DOWNLOG"
- if downloadfile "http://localhost:8080/_config/set/${1}/${2}" "$STATUS" > "$DOWNLOG"; then
+ local URI
+ if [ -n "$2" ]; then
+ msgtest "Set webserver config option '${1}' to" "$2"
+ URI="http://localhost:8080/_config/set/${1}/${2}"
+ else
+ msgtest 'Clear webserver config option' "${1}"
+ URI="http://localhost:8080/_config/clear/${1}"
+ fi
+ if downloadfile "$URI" "$STATUS" > "$DOWNLOG"; then
msgpass
else
- cat "$DOWNLOG" "$STATUS"
+ cat "$DOWNLOG" "$STATUS" || true
msgfail
fi
- testwebserverlaststatuscode '200'
+ $NOCHECK || testwebserverlaststatuscode '200'
}
rewritesourceslist() {
local APTARCHIVE="file://$(readlink -f "${TMPWORKINGDIRECTORY}/aptarchive")"
for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do
- sed -i $LIST -e "s#$APTARCHIVE#${1}#" -e "s#http://localhost:8080/#${1}#" -e "s#http://localhost:4433/#${1}#"
+ sed -i $LIST -e "s#$APTARCHIVE#${1}#" -e "s#http://localhost:8080/#${1}#" -e "s#https://localhost:4433/#${1}#"
done
}
@@ -1047,7 +1059,7 @@ acquire::cdrom::autodetect 0;" > rootdir/etc/apt/apt.conf.d/00cdrom
mv "${CD}" "${CD}-unmounted"
# we don't want the disk to be modifiable
addtrap 'prefix' "chmod -f -R +w $PWD/rootdir/media/cdrom/dists/ $PWD/rootdir/media/cdrom-unmounted/dists/ || true;"
- chmod -R -w rootdir/media/cdrom-unmounted/dists
+ chmod -R 555 rootdir/media/cdrom-unmounted/dists
}
downloadfile() {
@@ -1055,7 +1067,7 @@ downloadfile() {
apthelper -o Debug::Acquire::${PROTO}=1 \
download-file "$1" "$2" 2>&1 || true
# only if the file exists the download was successful
- if [ -e "$2" ]; then
+ if [ -r "$2" ]; then
return 0
else
return 1
@@ -1312,8 +1324,7 @@ testwebserverlaststatuscode() {
local STATUS='downloaded/webserverstatus-statusfile.log'
rm -f "$DOWNLOG" "$STATUS"
msgtest 'Test last status code from the webserver was' "$1"
- downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG"
- if [ "$(cat "$STATUS")" = "$1" ]; then
+ if downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG" && [ "$(cat "$STATUS")" = "$1" ]; then
msgpass
else
echo >&2
diff --git a/test/integration/test-apt-cdrom b/test/integration/test-apt-cdrom
index 4489143e4..3a33219fe 100755
--- a/test/integration/test-apt-cdrom
+++ b/test/integration/test-apt-cdrom
@@ -21,7 +21,7 @@ echo 'Description-de: automatisch generiertes Testpaket testing=0.8.15/stable
' >> Translation-de
compressfile Translation-de
rm -f Translation-en Translation-de
-chmod -R -w .
+chmod -R 555 .
cd - > /dev/null
aptcdromlog() {
@@ -144,3 +144,8 @@ testcdromusage
testsuccess aptget update
testfileequal rootdir/tmp/testsuccess.output 'Reading package lists...'
testcdromusage
+
+msgmsg 'Check that nothing touched our' 'CD-ROM'
+for file in $(find rootdir/media/cdrom-unmounted/dists); do
+ testfilestats "$file" '%U:%G:%a' '=' "${USER}:${USER}:555"
+done
diff --git a/test/integration/test-authentication-basic b/test/integration/test-authentication-basic
new file mode 100755
index 000000000..4b0ead54a
--- /dev/null
+++ b/test/integration/test-authentication-basic
@@ -0,0 +1,106 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture 'i386'
+
+insertpackage 'unstable' 'foo' 'all' '1'
+setupaptarchive --no-update
+
+changetohttpswebserver --authorization="$(printf '%s' 'star:hunter2' | base64 )"
+
+echo 'See, when YOU type hunter2, it shows to us as *******' > aptarchive/bash
+
+testauthfailure() {
+ testfailure apthelper download-file "${1}/bash" ./downloaded/bash
+ # crappy test, but http and https output are wastely different…
+ testsuccess grep 401 rootdir/tmp/testfailure.output
+ testsuccess test ! -s ./downloaded/bash
+}
+
+testauthsuccess() {
+ testsuccess apthelper download-file "${1}/bash" ./downloaded/bash
+ testfileequal ./downloaded/bash "$(cat aptarchive/bash)"
+ testfilestats ./downloaded/bash '%U:%G:%a' '=' "${USER}:${USER}:644"
+ rm -f ./downloaded/bash
+
+ # lets see if got/retains acceptable permissions
+ if [ -n "$AUTHCONF" ]; then
+ if [ "$(id -u)" = '0' ]; then
+ testfilestats "$AUTHCONF" '%U:%G:%a' '=' "_apt:root:600"
+ else
+ testfilestats "$AUTHCONF" '%U:%G:%a' '=' "${USER}:${USER}:600"
+ fi
+ fi
+
+ rm -rf rootdir/var/lib/apt/lists
+ testsuccess aptget update
+ testequal 'Reading package lists...
+Building dependency tree...
+The following NEW packages will be installed:
+ foo
+0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
+Inst foo (1 unstable [all])
+Conf foo (1 unstable [all])' aptget install foo -s
+}
+
+authfile() {
+ local AUTHCONF='rootdir/etc/apt/auth.conf'
+ rm -f "$AUTHCONF"
+ printf '%s' "$1" > "$AUTHCONF"
+ chmod 600 "$AUTHCONF"
+}
+
+runtest() {
+ # unauthorized fails
+ authfile ''
+ testauthfailure "$1"
+
+ # good auth
+ authfile 'machine localhost
+login star
+password hunter2'
+ testauthsuccess "$1"
+
+ # bad auth
+ authfile 'machine localhost
+login anonymous
+password hunter2'
+ testauthfailure "$1"
+
+ # 2 stanzas: unmatching + good auth
+ authfile 'machine debian.org
+login debian
+password jessie
+
+machine localhost
+login star
+password hunter2'
+ testauthsuccess "$1"
+}
+
+msgmsg 'server basic auth'
+rewritesourceslist 'http://localhost:8080'
+runtest 'http://localhost:8080'
+rewritesourceslist 'https://localhost:4433'
+runtest 'https://localhost:4433'
+rewritesourceslist 'http://localhost:8080'
+
+msgmsg 'proxy to server basic auth'
+webserverconfig 'aptwebserver::request::absolute' 'uri'
+export http_proxy='http://localhost:8080'
+runtest 'http://localhost:8080'
+unset http_proxy
+
+msgmsg 'proxy basic auth to server basic auth'
+webserverconfig 'aptwebserver::proxy-authorization' "$(printf 'moon:deer2' | base64)"
+export http_proxy='http://moon:deer2@localhost:8080'
+runtest 'http://localhost:8080'
+
+msgmsg 'proxy basic auth to server'
+authfile ''
+webserverconfig 'aptwebserver::authorization' ''
+testauthsuccess 'http://localhost:8080'