diff options
| -rw-r--r-- | apt-pkg/acquire-item.cc | 3 | ||||
| -rw-r--r-- | apt-pkg/acquire-worker.cc | 42 | ||||
| -rw-r--r-- | apt-pkg/acquire.cc | 59 | ||||
| -rw-r--r-- | apt-pkg/deb/dpkgpm.cc | 25 | ||||
| -rw-r--r-- | apt-pkg/sourcelist.cc | 3 | ||||
| -rw-r--r-- | apt-private/private-cmndline.cc | 1 | ||||
| -rw-r--r-- | cmdline/apt-key.in | 72 | ||||
| -rw-r--r-- | doc/apt-get.8.xml | 2 | ||||
| -rw-r--r-- | methods/gpgv.cc | 3 | ||||
| -rw-r--r-- | test/integration/framework | 3 | ||||
| -rwxr-xr-x | test/integration/test-apt-get-autoremove | 3 | ||||
| -rwxr-xr-x | test/integration/test-apt-get-install-deb | 26 | ||||
| -rwxr-xr-x | test/integration/test-apt-key | 24 | ||||
| -rwxr-xr-x | test/integration/test-apt-redirect-loop | 3 | ||||
| -rwxr-xr-x | test/integration/test-bug-605394-versioned-or-groups | 4 | ||||
| -rwxr-xr-x | test/integration/test-bug-722207-print-uris-even-if-very-quiet | 2 | ||||
| -rwxr-xr-x | test/integration/test-handle-redirect-as-used-mirror-change | 6 | ||||
| -rwxr-xr-x | test/integration/test-releasefile-verification | 13 |
18 files changed, 208 insertions, 86 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 88b5a58b5..91d7a3eae 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -3279,9 +3279,8 @@ bool pkgAcqArchive::QueueNext() // Create the item Local = false; - QueueURI(Desc); - ++Vf; + QueueURI(Desc); return true; } return false; diff --git a/apt-pkg/acquire-worker.cc b/apt-pkg/acquire-worker.cc index 7afbec72a..7d6e6f79c 100644 --- a/apt-pkg/acquire-worker.cc +++ b/apt-pkg/acquire-worker.cc @@ -661,55 +661,15 @@ bool pkgAcquire::Worker::QueueItem(pkgAcquire::Queue::QItem *Item) if (OutFd == -1) return false; - HashStringList const hsl = Item->GetExpectedHashes(); - if (isDoomedItem(Item->Owner)) return true; - if (hsl.usable() == false && Item->Owner->HashesRequired() && - _config->Exists("Acquire::ForceHash") == false) - { - std::string const Message = "400 URI Failure" - "\nURI: " + Item->URI + - "\nFilename: " + Item->Owner->DestFile + - "\nFailReason: WeakHashSums"; - - auto const ItmOwners = Item->Owners; - for (auto &O: ItmOwners) - { - O->Status = pkgAcquire::Item::StatAuthError; - O->Failed(Message, Config); - if (Log != nullptr) - Log->Fail(O->GetItemDesc()); - } - // "queued" successfully, the item just instantly failed - return true; - } - - if (Item->Owner->IsRedirectionLoop(Item->URI)) - { - std::string const Message = "400 URI Failure" - "\nURI: " + Item->URI + - "\nFilename: " + Item->Owner->DestFile + - "\nFailReason: RedirectionLoop"; - - auto const ItmOwners = Item->Owners; - for (auto &O: ItmOwners) - { - O->Status = pkgAcquire::Item::StatError; - O->Failed(Message, Config); - if (Log != nullptr) - Log->Fail(O->GetItemDesc()); - } - // "queued" successfully, the item just instantly failed - return true; - } - string Message = "600 URI Acquire\n"; Message.reserve(300); Message += "URI: " + Item->URI; Message += "\nFilename: " + Item->Owner->DestFile; + HashStringList const hsl = Item->GetExpectedHashes(); for (HashStringList::const_iterator hs = hsl.begin(); hs != hsl.end(); ++hs) Message += "\nExpected-" + hs->HashType() + ": " + hs->HashValue(); diff --git a/apt-pkg/acquire.cc b/apt-pkg/acquire.cc index b5f88e1b3..b4d1b5959 100644 --- a/apt-pkg/acquire.cc +++ b/apt-pkg/acquire.cc @@ -269,6 +269,42 @@ void pkgAcquire::Remove(Worker *Work) it is constructed which creates a queue (based on the current queue