diff options
37 files changed, 724 insertions, 472 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index fde45e1fe..8c45acddd 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -190,14 +190,14 @@ static bool MessageInsecureRepository(bool const isError, std::string const &msg _error->Notice("%s", _("See apt-secure(8) manpage for repository creation and user configuration details.")); return false; } -static bool MessageInsecureRepository(bool const isError, char const * const msg, std::string const &repo) +static bool APT_NONNULL(2) MessageInsecureRepository(bool const isError, char const * const msg, std::string const &repo) { std::string m; strprintf(m, msg, repo.c_str()); return MessageInsecureRepository(isError, m); } /*}}}*/ -static bool AllowInsecureRepositories(char const * const msg, std::string const &repo,/*{{{*/ +static bool APT_NONNULL(1, 3, 4, 5) AllowInsecureRepositories(char const * const msg, std::string const &repo,/*{{{*/ metaIndex const * const MetaIndexParser, pkgAcqMetaClearSig * const TransactionManager, pkgAcquire::Item * const I) { if(MetaIndexParser->GetTrusted() == metaIndex::TRI_YES) @@ -239,8 +239,7 @@ APT_CONST bool pkgAcqTransactionItem::HashesRequired() const we can at least trust them for integrity of the download itself. Only repositories without a Release file can (obviously) not have hashes – and they are very uncommon and strongly discouraged */ - return TransactionManager->MetaIndexParser != NULL && - TransactionManager->MetaIndexParser->GetLoadedSuccessfully() == metaIndex::TRI_YES; + return TransactionManager->MetaIndexParser->GetLoadedSuccessfully() == metaIndex::TRI_YES; } HashStringList pkgAcqTransactionItem::GetExpectedHashes() const { @@ -331,20 +330,19 @@ bool pkgAcqTransactionItem::QueueURI(pkgAcquire::ItemDesc &Item) return false; } std::string const FinalFile = GetFinalFilename(); - if (TransactionManager != NULL && TransactionManager->IMSHit == true && - FileExists(FinalFile) == true) + if (TransactionManager->IMSHit == true && FileExists(FinalFile) == true) { PartialFile = DestFile = FinalFile; Status = StatDone; return false; } // If we got the InRelease file via a mirror, pick all indexes directly from this mirror, too - if (TransactionManager != nullptr && TransactionManager->BaseURI.empty() == false && + if (TransactionManager->BaseURI.empty() == false && URI::SiteOnly(Item.URI) != URI::SiteOnly(TransactionManager->BaseURI)) { // this ensures we rewrite only once and only the first step auto const OldBaseURI = Target.Option(IndexTarget::BASE_URI); - if (APT::String::Startswith(Item.URI, OldBaseURI)) + if (OldBaseURI.empty() == false && APT::String::Startswith(Item.URI, OldBaseURI)) { auto const ExtraPath = Item.URI.substr(OldBaseURI.length()); Item.URI = flCombine(TransactionManager->BaseURI, ExtraPath); @@ -936,10 +934,8 @@ static void LoadLastMetaIndexParser(pkgAcqMetaClearSig * const TransactionManage // AcqMetaBase - Constructor /*{{{*/ pkgAcqMetaBase::pkgAcqMetaBase(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, - std::vector<IndexTarget> const &IndexTargets, IndexTarget const &DataTarget) : pkgAcqTransactionItem(Owner, TransactionManager, DataTarget), d(NULL), - IndexTargets(IndexTargets), AuthPass(false), IMSHit(false), State(TransactionStarted) { } @@ -1107,7 +1103,7 @@ bool pkgAcqMetaBase::CheckDownloadDone(pkgAcqTransactionItem * const I, const st { if (APT::String::Endswith(I->Desc.URI, "InRelease")) TransactionManager->BaseURI = I->Desc.URI.substr(0, I->Desc.URI.length() - strlen("InRelease")); - else + else if (APT::String::Endswith(I->Desc.URI, "Release")) TransactionManager->BaseURI = I->Desc.URI.substr(0, I->Desc.URI.length() - strlen("Release")); } @@ -1137,8 +1133,7 @@ bool pkgAcqMetaBase::CheckDownloadDone(pkgAcqTransactionItem * const I, const st { // for simplicity, the transaction manager is always InRelease // even if it doesn't exist. - if (TransactionManager != NULL) - TransactionManager->IMSHit = true; + TransactionManager->IMSHit = true; I->PartialFile = I->DestFile = I->GetFinalFilename(); } @@ -1191,60 +1186,64 @@ bool pkgAcqMetaBase::CheckAuthDone(string const &Message) /*{{{*/ << DestFile << std::endl; // Download further indexes with verification - QueueIndexes(true); + TransactionManager->QueueIndexes(true); return true; } /*}}}*/ -void pkgAcqMetaBase::QueueIndexes(bool const verify) /*{{{*/ +void pkgAcqMetaClearSig::QueueIndexes(bool const verify) /*{{{*/ { // at this point the real Items are loaded in the fetcher ExpectedAdditionalItems = 0; - bool metaBaseSupportsByHash = false; - if (TransactionManager != NULL && TransactionManager->MetaIndexParser != NULL) - metaBaseSupportsByHash = TransactionManager->MetaIndexParser->GetSupportsAcquireByHash(); - - for (std::vector <IndexTarget>::iterator Target = IndexTargets.begin(); - Target != IndexTargets.end(); - ++Target) + std::set<std::string> targetsSeen; + bool const metaBaseSupportsByHash = TransactionManager->MetaIndexParser->GetSupportsAcquireByHash(); + for (auto &Target: TransactionManager->MetaIndexParser->GetIndexTargets()) { + // if we have seen a target which is created-by a target this one here is declared a + // fallback to, we skip acquiring the fallback (but we make sure we clean up) + if (targetsSeen.find(Target.Option(IndexTarget::FALLBACK_OF)) != targetsSeen.end()) + { + targetsSeen.emplace(Target.Option(IndexTarget::CREATED_BY)); + new CleanupItem(Owner, TransactionManager, Target); + continue; + } // all is an implementation detail. Users shouldn't use this as arch // We need this support trickery here as e.g. Debian has binary-all files already, // but arch:all packages are still in the arch:any files, so we would waste precious // download time, bandwidth and diskspace for nothing, BUT Debian doesn't feature all // in the set of supported architectures, so we can filter based on this property rather // than invent an entirely new flag we would need to carry for all of eternity. - if (Target->Option(IndexTarget::ARCHITECTURE) == "all") + if (Target.Option(IndexTarget::ARCHITECTURE) == "all") { if (TransactionManager->MetaIndexParser->IsArchitectureSupported("all") == false || - TransactionManager->MetaIndexParser->IsArchitectureAllSupportedFor(*Target) == false) + TransactionManager->MetaIndexParser->IsArchitectureAllSupportedFor(Target) == false) { - new CleanupItem(Owner, TransactionManager, *Target); + new CleanupItem(Owner, TransactionManager, Target); continue; } } - bool trypdiff = Target->OptionBool(IndexTarget::PDIFFS); + bool trypdiff = Target.OptionBool(IndexTarget::PDIFFS); if (verify == true) { - if (TransactionManager->MetaIndexParser->Exists(Target->MetaKey) == false) + if (TransactionManager->MetaIndexParser->Exists(Target.MetaKey) == false) { // optional targets that we do not have in the Release file are skipped - if (Target->IsOptional) + if (Target.IsOptional) { - new CleanupItem(Owner, TransactionManager, *Target); + new CleanupItem(Owner, TransactionManager, Target); continue; } - std::string const &arch = Target->Option(IndexTarget::ARCHITECTURE); + std::string const &arch = Target.Option(IndexTarget::ARCHITECTURE); if (arch.empty() == false) { if (TransactionManager->MetaIndexParser->IsArchitectureSupported(arch) == false) { - new CleanupItem(Owner, TransactionManager, *Target); + new CleanupItem(Owner, TransactionManager, Target); _error->Notice(_("Skipping acquire of configured file '%s' as repository '%s' doesn't support architecture '%s'"), - Target->MetaKey.c_str(), TransactionManager->Target.Description.c_str(), arch.c_str()); + Target.MetaKey.c_str(), TransactionManager->Target.Description.c_str(), arch.c_str()); continue; } // if the architecture is officially supported but currently no packages for it available, @@ -1252,49 +1251,50 @@ void pkgAcqMetaBase::QueueIndexes(bool const verify) /*{{{*/ // if we don't know which architectures are supported, we do NOT ignore it to notify user about this if (TransactionManager->MetaIndexParser->IsArchitectureSupported("*undefined*") == false) { - new CleanupItem(Owner, TransactionManager, *Target); + new CleanupItem(Owner, TransactionManager, Target); continue; } } Status = StatAuthError; - strprintf(ErrorText, _("Unable to find expected entry '%s' in Release file (Wrong sources.list entry or malformed file)"), Target->MetaKey.c_str()); + strprintf(ErrorText, _("Unable to find expected entry '%s' in Release file (Wrong sources.list entry or malformed file)"), Target.MetaKey.c_str()); return; } else { - auto const hashes = GetExpectedHashesFor(Target->MetaKey); + auto const hashes = GetExpectedHashesFor(Target.MetaKey); if (hashes.empty() == false) { if (hashes.usable() == false) { - new CleanupItem(Owner, TransactionManager, *Target); + new CleanupItem(Owner, TransactionManager, Target); _error->Warning(_("Skipping acquire of configured file '%s' as repository '%s' provides only weak security information for it"), - Target->MetaKey.c_str(), TransactionManager->Target.Description.c_str()); + Target.MetaKey.c_str(), TransactionManager->Target.Description.c_str()); continue; } // empty files are skipped as acquiring the very small compressed files is a waste of time else if (hashes.FileSize() == 0) { - new CleanupItem(Owner, TransactionManager, *Target); + new CleanupItem(Owner, TransactionManager, Target); + targetsSeen.emplace(Target.Option(IndexTarget::CREATED_BY)); continue; } } } // autoselect the compression method - std::vector<std::string> types = VectorizeString(Target->Option(IndexTarget::COMPRESSIONTYPES), ' '); + std::vector<std::string> types = VectorizeString(Target.Option(IndexTarget::COMPRESSIONTYPES), ' '); types.erase(std::remove_if(types.begin(), types.end(), [&](std::string const &t) { if (t == "uncompressed") - return TransactionManager->MetaIndexParser->Exists(Target->MetaKey) == false; - std::string const MetaKey = Target->MetaKey + "." + t; + return TransactionManager->MetaIndexParser->Exists(Target.MetaKey) == false; + std::string const MetaKey = Target.MetaKey + "." + t; return TransactionManager->MetaIndexParser->Exists(MetaKey) == false; }), types.end()); if (types.empty() == false) { std::ostringstream os; // add the special compressiontype byhash first if supported - std::string const useByHashConf = Target->Option(IndexTarget::BY_HASH); + std::string const useByHashConf = Target.Option(IndexTarget::BY_HASH); bool useByHash = false; if(useByHashConf == "force") useByHash = true; @@ -1304,12 +1304,12 @@ void pkgAcqMetaBase::QueueIndexes(bool const verify) /*{{{*/ os << "by-hash "; std::copy(types.begin(), types.end()-1, std::ostream_iterator<std::string>(os, " ")); os << *types.rbegin(); - Target->Options["COMPRESSIONTYPES"] = os.str(); + Target.Options["COMPRESSIONTYPES"] = os.str(); } else - Target->Options["COMPRESSIONTYPES"].clear(); + Target.Options["COMPRESSIONTYPES"].clear(); - std::string filename = GetExistingFilename(GetFinalFileNameFromURI(Target->URI)); + std::string filename = GetExistingFilename(GetFinalFileNameFromURI(Target.URI)); if (filename.empty() == false) { // if the Release file is a hit and we have an index it must be the current one @@ -1320,8 +1320,8 @@ void pkgAcqMetaBase::QueueIndexes(bool const verify) /*{{{*/ // see if the file changed since the last Release file // we use the uncompressed files as we might compress differently compared to the server, // so the hashes might not match, even if they contain the same data. - HashStringList const newFile = GetExpectedHashesFromFor(TransactionManager->MetaIndexParser, Target->MetaKey); - HashStringList const oldFile = GetExpectedHashesFromFor(TransactionManager->LastMetaIndexParser, Target->MetaKey); + HashStringList const newFile = GetExpectedHashesFromFor(TransactionManager->MetaIndexParser, Target.MetaKey); + HashStringList const oldFile = GetExpectedHashesFromFor(TransactionManager->LastMetaIndexParser, Target.MetaKey); if (newFile != oldFile) filename.clear(); } @@ -1333,35 +1333,37 @@ void pkgAcqMetaBase::QueueIndexes(bool const verify) /*{{{*/ if (filename.empty() == false) { - new NoActionItem(Owner, *Target, filename); - std::string const idxfilename = GetFinalFileNameFromURI(GetDiffIndexURI(*Target)); + new NoActionItem(Owner, Target, filename); + std::string const idxfilename = GetFinalFileNameFromURI(GetDiffIndexURI(Target)); if (FileExists(idxfilename)) - new NoActionItem(Owner, *Target, idxfilename); + new NoActionItem(Owner, Target, idxfilename); + targetsSeen.emplace(Target.Option(IndexTarget::CREATED_BY)); continue; } // check if we have patches available - trypdiff &= TransactionManager->MetaIndexParser->Exists(GetDiffIndexFileName(Target->MetaKey)); + trypdiff &= TransactionManager->MetaIndexParser->Exists(GetDiffIndexFileName(Target.MetaKey)); } else { // if we have no file to patch, no point in trying - trypdiff &= (GetExistingFilename(GetFinalFileNameFromURI(Target->URI)).empty() == false); + trypdiff &= (GetExistingFilename(GetFinalFileNameFromURI(Target.URI)).empty() == false); } // no point in patching from local sources if (trypdiff) { - std::string const proto = Target->URI.substr(0, strlen("file:/")); + std::string const proto = Target.URI.substr(0, strlen("file:/")); if (proto == "file:/" || proto == "copy:/" || proto == "cdrom:") trypdiff = false; } // Queue the Index file (Packages, Sources, Translation-$foo, …) + targetsSeen.emplace(Target.Option(IndexTarget::CREATED_BY)); if (trypdiff) - new pkgAcqDiffIndex(Owner, TransactionManager, *Target); + new pkgAcqDiffIndex(Owner, TransactionManager, Target); else - new pkgAcqIndex(Owner, TransactionManager, *Target); + new pkgAcqIndex(Owner, TransactionManager, Target); } } /*}}}*/ @@ -1453,15 +1455,14 @@ pkgAcqMetaBase::~pkgAcqMetaBase() pkgAcqMetaClearSig::pkgAcqMetaClearSig(pkgAcquire * const Owner, /*{{{*/ IndexTarget const &ClearsignedTarget, IndexTarget const &DetachedDataTarget, IndexTarget const &DetachedSigTarget, - std::vector<IndexTarget> const &IndexTargets, metaIndex * const MetaIndexParser) : - pkgAcqMetaIndex(Owner, this, ClearsignedTarget, DetachedSigTarget, IndexTargets), + pkgAcqMetaIndex(Owner, this, ClearsignedTarget, DetachedSigTarget), d(NULL), ClearsignedTarget(ClearsignedTarget), DetachedDataTarget(DetachedDataTarget), MetaIndexParser(MetaIndexParser), LastMetaIndexParser(NULL) { // index targets + (worst case:) Release/Release.gpg - ExpectedAdditionalItems = IndexTargets.size() + 2; + ExpectedAdditionalItems = std::numeric_limits<decltype(ExpectedAdditionalItems)>::max(); TransactionManager->Add(this); } /*}}}*/ @@ -1487,7 +1488,7 @@ void pkgAcqMetaClearSig::Finished() /*{{{*/ { if(_config->FindB("Debug::Acquire::Transaction", false) == true) std::clog << "Finished: " << DestFile <<std::endl; - if(TransactionManager != NULL && TransactionManager->State == TransactionStarted && + if(TransactionManager->State == TransactionStarted && TransactionManager->TransactionHasError() == false) TransactionManager->CommitTransaction(); } @@ -1535,9 +1536,6 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c { Item::Failed(Message, Cnf); - // we failed, we will not get additional items from this method - ExpectedAdditionalItems = 0; - if (AuthPass == false) { if (Status == StatAuthError || Status == StatTransientNetworkError) @@ -1556,7 +1554,7 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c TransactionManager->TransactionStageRemoval(this, GetFinalFilename()); Status = StatDone; - new pkgAcqMetaIndex(Owner, TransactionManager, DetachedDataTarget, DetachedSigTarget, IndexTargets); + new pkgAcqMetaIndex(Owner, TransactionManager, DetachedDataTarget, DetachedSigTarget); } else { @@ -1585,7 +1583,7 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c if (TransactionManager->MetaIndexParser->Load(PartialRelease, &ErrorText) == false || VerifyVendor(Message) == false) /* expired Release files are still a problem you need extra force for */; else - QueueIndexes(true); + TransactionManager->QueueIndexes(true); } } } @@ -1594,9 +1592,8 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire * const Owner, /*{{{*/ pkgAcqMetaClearSig * const TransactionManager, IndexTarget const &DataTarget, - IndexTarget const &DetachedSigTarget, - vector<IndexTarget> const &IndexTargets) : - pkgAcqMetaBase(Owner, TransactionManager, IndexTargets, DataTarget), d(NULL), + IndexTarget const &DetachedSigTarget) : + pkgAcqMetaBase(Owner, TransactionManager, DataTarget), d(NULL), DetachedSigTarget(DetachedSigTarget) { if(_config->FindB("Debug::Acquire::Transaction", false) == true) @@ -1610,9 +1607,6 @@ pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire * const Owner, /*{{{*/ Desc.Owner = this; Desc.ShortDesc = DataTarget.ShortDesc; Desc.URI = DataTarget.URI; - - // we expect more item - ExpectedAdditionalItems = IndexTargets.size(); QueueURI(Desc); } /*}}}*/ @@ -1647,7 +1641,7 @@ void pkgAcqMetaIndex::Failed(string const &Message, TransactionManager->TransactionStageRemoval(this, GetFinalFilename()); // queue without any kind of hashsum support - QueueIndexes(false); + TransactionManager->QueueIndexes(false); } } /*}}}*/ @@ -1793,7 +1787,7 @@ void pkgAcqMetaSig::Failed(string const &Message,pkgAcquire::MethodConfig const if (MetaIndex->VerifyVendor(Message) == false) /* expired Release files are still a problem you need extra force for */; else - MetaIndex->QueueIndexes(GoodLoad); + TransactionManager->QueueIndexes(GoodLoad); TransactionManager->TransactionStageCopy(MetaIndex, MetaIndex->DestFile, MetaIndex->GetFinalFilename()); } @@ -1820,8 +1814,7 @@ pkgAcqBaseIndex::pkgAcqBaseIndex(pkgAcquire * const Owner, void pkgAcqBaseIndex::Failed(std::string const &Message,pkgAcquire::MethodConfig const * const Cnf)/*{{{*/ { pkgAcquire::Item::Failed(Message, Cnf); - if (TransactionManager == nullptr || TransactionManager->MetaIndexParser == nullptr || - Status != StatAuthError) + if (Status != StatAuthError) return; ErrorText.append("Release file created at: "); @@ -1847,6 +1840,9 @@ pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire * const Owner, IndexTarget const &Target) : pkgAcqBaseIndex(Owner, TransactionManager, Target), d(NULL), diffs(NULL) { + // FIXME: Magic number as an upper bound on pdiffs we will reasonably acquire + ExpectedAdditionalItems = 40; + Debug = _config->FindB("Debug::pkgAcquire::Diffs",false); Desc.Owner = this; @@ -1891,6 +1887,7 @@ void pkgAcqDiffIndex::QueueOnIMSHit() const /*{{{*/ /*}}}*/ bool pkgAcqDiffIndex::ParseDiffIndex(string const &IndexDiffFile) /*{{{*/ { + ExpectedAdditionalItems = 0; // failing here is fine: our caller will take care of trying to // get the complete file if patching fails if(Debug) @@ -2167,7 +2164,7 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string const &IndexDiffFile) /*{{{*/ // calculate the size of all patches we have to get unsigned short const sizeLimitPercent = _config->FindI("Acquire::PDiffs::SizeLimit", 100); - if (sizeLimitPercent > 0 && TransactionManager->MetaIndexParser != nullptr) + if (sizeLimitPercent > 0) { unsigned long long downloadSize = std::accumulate(available_patches.begin(), available_patches.end(), 0llu, [](unsigned long long const T, DiffInfo const &I) { @@ -2274,6 +2271,7 @@ void pkgAcqDiffIndex::Failed(string const &Message,pkgAcquire::MethodConfig cons { pkgAcqBaseIndex::Failed(Message,Cnf); Status = StatDone; + ExpectedAdditionalItems = 0; if(Debug) std::clog << "pkgAcqDiffIndex failed: " << Desc.URI << " with " << Message << std::endl @@ -2733,7 +2731,7 @@ void pkgAcqIndex::Init(string const &URI, string const &URIDesc, else if (CurrentCompressionExtension == "by-hash") { NextCompressionExtension(CurrentCompressionExtension, CompressionExtensions, true); - if(unlikely(TransactionManager->MetaIndexParser == NULL || CurrentCompressionExtension.empty())) + if(unlikely(CurrentCompressionExtension.empty())) return; if (CurrentCompressionExtension != "uncompressed") { diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h index 41420a7c1..92f1ac215 100644 --- a/apt-pkg/acquire-item.h +++ b/apt-pkg/acquire-item.h @@ -393,7 +393,7 @@ class APT_HIDDEN pkgAcqTransactionItem: public pkgAcquire::Item /*{{{*/ virtual bool HashesRequired() const APT_OVERRIDE; - pkgAcqTransactionItem(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, IndexTarget const &Target); + pkgAcqTransactionItem(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, IndexTarget const &Target) APT_NONNULL(2, 3); virtual ~pkgAcqTransactionItem(); friend class pkgAcqMetaBase; @@ -407,25 +407,10 @@ class APT_HIDDEN pkgAcqMetaBase : public pkgAcqTransactionItem /*{{{*/ protected: std::vector<pkgAcqTransactionItem*> Transaction; - /** \brief The index files which should be looked up in the meta-index - * and then downloaded. - */ - std::vector<IndexTarget> IndexTargets; - /** \brief If \b true, the index's signature is currently being verified. */ bool AuthPass; - /** \brief Starts downloading the individual index files. - * - * \param verify If \b true, only indices whose expected hashsum - * can be determined from the meta-index will be downloaded, and - * the hashsums of indices will be checked (reporting - * #StatAuthError if there is a mismatch). If verify is \b false, - * no hashsum checking will be performed. - */ - void QueueIndexes(bool const verify); - /** \brief Called when a file is finished being retrieved. * * If the file was not downloaded to DestFile, a copy process is @@ -494,8 +479,7 @@ class APT_HIDDEN pkgAcqMetaBase : public pkgAcqTransactionItem /*{{{*/ virtual std::string GetFinalFilename() const APT_OVERRIDE; pkgAcqMetaBase(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, - std::vector<IndexTarget> const &IndexTargets, - IndexTarget const &DataTarget); + IndexTarget const &DataTarget) APT_NONNULL(2, 3); virtual ~pkgAcqMetaBase(); }; /*}}}*/ @@ -528,8 +512,7 @@ class APT_HIDDEN pkgAcqMetaIndex : public pkgAcqMetaBase /** \brief Create a new pkgAcqMetaIndex. */ pkgAcqMetaIndex(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, - IndexTarget const &DataTarget, IndexTarget const &DetachedSigTarget, - std::vector<IndexTarget> const &IndexTargets); + IndexTarget const &DataTarget, IndexTarget const &DetachedSigTarget) APT_NONNULL(2, 3); virtual ~pkgAcqMetaIndex(); friend class pkgAcqMetaSig; @@ -568,7 +551,7 @@ class APT_HIDDEN pkgAcqMetaSig : public pkgAcqTransactionItem /** \brief Create a new pkgAcqMetaSig. */ pkgAcqMetaSig(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, - IndexTarget const &Target, pkgAcqMetaIndex * const MetaIndex); + IndexTarget const &Target, pkgAcqMetaIndex * const MetaIndex) APT_NONNULL(2, 3, 5); virtual ~pkgAcqMetaSig(); }; /*}}}*/ @@ -592,12 +575,21 @@ class APT_HIDDEN pkgAcqMetaClearSig : public pkgAcqMetaIndex pkgAcquire::MethodConfig const * const Cnf) APT_OVERRIDE; virtual void Finished() APT_OVERRIDE; + /** \brief Starts downloading the individual index files. + * + * \param verify If \b true, only indices whose expected hashsum + * can be determined from the meta-index will be downloaded, and + * the hashsums of indices will be checked (reporting + * #StatAuthError if there is a mismatch). If verify is \b false, + * no hashsum checking will be performed. + */ + void QueueIndexes(bool const verify); + /** \brief Create a new pkgAcqMetaClearSig. */ pkgAcqMetaClearSig(pkgAcquire * const Owner, IndexTarget const &ClearsignedTarget, IndexTarget const &DetachedDataTarget, IndexTarget const &DetachedSigTarget, - std::vector<IndexTarget> const &IndexTargets, metaIndex * const MetaIndexParser); virtual ~pkgAcqMetaClearSig(); }; @@ -613,7 +605,7 @@ class APT_HIDDEN pkgAcqBaseIndex : public pkgAcqTransactionItem virtual void Failed(std::string const &Message,pkgAcquire::MethodConfig const * const Cnf) APT_OVERRIDE; pkgAcqBaseIndex(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, - IndexTarget const &Target); + IndexTarget const &Target) APT_NONNULL(2, 3); virtual ~pkgAcqBaseIndex(); }; /*}}}*/ @@ -678,7 +670,7 @@ class APT_HIDDEN pkgAcqDiffIndex : public pkgAcqBaseIndex * \param ShortDesc A short description of the list file to download. */ pkgAcqDiffIndex(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, - IndexTarget const &Target); + IndexTarget const &Target) APT_NONNULL(2, 3); virtual ~pkgAcqDiffIndex(); private: APT_HIDDEN void QueueOnIMSHit() const; @@ -778,7 +770,7 @@ class APT_HIDDEN pkgAcqIndexMergeDiffs : public pkgAcqBaseIndex */ pkgAcqIndexMergeDiffs(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, IndexTarget const &Target, DiffInfo const &patch, - std::vector<pkgAcqIndexMergeDiffs*> const * const allPatches); + std::vector<pkgAcqIndexMergeDiffs*> const * const allPatches) APT_NONNULL(2, 3, 6); virtual ~pkgAcqIndexMergeDiffs(); }; /*}}}*/ @@ -889,7 +881,7 @@ class APT_HIDDEN pkgAcqIndexDiffs : public pkgAcqBaseIndex */ pkgAcqIndexDiffs(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, IndexTarget const &Target, - std::vector<DiffInfo> const &diffs=std::vector<DiffInfo>()); + std::vector<DiffInfo> const &diffs=std::vector<DiffInfo>()) APT_NONNULL(2, 3); virtual ~pkgAcqIndexDiffs(); }; /*}}}*/ @@ -956,7 +948,7 @@ class APT_HIDDEN pkgAcqIndex : public pkgAcqBaseIndex virtual std::string GetMetaKey() const APT_OVERRIDE; pkgAcqIndex(pkgAcquire * const Owner, pkgAcqMetaClearSig * const TransactionManager, - IndexTarget const &Target); + IndexTarget const &Target) APT_NONNULL(2, 3); virtual ~pkgAcqIndex(); private: diff --git a/apt-pkg/acquire-worker.cc b/apt-pkg/acquire-worker.cc index 69ca6a28e..2ad0eda7f 100644 --- a/apt-pkg/acquire-worker.cc +++ b/apt-pkg/acquire-worker.cc @@ -273,16 +273,19 @@ bool pkgAcquire::Worker::RunMessages() // if we change site, treat it as a mirror change if (URI::SiteOnly(NewURI) != URI::SiteOnly(desc.URI)) { - std::string const OldSite = desc.Description.substr(0, desc.Description.find(" ")); - if (likely(APT::String::Startswith(desc.URI, OldSite))) + auto const firstSpace = desc.Description.find(" "); + if (firstSpace != std::string::npos) { - std::string const OldExtra = desc.URI.substr(OldSite.length() + 1); - if (likely(APT::String::Endswith(NewURI, OldExtra))) + std::string const OldSite = desc.Description.substr(0, firstSpace); + if (likely(APT::String::Startswith(desc.URI, OldSite))) { - std::string const NewSite = NewURI.substr(0, NewURI.length() - OldExtra.length()); - Owner->UsedMirror = URI::ArchiveOnly(NewSite); - if (desc.Description.find(" ") != string::npos) - desc.Description.replace(0, desc.Description.find(" "), Owner->UsedMirror); + std::string const OldExtra = desc.URI.substr(OldSite.length() + 1); + if (likely(APT::String::Endswith(NewURI, OldExtra))) + { + std::string const NewSite = NewURI.substr(0, NewURI.length() - OldExtra.length()); + Owner->UsedMirror = URI::ArchiveOnly(NewSite); + desc.Description.replace(0, firstSpace, Owner->UsedMirror); + } } } } diff --git a/apt-pkg/acquire.cc b/apt-pkg/acquire.cc index c65aef329..7a44d8599 100644 --- a/apt-pkg/acquire.cc +++ b/apt-pkg/acquire.cc @@ -1147,7 +1147,7 @@ bool pkgAcquireStatus::Pulse(pkgAcquire *Owner) // Compute the total number of bytes to fetch unsigned int Unknown = 0; unsigned int Count = 0; - bool UnfetchedReleaseFiles = false; + bool ExpectAdditionalItems = false; for (pkgAcquire::ItemCIterator I = Owner->ItemsBegin(); I != Owner->ItemsEnd(); ++I, ++Count) @@ -1156,12 +1156,9 @@ bool pkgAcquireStatus::Pulse(pkgAcquire *Owner) if ((*I)->Status == pkgAcquire::Item::StatDone) ++CurrentItems; - // see if the method tells us to expect more - TotalItems += (*I)->ExpectedAdditionalItems; - - // check if there are unfetched Release files - if ((*I)->Status != pkgAcquire::Item::StatDone && (*I)->ExpectedAdditionalItems > 0) - UnfetchedReleaseFiles = true; + // do we expect to acquire more files than we know of yet? + if ((*I)->ExpectedAdditionalItems > 0) + ExpectAdditionalItems = true; TotalBytes += (*I)->FileSize; if ((*I)->Complete == true) @@ -1218,7 +1215,7 @@ bool pkgAcquireStatus::Pulse(pkgAcquire *Owner) double const OldPercent = Percent; // calculate the percentage, if we have too little data assume 1% - if (TotalBytes > 0 && UnfetchedReleaseFiles) + if (ExpectAdditionalItems) Percent = 0; else // use both files and bytes because bytes can be unreliable diff --git a/apt-pkg/contrib/configuration.cc b/apt-pkg/contrib/configuration.cc index d4bb72a8b..3cb7fde06 100644 --- a/apt-pkg/contrib/configuration.cc +++ b/apt-pkg/contrib/configuration.cc @@ -29,8 +29,10 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> + #include <algorithm> #include <string> +#include <stack> #include <vector> #include <fstream> @@ -674,6 +676,16 @@ string Configuration::Item::FullTag(const Item *Stop) const sections like 'zone "foo.org" { .. };' This causes each section to be added in with a tag like "zone::foo.org" instead of being split tag/value. AsSectional enables Sectional parsing.