diff options
Diffstat (limited to 'test/integration')
85 files changed, 2673 insertions, 483 deletions
diff --git a/test/integration/framework b/test/integration/framework index 7923e23d9..153c5bb25 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -23,30 +23,43 @@ if [ "$MSGCOLOR" != 'NO' ]; then CCMD="\033[1;35m" # pink fi -msgdie() { printf "${CERROR}E: $1${CNORMAL}\n" >&2; exit 1; } -msgwarn() { printf "${CWARNING}W: $1${CNORMAL}\n" >&2; } -msgmsg() { printf "${CMSG}$1${CNORMAL}\n"; } -msginfo() { printf "${CINFO}I: $1${CNORMAL}\n"; } -msgdebug() { printf "${CDEBUG}D: $1${CNORMAL}\n"; } -msgdone() { printf "${CDONE}DONE${CNORMAL}\n"; } -msgnwarn() { printf "${CWARNING}W: $1${CNORMAL}" >&2; } -msgnmsg() { printf "${CMSG}$1${CNORMAL}"; } -msgninfo() { printf "${CINFO}I: $1${CNORMAL}"; } -msgndebug() { printf "${CDEBUG}D: $1${CNORMAL}"; } -msgtest() { - while [ -n "$1" ]; do - printf "${CINFO}$1${CCMD} " - printf -- "$(echo "$2" | sed -e 's#^apt\([cgfs]\)#apt-\1#')${CINFO} " +msgprintf() { + local START="$1" + local MIDDLE="$2" + local END="$3" + shift 3 + if [ -n "$1" ]; then + printf "$START " "$1" shift - if [ -n "$1" ]; then shift; else break; fi - done - printf "…${CNORMAL} " + while [ -n "$1" ]; do + printf "$MIDDLE " "$(echo "$1" | sed -e 's#^apt\([cfghs]\)#apt-\1#')" + shift + done + fi + printf "${END}" } +msgdie() { msgprintf "${CERROR}E: %s" '%s' "${CNORMAL}\n" "$@" >&2; exit 1; } +msgwarn() { msgprintf "${CWARNING}W: %s" '%s' "${CNORMAL}\n" "$@" >&2; } +msgmsg() { msgprintf "${CMSG}%s" '%s' "${CNORMAL}\n" "$@"; } +msginfo() { msgprintf "${CINFO}I: %s" '%s' "${CNORMAL}\n" "$@"; } +msgdebug() { msgprintf "${CDEBUG}D: %s" '%s' "${CNORMAL}\n" "$@"; } +msgdone() { msgprintf "${CDONE}DONE" '%s' "${CNORMAL}\n" "$@"; } +msgnwarn() { msgprintf "${CWARNING}W: %s" '%s' "${CNORMAL}" "$@" >&2; } +msgnmsg() { msgprintf "${CMSG}%s" '%s' "${CNORMAL}" "$@"; } +msgninfo() { msgprintf "${CINFO}I: %s" '%s' "${CNORMAL}" "$@"; } +msgndebug() { msgprintf "${CDEBUG}D: %s" '%s' "${CNORMAL}" "$@"; } +msgtest() { msgprintf "${CINFO}%s" "${CCMD}%s${CINFO}" "…${CNORMAL} " "$@"; } msgpass() { printf "${CPASS}PASS${CNORMAL}\n"; } -msgskip() { printf "${CWARNING}SKIP${CNORMAL}\n" >&2; } +msgskip() { + if [ $# -gt 0 ]; then printf "${CWARNING}SKIP: $*${CNORMAL}\n" >&2; + else printf "${CWARNING}SKIP${CNORMAL}\n" >&2; fi +} msgfail() { if [ $# -gt 0 ]; then printf "${CFAIL}FAIL: $*${CNORMAL}\n" >&2; else printf "${CFAIL}FAIL${CNORMAL}\n" >&2; fi + if [ -n "$APT_DEBUG_TESTS" ]; then + $SHELL + fi EXIT_CODE=$((EXIT_CODE+1)); } @@ -64,12 +77,6 @@ if [ $MSGLEVEL -le 2 ]; then msgnmsg() { true; } msgtest() { true; } msgpass() { printf " ${CPASS}P${CNORMAL}"; } - msgskip() { printf " ${CWARNING}S${CNORMAL}" >&2; } - if [ -n "$CFAIL" ]; then - msgfail() { printf " ${CFAIL}FAIL${CNORMAL}" >&2; EXIT_CODE=$((EXIT_CODE+1)); } - else - msgfail() { printf " ###FAILED###" >&2; EXIT_CODE=$((EXIT_CODE+1)); } - fi fi if [ $MSGLEVEL -le 3 ]; then msginfo() { true; } @@ -102,10 +109,10 @@ runapt() { local CMD="$1" shift case $CMD in - sh|aptitude|*/*) ;; + sh|aptitude|*/*|command) ;; *) CMD="${BUILDDIRECTORY}/$CMD";; esac - MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH=${BUILDDIRECTORY} $CMD "$@" + MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH=${LIBRARYPATH} $CMD "$@" } aptconfig() { runapt apt-config "$@"; } aptcache() { runapt apt-cache "$@"; } @@ -129,18 +136,9 @@ dpkgcheckbuilddeps() { command dpkg-checkbuilddeps --admindir=${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg "$@" } gdb() { - echo "gdb: run »$*«" - CMD="$1" + local CMD="$1" shift - - APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${LIBRARYPATH} command gdb ${BUILDDIRECTORY}/$CMD --args ${BUILDDIRECTORY}/$CMD "$@" -} -gpg() { - # see apt-key for the whole trickery. Setup is done in setupenvironment - command gpg --ignore-time-conflict --no-options --no-default-keyring \ - --homedir "${TMPWORKINGDIRECTORY}/gnupghome" \ - --no-auto-check-trustdb --trust-model always \ - "$@" + runapt command gdb --quiet -ex run "${BUILDDIRECTORY}/$CMD" --args "${BUILDDIRECTORY}/$CMD" "$@" } exitwithstatus() { @@ -172,10 +170,23 @@ addtrap() { } setupenvironment() { + # privilege dropping and testing doesn't work if /tmp isn't world-writeable (as e.g. with libpam-tmpdir) + if [ -n "$TMPDIR" ] && [ "$(id -u)" = '0' ] && [ "$(stat --format '%a' "$TMPDIR")" != '1777' ]; then + unset TMPDIR + fi TMPWORKINGDIRECTORY=$(mktemp -d) - TESTDIRECTORY=$(readlink -f $(dirname $0)) + addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;" msgninfo "Preparing environment for ${CCMD}$(basename $0)${CINFO} in ${TMPWORKINGDIRECTORY}… " + mkdir -m 700 "${TMPWORKINGDIRECTORY}/downloaded" + if [ "$(id -u)" = '0' ]; then + # relax permissions so that running as root with user switching works + umask 022 + chmod 711 "$TMPWORKINGDIRECTORY" + chown _apt:root "${TMPWORKINGDIRECTORY}/downloaded" + fi + + TESTDIRECTORY=$(readlink -f $(dirname $0)) # allow overriding the default BUILDDIR location BUILDDIRECTORY=${APT_INTEGRATION_TESTS_BUILD_DIR:-"${TESTDIRECTORY}/../../build/bin"} LIBRARYPATH=${APT_INTEGRATION_TESTS_LIBRARY_PATH:-"${BUILDDIRECTORY}"} @@ -186,12 +197,11 @@ setupenvironment() { test -x "${BUILDDIRECTORY}/apt-get" || msgdie "You need to build tree first" # ----- - addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;" cd $TMPWORKINGDIRECTORY mkdir rootdir aptarchive keys cd rootdir mkdir -p etc/apt/apt.conf.d etc/apt/sources.list.d etc/apt/trusted.gpg.d etc/apt/preferences.d - mkdir -p var/cache var/lib/apt var/log tmp + mkdir -p usr/bin var/cache var/lib/apt var/log tmp mkdir -p var/lib/dpkg/info var/lib/dpkg/updates var/lib/dpkg/triggers touch var/lib/dpkg/available mkdir -p usr/lib/apt @@ -219,12 +229,23 @@ setupenvironment() { cp "${TESTDIRECTORY}/${SOURCESSFILE}" aptarchive/Sources fi cp $(find $TESTDIRECTORY -name '*.pub' -o -name '*.sec') keys/ + chmod 644 $(find keys -name '*.pub' -o -name '*.sec') ln -s ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + echo "Dir \"${TMPWORKINGDIRECTORY}/rootdir\";" > aptconfig.conf echo "Dir::state::status \"${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status\";" >> aptconfig.conf echo "Debug::NoLocking \"true\";" >> aptconfig.conf echo "APT::Get::Show-User-Simulation-Note \"false\";" >> aptconfig.conf echo "Dir::Bin::Methods \"${METHODSDIR}\";" >> aptconfig.conf + # store apt-key were we can access it, even if we run it as a different user + # destroys coverage reporting though, so just do it for root for now + if [ "$(id -u)" = '0' ]; then + cp "${BUILDDIRECTORY}/apt-key" "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/" + chmod o+rx "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/apt-key" + echo "Dir::Bin::apt-key \"${TMPWORKINGDIRECTORY}/rootdir/usr/bin/apt-key\";" >> aptconfig.conf + else + echo "Dir::Bin::apt-key \"${BUILDDIRECTORY}/apt-key\";" >> aptconfig.conf + fi echo "Dir::Bin::dpkg \"fakeroot\";" >> aptconfig.conf echo "DPKG::options:: \"dpkg\";" >> aptconfig.conf echo "DPKG::options:: \"--root=${TMPWORKINGDIRECTORY}/rootdir\";" >> aptconfig.conf @@ -235,25 +256,28 @@ setupenvironment() { fi echo "DPKG::options:: \"--log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log\";" >> aptconfig.conf echo 'quiet::NoUpdate "true";' >> aptconfig.conf - echo "Acquire::https::CaInfo \"${TESTDIR}/apt.pem\";" > rootdir/etc/apt/apt.conf.d/99https - echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary + echo 'quiet::NoStatistic "true";' >> aptconfig.conf + # too distracting for users, but helpful to detect changes + echo 'Acquire::Progress::Ignore::ShowErrorText "true";' >> aptconfig.conf + # in testcases, it can appear as if localhost has a rotation setup, + # hide this as we can't really deal with it properly + echo 'Acquire::Failure::ShowIP "false";' >> aptconfig.conf + + cp "${TESTDIRECTORY}/apt.pem" "${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem" + if [ "$(id -u)" = '0' ]; then + chown _apt:root "${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem" + fi + echo "Acquire::https::CaInfo \"${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem\";" > rootdir/etc/apt/apt.conf.d/99https + echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary configcompression '.' 'gz' #'bz2' 'lzma' 'xz' - # gpg needs a trustdb to function, but it can't be invalid (not even empty) - # see also apt-key where this trickery comes from: - local TRUSTDBDIR="${TMPWORKINGDIRECTORY}/gnupghome" - mkdir "$TRUSTDBDIR" - chmod 700 "$TRUSTDBDIR" - # We also don't use a secret keyring, of course, but gpg panics and - # implodes if there isn't one available - and writeable for imports - local SECRETKEYRING="${TRUSTDBDIR}/secring.gpg" - touch $SECRETKEYRING - # now create the trustdb with an (empty) dummy keyring - # newer gpg versions are fine without it, but play it safe for now - gpg --quiet --check-trustdb --secret-keyring $SECRETKEYRING --keyring $SECRETKEYRING >/dev/null 2>&1 + # Acquire::AllowInsecureRepositories=false is not yet the default + # but we want it to be the default soon + configallowinsecurerepositories "false"; # cleanup the environment a bit - export PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin" + # prefer our apt binaries over the system apt binaries + export PATH="${BUILDDIRECTORY}:${PATH}:/usr/local/sbin:/usr/sbin:/sbin" export LC_ALL=C.UTF-8 unset LANGUAGE APT_CONFIG unset GREP_OPTIONS DEB_BUILD_PROFILES @@ -325,6 +349,11 @@ configdpkg() { fi } +configallowinsecurerepositories() { + echo "Acquire::AllowInsecureRepositories \"$1\";" > rootdir/etc/apt/apt.conf.d/allow-insecure-repositories.conf + +} + configcompression() { while [ -n "$1" ]; do case "$1" in @@ -478,8 +507,8 @@ Package: $NAME" >> ${BUILDDIR}/debian/control | while read SRC; do echo "pool/${SRC}" >> ${BUILDDIR}/../${RELEASE}.${DISTSECTION}.srclist # if expr match "${SRC}" '.