mode) and puts the item in that queue. If the system is running then the queue might be started. */ +static bool CheckForBadItemAndFailIt(pkgAcquire::Item * const Item, + pkgAcquire::MethodConfig const * const Config, pkgAcquireStatus * const Log) +{ + auto SavedDesc = Item->GetItemDesc(); + if (Item->IsRedirectionLoop(SavedDesc.URI)) + { + std::string const Message = "400 URI Failure" + "\nURI: " + SavedDesc.URI + + "\nFilename: " + Item->DestFile + + "\nFailReason: RedirectionLoop"; + + Item->Status = pkgAcquire::Item::StatError; + Item->Failed(Message, Config); + if (Log != nullptr) + Log->Fail(SavedDesc); + return true; + } + + HashStringList const hsl = Item->GetExpectedHashes(); + if (hsl.usable() == false && Item->HashesRequired() && + _config->Exists("Acquire::ForceHash") == false) + { + std::string const Message = "400 URI Failure" + "\nURI: " + SavedDesc.URI + + "\nFilename: " + Item->DestFile + + "\nFailReason: WeakHashSums"; + + auto SavedDesc = Item->GetItemDesc(); + Item->Status = pkgAcquire::Item::StatAuthError; + Item->Failed(Message, Config); + if (Log != nullptr) + Log->Fail(SavedDesc); + return true; + } + return false; +} void pkgAcquire::Enqueue(ItemDesc &Item) { // Determine which queue to put the item in @@ -277,6 +313,13 @@ void pkgAcquire::Enqueue(ItemDesc &Item) if (Name.empty() == true) return; + /* the check for running avoids that we produce errors + in logging before we actually have started, which would + be easier to implement but would confuse users/implementations + so we check the items skipped here in #Startup */ + if (Running && CheckForBadItemAndFailIt(Item.Owner, Config, Log)) + return; + // Find the queue structure Queue *I = Queues; for (; I != 0 && I->Name != Name; I = I->Next); @@ -912,10 +955,20 @@ bool pkgAcquire::Queue::Startup() if (Workers == 0) { URI U(Name); - pkgAcquire::MethodConfig *Cnf = Owner->GetConfig(U.Access); - if (Cnf == 0) + pkgAcquire::MethodConfig * const Cnf = Owner->GetConfig(U.Access); + if (unlikely(Cnf == nullptr)) return false; - + + // now-running twin of the pkgAcquire::Enqueue call + for (QItem *I = Items; I != 0; ) + { + auto const INext = I->Next; + for (auto &&O: I->Owners) + CheckForBadItemAndFailIt(O, Cnf, Owner->Log); + // if an item failed, it will be auto-dequeued invalidation our I here + I = INext; + } + Workers = new Worker(this,Cnf,Owner->Log); Owner->Add(Workers); if (Workers->Start() == false) diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc index 0ac74d479..9d1739d68 100644 --- a/apt-pkg/deb/dpkgpm.cc +++ b/apt-pkg/deb/dpkgpm.cc @@ -1341,10 +1341,16 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress) std::distance(List.cbegin(), List.cend()); ExpandPendingCalls(List, Cache); - auto const StripAlreadyDoneFromPending = [&](APT::VersionVector & Pending) { + /* if dpkg told us that it has already done everything to the package we wanted it to do, + we shouldn't ask it for "more" later. That can e.g. happen if packages without conffiles + are purged as they will have pass through the purge states on remove already */ + auto const StripAlreadyDoneFrom = [&](APT::VersionVector & Pending) { Pending.erase(std::remove_if(Pending.begin(), Pending.end(), [&](pkgCache::VerIterator const &Ver) { auto const PN = Ver.ParentPkg().FullName(); - return PackageOps[PN].size() <= PackageOpsDone[PN]; + auto const POD = PackageOpsDone.find(PN); + if (POD == PackageOpsDone.end()) + return false; + return PackageOps[PN].size() <= POD->second; }), Pending.end()); }; @@ -1677,7 +1683,9 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress) { if (I->File[0] != '/') return _error->Error("Internal Error, Pathname to install is not absolute '%s'",I->File.c_str()); - auto const file = flNotDir(I->File); + auto file = flNotDir(I->File); + if (flExtension(file) != "deb") + file.append(".deb"); std::string linkpath; if (dpkg_recursive_install_numbered) strprintf(linkpath, "%s/%.