summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorMichael Vogt <michael.vogt@ubuntu.com>2013-03-14 14:28:58 +0100
committerMichael Vogt <michael.vogt@ubuntu.com>2013-03-14 14:28:58 +0100
commitca18208fbda302b767c10bb567f90d7c6127db44 (patch)
treecda97d475aa06997e79543848de3608d8b7f4908 /test
parentb748b3b36b9db249cf273698b9e4b7eaf9c1c41f (diff)
* SECURITY UPDATE: InRelease verification bypass
- CVE-2013-1051 * apt-pkg/deb/debmetaindex.cc, test/integration/test-bug-595691-empty-and-broken-archive-files, test/integration/test-releasefile-verification: - disable InRelease downloading until the verification issue is fixed, thanks to Ansgar Burchardt for finding the flaw
Diffstat (limited to 'test')
-rwxr-xr-xtest/integration/test-bug-595691-empty-and-broken-archive-files30
-rwxr-xr-xtest/integration/test-bug-602412-dequote-redirect3
-rwxr-xr-xtest/integration/test-releasefile-verification4
3 files changed, 15 insertions, 22 deletions
diff --git a/test/integration/test-bug-595691-empty-and-broken-archive-files b/test/integration/test-bug-595691-empty-and-broken-archive-files
index 63883b380..4611b8b8e 100755
--- a/test/integration/test-bug-595691-empty-and-broken-archive-files
+++ b/test/integration/test-bug-595691-empty-and-broken-archive-files
@@ -13,7 +13,7 @@ setupflataptarchive
testaptgetupdate() {
rm -rf rootdir/var/lib/apt
aptget update 2>> testaptgetupdate.diff >> testaptgetupdate.diff || true
- sed -i -e '/^Fetched / d' -e '/Ign / d' -e 's#\[[0-9]* [kMGTPY]*B\]#\[\]#' testaptgetupdate.diff
+ sed -i -e '/^Fetched / d' -e '/Ign / d' -e '/Release/ d' -e 's#Get:[0-9]\+ #Get: #' -e 's#\[[0-9]* [kMGTPY]*B\]#\[\]#' testaptgetupdate.diff
GIVEN="$1"
shift
msgtest "Test for correctness of" "apt-get update with $*"
@@ -81,22 +81,18 @@ testoverfile() {
setupcompressor "$1"
createemptyfile 'en'
- testaptgetupdate "Get:1 file: InRelease []
-Reading package lists..." "empty file en.$COMPRESS over file"
+ testaptgetupdate 'Reading package lists...' "empty file en.$COMPRESS over file"
createemptyarchive 'en'
- testaptgetupdate "Get:1 file: InRelease []
-Reading package lists..." "empty archive en.$COMPRESS over file"
+ testaptgetupdate 'Reading package lists...' "empty archive en.$COMPRESS over file"
createemptyarchive 'Packages'
# FIXME: Why omits the file transport the Packages Get line?
#Get:3 file: Packages []
- testaptgetupdate "Get:1 file: InRelease []
-Reading package lists..." "empty archive Packages.$COMPRESS over file"
+ testaptgetupdate 'Reading package lists...' "empty archive Packages.$COMPRESS over file"
createemptyfile 'Packages'
- testaptgetupdate "Get:1 file: InRelease []
-Err file: Packages
+ testaptgetupdate "Err file: Packages
Empty files can't be valid archives
W: Failed to fetch ${COMPRESSOR}:$(readlink -f aptarchive/Packages.$COMPRESS) Empty files can't be valid archives
@@ -107,26 +103,22 @@ testoverhttp() {
setupcompressor "$1"
createemptyfile 'en'
- testaptgetupdate "Get:1 http://localhost InRelease []
-Get:2 http://localhost Packages []
-Get:3 http://localhost Translation-en
+ testaptgetupdate "Get: http://localhost Packages []
+Get: http://localhost Translation-en
Reading package lists..." "empty file en.$COMPRESS over http"
createemptyarchive 'en'
- testaptgetupdate "Get:1 http://localhost InRelease []
-Get:2 http://localhost Packages []
-Get:3 http://localhost Translation-en []
+ testaptgetupdate "Get: http://localhost Packages []
+Get: http://localhost Translation-en []
Reading package lists..." "empty archive en.$COMPRESS over http"
createemptyarchive 'Packages'
- testaptgetupdate "Get:1 http://localhost InRelease []
-Get:2 http://localhost Packages []
+ testaptgetupdate "Get: http://localhost Packages []
Reading package lists..." "empty archive Packages.$COMPRESS over http"
createemptyfile 'Packages'
#FIXME: we should response with a good error message instead
- testaptgetupdate "Get:1 http://localhost InRelease []
-Get:2 http://localhost Packages
+ testaptgetupdate "Get: http://localhost Packages
Err http://localhost Packages
Empty files can't be valid archives
W: Failed to fetch ${COMPRESSOR}:$(readlink -f rootdir/var/lib/apt/lists/partial/localhost:8080_Packages) Empty files can't be valid archives
diff --git a/test/integration/test-bug-602412-dequote-redirect b/test/integration/test-bug-602412-dequote-redirect
index f1e67c6d8..43ecda867 100755
--- a/test/integration/test-bug-602412-dequote-redirect
+++ b/test/integration/test-bug-602412-dequote-redirect
@@ -19,7 +19,8 @@ msgtest 'Test redirection works in' 'apt-get update'
aptget update -qq && msgpass || msgfail
# check that I-M-S header is kept in redirections
-testequal 'Hit http://localhost unstable InRelease
+testequal 'Hit http://localhost unstable Release.gpg
+Hit http://localhost unstable Release
Hit http://localhost unstable/main Sources
Hit http://localhost unstable/main amd64 Packages
Hit http://localhost unstable/main Translation-en
diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification
index d3ea91de5..01fb2e529 100755
--- a/test/integration/test-releasefile-verification
+++ b/test/integration/test-releasefile-verification
@@ -184,5 +184,5 @@ runtest2
DELETEFILE="InRelease"
runtest
-DELETEFILE="Release.gpg"
-runtest
+#DELETEFILE="Release.gpg"
+#runtest