*/ +static void leaveCurrentScope(std::stack<std::string> &Stack, std::string &ParentTag) +{ + if (Stack.empty()) + ParentTag.clear(); + else + { + ParentTag = Stack.top(); + Stack.pop(); + } +} bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectional, unsigned const &Depth) { @@ -683,8 +695,7 @@ bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectio return _error->Errno("ifstream::ifstream",_("Opening configuration file %s"),FName.c_str()); string LineBuffer; - string Stack[100]; - unsigned int StackPos = 0; + std::stack<std::string> Stack; // Parser state string ParentTag; @@ -753,12 +764,12 @@ bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectio Start = I + 2; InComment = false; break; - } + } } if (InComment == true) continue; } - + // Discard single line comments bool InQuote = false; for (std::string::const_iterator I = Start; @@ -803,9 +814,9 @@ bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectio I = J + 1; InComment = false; break; - } + } } - + if (InComment == true) break; } @@ -816,7 +827,7 @@ bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectio // Skip blank lines. if (Fragment.empty()) continue; - + // The line has actual content; interpret what it means. InQuote = false; Start = Fragment.begin(); @@ -826,7 +837,7 @@ bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectio { if (*I == '"') InQuote = !InQuote; - + if (InQuote == false && (*I == '{' || *I == ';' || *I == '}')) { // Put the last fragment into the buffer @@ -845,24 +856,19 @@ bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectio // brace or a semicolon) char TermChar = *I; Start = I + 1; - + // Syntax Error if (TermChar == '{' && LineBuffer.empty() == true) return _error->Error(_("Syntax error %s:%u: Block starts with no name."),FName.c_str(),CurLine); - + // No string on this line if (LineBuffer.empty() == true) { if (TermChar == '}') - { - if (StackPos == 0) - ParentTag = string(); - else - ParentTag = Stack[--StackPos]; - } + leaveCurrentScope(Stack, ParentTag); continue; } - + // Parse off the tag string Tag; const char *Pos = LineBuffer.c_str(); @@ -889,25 +895,23 @@ bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectio // Go down a level if (TermChar == '{') { - if (StackPos < sizeof(Stack)/sizeof(std::string)) - Stack[StackPos++] = ParentTag; - + Stack.push(ParentTag); + /* Make sectional tags incorperate the section into the tag string */ if (AsSectional == true && Word.empty() == false) { - Tag += "::" ; - Tag += Word; - Word = ""; + Tag.append("::").append(Word); + Word.clear(); } - + if (ParentTag.empty() == true) ParentTag = Tag; else - ParentTag += string("::") + Tag; - Tag = string(); + ParentTag.append("::").append(Tag); + Tag.clear(); } - + // Generate the item name string Item; if (ParentTag.empty() == true) @@ -919,7 +923,7 @@ bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectio else Item = ParentTag; } - + // Specials if (Tag.length() >= 1 && Tag[0] == '#') { @@ -941,7 +945,7 @@ bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectio { if (ReadConfigFile(Conf,Word,AsSectional,Depth+1) == false) return _error->Error(_("Syntax error %s:%u: Included from here"),FName.c_str(),CurLine); - } + } } else return _error->Error(_("Syntax error %s:%u: Unsupported directive '%s'"),FName.c_str(),CurLine,Tag.c_str()); @@ -954,19 +958,13 @@ bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectio if (NoWord == false) Conf.Set(Item,Word); } - + // Empty the buffer LineBuffer.clear(); - + // Move up a tag, but only if there is no bit to parse if (TermChar == '}') - { - if (StackPos == 0) - ParentTag.clear(); - else - ParentTag = Stack[--StackPos]; - } - + leaveCurrentScope(Stack, ParentTag); } } diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc index d152eaf68..ead07a479 100644 --- a/apt-pkg/deb/debmetaindex.cc +++ b/apt-pkg/deb/debmetaindex.cc @@ -33,13 +33,13 @@ class APT_HIDDEN debReleaseIndexPrivate /*{{{*/ public: struct APT_HIDDEN debSectionEntry { - std::string sourcesEntry; - std::string Name; - std::vector<std::string> Targets; - std::vector<std::string> Architectures; - std::vector<std::string> Languages; - bool UsePDiffs; - std::string UseByHash; + std::string const sourcesEntry; + std::string const Name; + std::vector<std::string> const Targets; + std::vector<std::string> const Architectures; + std::vector<std::string> const Languages; + bool const UsePDiffs; + std::string const UseByHash; }; std::vector<debSectionEntry> DebEntries; @@ -153,7 +153,8 @@ static void GetIndexTargetsFor(char const * const Type, std::string const &URI, } DefKeepCompressedAs += "uncompressed"; } - std::string const NativeArch = _config->Find("APT::Architecture"); + + std::vector<std::string> const NativeArchs = { _config->Find("APT::Architecture"), "all" }; bool const GzipIndex = _config->FindB("Acquire::GzipIndexes", false); for (std::vector<debReleaseIndexPrivate::debSectionEntry>::const_iterator E = entries.begin(); E != entries.end(); ++E) { @@ -164,6 +165,7 @@ static void GetIndexTargetsFor(char const * const Type, std::string const &URI, std::string const tplMetaKey = APT_T_CONFIG_STR(flatArchive ? "flatMetaKey" : "MetaKey", ""); std::string const tplShortDesc = APT_T_CONFIG_STR("ShortDescription", ""); std::string const tplLongDesc = "$(SITE) " + APT_T_CONFIG_STR(flatArchive ? "flatDescription" : "Description", ""); + std::string const tplIdentifier = APT_T_CONFIG_STR("Identifier", *T); bool const IsOptional = APT_T_CONFIG_BOOL("Optional", true); bool const KeepCompressed = APT_T_CONFIG_BOOL("KeepCompressed", GzipIndex); bool const DefaultEnabled = APT_T_CONFIG_BOOL("DefaultEnabled", true); @@ -171,6 +173,7 @@ static void GetIndexTargetsFor(char const * const Type, std::string const &URI, std::string const UseByHash = APT_T_CONFIG_STR("By-Hash", E->UseByHash); std::string const CompressionTypes = APT_T_CONFIG_STR("CompressionTypes", DefCompressionTypes); std::string KeepCompressedAs = APT_T_CONFIG_STR("KeepCompressedAs", ""); + std::string const FallbackOf = APT_T_CONFIG_STR("Fallback-Of", ""); #undef APT_T_CONFIG_BOOL #undef APT_T_CONFIG_STR if (tplMetaKey.empty()) @@ -206,113 +209,125 @@ static void GetIndexTargetsFor(char const * const Type, std::string const &URI, for (std::vector<std::string>::const_iterator A = E->Architectures.begin(); A != E->Architectures.end(); ++A) { - // available in templates - std::map<std::string, std::string> Options; - Options.insert(std::make_pair("SITE", Site)); - Options.insert(std::make_pair("RELEASE", Release)); - if (tplMetaKey.find("$(COMPONENT)") != std::string::npos) - Options.insert(std::make_pair("COMPONENT", E->Name)); - if (tplMetaKey.find("$(LANGUAGE)") != std::string::npos) - Options.insert(std::make_pair("LANGUAGE", *L)); - if (tplMetaKey.find("$(ARCHITECTURE)") != std::string::npos) - Options.insert(std::make_pair("ARCHITECTURE", *A)); - else if (tplMetaKey.find("$(NATIVE_ARCHITECTURE)") != std::string::npos) - Options.insert(std::make_pair("ARCHITECTURE", NativeArch)); - if (tplMetaKey.find("$(NATIVE_ARCHITECTURE)") != std::string::npos) - Options.insert(std::make_pair("NATIVE_ARCHITECTURE", NativeArch)); - - std::string MetaKey = tplMetaKey; - std::string ShortDesc = tplShortDesc; - std::string LongDesc = tplLongDesc; - for (std::map<std::string, std::string>::const_iterator O = Options.begin(); O != Options.end(); ++O) + for (auto const &NativeArch: NativeArchs) { - MetaKey = SubstVar(MetaKey, std::string("$(") + O->first + ")", O->second); - ShortDesc = SubstVar(ShortDesc, std::string("$(") + O->first + ")", O->second); - LongDesc = SubstVar(LongDesc, std::string("$(") + O->first + ")", O->second); - } + constexpr static auto BreakPoint = "$(NATIVE_ARCHITECTURE)"; + // available in templates + std::map<std::string, std::string> Options; + Options.insert(std::make_pair("SITE", Site)); + Options.insert(std::make_pair("RELEASE", Release)); + if (tplMetaKey.find("$(COMPONENT)") != std::string::npos) + Options.insert(std::make_pair("COMPONENT", E->Name)); + if (tplMetaKey.find("$(LANGUAGE)") != std::string::npos) + Options.insert(std::make_pair("LANGUAGE", *L)); + if (tplMetaKey.find("$(ARCHITECTURE)") != std::string::npos) + Options.insert(std::make_pair("ARCHITECTURE", *A)); + else if (tplMetaKey.find("$(NATIVE_ARCHITECTURE)") != std::string::npos) + Options.insert(std::make_pair("ARCHITECTURE", NativeArch)); + if (tplMetaKey.find("$(NATIVE_ARCHITECTURE)") != std::string::npos) + Options.insert(std::make_pair("NATIVE_ARCHITECTURE", NativeArch)); + + std::string MetaKey = tplMetaKey; + std::string ShortDesc = tplShortDesc; + std::string LongDesc = tplLongDesc; + std::string Identifier = tplIdentifier; + for (std::map<std::string, std::string>::const_iterator O = Options.begin(); O != Options.end(); ++O) + { + std::string const varname = "$(" + O->first + ")"; + MetaKey = SubstVar(MetaKey, varname, O->second); + ShortDesc = SubstVar(ShortDesc, varname, O->second); + LongDesc = SubstVar(LongDesc, varname, O->second); + Identifier = SubstVar(Identifier, varname, O->second); + } - { - auto const dup = std::find_if(IndexTargets.begin(), IndexTargets.end(), [&](IndexTarget const &IT) { - return MetaKey == IT.MetaKey && baseURI == IT.Option(IndexTarget::BASE_URI) && - E->sourcesEntry == IT.Option(IndexTarget::SOURCESENTRY) && *T == IT.Option(IndexTarget::CREATED_BY); - }); - if (dup != IndexTargets.end()) { - if (tplMetaKey.find("$(ARCHITECTURE)") == std::string::npos) - break; - continue; + auto const dup = std::find_if(IndexTargets.begin(), IndexTargets.end(), [&](IndexTarget const &IT) { + return MetaKey == IT.MetaKey && baseURI == IT.Option(IndexTarget::BASE_URI) && + E->sourcesEntry == IT.Option(IndexTarget::SOURCESENTRY) && *T == IT.Option(IndexTarget::CREATED_BY); + }); + if (dup != IndexTargets.end()) + { + if (tplMetaKey.find(BreakPoint) == std::string::npos) + break; + continue; + } } - } - { - auto const dup = std::find_if(IndexTargets.begin(), IndexTargets.end(), [&](IndexTarget const &IT) { - return MetaKey == IT.MetaKey && baseURI == IT.Option(IndexTarget::BASE_URI) && - E->sourcesEntry == IT.Option(IndexTarget::SOURCESENTRY) && *T != IT.Option(IndexTarget::CREATED_BY); - }); - if (dup != IndexTargets.end()) { - std::string const dupT = dup->Option(IndexTarget::CREATED_BY); - std::string const dupEntry = dup->Option(IndexTarget::SOURCESENTRY); - //TRANSLATOR: an identifier like Packages; Releasefile key indicating - // a file like main/binary-amd64/Packages; another identifier like Contents; - // filename and linenumber of the sources.list entry currently parsed - _error->Warning(_("Target %s wants to acquire the same file (%s) as %s from source %s"), - T->c_str(), MetaKey.c_str(), dupT.c_str(), dupEntry.c_str()); - if (tplMetaKey.find("$(ARCHITECTURE)") == std::string::npos) - break; - continue; + auto const dup = std::find_if(IndexTargets.begin(), IndexTargets.end(), [&](IndexTarget const &IT) { + return MetaKey == IT.MetaKey && baseURI == IT.Option(IndexTarget::BASE_URI) && + E->sourcesEntry == IT.Option(IndexTarget::SOURCESENTRY) && *T != IT.Option(IndexTarget::CREATED_BY); + }); + if (dup != IndexTargets.end()) + { + std::string const dupT = dup->Option(IndexTarget::CREATED_BY); + std::string const dupEntry = dup->Option(IndexTarget::SOURCESENTRY); + //TRANSLATOR: an identifier like Packages; Releasefile key indicating + // a file like main/binary-amd64/Packages; another identifier like Contents; + // filename and linenumber of the sources.list entry currently parsed + _error->Warning(_("Target %s wants to acquire the same file (%s) as %s from source %s"), + T->c_str(), MetaKey.c_str(), dupT.c_str(), dupEntry.c_str()); + if (tplMetaKey.find(BreakPoint) == std::string::npos) + break; + continue; + } } - } - { - auto const dup = std::find_if(IndexTargets.begin(), IndexTargets.end(), [&](IndexTarget const &T) { - return MetaKey == T.MetaKey && baseURI == T.Option(IndexTarget::BASE_URI) && - E->sourcesEntry != T.Option(IndexTarget::SOURCESENTRY); - }); - if (dup != IndexTargets.end()) { - std::string const dupEntry = dup->Option(IndexTarget::SOURCESENTRY); - //TRANSLATOR: an identifier like Packages; Releasefile key indicating - // a file like main/binary-amd64/Packages; filename and linenumber of - // two sources.list entries - _error->Warning(_("Target %s (%s) is configured multiple times in %s and %s"), - T->c_str(), MetaKey.c_str(), dupEntry.c_str(), E->sourcesEntry.c_str()); - if (tplMetaKey.find("$(ARCHITECTURE)") == std::string::npos) - break; - continue; + auto const dup = std::find_if(IndexTargets.begin(), IndexTargets.end(), [&](IndexTarget const &T) { + return MetaKey == T.MetaKey && baseURI == T.Option(IndexTarget::BASE_URI) && + E->sourcesEntry != T.Option(IndexTarget::SOURCESENTRY); + }); + if (dup != IndexTargets.end()) + { + std::string const dupEntry = dup->Option(IndexTarget::SOURCESENTRY); + //TRANSLATOR: an identifier like Packages; Releasefile key indicating + // a file like main/binary-amd64/Packages; filename and linenumber of + // two sources.list entries + _error->Warning(_("Target %s (%s) is configured multiple times in %s and %s"), + T->c_str(), MetaKey.c_str(), dupEntry.c_str(), E->sourcesEntry.c_str()); + if (tplMetaKey.find(BreakPoint) == std::string::npos) + break; + continue; + } } - } - // not available in templates, but in the indextarget - Options.insert(std::make_pair("BASE_URI", baseURI)); - Options.insert(std::make_pair("REPO_URI", URI)); - Options.insert(std::make_pair("TARGET_OF", Type)); - Options.insert(std::make_pair("CREATED_BY", *T)); - Options.insert(std::make_pair("PDIFFS", UsePDiffs ? "yes" : "no")); - Options.insert(std::make_pair("BY_HASH", UseByHash)); - Options.insert(std::make_pair("DEFAULTENABLED", DefaultEnabled ? "yes" : "no")); - Options.insert(std::make_pair("COMPRESSIONTYPES", CompressionTypes)); - Options.insert(std::make_pair("KEEPCOMPRESSEDAS", KeepCompressedAs)); - Options.insert(std::make_pair("SOURCESENTRY", E->sourcesEntry)); - - bool IsOpt = IsOptional; - if (IsOpt == false) - { - auto const arch = Options.find("ARCHITECTURE"); - if (arch != Options.end() && arch->second == "all") - IsOpt = true; - } + // not available in templates, but in the indextarget + Options.insert(std::make_pair("BASE_URI", baseURI)); + Options.insert(std::make_pair("REPO_URI", URI)); + Options.insert(std::make_pair("IDENTIFIER", Identifier)); + Options.insert(std::make_pair("TARGET_OF", Type)); + Options.insert(std::make_pair("CREATED_BY", *T)); + Options.insert(std::make_pair("FALLBACK_OF", FallbackOf)); + Options.insert(std::make_pair("PDIFFS", UsePDiffs ? "yes" : "no")); + Options.insert(std::make_pair("BY_HASH", UseByHash)); + Options.insert(std::make_pair("DEFAULTENABLED", DefaultEnabled ? "yes" : "no")); + Options.insert(std::make_pair("COMPRESSIONTYPES", CompressionTypes)); + Options.insert(std::make_pair("KEEPCOMPRESSEDAS", KeepCompressedAs)); + Options.insert(std::make_pair("SOURCESENTRY", E->sourcesEntry)); + + bool IsOpt = IsOptional; + if (IsOpt == false) + { + auto const arch = Options.find("ARCHITECTURE"); + if (arch != Options.end() && arch->second == "all") + IsOpt = true; + } - IndexTarget Target( - MetaKey, - ShortDesc, - LongDesc, - Options.find("BASE_URI")->second + MetaKey, - IsOpt, - KeepCompressed, - Options - ); - IndexTargets.push_back(Target); + IndexTarget Target( + MetaKey, + ShortDesc, + LongDesc, + Options.find("BASE_URI")->second + MetaKey, + IsOpt, + KeepCompressed, + Options + ); + IndexTargets.push_back(Target); + + if (tplMetaKey.find(BreakPoint) == std::string::npos) + break; + } if (tplMetaKey.find("$(ARCHITECTURE)") == std::string::npos) break; @@ -601,16 +616,15 @@ bool debReleaseIndex::parseSumData(const char *&Start, const char *End, /*{{{*/ bool debReleaseIndex::GetIndexes(pkgAcquire *Owner, bool const &GetAll)/*{{{*/ { - std::vector<IndexTarget> const targets = GetIndexTargets(); #define APT_TARGET(X) IndexTarget("", X, MetaIndexInfo(X), MetaIndexURI(X), false, false, std::map<std::string,std::string>()) pkgAcqMetaClearSig * const TransactionManager = new pkgAcqMetaClearSig(Owner, - APT_TARGET("InRelease"), APT_TARGET("Release"), APT_TARGET("Release.gpg"), - targets, this); + APT_TARGET("InRelease"), APT_TARGET("Release"), APT_TARGET("Release.gpg"), this); #undef APT_TARGET // special case for --print-uris if (GetAll) - for (auto const &Target: targets) - new pkgAcqIndex(Owner, TransactionManager, Target); + for (auto const &Target: GetIndexTargets()) + if (Target.Option(IndexTarget::FALLBACK_OF).empty()) + new pkgAcqIndex(Owner, TransactionManager, Target); return true; } @@ -936,12 +950,40 @@ class APT_HIDDEN debSLTypeDebian : public pkgSourceList::Type /*{{{*/ std::map<std::string, std::string>::const_iterator const opt = Options.find(target); if (opt == Options.end()) continue; - auto const tarItr = std::find(mytargets.begin(), mytargets.end(), target); - bool const optValue = StringToBool(opt->second); - if (optValue == true && tarItr == mytargets.end()) - mytargets.push_back(target); - else if (optValue == false && tarItr != mytargets.end()) - mytargets.erase(std::remove(mytargets.begin(), mytargets.end(), target), mytargets.end()); + auto const idMatch = [&](std::string const &t) { + return target == _config->Find(std::string("Acquire::IndexTargets::") + Name + "::" + t + "::Identifier", t); + }; + if (StringToBool(opt->second)) + std::copy_if(alltargets.begin(), alltargets.end(), std::back_inserter(mytargets), idMatch); + else + mytargets.erase(std::remove_if(mytargets.begin(), mytargets.end(), idMatch), mytargets.end()); + } + // if we can't order it in a 1000 steps we give up… probably a cycle + for (auto i = 0; i < 1000; ++i) + { + bool Changed = false; + for (auto t = mytargets.begin(); t != mytargets.end(); ++t) + { + std::string const fallback = _config->Find(std::string("Acquire::IndexTargets::") + Name + "::" + *t + "::Fallback-Of"); + if (fallback.empty()) + continue; + auto const faller = std::find(mytargets.begin(), mytargets.end(), fallback); + if (faller == mytargets.end() || faller < t) + continue; + Changed = true; + auto const tv = *t; + mytargets.erase(t); + mytargets.emplace_back(tv); + } + if (Changed == false) + break; + } + // remove duplicates without changing the order (in first appearance) + { + std::set<std::string> seenOnce; + mytargets.erase(std::remove_if(mytargets.begin(), mytargets.end(), [&](std::string const &t) { + return seenOnce.insert(t).second == false; + }), mytargets.end()); } bool UsePDiffs = _config->FindB("Acquire::PDiffs", true); diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc index 834cb0e25..76a81bb33 100644 --- a/apt-pkg/deb/dpkgpm.cc +++ b/apt-pkg/deb/dpkgpm.cc @@ -1501,6 +1501,13 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress) _exit(100); } + // if color support isn't enabled/disabled explicitly tell + // dpkg to use the same state apt is using for its color support + if (_config->FindB("APT::Color", false) == true) + setenv("DPKG_COLORS", "always", 0); + else + setenv("DPKG_COLORS", "never", 0); + execvp(Args[0], (char**) &Args[0]); cerr << "Could not exec dpkg!" << endl; _exit(100); diff --git a/apt-pkg/edsp.cc b/apt-pkg/edsp.cc index 610f9379e..77928379f 100644 --- a/apt-pkg/edsp.cc +++ b/apt-pkg/edsp.cc @@ -176,6 +176,24 @@ static void WriteScenarioLimitedDependency(FILE* output, fprintf(output, "Provides: %s\n", provides.c_str()+2); } /*}}}*/ +static bool SkipUnavailableVersions(pkgDepCache &Cache, pkgCache::PkgIterator const &Pkg, pkgCache::VerIterator const &Ver)/*{{{*/ +{ + /* versions which aren't current and aren't available in + any "online" source file are bad, expect if they are the choosen + candidate: The exception is for build-dep implementation as it creates + such pseudo (package) versions and removes them later on again. + We filter out versions at all so packages in 'rc' state only available + in dpkg/status aren't passed to solvers as they can't be installed. */ + if (Pkg->CurrentVer != 0) + return false; + if (Cache.GetCandidateVersion(Pkg) == Ver) + return false; + for (pkgCache::VerFileIterator I = Ver.FileList(); I.end() == false; ++I) + if (I.File().Flagged(pkgCache::Flag::NotSource) == false) + return false; + return true; +} + /*}}}*/ // EDSP::WriteScenario - to the given file descriptor /*{{{*/ bool EDSP::WriteScenario(pkgDepCache &Cache, FILE* output, OpProgress *Progress) { @@ -190,6 +208,8 @@ bool EDSP::WriteScenario(pkgDepCache &Cache, FILE* output, OpProgress *Progress) continue; for (pkgCache::VerIterator Ver = Pkg.VersionList(); Ver.end() == false; ++Ver, ++p) { + if (SkipUnavailableVersions(Cache, Pkg, Ver)) + continue; WriteScenarioVersion(Cache, output, Pkg, Ver); WriteScenarioDependency(output, Ver); fprintf(output, "\n"); @@ -211,6 +231,8 @@ bool EDSP::WriteLimitedScenario(pkgDepCache &Cache, FILE* output, for (APT::PackageSet::const_iterator Pkg = pkgset.begin(); Pkg != pkgset.end(); ++Pkg, ++p) for (pkgCache::VerIterator Ver = Pkg.VersionList(); Ver.end() == false; ++Ver) { + if (SkipUnavailableVersions(Cache, Pkg, Ver)) + continue; WriteScenarioVersion(Cache, output, Pkg, Ver); WriteScenarioLimitedDependency(output, Ver, pkgset); fprintf(output, "\n"); diff --git a/apt-pkg/indexfile.cc b/apt-pkg/indexfile.cc index a777c38ac..7ded0101b 100644 --- a/apt-pkg/indexfile.cc +++ b/apt-pkg/indexfile.cc @@ -137,8 +137,10 @@ std::string IndexTarget::Option(OptionKeys const EnumKey) const /*{{{*/ APT_CASE(ARCHITECTURE); APT_CASE(BASE_URI); APT_CASE(REPO_URI); + APT_CASE(IDENTIFIER); APT_CASE(TARGET_OF); APT_CASE(CREATED_BY); + APT_CASE(FALLBACK_OF); APT_CASE(PDIFFS); APT_CASE(DEFAULTENABLED); APT_CASE(COMPRESSIONTYPES); diff --git a/apt-pkg/indexfile.h b/apt-pkg/indexfile.h index 5c666671c..76a3d069e 100644 --- a/apt-pkg/indexfile.h +++ b/apt-pkg/indexfile.h @@ -91,6 +91,8 @@ class IndexTarget /*{{{*/ SOURCESENTRY, BY_HASH, KEEPCOMPRESSEDAS, + FALLBACK_OF, + IDENTIFIER, }; std::string Option(OptionKeys const Key) const; bool OptionBool(OptionKeys const Key) const; diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in index 3ed2a70ce..b309142cf 100644 --- a/cmdline/apt-key.in +++ b/cmdline/apt-key.in @@ -493,8 +493,21 @@ create_gpg_home() { } prepare_gpg_home() { + # crude detection if we are called from a maintainerscript where the + # package depends on gnupg or not. We accept recommends here as + # well as the script hopefully uses apt-key optionally then like e.g. + # debian-archive-keyring for (upgrade) cleanup did + if [ -n "$DPKG_MAINTSCRIPT_PACKAGE" ]; then + if ! dpkg-query --show --showformat '${Pre-Depends}${Depends}${Recommends}\n' "$DPKG_MAINTSCRIPT_PACKAGE" 2>/dev/null | grep -q gnupg; then + cat >&2 <<EOF +Warning: The $DPKG_MAINTSCRIPT_NAME maintainerscript of the package $DPKG_MAINTSCRIPT_PACKAGE +Warning: seems to use apt-key (provided by apt) without depending on gnupg or gnupg2. +Warning: This will BREAK in the future and should be fixed by the package maintainer(s). +Note: Check first if apt-key functionality is needed at all - it probably isn't! +EOF + fi + fi eval "$(apt-config shell GPG_EXE Apt::Key::gpgcommand)" - if [ -n "$GPG_EXE" ] && command_available "$GPG_EXE"; then true elif command_available 'gpg'; then diff --git a/debian/apt-doc.docs b/debian/apt-doc.docs index df9701123..d59100e8d 100644 --- a/debian/apt-doc.docs +++ b/debian/apt-doc.docs @@ -1,2 +1,3 @@ README.progress-reporting doc/external-dependency-solver-protocol.txt +doc/acquire-additional-files.txt diff --git a/debian/control b/debian/control index 319aea118..313208ac4 100644 --- a/debian/control +++ b/debian/control @@ -18,9 +18,10 @@ Testsuite: autopkgtest Package: apt Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, ${apt:keyring}, gpgv | gpgv2, gnupg | gnupg2, adduser +Depends: ${shlibs:Depends}, ${misc:Depends}, ${apt:keyring}, gpgv | gpgv2, adduser Replaces: manpages-pl (<< 20060617-3~), manpages-it (<< 2.80-4~), sun-java6-jdk (>> 0), sun-java5-jdk (>> 0), openjdk-6-jdk (<< 6b24-1.11-0ubuntu1~), bash-completion (<< 1:2.1-4.2+fakesync1) Breaks: manpages-pl (<< 20060617-3~), manpages-it (<< 2.80-4~), sun-java6-jdk (>> 0), sun-java5-jdk (>> 0), openjdk-6-jdk (<< 6b24-1.11-0ubuntu1~), apt-utils (<< 1.1.3) +Recommends: gnupg | gnupg2 Suggests: aptitude | synaptic | wajig, dpkg-dev (>= 1.17.2), apt-doc, python-apt Description: commandline package manager This package provides commandline tools for searching and diff --git a/doc/acquire-additional-files.txt b/doc/acquire-additional-files.txt index 68af9a5b0..c9bea068f 100644 --- a/doc/acquire-additional-files.txt +++ b/doc/acquire-additional-files.txt @@ -46,10 +46,11 @@ multiple types! After the type you can pick any valid and unique string which preferable refers to the file it downloads (In the example we picked 'Packages'). -This string is used as identifier for the target class and accessible as -'Created-By' e.g. in the "apt-get indextargets" output as detailed -below. It is also used to allow user to enable/disable targets per -sources.list entry. +This string is used as identifier (if not explicitly set otherwise) for +the target class and accessible as 'Identifier' and 'Created-By' e.g. +in the "apt-get indextargets" output as detailed below. The identifier +is also used to allow user to enable/disable targets per sources.list +entry. All targets have three main properties you can define: * MetaKey: The identifier of the file to be downloaded as used in the @@ -71,6 +72,12 @@ All targets have three main properties you can define: Additional optional properties: +* Identifier: The default value is the unique string identifying this + file (in the example above it was 'Packages') also accessible as + Created-By. The difference is that using this property multiple files + can be subsumed under one identifier e.g. if you configure multiple + possible locations for the files (with Fallback-Of), but the front-end + doesn't need to handle files from the different locations differently. * DefaultEnabled: The default value is 'yes' which means that apt will try to acquire this target from all sources. If set to 'no' the user has to explicitly enable this target in the sources.list file with the @@ -90,6 +97,11 @@ Additional optional properties: have to ensure your front-end can deal with all compressed fileformats supported by apt (libapt users can e.g. use FileFd, others can use the cat-file command of /usr/lib/apt/apt-helper). +* Fallback-Of: Is by default not set. If it is set and specifies another + target name (see Created-By) which was found in the Release file the + download of this target will be skipped. This can be used to implement + fallback(chain)s to allow transitions like the rename of target files. + The behavior if cycles are formed with Fallback-Of is undefined! * flat{MetaKey,Description}: APT supports two types of repositories: dists-style repositories which are the default and by far the most common which are named after the fact that the files are in an @@ -202,13 +214,13 @@ own output style. The variables are what you see in the output, just all uppercase and wrapped in $(), as in the configuration file. To get all the filenames of all Translation-en files you can e.g. call: - apt-get indextargets --format '$(FILENAME)' "Created-By: Translations" "Language: en" + apt-get indextargets --format '$(FILENAME)' "Identifier: Translations" "Language: en" -The line-based filtering and the formating is rather crude and feature- +The line-based filtering and the formatting is rather crude and feature- less by design: The default format is Debians standard format deb822 (in particular: Field names are case-insensitive and the order of fields in the stanza is undefined), so instead of apt reimplementing powerful -filters and formating for this command, it is recommend to use piping +filters and formatting for this command, it is recommend to use piping and dedicated tools like 'grep-dctrl' if you need more than the basics provided. @@ -241,6 +253,9 @@ Remarks on fields only available in (default) --release-info mode: Remarks on other available fields: * MetaKey, ShortDesc, Description, Site, Release: as defined by the configuration and described further above. +* Identifier: Defaults to the value of Created-By, but can be set + explicitly in the configuration (see above). Prefer this field over + Created-By to subsume multiple file(location)s (see Fallback-Of). * Created-By: configuration entity responsible for this target * Target-Of: type of the sources.list entry * URI, Repo-URI: avoid using. Contains potentially username/password. diff --git a/doc/apt-get.8.xml b/doc/apt-get.8.xml index 60fa46f97..a667a81da 100644 --- a/doc/apt-get.8.xml +++ b/doc/apt-get.8.xml @@ -249,8 +249,8 @@ working with APT to get information as well as filenames for downloaded files so they can use them as well instead of downloading them again on their own. Detailed documentation is - omitted here and can instead be found in the source tree in - <literal><filename>doc/acquire-additional-files.txt</filename></literal>. + omitted here and can instead be found in the file + &apt-acquire-additional-files; shipped by the <package>apt-doc</package> package. </para> </listitem> </varlistentry> diff --git a/doc/apt-verbatim.ent b/doc/apt-verbatim.ent index b4cc66dbd..9781ea2a6 100644 --- a/doc/apt-verbatim.ent +++ b/doc/apt-verbatim.ent @@ -196,6 +196,8 @@ </citerefentry>" > +<!ENTITY apt-acquire-additional-files "<literal><filename>/usr/share/doc/apt-doc/acquire-additional-files.txt</filename></literal>"> + <!