*lu-%s", tmpdir_to_free, p, n, file.c_str()); @@ -1703,7 +1711,7 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress) else if (I->Op == Item::RemovePending) { ++I; - StripAlreadyDoneFromPending(approvedStates.Remove()); + StripAlreadyDoneFrom(approvedStates.Remove()); if (approvedStates.Remove().empty()) continue; } @@ -1712,7 +1720,7 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress) ++I; // explicit removes of packages without conffiles passthrough the purge states instantly, too. // Setting these non-installed packages up for purging generates 'unknown pkg' warnings from dpkg - StripAlreadyDoneFromPending(approvedStates.Purge()); + StripAlreadyDoneFrom(approvedStates.Purge()); if (approvedStates.Purge().empty()) continue; std::remove_reference<decltype(approvedStates.Remove())>::type approvedRemoves; @@ -1964,8 +1972,8 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress) if (d->dpkg_error.empty() == false) { // no point in reseting packages we already completed removal for - StripAlreadyDoneFromPending(approvedStates.Remove()); - StripAlreadyDoneFromPending(approvedStates.Purge()); + StripAlreadyDoneFrom(approvedStates.Remove()); + StripAlreadyDoneFrom(approvedStates.Purge()); APT::StateChanges undo; auto && undoRem = approvedStates.Remove(); std::move(undoRem.begin(), undoRem.end(), std::back_inserter(undo.Install())); @@ -1975,6 +1983,9 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress) if (undo.Save(false) == false) _error->Error("Couldn't revert dpkg selection for approved remove/purge after an error was encountered!"); } + + StripAlreadyDoneFrom(currentStates.Remove()); + StripAlreadyDoneFrom(currentStates.Purge()); if (currentStates.Save(false) == false) _error->Error("Couldn't restore dpkg selection states which were present before this interaction!"); diff --git a/apt-pkg/sourcelist.cc b/apt-pkg/sourcelist.cc index cfd824978..0da687895 100644 --- a/apt-pkg/sourcelist.cc +++ b/apt-pkg/sourcelist.cc @@ -568,7 +568,8 @@ bool pkgSourceList::AddVolatileFile(std::string const &File, std::vector<std::st return false; std::string const ext = flExtension(File); - if (ext == "deb") + // udeb is not included as installing it is usually a mistake rather than intended + if (ext == "deb" || ext == "ddeb") AddVolatileFile(new debDebPkgFileIndex(File)); else if (ext == "dsc") AddVolatileFile(new debDscFileIndex(File)); diff --git a/apt-private/private-cmndline.cc b/apt-private/private-cmndline.cc index a890aafab..d0cda08a6 100644 --- a/apt-private/private-cmndline.cc +++ b/apt-private/private-cmndline.cc @@ -189,6 +189,7 @@ static bool addArgumentsAPTGet(std::vector<CommandLine::Args> &Args, char const addArg('f', "fix-broken", "APT::Get::Fix-Broken", 0); addArg(0, "purge", "APT::Get::Purge", 0); addArg('V',"verbose-versions","APT::Get::Show-Versions",0); + addArg(0, "autoremove", "APT::Get::AutomaticRemove", 0); addArg(0, "auto-remove", "APT::Get::AutomaticRemove", 