*\.dsc' >/dev/null 2>&1; then -# gpg --yes --secret-keyring ./keys/joesixpack.sec \ -# --keyring ./keys/joesixpack.pub --default-key 'Joe Sixpack' \ +# aptkey --keyring ./keys/joesixpack.pub --secret-keyring ./keys/joesixpack.sec --quiet --readonly \ +# adv --yes --default-key 'Joe Sixpack' \ # --clearsign -o "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC" # mv "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC" # fi @@ -629,40 +658,52 @@ buildaptftparchivedirectorystructure() { } insertpackage() { - local RELEASE="$1" + local RELEASES="$1" local NAME="$2" local ARCH="$3" local VERSION="$4" local DEPENDENCIES="$5" local PRIORITY="${6:-optional}" - local DESCRIPTION="${7:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASE} + local DESCRIPTION="${7:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASES} If you find such a package installed on your system, something went horribly wrong! They are autogenerated und used only by testcases and surf no other propose…"}" local ARCHS="" - for arch in $(getarchitecturesfromcommalist "$ARCH"); do - if [ "$arch" = 'all' -o "$arch" = 'none' ]; then - ARCHS="$(getarchitectures)" - else - ARCHS="$arch" + for RELEASE in $(printf '%s' "$RELEASES" | tr ',' '\n'); do + if [ "$RELEASE" = 'installed' ]; then + insertinstalledpackage "$2" "$3" "$4" "$5" "$6" "$7" + continue fi - for BUILDARCH in $ARCHS; do - local PPATH="aptarchive/dists/${RELEASE}/main/binary-${BUILDARCH}" - mkdir -p $PPATH aptarchive/dists/${RELEASE}/main/source - touch aptarchive/dists/${RELEASE}/main/source/Sources - local FILE="${PPATH}/Packages" - echo "Package: $NAME + for arch in $(getarchitecturesfromcommalist "$ARCH"); do + if [ "$arch" = 'all' -o "$arch" = 'none' ]; then + ARCHS="$(getarchitectures)" + else + ARCHS="$arch" + fi + for BUILDARCH in $ARCHS; do + local PPATH="aptarchive/dists/${RELEASE}/main/binary-${BUILDARCH}" + mkdir -p $PPATH + local FILE="${PPATH}/Packages" + echo "Package: $NAME Priority: $PRIORITY Section: other Installed-Size: 42 Maintainer: Joe Sixpack <joe@example.org>" >> $FILE - test "$arch" = 'none' || echo "Architecture: $arch" >> $FILE - echo "Version: $VERSION + test "$arch" = 'none' || echo "Architecture: $arch" >> $FILE + echo "Version: $VERSION Filename: pool/main/${NAME}/${NAME}_${VERSION}_${arch}.deb" >> $FILE - test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> $FILE - echo "Description: $DESCRIPTION" >> $FILE - echo >> $FILE + test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> $FILE + echo "Description: $(printf '%s' "$DESCRIPTION" | head -n 1)" >> $FILE + echo "Description-md5: $(printf '%s' "$DESCRIPTION" | md5sum | cut -d' ' -f 1)" >> $FILE + echo >> $FILE + done done + mkdir -p aptarchive/dists/${RELEASE}/main/source aptarchive/dists/${RELEASE}/main/i18n + touch aptarchive/dists/${RELEASE}/main/source/Sources + echo "Package: $NAME +Description-md5: $(printf '%s' "$DESCRIPTION" | md5sum | cut -d' ' -f 1) +Description-en: $DESCRIPTION +" >> aptarchive/dists/${RELEASE}/main/i18n/Translation-en done } @@ -733,12 +774,12 @@ buildaptarchivefromincoming() { aptftparchive -qq generate ftparchive.conf cd - > /dev/null msgdone "info" - generatereleasefiles + generatereleasefiles "$@" } buildaptarchivefromfiles() { msginfo "Build APT archive for ${CCMD}$(basename $0)${CINFO} based on prebuild files…" - find aptarchive -name 'Packages' -o -name 'Sources' | while read line; do + find aptarchive -name 'Packages' -o -name 'Sources' -o -name 'Translation-*' | while read line; do msgninfo "\t${line} file… " compressfile "$line" "$1" msgdone "info" @@ -848,24 +889,29 @@ setupflataptarchive() { } setupaptarchive() { - buildaptarchive + local NOUPDATE=0 + if [ "$1" = '--no-update' ]; then + NOUPDATE=1 + shift + fi + buildaptarchive "$@" if [ -e aptarchive/dists ]; then setupdistsaptarchive else setupflataptarchive fi - signreleasefiles - if [ "$1" != '--no-update' ]; then - msgninfo "\tSync APT's cache with the archive… " - aptget update -qq - msgdone "info" + signreleasefiles 'Joe Sixpack' + if [ "1" != "$NOUPDATE" ]; then + testsuccess aptget update -o Debug::pkgAcquire::Worker=true -o Debug::Acquire::gpgv=true fi } signreleasefiles() { local SIGNER="${1:-Joe Sixpack}" - local GPG="gpg --batch --yes" - msgninfo "\tSign archive with $SIGNER key… " + local REPODIR="${2:-aptarchive}" + local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')" + local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes" + msgninfo "\tSign archive with $SIGNER key $KEY… " local REXKEY='keys/rexexpired' local SECEXPIREBAK="${REXKEY}.sec.bak" local PUBEXPIREBAK="${REXKEY}.pub.bak" @@ -881,18 +927,15 @@ signreleasefiles() { cp $SECUNEXPIRED ${REXKEY}.sec cp $PUBUNEXPIRED ${REXKEY}.pub else - printf "expire\n1w\nsave\n" | $GPG --keyring ${REXKEY}.pub --secret-keyring ${REXKEY}.sec --command-fd 0 --edit-key "${SIGNER}" >/dev/null 2>&1 || true + if ! printf "expire\n1w\nsave\n" | $GPG --default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then + cat setexpire.gpg + exit 1 + fi cp ${REXKEY}.sec $SECUNEXPIRED cp ${REXKEY}.pub $PUBUNEXPIRED fi fi - for KEY in $(find keys/ -name '*.sec'); do - GPG="$GPG --secret-keyring $KEY" - done - for KEY in $(find keys/ -name '*.pub'); do - GPG="$GPG --keyring $KEY" - done - for RELEASE in $(find aptarchive/ -name Release); do + for RELEASE in $(find ${REPODIR}/ -name Release); do $GPG --default-key "$SIGNER" --armor --detach-sign --sign --output ${RELEASE}.gpg ${RELEASE} local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')" $GPG --default-key "$SIGNER" --clearsign --output $INRELEASE $RELEASE @@ -907,23 +950,35 @@ signreleasefiles() { } webserverconfig() { - msgtest "Set webserver config option '${1}' to" "$2" + local NOCHECK=false + if [ "$1" = '--no-check' ]; then + NOCHECK=true + shift + fi local DOWNLOG='rootdir/tmp/download-testfile.log' - local STATUS='rootdir/tmp/webserverconfig.status' + local STATUS='downloaded/webserverconfig.status' rm -f "$STATUS" "$DOWNLOG" - if downloadfile "http://localhost:8080/_config/set/${1}/${2}" "$STATUS" > "$DOWNLOG"; then + local URI + if [ -n "$2" ]; then + msgtest "Set webserver config option '${1}' to" "$2" + URI="http://localhost:8080/_config/set/${1}/${2}" + else + msgtest 'Clear webserver config option' "${1}" + URI="http://localhost:8080/_config/clear/${1}" + fi + if downloadfile "$URI" "$STATUS" > "$DOWNLOG"; then msgpass else - cat "$DOWNLOG" "$STATUS" + cat "$DOWNLOG" "$STATUS" || true msgfail fi - testwebserverlaststatuscode '200' + $NOCHECK || testwebserverlaststatuscode '200' } rewritesourceslist() { local APTARCHIVE="file://$(readlink -f "${TMPWORKINGDIRECTORY}/aptarchive")" for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do - sed -i $LIST -e "s#$APTARCHIVE#${1}#" -e "s#http://localhost:8080/#${1}#" -e "s#http://localhost:4433/#${1}#" + sed -i $LIST -e "s#$APTARCHIVE#${1}#" -e "s#http://localhost:8080/#${1}#" -e "s#https://localhost:4433/#${1}#" done } @@ -974,7 +1029,7 @@ changetohttpswebserver() { changetowebserver --no-rewrite "$@" fi echo "pid = ${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid -cert = ${TESTDIRECTORY}/apt.pem +cert = ${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem output = /dev/null [https] @@ -1010,7 +1065,7 @@ acquire::cdrom::autodetect 0;" > rootdir/etc/apt/apt.conf.d/00cdrom mv "${CD}" "${CD}-unmounted" # we don't want the disk to be modifiable addtrap 'prefix' "chmod -f -R +w $PWD/rootdir/media/cdrom/dists/ $PWD/rootdir/media/cdrom-unmounted/dists/ || true;" - chmod -R -w rootdir/media/cdrom-unmounted/dists + chmod -R 555 rootdir/media/cdrom-unmounted/dists } downloadfile() { @@ -1018,7 +1073,7 @@ downloadfile() { apthelper -o Debug::Acquire::${PROTO}=1 \ download-file "$1" "$2" 2>&1 || true # only if the file exists the download was successful - if [ -e "$2" ]; then + if [ -r "$2" ]; then return 0 else return 1 @@ -1026,7 +1081,7 @@ downloadfile() { } checkdiff() { - local DIFFTEXT="$(command diff -u "$@" | sed -e '/^---/ d' -e '/^+++/ d' -e '/^@@/ d')" + local DIFFTEXT="$(command diff -u "$@" 2>&1 | sed -e '/^---/ d' -e '/^+++/ d' -e '/^@@/ d')" if [ -n "$DIFFTEXT" ]; then echo >&2 echo >&2 "$DIFFTEXT" @@ -1050,12 +1105,13 @@ testfileequal() { testempty() { msgtest "Test for no output of" "$*" local COMPAREFILE="${TMPWORKINGDIRECTORY}/rootdir/tmp/testempty.comparefile" - if $* >$COMPAREFILE 2>&1 && test ! -s $COMPAREFILE; then + if "$@" >$COMPAREFILE 2>&1 && test ! -s $COMPAREFILE; then msgpass else cat $COMPAREFILE msgfail fi + aptautotest 'testempty' "$@" } testequal() { @@ -1072,7 +1128,8 @@ testequal() { if [ -n "$MSG" ]; then msgtest "$MSG" "$*" fi - $* 2>&1 | checkdiff $COMPAREFILE - && msgpass || msgfail + "$@" 2>&1 | checkdiff $COMPAREFILE - && msgpass || msgfail + aptautotest 'testequal' "$@" } testequalor2() { @@ -1083,7 +1140,7 @@ testequalor2() { echo "$2" > $COMPAREFILE2 shift 2 msgtest "Test for equality OR of" "$*" - $* >$COMPAREAGAINST 2>&1 || true + "$@" >$COMPAREAGAINST 2>&1 || true if checkdiff $COMPAREFILE1 $COMPAREAGAINST >/dev/null 2>&1 || \ checkdiff $COMPAREFILE2 $COMPAREAGAINST >/dev/null 2>&1 then @@ -1095,6 +1152,7 @@ testequalor2() { checkdiff $COMPAREFILE2 $COMPAREAGAINST || true msgfail fi + aptautotest 'testequalor2' "$@" } testshowvirtual() { @@ -1164,6 +1222,36 @@ testmarkedauto() { aptmark showauto 2>&1 | checkdiff $COMPAREFILE - && msgpass || msgfail } +msgfailoutput() { + local MSG="$1" + local OUTPUT="$2" + shift 2 + echo >&2 + if [ "$1" = 'grep' ]; then + while [ -n "$2" ]; do shift; done + echo "#### Complete file: $1 ####" + cat >&2 "$1" || true + echo '#### grep output ####' + elif [ "$1" = 'test' ]; then + # doesn't support ! or non-file flags + msgfailoutputstatfile() { + local FILEFLAGS='^-[bcdefgGhkLOprsStuwx]$' + if expr match "$1" "$FILEFLAGS" >/dev/null; then + echo "#### stat(2) of file: $2 ####" + stat "$2" || true + fi + } + msgfailoutputstatfile "$2" "$3" + while [ -n "$5" ] && [ "$4" = '-o' -o "$4" = '-a' ]; do + shift 3 + msgfailoutputstatfile "$2" "$3" + done + echo '#### test output ####' + fi + cat >&2 $OUTPUT + msgfail "$MSG" +} + testsuccess() { if [ "$1" = '--nomsg' ]; then shift @@ -1171,15 +1259,53 @@ testsuccess() { msgtest 'Test for successful execution of' "$*" fi local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testsuccess.output" - if $@ >${OUTPUT} 2>&1; then - msgpass + if "$@" >${OUTPUT} 2>&1; then + if expr match "$1" '^apt.