-- Boiler plate docinfo section --> <!ENTITY apt-email " <address> diff --git a/doc/sources.list.5.xml b/doc/sources.list.5.xml index e8d88921d..f327e365b 100644 --- a/doc/sources.list.5.xml +++ b/doc/sources.list.5.xml @@ -222,10 +222,12 @@ deb-src [ option1=value1 option2=value2 ] uri suite [component1] [component2] [. (<option>target</option>) is a multivalue option defining which download targets apt will try to acquire from this source. If not specified, the default set is defined by the - <option>Acquire::IndexTargets</option> configuration scope. - Additionally, specific targets can be enabled or disabled by - using the identifier as field name instead of using this - multivalue option. + <option>Acquire::IndexTargets</option> configuration scope + (targets are specified by their name in the + <literal>Created-By</literal> field). + Additionally, targets can be enabled or disabled by using the + <literal>Identifier</literal> field as an option with a boolean + value instead of using this multivalue option. </para></listitem> <listitem><para><option>PDiffs</option> (<option>pdiffs</option>) @@ -501,8 +503,7 @@ Components: main contrib </refsect1> <refsect1><title>See Also</title> - <para>&apt-get;, &apt-conf; - </para> + <para>&apt-get;, &apt-conf;, &apt-acquire-additional-files;</para> </refsect1> &manbugs; diff --git a/methods/gpgv.cc b/methods/gpgv.cc index b9fb09a8f..dd395d659 100644 --- a/methods/gpgv.cc +++ b/methods/gpgv.cc @@ -173,6 +173,7 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, std::vector<std::string> ErrSigners; size_t buffersize = 0; char *buffer = NULL; + bool gotNODATA = false; while (1) { if (getline(&buffer, &buffersize, pipein) == -1) @@ -194,8 +195,8 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, ErrSigners.erase(std::remove_if(ErrSigners.begin(), ErrSigners.end(), [&](std::string const &errsig) { return errsig.compare(strlen("ERRSIG "), 16, buffer, sizeof(GNUPGNOPUBKEY), 16) == 0; }), ErrSigners.end()); } - else if (strncmp(buffer, GNUPGNODATA, sizeof(GNUPGBADSIG)-1) == 0) - PushEntryWithUID(BadSigners, buffer, Debug); + else if (strncmp(buffer, GNUPGNODATA, sizeof(GNUPGNODATA)-1) == 0) + gotNODATA = true; else if (strncmp(buffer, GNUPGEXPKEYSIG, sizeof(GNUPGEXPKEYSIG)-1) == 0) PushEntryWithUID(WorthlessSigners, buffer, Debug); else if (strncmp(buffer, GNUPGEXPSIG, sizeof(GNUPGEXPSIG)-1) == 0) @@ -293,10 +294,26 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, std::for_each(SoonWorthlessSigners.begin(), SoonWorthlessSigners.end(), [](Signer const &sig) { std::cerr << sig.key << ", "; }); std::cerr << std::endl << " NoPubKey: "; std::copy(NoPubKeySigners.begin(), NoPubKeySigners.end(), std::ostream_iterator<std::string>(std::cerr, ", ")); - std::cerr << std::endl; + std::cerr << std::endl << " NODATA: " << (gotNODATA ? "yes" : "no") << std::endl; } - if (WEXITSTATUS(status) == 0) + if (WEXITSTATUS(status) == 112) + { + // acquire system checks for "NODATA" to generate GPG errors (the others are only warnings) + std::string errmsg; + //TRANSLATORS: %s is a single techy word like 'NODATA' + strprintf(errmsg, _("Clearsigned file isn't valid, got '%s' (does the network require authentication?)"), "NODATA"); + return errmsg; + } + else if (gotNODATA) + { + // acquire system checks for "NODATA" to generate GPG errors (the others are only warnings) + std::string errmsg; + //TRANSLATORS: %s is a single techy word like 'NODATA' + strprintf(errmsg, _("Signed file isn't valid, got '%s' (does the network require authentication?)"), "NODATA"); + return errmsg; + } + else if (WEXITSTATUS(status) == 0) { if (keyIsID) { @@ -316,14 +333,6 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, return _("At least one invalid signature was encountered."); else if (WEXITSTATUS(status) == 111) return _("Could not execute 'apt-key' to verify signature (is gnupg installed?)"); - else if (WEXITSTATUS(status) == 112) - { - // acquire system checks for "NODATA" to generate GPG errors (the others are only warnings) - std::string errmsg; - //TRANSLATORS: %s is a single techy word like 'NODATA' - strprintf(errmsg, _("Clearsigned file isn't valid, got '%s' (does the network require authentication?)"), "NODATA"); - return errmsg; - } else return _("Unknown error executing apt-key"); } diff --git a/test/integration/framework b/test/integration/framework index 7eaa36415..ea577c04e 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -421,6 +421,9 @@ EOF echo 'Acquire::gpgv::Options { "--weak-digest"; "sha1"; };' > rootdir/etc/apt/apt.conf.d/no-sha1 fi + # most tests just need one signed Release file, not both + export APT_DONT_SIGN='Release.gpg' + msgdone "info" } @@ -1134,11 +1137,21 @@ signreleasefiles() { fi local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo ${APT_TESTS_DIGEST_ALGO:-SHA512}" for RELEASE in $(find "${REPODIR}/" -name Release); do - testsuccess $GPG "$@" $SIGUSERS --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}" - local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')" - testsuccess $GPG "$@" $SIGUSERS --clearsign --output "$INRELEASE" "$RELEASE" # we might have set a specific date for the Release file, so copy it - touch -d "$(stat --format "%y" ${RELEASE})" "${RELEASE}.gpg" "${INRELEASE}" + local DATE="$(stat --format "%y" "${RELEASE}")" + if [ "$APT_DONT_SIGN" = 'Release.gpg' ]; then + rm -f "${RELEASE}.gpg" + else + testsuccess $GPG "$@" $SIGUSERS --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}" + touch -d "$DATE" "${RELEASE}.gpg" + fi + local INRELEASE="${RELEASE%/*}/InRelease" + if [ "$APT_DONT_SIGN" = 'InRelease' ]; then + rm -f "$INRELEASE" + else + testsuccess $GPG "$@" $SIGUSERS --clearsign --output "$INRELEASE" "$RELEASE" + touch -d "$DATE" "${INRELEASE}" + fi done if [ -f "$SECEXPIREBAK" ] && [ -f "$PUBEXPIREBAK" ]; then mv -f "$SECEXPIREBAK" "${REXKEY}.sec" @@ -1684,8 +1697,9 @@ testfailure() { local EXITCODE=$? if expr match "$1" '^apt.*' >/dev/null; then if [ "$1" = 'aptkey' ]; then - if grep -q -E " Can't check signature: " "$OUTPUT" || \ - grep -q -E " BAD signature from " "$OUTPUT"; then + if grep -q " Can't check signature: + BAD signature from + signature could not be verified" "$OUTPUT"; then msgpass else msgfailoutput "run failed with exitcode ${EXITCODE}, but no signature error" "$OUTPUT" "$@" diff --git a/test/integration/test-apt-acquire-additional-files b/test/integration/test-apt-acquire-additional-files index afeeadd4f..ff04b6346 100755 --- a/test/integration/test-apt-acquire-additional-files +++ b/test/integration/test-apt-acquire-additional-files @@ -51,15 +51,15 @@ readfile() { done } -testequal "$(readfile Contents-amd64 Contents-all)" aptget indextargets --no-release-info --format '$(FILENAME)' 'Created-By: Contents' -testempty aptget indextargets --format '$(FILENAME)' 'Created-By: Contents' +testequal "$(readfile Contents-amd64 Contents-all)" aptget indextargets --no-release-info --format '$(FILENAME)' 'Identifier: Contents' +testempty aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' # lets fake the existence of a compressed Contents file touch "./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.gz" chmod 644 "./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.gz" -testequal "$(readfile Contents-amd64.gz)" aptget indextargets --format '$(FILENAME)' 'Created-By: Contents' +testequal "$(readfile Contents-amd64.gz)" aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' touch "./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.gz" chmod 644 "./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.gz" -testequal "$(readfile Contents-amd64.gz Contents-all.gz)" aptget indextargets --format '$(FILENAME)' 'Created-By: Contents' +testequal "$(readfile Contents-amd64.gz Contents-all.gz)" aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' testequal "'http://localhost:${APTHTTPPORT}/dists/unstable/InRelease' localhost:${APTHTTPPORT}_dists_unstable_InRelease 0 'http://localhost:${APTHTTPPORT}/dists/unstable/main/source/Sources.xz' localhost:${APTHTTPPORT}_dists_unstable_main_source_Sources 0 @@ -72,7 +72,7 @@ testequal "'http://localhost:${APTHTTPPORT}/dists/unstable/InRelease' localhost: # apt believes the Contents files we faked are good testsuccessequal "Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease Reading package lists..." aptget update -testequal "$(readfile Contents-amd64.gz Contents-all.gz)" aptget indextargets --format '$(FILENAME)' 'Created-By: Contents' +testequal "$(readfile Contents-amd64.gz Contents-all.gz)" aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' find rootdir/var/lib/apt/lists -name '*Contents*' -delete @@ -91,13 +91,13 @@ Reading package lists..." aptget update testequal "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64" find rootdir/var/lib/apt/lists -name '*Contents-amd64*' testequal "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all" find rootdir/var/lib/apt/lists -name '*Contents-all*' -testequal "$(readfile Contents-amd64 Contents-all)" aptget indextargets --format '$(FILENAME)' 'Created-By: Contents' +testequal "$(readfile Contents-amd64 Contents-all)" aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' testsuccess cmp "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64" 'aptarchive/dists/unstable/main/Contents-amd64' testsuccess cmp "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all" 'aptarchive/dists/unstable/main/Contents-all' rm ./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64 \ ./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all -testempty aptget indextargets --format '$(FILENAME)' 'Created-By: Contents' +testempty aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' # if we asked for keeping it compressed, keep it msgmsg "Normal Contents file with KeepCompressed" @@ -109,13 +109,13 @@ Reading package lists..." aptget update testequal "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.$LOWCOSTEXT" find rootdir/var/lib/apt/lists -name '*Contents-amd64*' testequal "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.$LOWCOSTEXT" find rootdir/var/lib/apt/lists -name '*Contents-all*' -testequal "$(readfile Contents-amd64.$LOWCOSTEXT Contents-all.$LOWCOSTEXT)" aptget indextargets --format '$(FILENAME)' 'Created-By: Contents' +testequal "$(readfile Contents-amd64.$LOWCOSTEXT Contents-all.$LOWCOSTEXT)" aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' testequal "$(apthelper cat-file rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.$LOWCOSTEXT)" apthelper cat-file 'aptarchive/dists/unstable/main/Contents-amd64.gz' testequal "$(apthelper cat-file rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.$LOWCOSTEXT)" apthelper cat-file 'aptarchive/dists/unstable/main/Contents-all.gz' rm ./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.$LOWCOSTEXT rm ./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.$LOWCOSTEXT -testempty aptget indextargets --format '$(FILENAME)' 'Created-By: Contents' +testempty aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' msgmsg "Compressed Contents file" # and no automatic uncompress based on the name please, @@ -128,8 +128,9 @@ Acquire::IndexTargets::deb::Contents { }; EOF -# the last line is utter bogus of course, but how should apt know… -testequal "'http://localhost:${APTHTTPPORT}/dists/unstable/InRelease' localhost:${APTHTTPPORT}_dists_unstable_InRelease 0 +runthistest() { + # the last lines are utter bogus of course, but how should apt know… + testequal "'http://localhost:${APTHTTPPORT}/dists/unstable/InRelease' localhost:${APTHTTPPORT}_dists_unstable_InRelease 0 'http://localhost:${APTHTTPPORT}/dists/unstable/main/source/Sources.xz' localhost:${APTHTTPPORT}_dists_unstable_main_source_Sources 0 'http://localhost:${APTHTTPPORT}/dists/unstable/main/binary-amd64/Packages.xz' localhost:${APTHTTPPORT}_dists_unstable_main_binary-amd64_Packages 0 'http://localhost:${APTHTTPPORT}/dists/unstable/main/binary-all/Packages.xz' localhost:${APTHTTPPORT}_dists_unstable_main_binary-all_Packages 0 @@ -137,17 +138,82 @@ testequal "'http://localhost:${APTHTTPPORT}/dists/unstable/InRelease' localhost: 'http://localhost:${APTHTTPPORT}/dists/unstable/main/Contents-amd64.gz.xz' localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.gz 0 'http://localhost:${APTHTTPPORT}/dists/unstable/main/Contents-all.gz.xz' localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.gz 0 " aptget update --print-uris -testsuccessequal "Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease + testsuccessequal "Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease Get:2 http://localhost:${APTHTTPPORT} unstable/main amd64 Contents.gz [$(stat -c%s aptarchive/dists/unstable/main/Contents-amd64.gz) B] Get:3 http://localhost:${APTHTTPPORT} unstable/main all Contents.gz [$(stat -c%s aptarchive/dists/unstable/main/Contents-all.gz) B] Reading package lists..." aptget update -testequal "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.gz" find rootdir/var/lib/apt/lists -name '*Contents-amd64*' -testequal "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.gz" find rootdir/var/lib/apt/lists -name '*Contents-all*' -testequal "$(readfile Contents-amd64.gz Contents-all.gz)" aptget indextargets --format '$(FILENAME)' 'Created-By: Contents' -testsuccess cmp "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.gz" 'aptarchive/dists/unstable/main/Contents-amd64.gz' -testsuccess cmp "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.gz" 'aptarchive/dists/unstable/main/Contents-all.gz' + testequal "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.gz" find rootdir/var/lib/apt/lists -name '*Contents-amd64*' + testequal "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.gz" find rootdir/var/lib/apt/lists -name '*Contents-all*' + testequal "$(readfile Contents-amd64.gz