0); addArg(0, "reinstall", "APT::Get::ReInstall", 0); addArg(0, "solver", "APT::Solver", CommandLine::HasArg); diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in index 21df37ffd..0c10e5955 100644 --- a/cmdline/apt-key.in +++ b/cmdline/apt-key.in @@ -232,6 +232,17 @@ remove_key_from_keyring() { done } +accessible_file_exists() { + if ! test -s "$1"; then + return 1 + fi + if test -r "$1"; then + return 0 + fi + warn "The key(s) in the keyring $1 are ignored as the file is not readable by user '$USER' executing apt-key." + return 1 +} + foreach_keyring_do() { local ACTION="$1" shift @@ -240,7 +251,7 @@ foreach_keyring_do() { $ACTION "$FORCED_KEYRING" "$@" else # otherwise all known keyrings are up for inspection - if [ -s "$TRUSTEDFILE" ]; then + if accessible_file_exists "$TRUSTEDFILE"; then $ACTION "$TRUSTEDFILE" "$@" fi local TRUSTEDPARTS="/etc/apt/trusted.gpg.d" @@ -249,7 +260,7 @@ foreach_keyring_do() { TRUSTEDPARTS="$(readlink -f "$TRUSTEDPARTS")" local TRUSTEDPARTSLIST="$(cd /; find "$TRUSTEDPARTS" -mindepth 1 -maxdepth 1 -name '*.gpg')" for trusted in $(echo "$TRUSTEDPARTSLIST" | sort); do - if [ -s "$trusted" ]; then + if accessible_file_exists "$trusted"; then $ACTION "$trusted" "$@" fi done @@ -302,35 +313,18 @@ import_keyring_into_keyring() { fi } +catfile() { + cat "$1" >> "$2" +} + merge_all_trusted_keyrings_into_pubring() { # does the same as: # foreach_keyring_do 'import_keys_from_keyring' "${GPGHOMEDIR}/pubring.gpg" # but without using gpg, just cat and find local PUBRING="$(readlink -f "${GPGHOMEDIR}")/pubring.gpg" - # if a --keyring was given, just use this one - if [ -n "$FORCED_KEYRING" ]; then - if [ -s "$FORCED_KEYRING" ]; then - cp --dereference "$FORCED_KEYRING" "$PUBRING" - fi - else - # otherwise all known keyrings are merged - local TRUSTEDPARTS="/etc/apt/trusted.gpg.d" - eval $(apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d) - if [ -d "$TRUSTEDPARTS" ]; then - rm -f "$PUBRING" - if [ -s "$TRUSTEDFILE" ]; then - cat "$TRUSTEDFILE" > "$PUBRING" - fi - TRUSTEDPARTS="$(readlink -f "$TRUSTEDPARTS")" - (cd /; find "$TRUSTEDPARTS" -mindepth 1 -maxdepth 1 -name '*.gpg' -exec cat {} + >> "$PUBRING";) - elif [ -s "$TRUSTEDFILE" ]; then - cp --dereference "$TRUSTEDFILE" "$PUBRING" - fi - fi - - if [ ! -s "$PUBRING" ]; then - touch "$PUBRING" - fi + rm -f "$PUBRING" + touch "$PUBRING" + foreach_keyring_do 'catfile' "$PUBRING" } import_keys_from_keyring() { @@ -480,8 +474,34 @@ if [ -z "$command" ]; then fi shift +find_gpgv_status_fd() { + while [ -n "$1" ]; do + if [ "$1" = '--status-fd' ]; then + shift + echo "$1" + break + fi + shift + done +} +GPGSTATUSFD="$(find_gpgv_status_fd "$@")" + +warn() { + if [ -z "$GPGHOMEDIR" ]; then + echo >&2 'W:' "$@" + else + echo 'W:' "$@" > "${GPGHOMEDIR}/aptwarnings.log" + fi + if [ -n "$GPGSTATUSFD" ]; then + echo >&${GPGSTATUSFD} '[APTKEY:] WARNING' "$@" + fi +} + cleanup_gpg_home() { if [ -z "$GPGHOMEDIR" ]; then return; fi + if [ -s "$GPGHOMEDIR/aptwarnings.log" ]; then + cat >&2 "$GPGHOMEDIR/aptwarnings.log" + fi if command_available 'gpgconf'; then GNUPGHOME="${GPGHOMEDIR}" gpgconf --kill gpg-agent >/dev/null 2>&1 || true fi diff --git a/doc/apt-get.8.xml b/doc/apt-get.8.xml index 4c34b298b..56ce08165 100644 --- a/doc/apt-get.8.xml +++ b/doc/apt-get.8.xml @@ -522,7 +522,7 @@ Configuration Item: <literal>APT::Get::Remove</literal>.