*' >/dev/null; then + if grep -q -E ' runtime error: ' "$OUTPUT"; then + msgfailoutput 'compiler detected undefined behavior' "$OUTPUT" "$@" + elif grep -q -E '^[WE]: ' "$OUTPUT"; then + msgfailoutput 'successful run, but output contains warnings/errors' "$OUTPUT" "$@" + else + msgpass + fi + else + msgpass + fi else + local EXITCODE=$? + msgfailoutput "exitcode $EXITCODE" "$OUTPUT" "$@" + fi + aptautotest 'testsuccess' "$@" +} +testwarning() { + if [ "$1" = '--nomsg' ]; then + shift + else + msgtest 'Test for successful execution with warnings of' "$*" + fi + local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testsuccess.output" + if "$@" >${OUTPUT} 2>&1; then + if expr match "$1" '^apt.*' >/dev/null; then + if grep -q -E ' runtime error: ' "$OUTPUT"; then + msgfailoutput 'compiler detected undefined behavior' "$OUTPUT" "$@" + elif grep -q -E '^E: ' "$OUTPUT"; then + msgfailoutput 'successful run, but output contains errors' "$OUTPUT" "$@" + elif ! grep -q -E '^W: ' "$OUTPUT"; then + msgfailoutput 'successful run, but output contains no warnings' "$OUTPUT" "$@" + else + msgpass + fi + else + msgpass + fi + else + local EXITCODE=$? echo >&2 cat >&2 $OUTPUT - msgfail + msgfail "exitcode $EXITCODE" fi + aptautotest 'testwarning' "$@" } - testfailure() { if [ "$1" = '--nomsg' ]; then shift @@ -1187,22 +1313,48 @@ testfailure() { msgtest 'Test for failure in execution of' "$*" fi local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testfailure.output" - if $@ >${OUTPUT} 2>&1; then - echo >&2 - cat >&2 $OUTPUT - msgfail + if "$@" >${OUTPUT} 2>&1; then + local EXITCODE=$? + msgfailoutput "exitcode $EXITCODE" "$OUTPUT" "$@" else + local EXITCODE=$? + if expr match "$1" '^apt.*' >/dev/null; then + if grep -q -E ' runtime error: ' "$OUTPUT"; then + msgfailoutput 'compiler detected undefined behavior' "$OUTPUT" "$@" + elif ! grep -q -E '^E: ' "$OUTPUT"; then + msgfailoutput "run failed with exitcode ${EXITCODE}, but with no errors" "$OUTPUT" "$@" + else + msgpass + fi + else + msgpass + fi + fi + aptautotest 'testfailure' "$@" +} + +testfilestats() { + msgtest "Test that file $1 has $2 $3" "$4" + if [ "$4" "$3" "$(stat --format "$2" "$1")" ]; then msgpass + else + echo >&2 + ls -l >&2 "$1" + echo -n >&2 "stat(1) reports for $2: " + stat --format "$2" "$1" + msgfail fi } +testaccessrights() { + testfilestats "$1" '%a' '=' "$2" +} testwebserverlaststatuscode() { local DOWNLOG='rootdir/tmp/webserverstatus-testfile.log' - local STATUS='rootdir/tmp/webserverstatus-statusfile.log' + local STATUS='downloaded/webserverstatus-statusfile.log' rm -f "$DOWNLOG" "$STATUS" msgtest 'Test last status code from the webserver was' "$1" - downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG" - if [ "$(cat "$STATUS")" = "$1" ]; then + if downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG" && [ "$(cat "$STATUS")" = "$1" ]; then msgpass else echo >&2 @@ -1222,3 +1374,43 @@ pause() { local IGNORE read IGNORE } + +listcurrentlistsdirectory() { + find rootdir/var/lib/apt/lists -maxdepth 1 -type d | while read line; do + stat --format '%U:%G:%a:%n' "$line" + done + find rootdir/var/lib/apt/lists -maxdepth 1 \! -type d | while read line; do + stat --format '%U:%G:%a:%s:%y:%n' "$line" + done +} + +### The following tests are run by most test methods automatically to check +### general things about commands executed without writing the test every time. + +aptautotest() { + local TESTCALL="$1" + local CMD="$2" + local FIRSTOPT="$3" + local AUTOTEST="aptautotest_$(basename "$CMD" | tr -d '-')_$(echo "$FIRSTOPT" | tr -d '-')" + if command -v $AUTOTEST >/dev/null; then + shift 3 + # save and restore the *.output files from other tests + # as we might otherwise override them in these automatic tests + rm -rf ${TMPWORKINGDIRECTORY}/rootdir/tmp-before + mv ${TMPWORKINGDIRECTORY}/rootdir/tmp ${TMPWORKINGDIRECTORY}/rootdir/tmp-before + mkdir ${TMPWORKINGDIRECTORY}/rootdir/tmp + $AUTOTEST "$TESTCALL" "$@" + rm -rf ${TMPWORKINGDIRECTORY}/rootdir/tmp-aptautotest + mv ${TMPWORKINGDIRECTORY}/rootdir/tmp ${TMPWORKINGDIRECTORY}/rootdir/tmp-aptautotest + mv ${TMPWORKINGDIRECTORY}/rootdir/tmp-before ${TMPWORKINGDIRECTORY}/rootdir/tmp + fi +} + +aptautotest_aptget_update() { + if ! test -d "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists"; then return; fi + # all copied files are properly chmodded + for file in $(find "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists" -maxdepth 1 -type f); do + testfilestats "$file" '%U:%G:%a' '=' "${USER}:${USER}:644" + done +} +aptautotest_apt_update() { aptautotest_aptget_update "$@"; } diff --git a/test/integration/run-tests b/test/integration/run-tests index c39a2ac68..6c6a37611 100755 --- a/test/integration/run-tests +++ b/test/integration/run-tests @@ -46,7 +46,11 @@ for testcase in $(run-parts --list $DIR | grep '/test-'); do if ! ${testcase}; then FAIL=$((FAIL+1)) FAILED_TESTS="$FAILED_TESTS $(basename $testcase)" - echo >&2 "$(basename $testcase) ... FAIL" + if [ "$MSGLEVEL" -le 2 ]; then + printf >&2 "\n${CHIGH}Running $(basename $testcase) -> FAILED${CRESET}" + else + echo >&2 "${CHIGH}Running $(basename $testcase) -> FAILED${CRESET}" + fi else PASS=$((PASS+1)) fi diff --git a/test/integration/skip-aptwebserver b/test/integration/skip-aptwebserver new file mode 100755 index 000000000..0622941ce --- /dev/null +++ b/test/integration/skip-aptwebserver @@ -0,0 +1,25 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'amd64' + +buildsimplenativepackage 'apt' 'all' '1.0' 'stable' + +setupaptarchive +changetowebserver + +rm -rf rootdir/var/lib/apt/lists +aptget update -qq +testequal 'Hit http://localhost stable InRelease +Hit http://localhost stable/main Sources +Hit http://localhost stable/main amd64 Packages +Hit http://localhost stable/main Translation-en +Reading package lists...' aptget update + +mv rootdir/var/lib/apt/lists/localhost* rootdir/var/lib/apt/lists/partial +aptget update + diff --git a/test/integration/test-allow-scores-for-all-dependency-types b/test/integration/test-allow-scores-for-all-dependency-types index a5c98f3d6..d1bcf1130 100755 --- a/test/integration/test-allow-scores-for-all-dependency-types +++ b/test/integration/test-allow-scores-for-all-dependency-types @@ -39,6 +39,7 @@ insertinstalledpackage 'libdb-dev' 'amd64' '5.1.7' 'Depends: libdb5.1-dev' insertinstalledpackage 'libdb5.1-dev' 'amd64' '5.1.29-7' testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: libdb5.1-dev The following NEW packages will be installed: @@ -53,6 +54,7 @@ Conf libdb5.3-dev (5.3.28-3 unversioned [amd64]) Conf libdb-dev (5.3.0 unversioned [amd64])' aptget dist-upgrade -st unversioned testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: libdb5.1-dev The following NEW packages will be installed: @@ -71,21 +73,25 @@ insertinstalledpackage 'foo' 'amd64' '1' insertinstalledpackage 'bar' 'amd64' '1' testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: bar foo 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.' aptget dist-upgrade -st unversioned testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: bar foo 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.' aptget dist-upgrade -st versioned testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: bar foo 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.' aptget dist-upgrade -st multipleno testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: foo The following packages will be upgraded: diff --git a/test/integration/test-apt-by-hash-update b/test/integration/test-apt-by-hash-update new file mode 100755 index 000000000..d9d0b146f --- /dev/null +++ b/test/integration/test-apt-by-hash-update @@ -0,0 +1,49 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +insertpackage 'unstable' 'foo' 'all' '1.0' + +setupaptarchive --no-update + +APTARCHIVE=$(readlink -f ./aptarchive) + +# make Packages *only* accessable by-hash for this test +mkdir -p aptarchive/dists/unstable/main/binary-i386/by-hash/SHA512 +(cd aptarchive/dists/unstable/main/binary-i386/by-hash/SHA512 && + mv ../../Packages* . && + ln -s Packages.gz $(sha512sum Packages.gz|cut -f1 -d' ') ) + +# add sources +mkdir -p aptarchive/dists/unstable/main/source/by-hash/SHA512 +(cd aptarchive/dists/unstable/main/source/by-hash/SHA512 && + ln -s ../../Sources.gz $(sha512sum ../../Sources.gz|cut -f1 -d' ') +) + +# we moved the Packages file away, normal update won't work +testfailure aptget upate + +# ensure we do not know about "foo" +testequal "Reading package lists... +Building dependency tree... +E: Unable to locate package foo" aptget install -q -s foo + +# ensure we can apt-get update by hash +testsuccess aptget update -o APT::Acquire::By-Hash=1 -o Acquire::Languages=none + +# ensure it works +testequal "Inst foo (1.0 unstable [all]) +Conf foo (1.0 unstable [all])" aptget install -qq -s foo + +# add magic string to Release file ... +MAGIC="Acquire-By-Hash: true" +sed -i "s#Suite: unstable#Suite: unstable\n$MAGIC#" aptarchive/dists/unstable/Release +signreleasefiles +# ... and verify that it fetches by hash now +testsuccess aptget update -o Acquire::Languages=none + diff --git a/test/integration/test-apt-cdrom b/test/integration/test-apt-cdrom index 44eccb7bf..3a33219fe 100755 --- a/test/integration/test-apt-cdrom +++ b/test/integration/test-apt-cdrom @@ -21,7 +21,7 @@ echo 'Description-de: automatisch generiertes Testpaket testing=0.8.15/stable ' >> Translation-de compressfile Translation-de rm -f Translation-en Translation-de -chmod -R -w . +chmod -R 555 . cd - > /dev/null aptcdromlog() { @@ -29,7 +29,7 @@ aptcdromlog() { test ! -e rootdir/media/cdrom || echo "CD-ROM is mounted, but shouldn't be!" test -e rootdir/media/cdrom-unmounted || echo "Unmounted CD-ROM doesn't exist, but it should!" aptcdrom "$@" -o quiet=1 >rootdir/tmp/apt-cdrom.log 2>&1 </dev/null - sed -e '/gpgv/ d' -e '/^Identifying/ d' -e '/Reading / d' rootdir/tmp/apt-cdrom.log + sed -e '/gpgv\?: Signature made/ d' -e '/gpgv\?: Good signature/ d' -e '/^Identifying/ d' -e '/Reading / d' rootdir/tmp/apt-cdrom.log test ! -e rootdir/media/cdrom || echo "CD-ROM is mounted, but shouldn't be!" test -e rootdir/media/cdrom-unmounted || echo "Unmounted CD-ROM doesn't exist, but it should!" } @@ -99,6 +99,7 @@ Conf testing:i386 (0.8.15 stable [i386])' aptget install testing:i386 -s testsuccess aptget purge testing:i386 -y testdpkgnotinstalled testing:i386 + cd downloaded rm -f testing_0.8.15_amd64.deb testsuccess aptget download testing testsuccess test -s testing_0.8.15_amd64.deb @@ -108,6 +109,7 @@ Conf testing:i386 (0.8.15 stable [i386])' aptget install testing:i386 -s testsuccess aptget source testing --dsc-only -d testsuccess test -s testing_0.8.15.dsc rm -f testing_0.8.15.dsc + cd - >/dev/null } testcdromusage @@ -142,3 +144,8 @@ testcdromusage testsuccess aptget update testfileequal rootdir/tmp/testsuccess.output 'Reading package lists...' testcdromusage + +msgmsg 'Check that nothing touched our' 'CD-ROM' +for file in $(find rootdir/media/cdrom-unmounted/dists); do + testfilestats "$file" '%U:%G:%a' '=' "${USER}:${USER}:555" +done diff --git a/test/integration/test-apt-cli-update b/test/integration/test-apt-cli-update index 8237bf03f..987bb9adb 100755 --- a/test/integration/test-apt-cli-update +++ b/test/integration/test-apt-cli-update @@ -10,7 +10,7 @@ configarchitecture "i386" insertpackage 'unstable' 'foo' 'all' '2.0' insertinstalledpackage 'foo' 'all' '1.0' -setupaptarchive +setupaptarchive --no-update APTARCHIVE=$(readlink -f ./aptarchive) diff --git a/test/integration/test-apt-ftparchive-src-cachedb b/test/integration/test-apt-ftparchive-src-cachedb index adcca6217..e7b148530 100755 --- a/test/integration/test-apt-ftparchive-src-cachedb +++ b/test/integration/test-apt-ftparchive-src-cachedb @@ -177,6 +177,11 @@ assert_correct_sources_file mkdir aptarchive/pool/invalid printf "meep" > aptarchive/pool/invalid/invalid_1.0.dsc testequal " +E: Could not find a record in the DSC 'aptarchive/pool/invalid/invalid_1.0.dsc'" aptftparchive sources aptarchive/pool/invalid +rm -f aptarchive/pool/invalid/invalid_1.0.dsc + +printf "meep: yes" > aptarchive/pool/invalid/invalid_1.0.dsc +testequal " E: Could not find a Source entry in the DSC 'aptarchive/pool/invalid/invalid_1.0.dsc'" aptftparchive sources aptarchive/pool/invalid rm -f aptarchive/pool/invalid/invalid_1.0.dsc diff --git a/test/integration/test-apt-get-build-dep b/test/integration/test-apt-get-build-dep new file mode 100755 index 000000000..87ec6e54d --- /dev/null +++ b/test/integration/test-apt-get-build-dep @@ -0,0 +1,129 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +buildsimplenativepackage 'debhelper' 'i386' '7' 'stable' +buildsimplenativepackage 'build-essential' 'i386' '1' 'stable' + +setupaptarchive +cat > 2vcard_0.5-3.dsc <<EOF +Format: 1.0 +Source: 2vcard +Binary: 2vcard +Architecture: all +Version: 0.5-3 +Maintainer: Martin Albisetti <argentina@gmail.com> +Uploaders: Marcela Tiznado <mlt@debian.org> +Standards-Version: 3.8.0 +Build-Depends: debhelper (>= 5.0.37) +Checksums-Sha1: + b7f1ce31ec856414a3f0f1090689f91aa7456d56 9398 2vcard_0.5.orig.tar.gz + 5f9acd07ebda6ab00fa6b4fe3198c13e94090862 2036 2vcard_0.5-3.diff.gz +Checksums-Sha256: + efdc22859ac2f8f030d038dc4faa9020082ebae34212498c288968ffd45c9764 9398 2vcard_0.5.orig.tar.gz + 82673ff3456af571094066c89bcea87b25c23c87cf1d0050b731e5222563626b 2036 2vcard_0.5-3.diff.gz +Files: + f73a69c170f772f3f6e75f2d11bbb792 9398 2vcard_0.5.orig.tar.gz + 1e806d32233af87437258d86b1561f57 2036 2vcard_0.5-3.diff.gz +EOF + +testequal "Reading package lists... +Building dependency tree... +Note, using file '2vcard_0.5-3.dsc' to get the build dependencies +The following NEW packages will be installed: + build-essential debhelper +0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. +Inst build-essential (1 stable [i386]) +Inst debhelper (7 stable [i386]) +Conf build-essential (1 stable [i386]) +Conf debhelper (7 stable [i386])" aptget build-dep -s 2vcard_0.5-3.dsc + +cat > 2vcard_0.5-3.dsc <<EOF +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +Format: 1.0 +Source: 2vcard +Binary: 2vcard +Architecture: all +Version: 0.5-3 +Maintainer: Martin Albisetti <argentina@gmail.com> +Uploaders: Marcela Tiznado <mlt@debian.org> +Standards-Version: 3.8.0 +Build-Depends: debhelper (>= 5.0.37) +Checksums-Sha1: + b7f1ce31ec856414a3f0f1090689f91aa7456d56 9398 2vcard_0.5.orig.tar.gz + 5f9acd07ebda6ab00fa6b4fe3198c13e94090862 2036 2vcard_0.5-3.diff.gz +Checksums-Sha256: + efdc22859ac2f8f030d038dc4faa9020082ebae34212498c288968ffd45c9764 9398 2vcard_0.5.orig.tar.gz + 82673ff3456af571094066c89bcea87b25c23c87cf1d0050b731e5222563626b 2036 2vcard_0.5-3.diff.gz +Files: + f73a69c170f772f3f6e75f2d11bbb792 9398 2vcard_0.5.orig.tar.gz + 1e806d32233af87437258d86b1561f57 2036 2vcard_0.5-3.diff.gz + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.9 (GNU/Linux) + +iEYEARECAAYFAkijKhsACgkQsrBfRdYmq7aA2gCfaOW9riTYVQMx5ajKQVAcctlC +z2UAn1oXgTai6opwhVfkxrlmJ+iRxzuc +=4eRd +-----END PGP SIGNATURE----- +EOF + +testequal "Reading package lists... +Building dependency tree... +Note, using file '2vcard_0.5-3.dsc' to get the build dependencies +The following NEW packages will be installed: + build-essential debhelper +0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. +Inst build-essential (1 stable [i386]) +Inst debhelper (7 stable [i386]) +Conf build-essential (1 stable [i386]) +Conf debhelper (7 stable [i386])" aptget build-dep --simulate 2vcard_0.5-3.dsc + + +# unpacked source dir +mkdir -p foo-1.0/debian +cat > foo-1.0/debian/control <<'EOF' +Source: apturl +Section: admin +Priority: optional +Maintainer: Michael Vogt <mvo@ubuntu.com> +Build-Depends: debhelper (>= 7) +X-Python3-Version: >= 3.2 +Standards-Version: 3.9.3 + +Package: apturl-common +Architecture: any +Depends: ${python3:Depends}, + ${shlibs:Depends}, + ${misc:Depends}, + python3-apt, + python3-update-manager +Replaces: apturl (<< 0.3.6ubuntu2) +Description: install packages using the apt protocol - common data + AptUrl is a simple graphical application that takes an URL (which follows the + apt-protocol) as a command line option, parses it and carries out the + operations that the URL describes (that is, it asks the user if he wants the + indicated packages to be installed and if the answer is positive does so for + him). + . + This package contains the common data shared between the frontends. + +EOF + +testequal "Reading package lists... +Building dependency tree... +Note, using directory './foo-1.0' to get the build dependencies +The following NEW packages will be installed: + build-essential debhelper +0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. +Inst build-essential (1 stable [i386]) +Inst debhelper (7 stable [i386]) +Conf build-essential (1 stable [i386]) +Conf debhelper (7 stable [i386])" aptget build-dep --simulate ./foo-1.0 diff --git a/test/integration/test-apt-get-changelog b/test/integration/test-apt-get-changelog index 4ee113482..648dccf40 100755 --- a/test/integration/test-apt-get-changelog +++ b/test/integration/test-apt-get-changelog @@ -13,26 +13,36 @@ setupaptarchive --no-update changetowebserver testsuccess aptget update +# simulate normal user with non-existent root-owned directories +rm -rf rootdir/var/cache/apt/archives/ +mkdir rootdir/var/cache/apt/archives/ +addtrap 'prefix' "chmod -f -R +w $PWD/rootdir/var/cache/apt/archives || true;" +chmod -R -w rootdir/var/cache/apt/archives + echo 'Apt::Changelogs::Server "http://localhost:8080/";' > rootdir/etc/apt/apt.conf.d/changelog.conf -testequal "'http://localhost:8080//pool/apt_1.0/changelog'" aptget changelog apt --print-uris +testequal "'http://localhost:8080/pool/apt_1.0/changelog'" aptget changelog apt --print-uris + +testequal "'http://localhost:8080/pool/apt_1.0/changelog' +'http://localhost:8080/pool/apt_1.0/changelog'" aptget changelog apt apt --print-uris -testequal "'http://localhost:8080//pool/apt_1.0/changelog' -'http://localhost:8080//pool/apt_1.0/changelog'" aptget changelog apt apt --print-uris +cd downloaded -aptget changelog apt -qq > apt.changelog -testfileequal 'apt.changelog' "$(cat aptarchive/pool/apt_1.0/changelog)" -rm apt.changelog +testsuccess aptget changelog apt -qq +testfileequal '../rootdir/tmp/testsuccess.output' "$(cat ../aptarchive/pool/apt_1.0/changelog)" testsuccess aptget changelog apt -d -testfileequal 'apt.changelog' "$(cat aptarchive/pool/apt_1.0/changelog)" -rm apt.changelog aptarchive/pool/apt_1.0/changelog +testfileequal 'apt.changelog' "$(cat ../aptarchive/pool/apt_1.0/changelog)" +testfilestats 'apt.changelog' '%U:%G:%a' '=' "${USER}:${USER}:644" +rm -f apt.changelog ../aptarchive/pool/apt_1.0/changelog -testequal "$(cat aptarchive/pool/apt_1.0.changelog)" aptget changelog apt \ +testequal "$(cat ../aptarchive/pool/apt_1.0.changelog)" aptget changelog apt \ -qq -o APT::Changelogs::Server='http://not-on-the-main-server:8080/' testsuccess aptget changelog apt -d -testfileequal 'apt.changelog' "$(cat aptarchive/pool/apt_1.0.changelog)" -rm apt.changelog aptarchive/pool/apt_1.0.changelog +testfileequal 'apt.changelog' "$(cat ../aptarchive/pool/apt_1.0.changelog)" +testfilestats 'apt.changelog' '%U:%G:%a' '=' "${USER}:${USER}:644" +rm -f apt.changelog ../aptarchive/pool/apt_1.0.changelog -testequal 'E: changelog download failed' aptget changelog apt -qq -o APT::Changelogs::Server='http://not-on-the-main-server:8080/' +testequal 'E: changelog download failed' aptget changelog apt -qq -d -o APT::Changelogs::Server='http://not-on-the-main-server:8080/' +testfailure