Contents-all.gz)" aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' + testsuccess cmp "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.gz" 'aptarchive/dists/unstable/main/Contents-amd64.gz' + testsuccess cmp "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.gz" 'aptarchive/dists/unstable/main/Contents-all.gz' +} +runthistest + +msgmsg "Compressed Contents file from native architecture" +echo 'Acquire::IndexTargets::deb::Contents::MetaKey "$(COMPONENT)/Contents-$(NATIVE_ARCHITECTURE).gz";' >> rootdir/etc/apt/apt.conf.d/content-target.conf +rm ./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.gz +rm ./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.gz +testempty aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' +runthistest + +msgmsg "Contents with 3 MetaKeys, first match" +rm ./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64.gz +rm ./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all.gz +testempty aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' +cat > rootdir/etc/apt/apt.conf.d/content-target.conf <<EOF +Acquire::IndexTargets::deb::Contents3 { + MetaKey "main/Contents-all"; + ShortDescription "Contents3"; + Description "\$(RELEASE) all Contents3"; + Fallback-Of "Contents2"; + Identifier "Contents"; +}; +Acquire::IndexTargets::deb::Contents { + MetaKey "\$(COMPONENT)/Contents-amd64"; + ShortDescription "Contents"; + Description "\$(RELEASE)/\$(COMPONENT) amd64 Contents"; +}; +Acquire::IndexTargets::deb::Contents2 { + MetaKey "Contents-all"; + ShortDescription "Contents2"; + Description "\$(RELEASE) all Contents2"; + Fallback-Of "Contents"; + Identifier "Contents"; +}; +EOF +testequal "'http://localhost:${APTHTTPPORT}/dists/unstable/InRelease' localhost:${APTHTTPPORT}_dists_unstable_InRelease 0 +'http://localhost:${APTHTTPPORT}/dists/unstable/main/source/Sources.xz' localhost:${APTHTTPPORT}_dists_unstable_main_source_Sources 0 +'http://localhost:${APTHTTPPORT}/dists/unstable/main/binary-amd64/Packages.xz' localhost:${APTHTTPPORT}_dists_unstable_main_binary-amd64_Packages 0 +'http://localhost:${APTHTTPPORT}/dists/unstable/main/binary-all/Packages.xz' localhost:${APTHTTPPORT}_dists_unstable_main_binary-all_Packages 0 +'http://localhost:${APTHTTPPORT}/dists/unstable/main/i18n/Translation-en.xz' localhost:${APTHTTPPORT}_dists_unstable_main_i18n_Translation-en 0 +'http://localhost:${APTHTTPPORT}/dists/unstable/main/Contents-amd64.xz' localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64 0 " aptget update --print-uris +testsuccessequal "Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease +Get:2 http://localhost:${APTHTTPPORT} unstable/main amd64 Contents [$(stat -c%s aptarchive/dists/unstable/main/Contents-amd64.gz) B] +Reading package lists..." aptget update +testequal "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64" find rootdir/var/lib/apt/lists -name '*Contents*' +testequal "$(readfile Contents-amd64)" aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' +testsuccess cmp "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64" 'aptarchive/dists/unstable/main/Contents-amd64' + +msgmsg "Contents with 3 MetaKeys, third match" +rm ./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-amd64 +testempty aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' +echo 'Acquire::IndexTargets::deb::Contents::MetaKey "$(COMPONENT)/Contents-i386";' >> rootdir/etc/apt/apt.conf.d/content-target.conf +testequal "'http://localhost:${APTHTTPPORT}/dists/unstable/InRelease' localhost:${APTHTTPPORT}_dists_unstable_InRelease 0 +'http://localhost:${APTHTTPPORT}/dists/unstable/main/source/Sources.xz' localhost:${APTHTTPPORT}_dists_unstable_main_source_Sources 0 +'http://localhost:${APTHTTPPORT}/dists/unstable/main/binary-amd64/Packages.xz' localhost:${APTHTTPPORT}_dists_unstable_main_binary-amd64_Packages 0 +'http://localhost:${APTHTTPPORT}/dists/unstable/main/binary-all/Packages.xz' localhost:${APTHTTPPORT}_dists_unstable_main_binary-all_Packages 0 +'http://localhost:${APTHTTPPORT}/dists/unstable/main/i18n/Translation-en.xz' localhost:${APTHTTPPORT}_dists_unstable_main_i18n_Translation-en 0 +'http://localhost:${APTHTTPPORT}/dists/unstable/main/Contents-i386.xz' localhost:${APTHTTPPORT}_dists_unstable_main_Contents-i386 0 " aptget update --print-uris +testsuccessequal "Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease +Get:2 http://localhost:${APTHTTPPORT} unstable all Contents3 [$(stat -c%s aptarchive/dists/unstable/main/Contents-all.gz) B] +Reading package lists..." aptget update +testequal "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all" find rootdir/var/lib/apt/lists -name '*Contents*' +testequal "$(readfile Contents-all)" aptget indextargets --format '$(FILENAME)' 'Identifier: Contents' +testsuccess cmp "rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all" 'aptarchive/dists/unstable/main/Contents-all' +rm ./rootdir/var/lib/apt/lists/localhost:${APTHTTPPORT}_dists_unstable_main_Contents-all rm -f rootdir/etc/apt/apt.conf.d/content-target.conf msgmsg "No Contents file" diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key index ddb9bf9d2..666136098 100755 --- a/test/integration/test-apt-key +++ b/test/integration/test-apt-key @@ -179,10 +179,14 @@ gpg: unchanged: 1' aptkey --fakeroot update cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg msgtest 'Test signing a file' 'with a key' echo 'Verify me. This is my signature.' > signature + echo 'lalalalala' > signature2 testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \ adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature testsuccess test -s signature.gpg -a -s signature + msgtest 'Test verify a file' 'with no sig' + testfailure --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature signature2 + for GPGV in '' 'gpgv' 'gpgv2'; do echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd @@ -210,7 +214,6 @@ gpg: unchanged: 1' aptkey --fakeroot update testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature msgtest 'Test verify fails on' 'bad file' - echo 'lalalalala' > signature2 testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2 done rm -f rootdir/etc/apt/apt.conf.d/00gpgvcmd @@ -257,7 +260,6 @@ gpg: unchanged: 1' aptkey --fakeroot update testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature msgtest 'Test verify fails on' 'bad doublesigned file' - echo 'lalalalala' > signature2 testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2 done rm -f rootdir/etc/apt/apt.conf.d/00gpgvcmd diff --git a/test/integration/test-apt-key-used-in-maintainerscript b/test/integration/test-apt-key-used-in-maintainerscript new file mode 100755 index 000000000..e5e96963f --- /dev/null +++ b/test/integration/test-apt-key-used-in-maintainerscript @@ -0,0 +1,34 @@ +#!/bin/sh +set -e + +TESTDIR="$(readlink -f "$(dirname "$0")")" +. "$TESTDIR/framework" + +setupenvironment +configarchitecture 'native' +configdpkgnoopchroot + +buildingpkg() { + local PKG="$1" + shift + setupsimplenativepackage "$PKG" 'native' '1' 'unstable' "$@" + BUILDDIR="incoming/${PKG}-1" + echo '#!/bin/sh +apt-key list' > "${BUILDDIR}/debian/postinst" + buildpackage "$BUILDDIR" 'unstable' 'main' 'native' + rm -rf "$BUILDDIR" +} +buildingpkg 'aptkeyuser-nodepends' 'Depends: unrelated' +buildingpkg 'aptkeyuser-depends' 'Depends: gnupg' + +setupaptarchive + +insertinstalledpackage 'unrelated' 'native' '1' +insertinstalledpackage 'gnupg' 'native' '1' + +testsuccess apt install aptkeyuser-depends -y +testfailure grep '^Warning: This will BREAK' rootdir/tmp/testsuccess.output + +testsuccess apt install aptkeyuser-nodepends -y +cp rootdir/tmp/testsuccess.output apt.output +testsuccess grep '^Warning: This will BREAK' apt.output diff --git a/test/integration/test-apt-update-expected-size b/test/integration/test-apt-update-expected-size index ee0eae981..f7b825d98 100755 --- a/test/integration/test-apt-update-expected-size +++ b/test/integration/test-apt-update-expected-size @@ -10,6 +10,7 @@ configcompression '.' 'gz' insertpackage 'unstable' 'apt' 'i386' '1.0' +export APT_DONT_SIGN='' setupaptarchive --no-update cp -a aptarchive/dists aptarchive/dists.good diff --git a/test/integration/test-apt-update-ims b/test/integration/test-apt-update-ims index 9635d8dd6..e1ffd5240 100755 --- a/test/integration/test-apt-update-ims +++ b/test/integration/test-apt-update-ims @@ -10,6 +10,7 @@ insertpackage 'unstable' 'unrelated' 'all' '0.5~squeeze1' insertpackage 'unstable' 'unrelated2' 'amd64' '0.5~squeeze1' insertsource 'unstable' 'unrelated' 'all' '0.5~squeeze1' +export APT_DONT_SIGN="" setupaptarchive --no-update changetowebserver diff --git a/test/integration/test-apt-update-nofallback b/test/integration/test-apt-update-nofallback index d9166eefd..c8a008214 100755 --- a/test/integration/test-apt-update-nofallback +++ b/test/integration/test-apt-update-nofallback @@ -9,8 +9,7 @@ set -e simulate_mitm_and_inject_evil_package() { redatereleasefiles '+1 hour' - rm -f "$APTARCHIVE/dists/unstable/InRelease" - rm -f "$APTARCHIVE/dists/unstable/Release.gpg" + rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg" inject_evil_package } @@ -59,7 +58,7 @@ setupaptarchive_with_lists_clean() test_from_inrelease_to_unsigned() { - # setup archive with InRelease file + export APT_DONT_SIGN='Release.gpg' setupaptarchive_with_lists_clean testsuccess aptget update listcurrentlistsdirectory > lists.before @@ -71,9 +70,8 @@ test_from_inrelease_to_unsigned() test_from_release_gpg_to_unsigned() { - # setup archive with Release/Release.gpg (but no InRelease) + export APT_DONT_SIGN='InRelease' setupaptarchive_with_lists_clean - rm "$APTARCHIVE/dists/unstable/InRelease" testsuccess aptget update listcurrentlistsdirectory > lists.before @@ -84,6 +82,7 @@ test_from_release_gpg_to_unsigned() test_from_inrelease_to_unsigned_with_override() { + export APT_DONT_SIGN='Release.gpg' # setup archive with InRelease file setupaptarchive_with_lists_clean testsuccess aptget update @@ -120,17 +119,16 @@ test_cve_2012_0214() # # Still worth having a regression test the simulates the condition - # setup archive with InRelease + export APT_DONT_SIGN='Release.gpg' setupaptarchive_with_lists_clean testsuccess aptget update listcurrentlistsdirectory > lists.before # do what CVE-2012-0214 did - rm "$APTARCHIVE/dists/unstable/InRelease" - rm "$APTARCHIVE/dists/unstable/Release.gpg" + rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg" inject_evil_package # build valid Release file - aptftparchive -qq release ./aptarchive > aptarchive/dists/unstable/Release + aptftparchive -qq release ./aptarchive > aptarchive/dists/unstable/Release assert_update_is_refused_and_last_good_state_used testfileequal lists.before "$(listcurrentlistsdirectory)" @@ -141,7 +139,7 @@ test_cve_2012_0214() test_subvert_inrelease() { - # setup archive with InRelease + export APT_DONT_SIGN='Release.gpg' setupaptarchive_with_lists_clean testsuccess aptget update listcurrentlistsdirectory > lists.before @@ -159,7 +157,7 @@ E: Some index files failed to download. They have been ignored, or old ones used test_inrelease_to_invalid_inrelease() { - # setup archive with InRelease + export APT_DONT_SIGN='Release.gpg' setupaptarchive_with_lists_clean testsuccess aptget update listcurrentlistsdirectory > lists.before @@ -180,9 +178,8 @@ W: Some index files failed to download. They have been ignored, or old ones used test_release_gpg_to_invalid_release_release_gpg() { - # setup archive with InRelease + export APT_DONT_SIGN='InRelease' setupaptarchive_with_lists_clean - rm "$APTARCHIVE/dists/unstable/InRelease" testsuccess aptget update listcurrentlistsdirectory > lists.before diff --git a/test/integration/test-apt-update-not-modified b/test/integration/test-apt-update-not-modified index c81a05b2c..a164a213d 100755 --- a/test/integration/test-apt-update-not-modified +++ b/test/integration/test-apt-update-not-modified @@ -10,6 +10,7 @@ confighashes 'SHA256' insertpackage 'unstable' 'apt' 'amd64,i386' '1.0' +export APT_DONT_SIGN='' setupaptarchive --no-update methodtest() { diff --git a/test/integration/test-apt-update-rollback b/test/integration/test-apt-update-rollback index d343baeae..643798bec 100755 --- a/test/integration/test-apt-update-rollback +++ b/test/integration/test-apt-update-rollback @@ -82,8 +82,7 @@ test_inrelease_to_valid_release() { add_new_package '+1hour' # switch to a unsigned repo now - rm "$APTARCHIVE/dists/unstable/InRelease" - rm "$APTARCHIVE/dists/unstable/Release.gpg" + rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg" # update fails testfailureequal "E: The repository 'file:${APTARCHIVE} unstable Release' is no longer signed." aptget update -qq @@ -102,8 +101,7 @@ test_inrelease_to_release_reverts_all() { # switch to a unsigned repo now add_new_package '+1hour' - rm "$APTARCHIVE/dists/unstable/InRelease" - rm "$APTARCHIVE/dists/unstable/Release.gpg" + rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg" # break it break_repository_sources_index '+1hour' @@ -122,8 +120,7 @@ test_inrelease_to_release_reverts_all() { test_unauthenticated_to_invalid_inrelease() { msgmsg 'Test UnAuthenticated to invalid InRelease reverts everything' create_fresh_archive - rm "$APTARCHIVE/dists/unstable/InRelease" - rm "$APTARCHIVE/dists/unstable/Release.gpg" + rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg" testwarning aptget update --allow-insecure-repositories listcurrentlistsdirectory > lists.before @@ -191,9 +188,8 @@ TESTDIR="$(readlink -f "$(dirname "$0")")" setupenvironment configarchitecture "i386" +export APT_DONT_SIGN='Release.gpg' -# setup the archive and ensure we have a single package that installs fine -setupaptarchive APTARCHIVE="$(readlink -f ./aptarchive)" ROOTDIR="${TMPWORKINGDIRECTORY}/rootdir" APTARCHIVE_LISTS="$(echo "$APTARCHIVE" | tr "/" "_" )" diff --git a/test/integration/test-bug-633350-do-not-kill-last-char-in-Release b/test/integration/test-bug-633350-do-not-kill-last-char-in-Release index c0802e8b5..d7dd261f6 100755 --- a/test/integration/test-bug-633350-do-not-kill-last-char-in-Release +++ b/test/integration/test-bug-633350-do-not-kill-last-char-in-Release @@ -8,20 +8,9 @@ configarchitecture 'amd64' insertpackage 'unstable' 'cool' 'amd64' '1.0' +export APT_DONT_SIGN='InRelease' setupaptarchive --no-update echo 'NotAutomatic: yes' >> aptarchive/dists/unstable/Release - signreleasefiles -find aptarchive/dists -name 'InRelease' -delete - -rm -rf rootdir/var/lib/apt/lists - -OUTPUT="$(aptget update 2>&1)" -msgtest 'Check that parsing happens without warnings' 'with missing newline' -if echo "${OUTPUT}" | grep '^W:' > /dev/null; then - msgfail - echo "${OUTPUT}" -else - msgpass -fi +testsuccess aptget update diff --git a/test/integration/test-handle-redirect-as-used-mirror-change b/test/integration/test-handle-redirect-as-used-mirror-change index e9370930a..2f6431e66 100755 --- a/test/integration/test-handle-redirect-as-used-mirror-change +++ b/test/integration/test-handle-redirect-as-used-mirror-change @@ -9,6 +9,7 @@ configcompression '.' 