</para></listitem> </varlistentry> - <varlistentry><term><option>--auto-remove</option></term> + <varlistentry><term><option>--auto-remove</option></term><term><option>--autoremove</option></term> <listitem><para>If the command is either <literal>install</literal> or <literal>remove</literal>, then this option acts like running the <literal>autoremove</literal> command, removing unused dependency packages. Configuration Item: <literal>APT::Get::AutomaticRemove</literal>. diff --git a/methods/gpgv.cc b/methods/gpgv.cc index 2fed53a39..f2ef6b76e 100644 --- a/methods/gpgv.cc +++ b/methods/gpgv.cc @@ -39,6 +39,7 @@ using std::vector; #define GNUPGEXPSIG "[GNUPG:] EXPSIG" #define GNUPGREVKEYSIG "[GNUPG:] REVKEYSIG" #define GNUPGNODATA "[GNUPG:] NODATA" +#define APTKEYWARNING "[APTKEY:] WARNING" struct Digest { enum class State { @@ -238,6 +239,8 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, ValidSigners.push_back(sig); } + else if (strncmp(buffer, APTKEYWARNING, sizeof(APTKEYWARNING)-1) == 0) + Warning("%s", buffer + sizeof(APTKEYWARNING)); } fclose(pipein); free(buffer); diff --git a/test/integration/framework b/test/integration/framework index c513ed12c..62720fedd 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -914,6 +914,7 @@ Filename: pool/main/${NAME}/${NAME}_${VERSION}_${arch}.deb" test -z "$DEPENDENCIES" || printf "%b\n" "$DEPENDENCIES" echo "Description: $(printf '%s' "$DESCRIPTION" | head -n 1)" echo "Description-md5: $(printf '%s' "$DESCRIPTION" | md5sum | cut -d' ' -f 1)" + echo "SHA256: 0000000000000000000000000000000000000000000000000000000000000000" echo } >> "${PPATH}/Packages" done @@ -2032,7 +2033,7 @@ testaptautotestnodpkgwarning() { if expr match "$2" '^-dy\?' >/dev/null 2>&1; then return; fi # download-only mode shift done - testfailure grep '^dpkg: warning:.*ignor.*' "${TMPWORKINGDIRECTORY}/rootdir/tmp-before/${TESTCALL}.output" + testfailure grep '^dpkg: warning:.*\(ignor\|unknown\).*' "${TMPWORKINGDIRECTORY}/rootdir/tmp-before/${TESTCALL}.output" } aptautotest_aptget_install() { testaptautotestnodpkgwarning "$@"; } diff --git a/test/integration/test-apt-get-autoremove b/test/integration/test-apt-get-autoremove index cfee748af..8af864acb 100755 --- a/test/integration/test-apt-get-autoremove +++ b/test/integration/test-apt-get-autoremove @@ -152,3 +152,6 @@ Remv foo-multi2-1 [1] Remv foo-multi2-2 [1] Remv foo-plus-1 [1] Remv foo-plus-2 [1]' apt autoremove -s + +testdpkgstatus 'pi' '1' 'unrelated' +testsuccess apt purge unrelated -y diff --git a/test/integration/test-apt-get-install-deb b/test/integration/test-apt-get-install-deb index 5f2877dfd..7baaf0ee5 100755 --- a/test/integration/test-apt-get-install-deb +++ b/test/integration/test-apt-get-install-deb @@ -168,3 +168,29 @@ testsuccess apt show --with-source ./Packages pkg-as-it-should-be testequal 'Package: pkg-as-it-should-be' head -n1 rootdir/tmp/testsuccess.output testsuccess apt install -y --with-source ./Packages pkg-as-it-should-be testdpkginstalled 'pkg-as-it-should-be' +rm -f ./Packages + +echo 'dpkg::install::recursive "true"; +dpkg::install::recursive::force "true"; +dpkg::install::recursive::minimum "0";' > rootdir/etc/apt/apt.conf.d/lowerminimum.conf +mv ./incoming/pkg-as-it-should-be_0_all.deb ./incoming/pkg-as-it-should-be_0_all.ddeb +testsuccess aptget install -y ./incoming/pkg-as-it-should-be_0_all.ddeb --reinstall +testfailure grep 'is already the newest version' rootdir/tmp/testsuccess.output +testsuccess apt purge -y pkg-as-it-should-be +testdpkgnotinstalled 