test -e apt.changelog diff --git a/test/integration/test-apt-get-clean b/test/integration/test-apt-get-clean new file mode 100755 index 000000000..457bff9d3 --- /dev/null +++ b/test/integration/test-apt-get-clean @@ -0,0 +1,35 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'amd64' + +insertpackage 'testing' 'foo' 'all' '1' +insertpackage 'unstable' 'foo' 'all' '2' +insertinstalledpackage 'foo' 'all' '3' + +setupaptarchive + +# nothing to do always works +testsuccess aptget clean + +# generate some dirt and clean it up +touch rootdir/var/lib/apt/lists/partial/http.debian.net_debian_dists_sid_main_i18n_Translation-en +mkdir -p rootdir/var/cache/apt/archives +touch rootdir/var/cache/apt/archives/foo_1_all.deb +touch rootdir/var/cache/apt/archives/foo_2_all.deb +touch rootdir/var/cache/apt/archives/foo_3_all.deb +touch rootdir/var/cache/apt/archives/foo_4_all.deb + +testsuccess aptget clean + +testfailure test -e rootdir/var/lib/apt/lists/partial/http.debian.net_debian_dists_sid_main_i18n_Translation-en +testfailure test -e rootdir/var/cache/apt/archives/foo_1_all.deb +testfailure test -e rootdir/var/cache/apt/archives/foo_2_all.deb +testfailure test -e rootdir/var/cache/apt/archives/foo_3_all.deb +testfailure test -e rootdir/var/cache/apt/archives/foo_4_all.deb + + diff --git a/test/integration/test-apt-get-download b/test/integration/test-apt-get-download index be3144e1f..6503bbd1c 100755 --- a/test/integration/test-apt-get-download +++ b/test/integration/test-apt-get-download @@ -11,7 +11,26 @@ buildsimplenativepackage 'apt' 'all' '1.0' 'stable' buildsimplenativepackage 'apt' 'all' '2.0' 'unstable' insertinstalledpackage 'vrms' 'all' '1.0' -setupaptarchive +OLD_UMASK="$(umask)" +umask 0027 +setupaptarchive --no-update +umask "$OLD_UMASK" + +# directories should be readable by everyone +find aptarchive/dists -type d | while read dir; do + chmod o+rx "$dir" +done +# apt-ftparchive knows how to chmod files +find aptarchive/dists -name '*Packages*' -type f | while read file; do + testaccessrights "$file" '644' + chmod 640 "$file" +done +# created by the framework without special care +find aptarchive/dists -name '*Release*' -type f | while read file; do + testaccessrights "$file" '640' +done + +testsuccess aptget update testdownload() { local APT="$2" @@ -20,18 +39,34 @@ testdownload() { fi msgtest "Test download of package file $1 with" "$APT" testsuccess --nomsg aptget download ${APT} - testsuccess test -f $1 - rm $1 + testsuccess test -f "$1" + rm -f "$1" } +# normal case as "root" +OLDPWD="$(pwd)" +cd downloaded +testdownload apt_2.0_all.deb apt +cd "$OLDPWD" + +# simulate normal user with non-existent root-owned directories +rm -rf rootdir/var/cache/apt/archives/ +mkdir rootdir/var/cache/apt/archives/ +addtrap 'prefix' "chmod -f -R +w $PWD/rootdir/var/cache/apt/archives || true;" +chmod -R -w rootdir/var/cache/apt/archives + +OLDPWD="$(pwd)" +cd downloaded + # normal case(es) testdownload apt_1.0_all.deb apt stable testdownload apt_2.0_all.deb apt -DEBFILE="$(readlink -f aptarchive)/pool/apt_2.0_all.deb" +DEBFILE="$(readlink -f ../aptarchive)/pool/apt_2.0_all.deb" testequal "'file://${DEBFILE}' apt_2.0_all.deb $(stat -c%s $DEBFILE) SHA512:$(sha512sum $DEBFILE | cut -d' ' -f 1)" aptget download apt --print-uris # deb:677887 +testequal "E: Can't find a source to download version '1.0' of 'vrms:i386'" aptget download vrms --print-uris testequal "E: Can't find a source to download version '1.0' of 'vrms:i386'" aptget download vrms # deb:736962 @@ -45,3 +80,21 @@ rm -f apt_1.0_all.deb apt_2.0_all.deb testsuccess aptget download apt apt apt/unstable apt=2.0 testsuccess test -s apt_2.0_all.deb +# restore "root" rights +cd "$OLDPWD" +chmod -f -R +w $PWD/rootdir/var/cache/apt/archives +rm -rf rootdir/var/cache/apt/archives/ + +# file: debs aren't copied to archives, so change to http which obviously are +changetowebserver +testsuccess aptget update + +# test with already stored deb +testsuccess aptget install -d apt +testsuccess test -s rootdir/var/cache/apt/archives/apt_2.0_all.deb +testaccessrights 'aptarchive/pool/apt_2.0_all.deb' '644' +mv aptarchive/pool/apt_2.0_all.deb aptarchive/pool/apt_2.0_all.deb.gone +cd downloaded +testdownload apt_2.0_all.deb apt +cd "$OLDPWD" +mv aptarchive/pool/apt_2.0_all.deb.gone aptarchive/pool/apt_2.0_all.deb diff --git a/test/integration/test-apt-get-install-deb b/test/integration/test-apt-get-install-deb new file mode 100755 index 000000000..700009da5 --- /dev/null +++ b/test/integration/test-apt-get-install-deb @@ -0,0 +1,30 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# regression test for #754904 +testequal 'E: Unable to locate package /dev/null' aptget install -qq /dev/null + +# and ensure we fail for invalid debs +cat > foo.deb <<EOF +I'm not a deb, I'm a teapot. +EOF +testequal 'E: Sub-process Popen returned an error code (100) +E: Encountered a section with no Package: header +E: Problem with MergeLister for ./foo.deb +E: The package lists or status file could not be parsed or opened.' aptget install -qq ./foo.deb + +# fakeroot is currently not found, framwork needs updating +# +#buildsimplenativepackage 'foo' 'all' '1.0' +# +#testequal 'Selecting previously unselected package foo. +#(Reading database ... 0 files and directories currently installed.) +# Preparing to unpack .../incoming/foo_1.0_all.deb ... +#Unpacking foo (1.0) ... +#Setting up foo (1.0) ...' aptget install -qq ./incoming/foo_1.0_all.deb diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source index 33bd980d0..b27cbbe96 100755 --- a/test/integration/test-apt-get-source +++ b/test/integration/test-apt-get-source @@ -82,3 +82,7 @@ testequal "$HEADER Need to get 0 B of source archives. 'file://${APTARCHIVE}/foo_0.0.1.dsc' foo_0.0.1.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e 'file://${APTARCHIVE}/foo_0.0.1.tar.gz' foo_0.0.1.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris -t unstable foo=0.0.1 + +testequal "$HEADER +Need to get 0 B of source archives. +Fetch source foo" aptget source -q -s foo diff --git a/test/integration/test-apt-get-source-authenticated b/test/integration/test-apt-get-source-authenticated index 2cee13923..f68c32386 100755 --- a/test/integration/test-apt-get-source-authenticated +++ b/test/integration/test-apt-get-source-authenticated @@ -21,11 +21,14 @@ APTARCHIVE=$(readlink -f ./aptarchive) rm -f $APTARCHIVE/dists/unstable/*Release* # update without authenticated InRelease file -testsuccess aptget update +testwarning aptget update --allow-insecure-repositories # this all should fail testfailure aptget install -y foo +cd downloaded testfailure aptget source foo - +testfailure test -e foo_2.0.dsc # allow overriding the warning -testsuccess aptget source --allow-unauthenticated foo +testsuccess aptget source --allow-unauthenticated foo -o Debug::pkgAcquire::Worker=1 +testsuccess test -s foo_2.0.dsc -a -L foo_2.0.dsc +testaccessrights 'foo_2.0.dsc' '777' diff --git a/test/integration/test-apt-get-update-unauth-warning b/test/integration/test-apt-get-update-unauth-warning new file mode 100755 index 000000000..0389415c1 --- /dev/null +++ b/test/integration/test-apt-get-update-unauth-warning @@ -0,0 +1,43 @@ +#!/bin/sh +# +# ensure we print warnings for unauthenticated repositories +# +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# a "normal" package with source and binary +buildsimplenativepackage 'foo' 'all' '2.0' + +setupaptarchive --no-update + +APTARCHIVE=$(readlink -f ./aptarchive) +rm -f $APTARCHIVE/dists/unstable/*Release* + +# update without authenticated files leads to warning +testequal "Ign file: unstable InRelease + File not found +Err file: unstable Release + File not found +W: The repository 'file: unstable Release' does not have a Release file. This is deprecated, please contact the owner of the repository. +E: Use --allow-insecure-repositories to force the update" aptget update --no-allow-insecure-repositories + +# no package foo +testequal "Listing..." apt list foo +testequal "partial" ls rootdir/var/lib/apt/lists + +# allow override +testequal "Ign file: unstable InRelease + File not found +Ign file: unstable Release + File not found +Reading package lists... +W: The repository 'file: unstable Release' does not have a Release file. This is deprecated, please contact the owner of the repository." aptget update --allow-insecure-repositories +# ensure we can not install the package +testequal "WARNING: The following packages cannot be authenticated! + foo +E: There are problems and -y was used without --force-yes" aptget install -qq -y foo diff --git a/test/integration/test-apt-get-upgrade b/test/integration/test-apt-get-upgrade index 23446299c..d042e4fb7 100755 --- a/test/integration/test-apt-get-upgrade +++ b/test/integration/test-apt-get-upgrade @@ -8,29 +8,25 @@ setupenvironment configarchitecture "i386" # simple case -insertpackage 'stable' 'upgrade-simple' 'all' '1.0' +insertpackage 'stable,installed' 'upgrade-simple' 'all' '1.0' insertpackage 'unstable' 'upgrade-simple' 'all' '2.0' -insertinstalledpackage 'upgrade-simple' 'all' '1.0' # upgrade with a new dependency -insertpackage 'stable' 'upgrade-with-new-dep' 'all' '1.0' +insertpackage 'stable,installed' 'upgrade-with-new-dep' 'all' '1.0' insertpackage 'unstable' 'upgrade-with-new-dep' 'all' '2.0' 'Depends: new-dep' insertpackage 'stable' 'new-dep' 'all' '1.0' -insertinstalledpackage 'upgrade-with-new-dep' 'all' '1.0' # upgrade with conflict and a new pkg with higher priority than conflict -insertpackage 'stable' 'upgrade-with-conflict' 'all' '1.0' +insertpackage 'stable,installed' 'upgrade-with-conflict' 'all' '1.0' insertpackage 'unstable' 'upgrade-with-conflict' 'all' '2.0' 'Conflicts: conflicting-dep' 'standard' -insertpackage 'stable' 'conflicting-dep' 'all' '1.0' -insertinstalledpackage 'upgrade-with-conflict' 'all' '1.0' -insertinstalledpackage 'conflicting-dep' 'all' '1.0' - +insertpackage 