'gz' buildsimplenativepackage 'unrelated' 'all' '0.5~squeeze1' 'unstable' +export APT_DONT_SIGN='' setupaptarchive --no-update changetowebserver webserverconfig 'aptwebserver::redirect::replace::/redirectme/' "http://0.0.0.0:${APTHTTPPORT}/" @@ -37,3 +38,27 @@ Location: http://0.0.0.0:${APTHTTPPORT}/dists/unstable/InRelease Location: http://0.0.0.0:${APTHTTPPORT}/dists/unstable/main/source/Sources.gz Location: http://0.0.0.0:${APTHTTPPORT}/dists/unstable/main/binary-all/Packages.gz Location: http://0.0.0.0:${APTHTTPPORT}/dists/unstable/main/i18n/Translation-en.gz" grep '^Location:' aptarchive/webserver.log + +cd downloaded +testsuccess apthelper download-file "http://localhost:${APTHTTPPORT}/redirectme/dists/unstable/InRelease" inrelease +testsuccess test -s inrelease +cd - >/dev/null + +find aptarchive -name 'InRelease' -delete +rm -rf rootdir/var/lib/apt/lists + +testsuccessequal "Ign:1 http://0.0.0.0:${APTHTTPPORT} unstable InRelease + 404 Not Found +Get:2 http://0.0.0.0:${APTHTTPPORT} unstable Release [$(stat -c %s aptarchive/dists/unstable/Release) B] +Get:3 http://0.0.0.0:${APTHTTPPORT} unstable Release.gpg [$(stat -c %s aptarchive/dists/unstable/Release.gpg) B] +Get:4 http://0.0.0.0:${APTHTTPPORT} unstable/main Sources [$(stat -c %s aptarchive/dists/unstable/main/source/Sources.gz) B] +Get:5 http://0.0.0.0:${APTHTTPPORT} unstable/main all Packages [$(stat -c %s aptarchive/dists/unstable/main/binary-all/Packages.gz) B] +Get:6 http://0.0.0.0:${APTHTTPPORT} unstable/main Translation-en [$(stat -c %s aptarchive/dists/unstable/main/i18n/Translation-en.gz) B] +Reading package lists..." aptget update + +testsuccessequal "Ign:1 http://0.0.0.0:${APTHTTPPORT} unstable InRelease + 404 Not Found +Hit:2 http://0.0.0.0:${APTHTTPPORT} unstable Release +Reading package lists..." aptget update + + diff --git a/test/integration/test-hashsum-verification b/test/integration/test-hashsum-verification index a31be6bcb..a514b85e2 100755 --- a/test/integration/test-hashsum-verification +++ b/test/integration/test-hashsum-verification @@ -44,19 +44,14 @@ SHA256: xb306e66e5e6a7169c8d281a888539d1fdca9cecc99ae605717df579d5b9c166 527 Packages.lzma x9585d0e66b74c9385727fbea11fea9ab33c716b18a32f3036f037a2b9b57120 572 Packages.xz EOF - cp aptarchive/Release aptarchive/InRelease } -# fake our downloadable file -touch aptarchive/apt.deb - PKGFILE="${TESTDIR}/$(echo "$(basename $0)" | sed 's#^test-#Packages-#')" runtest() { prepare "${PKGFILE}" rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete # test signed release file msgtest 'apt-get update gets the expected hashsum mismatch' @@ -65,12 +60,12 @@ runtest() { msgtest 'No package from the source available' testfailureequal --nomsg 'N: Unable to locate package apt E: No packages found' aptcache show apt - msgtest 'No Packages file in /var/lib/apt/lists' - [ "$(ls rootdir/var/lib/apt/lists/*Package* 2>/dev/null | grep -v FAILED 2>/dev/null)" = "" ] && msgpass || msgfail - + msgtest 'No Packages file in /var/lib/apt/lists' + testempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*Package*' + # now with the unsigned Release file rm -rf rootdir/var/lib/apt/lists - rm aptarchive/InRelease aptarchive/Release.gpg + rm -f aptarchive/InRelease aptarchive/Release.gpg msgtest 'unsigned apt-get update gets the expected hashsum mismatch' testfailure --nomsg aptget update --allow-insecure-repositories testsuccess grep "Hash Sum mismatch" rootdir/tmp/testfailure.output @@ -83,6 +78,5 @@ for COMPRESSEDINDEXES in 'false' 'true'; do else msgmsg 'Run tests with GzipIndexes disabled' fi - runtest done diff --git a/test/integration/test-releasefile-date-older b/test/integration/test-releasefile-date-older index 2d6746b10..e38ddc3c5 100755 --- a/test/integration/test-releasefile-date-older +++ b/test/integration/test-releasefile-date-older @@ -26,40 +26,43 @@ testsuccess aptget update testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)" msgmsg 'Release.gpg file is silently rejected if' 'new Date is before old Date' +export APT_DONT_SIGN='InRelease' rm -rf rootdir/var/lib/apt/lists generatereleasefiles 'now' 'now + 7 days' signreleasefiles -find aptarchive -name 'InRelease' -delete testsuccess aptget update listcurrentlistsdirectory > listsdir.lst redatereleasefiles 'now - 2 days' -find aptarchive -name 'InRelease' -delete testsuccess aptget update testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)" +unset APT_DONT_SIGN msgmsg 'Crisscross InRelease/Release.gpg file is silently rejected if' 'new Date is before old Date' +export APT_DONT_SIGN='Release.gpg' rm -rf rootdir/var/lib/apt/lists generatereleasefiles 'now' 'now + 7 days' signreleasefiles -find aptarchive -name 'Release.gpg' -delete testsuccess aptget update +export APT_DONT_SIGN='InRelease' listcurrentlistsdirectory > listsdir.lst redatereleasefiles 'now - 2 days' -find aptarchive -name 'InRelease' -delete testsuccess aptget update testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)" +unset APT_DONT_SIGN msgmsg 'Crisscross Release.gpg/InRelease file is silently rejected if' 'new Date is before old Date' +export APT_DONT_SIGN='InRelease' rm -rf rootdir/var/lib/apt/lists generatereleasefiles 'now' 'now + 7 days' signreleasefiles find aptarchive -name 'InRelease' -delete testsuccess aptget update +export APT_DONT_SIGN='Release.gpg' listcurrentlistsdirectory > listsdir.lst redatereleasefiles 'now - 2 days' -find aptarchive -name 'Release.gpg' -delete testsuccess aptget update testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)" +unset APT_DONT_SIGN msgmsg 'Release file has' 'no Date and no Valid-Until field' rm -rf rootdir/var/lib/apt/lists diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index 24e7830aa..217319cab 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -7,6 +7,7 @@ TESTDIR="$(readlink -f "$(dirname "$0")")" setupenvironment configarchitecture "i386" +export APT_DONT_SIGN='Release.gpg' buildaptarchive setupflataptarchive changetowebserver @@ -99,12 +100,10 @@ updatewithwarnings() { } runtest() { - local DELETEFILE="$1" msgmsg 'Cold archive signed by' 'Joe Sixpack' prepare "${PKGFILE}" rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete successfulaptgetupdate testsuccessequal "$(cat "${PKGFILE}") " aptcache show apt @@ -113,7 +112,6 @@ runtest() { msgmsg 'Good warm archive signed by' 'Joe Sixpack' prepare "${PKGFILE}-new" signreleasefiles 'Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete successfulaptgetupdate testsuccessequal "$(cat "${PKGFILE}-new") " aptcache show apt @@ -124,7 +122,6 @@ runtest() { rm -rf rootdir/var/lib/apt/lists cp keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg signreleasefiles 'Rex Expired' - find aptarchive/ -name "$DELETEFILE" -delete updatewithwarnings '^W: .* EXPKEYSIG' testsuccessequal "$(cat "${PKGFILE}") " aptcache show apt @@ -144,7 +141,6 @@ runtest() { prepare "${PKGFILE}" rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' 'aptarchive' --faked-system-time "20070924T154812" --default-sig-expire 2016-04-01 - find aptarchive/ -name "$DELETEFILE" -delete updatewithwarnings '^W: .* EXPSIG' testsuccessequal "$(cat "${PKGFILE}") " aptcache show apt @@ -158,7 +154,6 @@ runtest() { prepare "${PKGFILE}" rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack,Marvin Paranoid' - find aptarchive/ -name "$DELETEFILE" -delete successfulaptgetupdate 'NO_PUBKEY' testsuccessequal "$(cat "${PKGFILE}") " aptcache show apt @@ -168,7 +163,6 @@ runtest() { prepare "${PKGFILE}" rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack,Rex Expired' - find aptarchive/ -name "$DELETEFILE" -delete cp keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg successfulaptgetupdate 'EXPKEYSIG' rm -f rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg @@ -180,7 +174,6 @@ runtest() { prepare "${PKGFILE}" rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Marvin Paranoid' - find aptarchive/ -name "$DELETEFILE" -delete updatewithwarnings '^W: .* NO_PUBKEY' testsuccessequal "$(cat "${PKGFILE}") " aptcache show apt @@ -189,7 +182,6 @@ runtest() { msgmsg 'Bad warm archive signed by' 'Joe Sixpack' prepare "${PKGFILE}-new" signreleasefiles 'Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete successfulaptgetupdate testsuccessequal "$(cat "${PKGFILE}-new") " aptcache show apt @@ -199,7 +191,6 @@ runtest() { prepare "${PKGFILE}" rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete successfulaptgetupdate testsuccessequal "$(cat "${PKGFILE}") " aptcache show apt @@ -208,7 +199,6 @@ runtest() { msgmsg 'Good warm archive signed by' 'Marvin Paranoid' prepare "${PKGFILE}-new" signreleasefiles 'Marvin Paranoid' - find aptarchive/ -name "$DELETEFILE" -delete updatewithwarnings '^W: .* NO_PUBKEY' testsuccessequal "$(cat "${PKGFILE}") " aptcache show apt @@ -218,7 +208,6 @@ runtest() { prepare "${PKGFILE}-new" cp keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg signreleasefiles 'Rex Expired' - find aptarchive/ -name "$DELETEFILE" -delete updatewithwarnings '^W: .* EXPKEYSIG' testsuccessequal "$(cat "${PKGFILE}") " aptcache show apt @@ -228,7 +217,6 @@ runtest() { msgmsg 'Good warm archive signed by' 'Joe Sixpack' prepare "${PKGFILE}-new" signreleasefiles - find aptarchive/ -name "$DELETEFILE" -delete successfulaptgetupdate testsuccessequal "$(cat "${PKGFILE}-new") " aptcache show apt @@ -238,7 +226,6 @@ runtest() { prepare "${PKGFILE}" rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Marvin Paranoid' - find aptarchive/ -name "$DELETEFILE" -delete local MARVIN="$(readlink -f keys/marvinparanoid.pub)" sed -i "s#^\(deb\(-src\)\?\) #\1 [signed-by=$MARVIN] #" rootdir/etc/apt/sources.list.d/* successfulaptgetupdate @@ -249,7 +236,6 @@ runtest() { msgmsg 'Cold archive signed by bad keyring' 'Joe Sixpack' rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete updatewithwarnings '^W: .* NO_PUBKEY' sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 #" rootdir/etc/apt/sources.list.d/* @@ -257,14 +243,12 @@ runtest() { msgmsg 'Cold archive signed by bad keyid' 'Joe Sixpack' rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete sed -i "s#^\(deb\(-src\)\?\) #\1 [signed-by=$MARVIN] #" rootdir/etc/apt/sources.list.d/* updatewithwarnings '^W: .* be verified because the public key is not available: .*' msgmsg 'Cold archive signed by good keyid' 'Marvin Paranoid' rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Marvin Paranoid' - find aptarchive/ -name "$DELETEFILE" -delete cp keys/marvinparanoid.pub rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg successfulaptgetupdate testsuccessequal "$(cat "${PKGFILE}") @@ -274,7 +258,6 @@ runtest() { msgmsg 'Cold archive signed by good keyid' 'Marvin Paranoid,Joe Sixpack' rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Marvin Paranoid,Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete successfulaptgetupdate 'NoPubKey: GOODSIG' testsuccessequal "$(cat "${PKGFILE}") " aptcache show apt @@ -284,7 +267,6 @@ runtest() { msgmsg 'Cold archive signed by good keyids' 'Joe Sixpack' rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 [signed-by=${SIXPACK},${MARVIN}] #" rootdir/etc/apt/sources.list.d/* successfulaptgetupdate testsuccessequal "$(cat "${PKGFILE}") @@ -306,7 +288,6 @@ runtest() { cp -a rootdir/var/lib/apt/lists rootdir/var/lib/apt/lists-bak prepare "${PKGFILE}-new" signreleasefiles 'Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete msgmsg 'Warm archive with signed-by' 'Joe Sixpack' sed -i "/^Valid-Until: / a\ @@ -364,8 +345,7 @@ runtest2() { # package verification. msgmsg 'Warm archive signed by' 'nobody' prepare "${PKGFILE}-new" - find aptarchive/ -name InRelease -delete - find aptarchive/ -name Release.gpg -delete + find aptarchive/ \( -name InRelease -o -name Release.gpg \) -delete updatewithwarnings 'W: .* no longer signed.' testsuccessequal "$(cat "${PKGFILE}-new") " aptcache show apt @@ -386,8 +366,10 @@ runtest3() { runtest2 for DELETEFILE in 'InRelease' 'Release.gpg'; do + export APT_DONT_SIGN="$DELETEFILE" msgmsg "Running test with deletion of $DELETEFILE and $1 digest" - runtest "$DELETEFILE" + runtest + export APT_DONT_SIGN='Release.gpg' done } @@ -422,11 +404,11 @@ msgmsg "Running test with apt-untrusted digest" echo "APT::Hashes::$APT_TESTS_DIGEST_ALGO::Untrusted \"yes\";" > rootdir/etc/apt/apt.conf.d/truststate runfailure() { for DELETEFILE in 'InRelease' 'Release.gpg'; do + export APT_DONT_SIGN="$DELETEFILE" msgmsg 'Cold archive signed by' 'Joe Sixpack' prepare "${PKGFILE}" rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' - find aptarchive/ -name "$DELETEFILE" -delete testfailure aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1 testsuccess grep 'The following signatures were invalid' rootdir/tmp/testfailure.output testnopackage 'apt' @@ -437,13 +419,13 @@ runfailure() { prepare "${PKGFILE}" rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Marvin Paranoid' - find aptarchive/ -name "$DELETEFILE" -delete testfailure aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1 testnopackage 'apt' updatewithwarnings '^W: .