'pkg-as-it-should-be' + +mv ./incoming/pkg-as-it-should-be_0_all.ddeb ./incoming/pkg-as-it-should-be_0_all.foobar +echo "Package: pkg-as-it-should-be +Architecture: all +Version: 0 +Installed-Size: 2903 +Filename: incoming/pkg-as-it-should-be_0_all.foobar +Size: $(stat -c %s incoming/pkg-as-it-should-be_0_all.foobar) +SHA256: $(sha256sum incoming/pkg-as-it-should-be_0_all.foobar | cut -d' ' -f 1) +" | gzip > Packages.gz +testsuccess apt install --with-source ./Packages.gz pkg-as-it-should-be -s +testsuccess apt install --with-source ./Packages.gz pkg-as-it-should-be --print-uris +testsuccess apt show --with-source ./Packages.gz pkg-as-it-should-be +testequal 'Package: pkg-as-it-should-be' head -n1 rootdir/tmp/testsuccess.output +testsuccess apt install -y --with-source ./Packages.gz pkg-as-it-should-be +testdpkginstalled 'pkg-as-it-should-be' diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key index 759ce1487..96cfe41fa 100755 --- a/test/integration/test-apt-key +++ b/test/integration/test-apt-key @@ -81,6 +81,20 @@ gpg: unchanged: 1' aptkey --fakeroot update testsuccess --nomsg aptkey --fakeroot del d141dbac8dae testempty aptkey list + if [ "$(id -u)" != '0' ]; then + msgtest 'Test key removal with' 'unreadable key' + cleanplate + cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg" + echo 'foobar' > "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg" + chmod 000 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg" + testwarning --nomsg aptkey --fakeroot del d141dbac8dae + testwarning aptkey list + chmod 644 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg" + rm -f "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg" + grep -v '^W: ' "${ROOTDIR}/tmp/testwarning.output" > "${ROOTDIR}/aptkeylist.output" || true + testempty cat "${ROOTDIR}/aptkeylist.output" + fi + msgtest 'Test key removal with' 'single key in real file' cleanplate cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg" @@ -202,6 +216,16 @@ gpg: unchanged: 1' aptkey --fakeroot update msgtest 'Test verify a file' 'with all keys' testsuccess --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}" + if [ "$(id -u)" != '0' ]; then + msgtest 'Test verify a file' 'with unreadable key' + echo 'foobar' > "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg" + chmod 000 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg" + testwarning --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}" + testwarning aptkey list + chmod 644 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg" + rm -f "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg" + fi + msgtest 'Test verify a file' 'with good keyring' testsuccess --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/testcase-multikey.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}" diff --git a/test/integration/test-apt-redirect-loop b/test/integration/test-apt-redirect-loop index b54f74276..e1a8aeea0 100755 --- a/test/integration/test-apt-redirect-loop +++ b/test/integration/test-apt-redirect-loop @@ -7,9 +7,6 @@ TESTDIR="$(readlink -f "$(dirname "$0")")" setupenvironment configarchitecture "i386" -insertpackage 'stable' 'apt' 'all' '1' -setupaptarchive --no-update - echo 'alright' > aptarchive/working changetohttpswebserver webserverconfig 'aptwebserver::redirect::replace::/redirectme3/' '/redirectme/' diff --git a/test/integration/test-bug-605394-versioned-or-groups b/test/integration/test-bug-605394-versioned-or-groups index