'stable,installed' 'conflicting-dep' 'all' '1.0' setupaptarchive # Test if normal upgrade works as expected testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: upgrade-with-conflict upgrade-with-new-dep The following packages will be upgraded: @@ -42,6 +38,7 @@ Conf upgrade-simple (2.0 unstable [all])' aptget -s upgrade # Test if apt-get upgrade --with-new-pkgs works testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: new-dep The following packages have been kept back: @@ -59,6 +56,7 @@ Conf upgrade-with-new-dep (2.0 unstable [all])' aptget -s upgrade --with-new-pkg # Test if apt-get dist-upgrade works testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: conflicting-dep The following NEW packages will be installed: diff --git a/test/integration/test-apt-helper b/test/integration/test-apt-helper index c749224ca..06e497ff7 100755 --- a/test/integration/test-apt-helper +++ b/test/integration/test-apt-helper @@ -5,31 +5,31 @@ TESTDIR=$(readlink -f $(dirname $0)) . $TESTDIR/framework setupenvironment -configarchitecture "i386" +configarchitecture 'i386' changetohttpswebserver test_apt_helper_download() { - echo "foo" > aptarchive/foo + echo 'foo' > aptarchive/foo - msgtest 'apt-file download-file md5sum' - apthelper -qq download-file http://localhost:8080/foo foo2 MD5Sum:d3b07384d113edec49eaa6238ad5ff00 && msgpass || msgfail - testfileequal foo2 'foo' + msgtest 'apt-file download-file' 'md5sum' + apthelper -qq download-file http://localhost:8080/foo downloaded/foo2 MD5Sum:d3b07384d113edec49eaa6238ad5ff00 && msgpass || msgfail + testfileequal downloaded/foo2 'foo' - msgtest 'apt-file download-file sha1' - apthelper -qq download-file http://localhost:8080/foo foo1 SHA1:f1d2d2f924e986ac86fdf7b36c94bcdf32beec15 && msgpass || msgfail - testfileequal foo1 'foo' + msgtest 'apt-file download-file' 'sha1' + apthelper -qq download-file http://localhost:8080/foo downloaded/foo1 SHA1:f1d2d2f924e986ac86fdf7b36c94bcdf32beec15 && msgpass || msgfail + testfileequal downloaded/foo1 'foo' - msgtest 'apt-file download-file sha256' - apthelper -qq download-file http://localhost:8080/foo foo3 SHA256:b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c && msgpass || msgfail - testfileequal foo3 'foo' + msgtest 'apt-file download-file' 'sha256' + apthelper -qq download-file http://localhost:8080/foo downloaded/foo3 SHA256:b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c && msgpass || msgfail + testfileequal downloaded/foo3 'foo' - msgtest 'apt-file download-file no-hash' - apthelper -qq download-file http://localhost:8080/foo foo4 && msgpass || msgfail - testfileequal foo4 'foo' + msgtest 'apt-file download-file' 'no-hash' + apthelper -qq download-file http://localhost:8080/foo downloaded/foo4 && msgpass || msgfail + testfileequal downloaded/foo4 'foo' - msgtest 'apt-file download-file wrong hash' - if ! apthelper -qq download-file http://localhost:8080/foo foo5 MD5Sum:aabbcc 2>&1 2> download.stderr; then + msgtest 'apt-file download-file' 'wrong hash' + if ! apthelper -qq download-file http://localhost:8080/foo downloaded/foo5 MD5Sum:aabbcc 2>&1 2> download.stderr; then msgpass else msgfail @@ -37,7 +37,8 @@ test_apt_helper_download() { testfileequal download.stderr 'E: Failed to fetch http://localhost:8080/foo Hash Sum mismatch E: Download Failed' - testfileequal foo5.FAILED 'foo' + testfileequal downloaded/foo5.FAILED 'foo' + testfailure test -e downloaded/foo5 } test_apt_helper_detect_proxy() { diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key index 68b3f9710..b6b7b7909 100755 --- a/test/integration/test-apt-key +++ b/test/integration/test-apt-key @@ -7,101 +7,177 @@ TESTDIR=$(readlink -f $(dirname $0)) setupenvironment configarchitecture 'amd64' -msgtest 'Check that paths in list output are not' 'double-slashed' -aptkey list 2>&1 | grep -q '//' && msgfail || msgpass +# start from a clean plate again +cleanplate() { + rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg + mkdir rootdir/etc/apt/trusted.gpg.d/ +} -msgtest 'Check that paths in finger output are not' 'double-slashed' -aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass +testaptkeys() { + if ! aptkey list | grep '^pub' > aptkey.list; then + echo -n > aptkey.list + fi + testequal "$1" cat ./aptkey.list +} echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub"; APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18' +testrun() { + cleanplate + ln -sf ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed + msgtest 'Check that paths in list output are not' 'double-slashed' + aptkey list 2>&1 | grep -q '//' && msgfail || msgpass + + msgtest 'Check that paths in finger output are not' 'double-slashed' + aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass + + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18' + + testequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed gpg: Total number processed: 1 gpg: unchanged: 1' aptkey --fakeroot update -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18' + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18' -testsuccess aptkey --fakeroot add ./keys/rexexpired.pub + testfailure test -e rootdir/etc/apt/trusted.gpg + testsuccess aptkey --fakeroot add ./keys/rexexpired.pub + msgtest 'Check if trusted.gpg is created with permissions set to' '0644' + if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then + msgpass + else + msgfail + fi -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13] + testaptkeys 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13] pub 2048R/DBAC8DAE 2010-08-18' -msgtest 'Execute update again to trigger removal of' 'Rex Expired key' -testsuccess --nomsg aptkey --fakeroot update - -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18' - -msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring' -testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE + msgtest 'Check that Sixpack key can be' 'exported' + aptkey export 'Sixpack' > aptkey.export + aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall + testsuccess --nomsg cmp aptkey.export aptkey.exportall + testsuccess test -s aptkey.export + testsuccess test -s aptkey.exportall + + msgtest 'Execute update again to trigger removal of' 'Rex Expired key' + testsuccess --nomsg aptkey --fakeroot update + + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18' + + msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring' + testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE + + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18' + + testsuccess aptkey --fakeroot del DBAC8DAE + testempty aptkey list + + msgtest 'Test key removal with' 'single key in real file' + cleanplate + cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess --nomsg aptkey --fakeroot del DBAC8DAE + testempty aptkey list + testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ + + msgtest 'Test key removal with' 'long key ID' + cleanplate + cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE + testempty aptkey list + testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ + + msgtest 'Test key removal with' 'fingerprint' + cleanplate + cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE + testempty aptkey list + testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ + + msgtest 'Test key removal with' 'single key in softlink' + cleanplate + ln -s $(readlink -f ./keys/joesixpack.pub) rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess --nomsg aptkey --fakeroot del DBAC8DAE + testempty aptkey list + testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ + + cleanplate + testsuccess aptkey --fakeroot add ./keys/joesixpack.pub + testsuccess aptkey --fakeroot add ./keys/marvinparanoid.pub + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/528144E2 2011-01-16' + cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse + + msgtest 'Test key removal with' 'multi key in real file' + cleanplate + cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testsuccess --nomsg aptkey --fakeroot del DBAC8DAE + testaptkeys 'pub 2048R/528144E2 2011-01-16' + testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ + + msgtest 'Test key removal with' 'multi key in softlink' + cleanplate + ln -s $(readlink -f ./keys/testcase-multikey.pub) rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testsuccess --nomsg aptkey --fakeroot del DBAC8DAE + testaptkeys 'pub 2048R/528144E2 2011-01-16' + testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ + testfailure test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ + + msgtest 'Test key removal with' 'multiple files including key' + cleanplate + cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testsuccess --nomsg aptkey --fakeroot del DBAC8DAE + testaptkeys 'pub 2048R/528144E2 2011-01-16' + testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ + testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ + + cleanplate + cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/528144E2 2011-01-16' + msgtest 'Test merge-back of' 'added keys' + testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub + testaptkeys 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13] +pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/528144E2 2011-01-16' -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18' + msgtest 'Test merge-back of' 'removed keys' + testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9 + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/528144E2 2011-01-16' -testsuccess aptkey --fakeroot del DBAC8DAE -testempty aptkey list + msgtest 'Test merge-back of' 'removed duplicate keys' + testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE + testaptkeys 'pub 2048R/528144E2 2011-01-16' +} -# start from a clean plate again -cleanplate() { - rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg - mkdir rootdir/etc/apt/trusted.gpg.d/ +setupgpgcommand() { + echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd + msgtest 'Test