* NO_PUBKEY' testsuccessequal "$(cat "${PKGFILE}") " aptcache show apt failaptold + export APT_DONT_SIGN='Release.gpg' done } runfailure diff --git a/test/integration/test-sourceslist-lang-plusminus-options b/test/integration/test-sourceslist-lang-plusminus-options index 3f4ea953a..abdb64793 100755 --- a/test/integration/test-sourceslist-lang-plusminus-options +++ b/test/integration/test-sourceslist-lang-plusminus-options @@ -11,7 +11,7 @@ testlangs() { local LANGS="$2" shift 2 rm -f gotlangs.list - aptget indextargets --no-release-info 'Created-By: Translations' "$@" --format '$(LANGUAGE)' | sort -u > gotlangs.list + aptget indextargets --no-release-info 'Identifier: Translations' "$@" --format '$(LANGUAGE)' | sort -u > gotlangs.list if [ -z "$LANGS" ]; then echo -n | tr ',' '\n' | sort | checkdiff - gotlangs.list && msgpass || msgfail else @@ -45,7 +45,7 @@ testlangs 'lang=de_DE' 'de_DE' echo 'deb [lang=none] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list testlangs 'lang=none' '' testequal 'amd64 -all' aptget indextargets --no-release-info 'Created-By: Packages' --format '$(ARCHITECTURE)' +all' aptget indextargets --no-release-info 'Identifier: Packages' --format '$(ARCHITECTURE)' echo 'deb [lang+=pt] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list testlangs 'lang+=pt' 'en,de,de_DE,pt' diff --git a/test/integration/test-sourceslist-target-plusminus-options b/test/integration/test-sourceslist-target-plusminus-options index 8197f068d..e4ce8e282 100755 --- a/test/integration/test-sourceslist-target-plusminus-options +++ b/test/integration/test-sourceslist-target-plusminus-options @@ -27,10 +27,17 @@ Acquire::IndexTargets::deb::Contents { ShortDescription "Contents"; Description "\$(RELEASE)/\$(COMPONENT) \$(ARCHITECTURE) Contents"; }; +Acquire::IndexTargets::deb::Contents2 { + MetaKey "Contents-\$(ARCHITECTURE)"; + ShortDescription "Contents2"; + Description "\$(RELEASE) \$(ARCHITECTURE) Contents2"; + Fallback-Of "Contents"; + Identifier "Contents"; +}; EOF echo 'deb http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'default + Contents' 'Packages' 'Translations' 'Contents' +testtargets 'default + Contents' 'Packages' 'Translations' 'Contents' 'Contents2' echo 'deb [target=Packages] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list testtargets 'force Packages target' 'Packages' @@ -42,38 +49,40 @@ echo 'deb [target=Translations,Contents] http://example.org/debian stable rocks' testtargets 'force two targets' 'Contents' 'Translations' echo 'deb [target+=Translations,Contents] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'add existing' 'Packages' 'Contents' 'Translations' +testtargets 'add existing' 'Packages' 'Contents' 'Translations' 'Contents2' echo 'deb [target+=AppStream] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'add non-existing' 'Packages' 'Contents' 'Translations' +testtargets 'add non-existing' 'Packages' 'Contents' 'Translations' 'Contents2' echo 'deb [target-=Translations,Contents] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'remove existing' 'Packages' +testtargets 'remove existing' 'Packages' 'Contents2' echo 'deb [target-=AppStream] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'remove non-existing' 'Packages' 'Contents' 'Translations' +testtargets 'remove non-existing' 'Packages' 'Contents' 'Translations' 'Contents2' echo 'deb [AppStream=yes] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'activate non-existing' 'Packages' 'Contents' 'Translations' +testtargets 'activate non-existing' 'Packages' 'Contents' 'Translations' 'Contents2' echo 'deb [AppStream=no] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'deactivate non-existing' 'Packages' 'Contents' 'Translations' +testtargets 'deactivate non-existing' 'Packages' 'Contents' 'Translations' 'Contents2' echo 'deb [Contents=yes] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'activate existing' 'Packages' 'Contents' 'Translations' +testtargets 'activate existing' 'Packages' 'Contents' 'Contents2' 'Translations' echo 'deb [Contents=no] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list testtargets 'deactivate existing' 'Packages' 'Translations' echo 'deb [target=Packages Contents=yes] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'explicit + activate' 'Packages' 'Contents' +testtargets 'explicit + activate' 'Packages' 'Contents' 'Contents2' +echo 'deb [Contents=yes,target+=Contents] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list +testtargets 'duplications are okay' 'Packages' 'Translations' 'Contents' 'Contents2' -msgmsg 'Contents NOT as a default target' +msgmsg 'Contents NOT as a default target (but Contents2)' echo 'Acquire::IndexTargets::deb::Contents::DefaultEnabled "no";' > rootdir/etc/apt/apt.conf.d/content-target-notdefault.conf echo 'deb http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'default + Contents' 'Packages' 'Translations' +testtargets 'default + Contents' 'Packages' 'Translations' 'Contents2' echo 'deb [target=Packages] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list testtargets 'force Packages target' 'Packages' @@ -85,28 +94,31 @@ echo 'deb [target=Translations,Contents] http://example.org/debian stable rocks' testtargets 'force two targets' 'Contents' 'Translations' echo 'deb [target+=Translations,Contents] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'add existing' 'Packages' 'Contents' 'Translations' +testtargets 'add existing' 'Packages' 'Contents' 'Translations' 'Contents2' echo 'deb [target+=AppStream] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'add non-existing' 'Packages' 'Translations' +testtargets 'add non-existing' 'Packages' 'Translations' 'Contents2' echo 'deb [target-=Translations,Contents] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'remove existing' 'Packages' +testtargets 'remove existing' 'Packages' 'Contents2' echo 'deb [target-=AppStream] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'remove non-existing' 'Packages' 'Translations' +testtargets 'remove non-existing' 'Packages' 'Translations' 'Contents2' echo 'deb [AppStream=yes] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'activate non-existing' 'Packages' 'Translations' +testtargets 'activate non-existing' 'Packages' 'Translations' 'Contents2' echo 'deb [AppStream=no] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'deactivate non-existing' 'Packages' 'Translations' +testtargets 'deactivate non-existing' 'Packages' 'Translations' 'Contents2' echo 'deb [Contents=yes] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'activate existing' 'Packages' 'Contents' 'Translations' +testtargets 'activate existing' 'Packages' 'Contents' 'Contents2' 'Translations' echo 'deb [Contents=no] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list testtargets 'deactivate existing' 'Packages' 'Translations' echo 'deb [target=Packages Contents=yes] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list -testtargets 'explicit + activate' 'Packages' 'Contents' +testtargets 'explicit + activate' 'Packages' 'Contents' 'Contents2' + +echo 'deb [Contents=yes,target+=Contents] http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list +testtargets 'duplications are okay' 'Packages' 'Translations' 'Contents' 'Contents2' diff --git a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall index 07c13434c..a756b5df2 100755 --- a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall +++ b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall @@ -13,7 +13,7 @@ insertsource 'unstable' 'unrelated' 'all' '1.0' 'stable' echo 'ni ni ni' > aptarchive/knights setupaptarchive -changetowebserver -o 'aptwebserver::overwrite::.*::filename=/knights' +changetowebserver -o 'aptwebserver::overwrite::.*InRelease::filename=/knights' -o 'aptwebserver::overwrite::.*::filename=/knights' msgtest 'Acquire test file from the webserver to check' 'overwrite' if downloadfile http://localhost:${APTHTTPPORT}/holygrail ./knights-talking >/dev/null; then @@ -34,34 +34,39 @@ ensure_n_canary_strings_in_dir() { test "$N" = "$EXPECTED_N" && msgpass || msgfail "Expected $EXPECTED_N canaries, got $N" } -LISTS='rootdir/var/lib/apt/lists' -rm -rf rootdir/var/lib/apt/lists -testfailure aptget update -testsuccess grep '^E:.*Clearsigned file .*NOSPLIT.*' rootdir/tmp/testfailure.output +runtests() { + LISTS='rootdir/var/lib/apt/lists' + rm -rf "$LISTS" + testfailure aptget update + testsuccess grep "$1" rootdir/tmp/testfailure.output -ensure_n_canary_strings_in_dir "$LISTS" 'ni ni ni' 0 -testequal 'lock + ensure_n_canary_strings_in_dir "$LISTS" 'ni ni ni' 0 + testequal 'lock partial' ls "$LISTS" -# and again with pre-existing files with "valid data" which should remain -for f in Release Release.gpg main_binary-amd64_Packages main_source_Sources; do - echo 'peng neee-wom' > "$LISTS/localhost:${APTHTTPPORT}_dists_stable_${f}" - chmod 644 "$LISTS/localhost:${APTHTTPPORT}_dists_stable_${f}" -done + # and again with pre-existing files with "valid data" which should remain + for f in Release Release.gpg main_binary-amd64_Packages main_source_Sources; do + echo 'peng neee-wom' > "$LISTS/localhost:${APTHTTPPORT}_dists_stable_${f}" + chmod 644 "$LISTS/localhost:${APTHTTPPORT}_dists_stable_${f}" + done -testfailure aptget update -testsuccess grep '^E:.*Clearsigned file .*NOSPLIT.*' rootdir/tmp/testfailure.output + testfailure aptget update + testsuccess grep "$1" rootdir/tmp/testfailure.output -ensure_n_canary_strings_in_dir "$LISTS" 'peng neee-wom' 4 -ensure_n_canary_strings_in_dir "$LISTS" 'ni ni ni' 0 + ensure_n_canary_strings_in_dir "$LISTS" 'peng neee-wom' 4 + ensure_n_canary_strings_in_dir "$LISTS" 'ni ni ni' 0 -# and now with a pre-existing InRelease file -echo 'peng neee-wom' > "$LISTS/localhost:${APTHTTPPORT}_dists_stable_InRelease" -chmod 644 "$LISTS/localhost:${APTHTTPPORT}_dists_stable_InRelease" -rm -f "$LISTS/localhost:${APTHTTPPORT}_dists_stable_Release" "$LISTS/localhost:${APTHTTPPORT}_dists_stable_Release.gpg" -msgtest 'excpected failure of' 'apt-get update' -testfailure aptget update -testsuccess grep '^E:.*Clearsigned file .*NOSPLIT.*' rootdir/tmp/testfailure.output + # and now with a pre-existing InRelease file + echo 'peng neee-wom' > "$LISTS/localhost:${APTHTTPPORT}_dists_stable_InRelease" + chmod 644 "$LISTS/localhost:${APTHTTPPORT}_dists_stable_InRelease" + rm -f "$LISTS/localhost:${APTHTTPPORT}_dists_stable_Release" "$LISTS/localhost:${APTHTTPPORT}_dists_stable_Release.gpg" + msgtest 'excpected failure of' 'apt-get update' + testfailure aptget update + testsuccess grep "$1" rootdir/tmp/testfailure.output -ensure_n_canary_strings_in_dir "$LISTS" 'peng neee-wom' 3 -ensure_n_canary_strings_in_dir "$LISTS" 'ni ni ni' 0 + ensure_n_canary_strings_in_dir "$LISTS" 'peng neee-wom' 3 + ensure_n_canary_strings_in_dir "$LISTS" 'ni ni ni' 0 +} +runtests '^E:.*Clearsigned file .*NOSPLIT.*' +webserverconfig 'aptwebserver::overwrite::.*InRelease::filename' '/404' +runtests '^E:.*Signed file .*NODATA.*' diff --git a/test/integration/test-ubuntu-bug-761175-remove-purge b/test/integration/test-ubuntu-bug-761175-remove-purge index 00f289b53..aae394ad8 100755 --- a/test/integration/test-ubuntu-bug-761175-remove-purge +++ b/test/integration/test-ubuntu-bug-761175-remove-purge @@ -23,35 +23,62 @@ buildcompizpkg 'all' 'all' '2.0' 'unstable' setupaptarchive runtests() { - testdpkgnotinstalled compiz-core-$1 - testsuccess aptget install compiz-core-$1 -t "${2:-unstable}" - testdpkginstalled compiz-core-$1 + local PKG="$1" + local RELEASE="${2}" + shift 2 + testdpkgnotinstalled compiz-core-${PKG} + testsuccess aptget install compiz-core-${PKG} -t "${RELEASE}" "$@" + testdpkginstalled compiz-core-${PKG} - testsuccess aptget remove compiz-core-$1 -y - testdpkgnotinstalled compiz-core-$1 - testdpkgstatus 'rc' '1' "compiz-core-$1" + testsuccess aptget remove compiz-core-${PKG} -y "$@" + testdpkgnotinstalled compiz-core-${PKG} + testdpkgstatus 'rc' '1' "compiz-core-${PKG}" - testsuccessequal "Reading package lists... + if [ -z "$1" ]; then + testsuccessequal "Reading package lists... Building dependency tree... Reading state information... The following packages will be REMOVED: - compiz-core-$1* + compiz-core-${PKG}* 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. -Purg compiz-core-$1" aptget purge compiz-core-$1 -s - testsuccess aptget purge compiz-core-$1 -y +Purg compiz-core-${PKG}" aptget purge compiz-core-${PKG} -s "$@" + else + # check that the rc-version isn't passed to the external resolver if its only in dpkg/status + export APT_EDSP_DUMP_FILENAME="${TMPWORKINGDIRECTORY}/dump-${PKG}.edsp" + testfailure aptget purge compiz-core-${PKG} -y "$@" -s --solver dump + testsuccessequal '2' grep -c "^Package: compiz-core-${PKG}\$" "$APT_EDSP_DUMP_FILENAME" + mv rootdir/etc/apt/sources.list.d/apt-test-stable-deb.list rootdir/etc/apt/sources.list.d/apt-test-stable-deb.disabled + testfailure aptget purge compiz-core-${PKG} -y "$@" -s --solver dump + testsuccessequal '1' grep -c "^Package: compiz-core-${PKG}\$" "$APT_EDSP_DUMP_FILENAME" + mv rootdir/etc/apt/sources.list.d/apt-test-stable-deb.disabled rootdir/etc/apt/sources.list.d/apt-test-stable-deb.list + + testsuccessequal "Reading package lists... +Building dependency tree... +Reading state information... +Execute external solver... +The following packages will be REMOVED: + compiz-core-${PKG}* +0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. +Purg compiz-core-${PKG}" aptget purge compiz-core-${PKG} -s "$@" + fi + testsuccess aptget purge compiz-core-${PKG} -y "$@" echo -n '' > rootdir/var/lib/dpkg/available # dpkg -l < 1.16.2 reads the available file by default, where the package can be found - testequalor2 "dpkg-query: no packages found matching compiz-core-$1" "No packages found matching compiz-core-$1." dpkg -l compiz-core-$1 + testequalor2 "dpkg-query: no packages found matching compiz-core-${PKG}" "No packages found matching compiz-core-${PKG}." dpkg -l compiz-core-${PKG} +} +runtestround() { + runtests 'native' 'unstable' "$@" + runtests 'all' 'unstable' "$@" + runtests 'native' 'stable' "$@" + runtests 'all' 'stable' "$@" } +testround() { + msgmsg 'Test in multi arch environment' "$@" + configarchitecture 'amd64' 'i386' + runtestround "$@" -msgmsg 'Test in multi arch environment' -runtests 'native' -runtests 'all' -runtests 'native' 'stable' -runtests 'all' 'stable' - -msgmsg 'Test in single arch environment' -configarchitecture 'amd64' -runtests 'native' -runtests 'all' -runtests 'native' 'stable' -runtests 'all' 'stable' + msgmsg 'Test in single arch environment' "$@" + configarchitecture 'amd64' + runtestround "$@" +} +testround +testround --solver apt diff --git a/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only b/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only index 21d7129ae..fe42ba83d 100755 --- a/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only +++ b/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only @@ -8,11 +8,9 @@ configarchitecture 'i386' insertpackage 'unstable' 'apt' 'i386' '0.8.11' -setupaptarchive +export APT_DONT_SIGN='Release.gpg' +setupaptarchive --no-update -rm -rf rootdir/var/lib/apt/lists - -find aptarchive/ -name 'Release.gpg' -delete find aptarchive/ -name 'InRelease' -exec cp {} {}.old \; for RELEASE in $(find aptarchive/ -name 'InRelease'); do |