a362463d5..43f35f79b 100755 --- a/test/integration/test-bug-605394-versioned-or-groups +++ b/test/integration/test-bug-605394-versioned-or-groups @@ -24,3 +24,7 @@ if aptget dist-upgrade --trivial-only -o Debug::pkgProblemResolver=1 -o Debug::p else msgpass fi + +# the Packages file includes only MD5 +testfailure aptget dist-upgrade -y +testsuccess grep 'Insufficient information available to perform this download securely' rootdir/tmp/testfailure.output diff --git a/test/integration/test-bug-722207-print-uris-even-if-very-quiet b/test/integration/test-bug-722207-print-uris-even-if-very-quiet index d8d3c7218..82c1d715f 100755 --- a/test/integration/test-bug-722207-print-uris-even-if-very-quiet +++ b/test/integration/test-bug-722207-print-uris-even-if-very-quiet @@ -20,7 +20,7 @@ APTARCHIVE=$(readlink -f ./aptarchive) testsuccessequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget upgrade -qq --print-uris testsuccessequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget dist-upgrade -qq --print-uris testsuccessequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget install apt -qq --print-uris -testsuccessequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget download apt -qq --print-uris +testsuccessequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 SHA256:0000000000000000000000000000000000000000000000000000000000000000" aptget download apt -qq --print-uris testsuccessequal "'file://${APTARCHIVE}/apt_2.dsc' apt_2.dsc 9 SHA256:7776436a6d741497f1cd958014e1a05b352224231428152aae39da3c17fd2fd4 'file://${APTARCHIVE}/apt_2.tar.gz' apt_2.tar.gz 12 SHA256:f57f565eabe3fde0ec6e6e0bcc8db1d86fe2b4d6344a380a23520ddbb7728e99" aptget source apt -qq --print-uris testsuccessequal "'http://metadata.ftp-master.debian.org/changelogs/main/a/apt/apt_2_changelog' apt.changelog" aptget changelog apt -qq --print-uris diff --git a/test/integration/test-handle-redirect-as-used-mirror-change b/test/integration/test-handle-redirect-as-used-mirror-change index 2e8fbeff6..2655f713c 100755 --- a/test/integration/test-handle-redirect-as-used-mirror-change +++ b/test/integration/test-handle-redirect-as-used-mirror-change @@ -78,3 +78,9 @@ testsuccessequal "Ign:1 http://0.0.0.0:${APTHTTPPORT}/storage unstable InRelease 404 Not Found Hit:2 http://0.0.0.0:${APTHTTPPORT} unstable Release Reading package lists..." aptget update + +rm -rf rootdir/var/lib/apt/lists +find aptarchive -name 'Release.gpg' -delete +find aptarchive -name 'Release' -delete +testwarning aptget update +testsuccess grep 'does not have a Release file' rootdir/tmp/testwarning.output diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index 20ca613da..e043fa8b5 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -107,6 +107,19 @@ runtest() { " aptcache show apt installaptold + if [ "$(id -u)" != '0' ]; then + msgmsg 'Cold archive signed by' 'Joe Sixpack + unreadable key' + rm -rf rootdir/var/lib/apt/lists + echo 'foobar' > rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg + chmod 000 rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg + updatewithwarnings '^W: .* is not readable by user' + chmod 644 rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg + rm -f rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg + testsuccessequal "$(cat "${PKGFILE}") +" aptcache show apt + installaptold + fi + msgmsg 'Good warm archive signed by' 'Joe Sixpack' prepare "${PKGFILE}-new" signreleasefiles 'Joe Sixpack' |