that apt-key uses for the following tests command' "$1" + aptkey adv --version >aptkey.version 2>&1 + if grep -q "^Executing: $1 --" aptkey.version; then + msgpass + else + cat aptkey.version + msgfail + fi } -msgtest 'Test key removal with' 'single key in real file' -cleanplate -cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testsuccess --nomsg aptkey --fakeroot del DBAC8DAE -testempty aptkey list -testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ - -msgtest 'Test key removal with' 'single key in softlink' -cleanplate -ln -s $(readlink -f ./keys/joesixpack.pub) rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testsuccess --nomsg aptkey --fakeroot del DBAC8DAE -testempty aptkey list -testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ - -cleanplate -testsuccess aptkey --fakeroot add ./keys/joesixpack.pub -testsuccess aptkey --fakeroot add ./keys/marvinparanoid.pub -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18 -pub 2048R/528144E2 2011-01-16' -cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse - -msgtest 'Test key removal with' 'multi key in real file' -cleanplate -cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg -testsuccess --nomsg aptkey --fakeroot del DBAC8DAE -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/528144E2 2011-01-16' -testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ - -msgtest 'Test key removal with' 'multi key in softlink' -cleanplate -ln -s $(readlink -f ./keys/testcase-multikey.pub) rootdir/etc/apt/trusted.gpg.d/multikey.gpg -testsuccess --nomsg aptkey --fakeroot del DBAC8DAE -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/528144E2 2011-01-16' -testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ -testsuccess test ! -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg -testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ - -msgtest 'Test key removal with' 'multiple files including key' -cleanplate -cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg -testsuccess --nomsg aptkey --fakeroot del DBAC8DAE -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/528144E2 2011-01-16' -testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ -testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ +# run with default (whatever this is) +testrun +# run with … +setupgpgcommand 'gpg' +testrun +setupgpgcommand 'gpg2' +testrun diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update index 4b38cd9b5..b3c118555 100755 --- a/test/integration/test-apt-key-net-update +++ b/test/integration/test-apt-key-net-update @@ -28,6 +28,9 @@ gpg: key F68C85A3: public key "Test Automatic Archive Signing Key <ftpmaster@exa gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1)' aptkey --fakeroot net-update +aptkey list | grep '^pub' > aptkey.list +testfileequal ./aptkey.list 'pub 1024R/F68C85A3 2013-12-19 +pub 2048R/DBAC8DAE 2010-08-18' # now try a different one # setup archive-keyring @@ -38,6 +41,8 @@ echo 'APT::Key::Net-Update-Enabled "1";' >> ./aptconfig.conf # test against the "real" webserver testequal "Checking for new archive signing keys now -Key 'E8525D47528144E2' not added. It is not signed with a master key" aptkey --fakeroot net-update - +Key 'DE66AECA9151AFA1877EC31DE8525D47528144E2' not added. It is not signed with a master key" aptkey --fakeroot net-update +aptkey list | grep '^pub' > aptkey.list +testfileequal ./aptkey.list 'pub 1024R/F68C85A3 2013-12-19 +pub 2048R/DBAC8DAE 2010-08-18' diff --git a/test/integration/test-apt-progress-fd b/test/integration/test-apt-progress-fd index d72e7e72d..af022f582 100755 --- a/test/integration/test-apt-progress-fd +++ b/test/integration/test-apt-progress-fd @@ -16,7 +16,7 @@ setupaptarchive exec 3> apt-progress.log testsuccess aptget install testing=0.1 -y -o APT::Status-Fd=3 testequal "dlstatus:1:0:Retrieving file 1 of 1 -dlstatus:1:0:Retrieving file 1 of 1 +dlstatus:1:20:Retrieving file 1 of 1 pmstatus:dpkg-exec:0:Running dpkg pmstatus:testing:0:Installing testing (amd64) pmstatus:testing:20:Preparing testing (amd64) @@ -31,7 +31,7 @@ pmstatus:testing:100:Installed testing (amd64)" cat apt-progress.log exec 3> apt-progress.log testsuccess aptget install testing=0.8.15 -y -o APT::Status-Fd=3 testequal "dlstatus:1:0:Retrieving file 1 of 1 -dlstatus:1:0:Retrieving file 1 of 1 +dlstatus:1:20:Retrieving file 1 of 1 pmstatus:dpkg-exec:0:Running dpkg pmstatus:testing:0:Installing testing (amd64) pmstatus:testing:20:Preparing testing (amd64) @@ -46,7 +46,7 @@ pmstatus:testing:100:Installed testing (amd64)" cat apt-progress.log exec 3> apt-progress.log testsuccess aptget install testing=0.8.15 --reinstall -y -o APT::Status-Fd=3 testequal "dlstatus:1:0:Retrieving file 1 of 1 -dlstatus:1:0:Retrieving file 1 of 1 +dlstatus:1:20:Retrieving file 1 of 1 pmstatus:dpkg-exec:0:Running dpkg pmstatus:testing:0:Installing testing (amd64) pmstatus:testing:20:Preparing testing (amd64) @@ -72,7 +72,7 @@ testsuccess aptget install testing2:i386 -y -o APT::Status-Fd=3 # and compare testequal "dlstatus:1:0:Retrieving file 1 of 1 -dlstatus:1:0:Retrieving file 1 of 1 +dlstatus:1:20:Retrieving file 1 of 1 pmstatus:dpkg-exec:0:Running dpkg pmstatus:testing2:0:Installing testing2 (i386) pmstatus:testing2:20:Preparing testing2 (i386) diff --git a/test/integration/test-apt-sources-deb822 b/test/integration/test-apt-sources-deb822 index 5f54b7531..d8b2334ad 100755 --- a/test/integration/test-apt-sources-deb822 +++ b/test/integration/test-apt-sources-deb822 @@ -23,14 +23,14 @@ Description: summay msgtest 'Test sources.list' 'old style' echo "deb http://ftp.debian.org/debian stable main" > $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris msgtest 'Test sources.list' 'simple deb822' echo "$BASE" > $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris @@ -39,29 +39,29 @@ msgtest 'Test deb822 with' 'two entries' echo "$BASE" > $SOURCES echo "" >> $SOURCES echo "$BASE" | sed s/stable/unstable/ >> $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 -'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0 : +'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/unstable/InRelease' ftp.debian.org_debian_dists_unstable_InRelease 0 " aptget update --print-uris # two suite entries msgtest 'Test deb822 with' 'two Suite entries' echo "$BASE" | sed -e "s/stable/stable unstable/" > $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 -'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0 : +'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/unstable/InRelease' ftp.debian.org_debian_dists_unstable_InRelease 0 " aptget update --print-uris msgtest 'Test deb822' 'architecture option' echo "$BASE" > $SOURCES echo "Architectures: amd64 armel" >> $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-amd64/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-amd64_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/binary-armel/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-armel_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-amd64/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-amd64_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/binary-armel/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-armel_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris @@ -85,19 +85,19 @@ testempty aptget update --print-uris # multiple URIs msgtest 'Test deb822 sources.list file which has' 'Multiple URIs work' echo "$BASE" | sed -e 's#http://ftp.debian.org/debian#http://ftp.debian.org/debian http://ftp.de.debian.org/debian#' > $SOURCES -testequal --nomsg "'http://ftp.de.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.de.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.de.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.de.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.de.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.de.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.de.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.de.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.de.debian.org/debian/dists/stable/InRelease' ftp.de.debian.org_debian_dists_stable_InRelease 0 -'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris # multiple Type in one field msgtest 'Test deb822 sources.list file which has' 'Multiple Types work' echo "$BASE" | sed -e 's#Types: deb#Types: deb deb-src#' > $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/source/Sources.bz2' ftp.debian.org_debian_dists_stable_main_source_Sources 0 : -'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/source/Sources.bz2' ftp.debian.org_debian_dists_stable_main_source_Sources 0 +'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris # a Suite @@ -107,6 +107,6 @@ Types: deb URIs: http://emacs.naquadah.org Suites: stable/ EOF -testequal --nomsg "'http://emacs.naquadah.org/stable/Packages.bz2' emacs.naquadah.org_stable_Packages 0 : -'http://emacs.naquadah.org/stable/en.bz2' emacs.naquadah.org_stable_en 0 : +testequal --nomsg "'http://emacs.naquadah.org/stable/Packages.bz2' emacs.naquadah.org_stable_Packages 0 +'http://emacs.naquadah.org/stable/en.bz2' emacs.naquadah.org_stable_en 0 'http://emacs.naquadah.org/stable/InRelease' emacs.naquadah.org_stable_InRelease 0 " aptget update --print-uris diff --git a/test/integration/test-apt-update-expected-size b/test/integration/test-apt-update-expected-size new file mode 100755 index 000000000..045217a77 --- /dev/null +++ b/test/integration/test-apt-update-expected-size @@ -0,0 +1,44 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +insertpackage 'unstable' 'apt' 'all' '1.0' + +setupaptarchive --no-update +changetowebserver + +# normal update works fine +testsuccess aptget update + +# make InRelease really big to trigger fallback +mv aptarchive/dists/unstable/InRelease aptarchive/dists/unstable/InRelease.good +dd if=/dev/zero of=aptarchive/dists/unstable/InRelease bs=1M count=2 2>/dev/null +touch -d '+1hour' aptarchive/dists/unstable/InRelease +testsuccess aptget update -o Apt::Get::List-Cleanup=0 -o acquire::MaxReleaseFileSize=$((1*1000*1000)) -o Debug::pkgAcquire::worker=0 +msgtest 'Check that the max write warning is triggered' +if grep -q "Writing more data than expected" rootdir/tmp/testsuccess.output; then + msgpass +else + cat rootdir/tmp/testsuccess.output + msgfail +fi +# ensure the failed InRelease file got renamed +testsuccess ls rootdir/var/lib/apt/lists/partial/*InRelease.FAILED +mv aptarchive/dists/unstable/InRelease.good aptarchive/dists/unstable/InRelease + + +# append junk at the end of the Packages.gz/Packages +SIZE="$(stat --printf=%s aptarchive/dists/unstable/main/binary-i386/Packages)" +find aptarchive -name 'Packages*' | while read pkg; do + echo "1234567890" >> "$pkg" +done +NEW_SIZE="$(stat --printf=%s aptarchive/dists/unstable/main/binary-i386/Packages)" +rm -f rootdir/var/lib/apt/lists/localhost* +testequal "W: Failed to fetch http://localhost:8080/dists/unstable/main/binary-i386/Packages Writing more data than expected ($NEW_SIZE > $SIZE) + +E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq diff --git a/test/integration/test-apt-update-file b/test/integration/test-apt-update-file index fbcd473cc..1ecf9a38a 100755 --- a/test/integration/test-apt-update-file +++ b/test/integration/test-apt-update-file @@ -10,27 +10,26 @@ TESTDIR=$(readlink -f $(dirname $0)) setupenvironment configarchitecture "amd64" -configcompression 'bz2' 'gz' +configcompression 'bz2' 'gz' -insertpackage 'unstable' 'foo' 'all' '1.0' +insertpackage 'unstable' 'foo' 'all' '1' +insertsource 'unstable' 'foo' 'all' '1' -umask 022 setupaptarchive --no-update # ensure the archive is not writable +addtrap 'prefix' 'chmod 750 aptarchive/dists/unstable/main/binary-amd64;' chmod 550 aptarchive/dists/unstable/main/binary-amd64 -testsuccess aptget update -qq -testsuccess aptget update -qq -aptget update -qq -o Debug::pkgAcquire::Auth=1 2> output.log +testsuccess aptget update +testsuccess aptget update -o Debug::pkgAcquire::Auth=1 +cp -a rootdir/tmp/testsuccess.output rootdir/tmp/update.output -# ensure that the hash of the uncompressed file was verified even on a local -# ims hit +# ensure that the hash of the uncompressed file was verified even on a local ims hit canary="SHA512:$(bzcat aptarchive/dists/unstable/main/binary-amd64/Packages.bz2 | sha512sum |cut -f1 -d' ')" -grep -q "RecivedHash: $canary" output.log +testsuccess grep -- "$canary" rootdir/tmp/update.output # foo is still available testsuccess aptget install -s foo - -# the cleanup should still work -chmod 750 aptarchive/dists/unstable/main/binary-amd64 +testsuccess aptcache showsrc foo +testsuccess aptget source foo --print-uris diff --git a/test/integration/test-apt-update-filesize-mismatch b/test/integration/test-apt-update-filesize-mismatch new file mode 100755 index 000000000..b484c5161 --- /dev/null +++ b/test/integration/test-apt-update-filesize-mismatch @@ -0,0 +1,55 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'i386' +configcompression 'gz' + +insertpackage 'testing' 'foo' 'all' '1' +insertpackage 'testing' 'foo2' 'all' '1' +insertsource 'testing' 'foo' 'all' '1' +insertsource 'testing' 'foo2' 'all' '1' + +setupaptarchive --no-update +changetowebserver + +find aptarchive \( -name 'Packages' -o -name 'Sources' -o -name 'Translation-en' \) -delete +for release in $(find aptarchive -name 'Release'); do + cp "$release" "${release}.backup" +done + +testsuccess aptget update +testsuccess aptcache show foo +testsuccess aptget install foo -s + +for get in $(sed -n 's#^GET /\([^ ]\+\.gz\) HTTP.\+$#\1#p' aptarchive/webserver.log); do + for ext in '' '.gz'; do + COMPRESSFILE="$get" + get="${get}${ext}" + FILE="$(basename "$get" '.gz')" + msgmsg 'Test filesize mismatch with file' "$FILE" + rm -rf rootdir/var/lib/apt/lists + + for release in $(find aptarchive -name 'Release'); do + SIZE="$(awk "/$FILE\$/ { print \$2; exit }" "${release}.backup")" + sed "s# $SIZE # $(($SIZE + 111)) #" "${release}.backup" > "$release" + done + signreleasefiles + + TEST='testfailure' + if expr match "$COMPRESSFILE" '^.*Translation-.*$' >/dev/null; then + TEST='testsuccess' + unset COMPRESSFILE + fi + $TEST aptget update -o Debug::pkgAcquire::Worker=1 + cp rootdir/tmp/${TEST}.output rootdir/tmp/update.output + testsuccess grep -E "$(basename -s '.gz' "$COMPRESSFILE").*Hash Sum mismatch" rootdir/tmp/update.output + $TEST aptcache show foo + $TEST aptget install foo -s + + testfailure aptcache show bar + testfailure aptget install bar -s + done +done diff --git a/test/integration/test-apt-update-hashsum-mismatch b/test/integration/test-apt-update-hashsum-mismatch new file mode 100755 index 000000000..747418c53 --- /dev/null +++ b/test/integration/test-apt-update-hashsum-mismatch @@ -0,0 +1,49 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'i386' +configcompression 'gz' + +insertpackage 'testing' 'foo' 'all' '1' +insertpackage 'testing' 'foo2' 'all' '1' +insertsource 'testing' 'foo' 'all' '1' +insertsource 'testing' 'foo2' 'all' '1' + +setupaptarchive --no-update +changetowebserver + +echo 'Package: bar +Maintainer: Doctor Evil <evil@example.com> +Description: come to the dark side +' > aptarchive/DoctorEvil +compressfile aptarchive/DoctorEvil + +find aptarchive \( -name 'Packages' -o -name 'Sources' -o -name 'Translation-en' \) -delete + +testsuccess aptget update +testsuccess aptcache show foo +testsuccess aptget install foo -s + +for get in $(sed -n 's#^GET /\([^ ]\+\.gz\) HTTP.\+$#\1#p' aptarchive/webserver.log); do + msgmsg 'Test hashsum mismatch with file' "$get" + rm -rf rootdir/var/lib/apt/lists + webserverconfig 'aptwebserver::overwrite' '' + webserverconfig "aptwebserver::overwrite::$(printf '%s' "${get}" | sed 's#/#%2F#g' )::filename" '%2FDoctorEvil.gz' + + TEST='testfailure' + if expr match "$get" '^.*Translation-.*$' >/dev/null; then + TEST='testsuccess' + unset get + fi + $TEST aptget update + cp rootdir/tmp/${TEST}.output rootdir/tmp/update.output + testsuccess grep -E "$(basename -s '.gz' "$get").*Hash Sum mismatch" rootdir/tmp/update.output + $TEST aptcache show foo + $TEST aptget install foo -s + + testfailure aptcache show bar + testfailure aptget install bar -s +done diff --git a/test/integration/test-apt-update-ims b/test/integration/test-apt-update-ims new file mode 100755 index 000000000..5394a9f30 --- /dev/null +++ b/test/integration/test-apt-update-ims @@ -0,0 +1,90 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'amd64' + +buildsimplenativepackage 'unrelated' 'all' '0.5~squeeze1' 'unstable' + +setupaptarchive --no-update +changetowebserver + +runtest() { + configallowinsecurerepositories "${1:-false}" + + rm -f rootdir/var/lib/apt/lists/localhost* + + if [ "$1" = 'true' ]; then + testwarning aptget update + else + testsuccess aptget update + fi + + # ensure no leftovers in partial + testfailure ls "rootdir/var/lib/apt/lists/partial/*" + + # check that I-M-S header is kept in redirections + testequal "$EXPECT" aptget update -o Debug::pkgAcquire::Worker=0 -o Debug::Acquire::http=0 + + # ensure that we still do a hash check on ims hit + msgtest 'Test I-M-S' 'reverify' + aptget update -o Debug::pkgAcquire::Auth=1 2>&1 | grep -A2 'RecivedHash:' | grep -q -- '- SHA' && msgpass || msgfail + + # ensure no leftovers in partial + testfailure ls "rootdir/var/lib/apt/lists/partial/*" +} + +msgmsg "InRelease" +EXPECT="Hit http://localhost:8080 unstable InRelease +Hit http://localhost:8080 unstable/main Sources +Hit http://localhost:8080 unstable/main amd64 Packages +Hit http://localhost:8080 unstable/main Translation-en +Reading package lists..." +# with InRelease +runtest + +# with gzip +echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex +runtest + +msgmsg "Release/Release.gpg" +# with Release/Release.gpg +EXPECT="Ign http://localhost:8080 unstable InRelease + 404 Not Found +Hit http://localhost:8080 unstable Release +Hit http://localhost:8080 unstable Release.gpg +Hit http://localhost:8080 unstable/main Sources +Hit http://localhost:8080 unstable/main amd64 Packages +Hit http://localhost:8080 unstable/main Translation-en +Reading package lists..." + +find aptarchive -name 'InRelease' -delete + +echo "Acquire::GzipIndexes "0";" > rootdir/etc/apt/apt.conf.d/02compressindex +runtest + +echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex +runtest + +# no Release.gpg or InRelease +msgmsg "Release only" +EXPECT="Ign http://localhost:8080 unstable InRelease + 404 Not Found +Hit http://localhost:8080 unstable Release +Ign http://localhost:8080 unstable Release.gpg + 404 Not Found +Hit http://localhost:8080 unstable/main Sources +Hit http://localhost:8080 unstable/main amd64 Packages +Hit http://localhost:8080 unstable/main Translation-en +Reading package lists... +W: The data from 'http://localhost:8080 unstable Release.gpg' is not signed. Packages from that repository can not be authenticated." + +find aptarchive -name 'Release.gpg' -delete + +echo "Acquire::GzipIndexes "0";" > rootdir/etc/apt/apt.conf.d/02compressindex +runtest "true" + +echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex +runtest "true" diff --git a/test/integration/test-apt-update-nofallback b/test/integration/test-apt-update-nofallback new file mode 100755 index 000000000..e82a976a6 --- /dev/null +++ b/test/integration/test-apt-update-nofallback @@ -0,0 +1,247 @@ +#!/bin/sh +# +# ensure we never fallback from a signed to a unsigned repo +# +# hash checks are done in +# +set -e + +simulate_mitm_and_inject_evil_package() +{ + rm -f $APTARCHIVE/dists/unstable/InRelease + rm -f $APTARCHIVE/dists/unstable/Release.gpg + inject_evil_package +} + +inject_evil_package() +{ + cat > $APTARCHIVE/dists/unstable/main/binary-i386/Packages <<EOF +Package: evil +Installed-Size: 29 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Version: 1.0 +Filename: pool/evil_1.0_all.deb +Size: 1270 +Description: an autogenerated evil package +EOF + # avoid ims hit + touch -d '+1hour' aptarchive/dists/unstable/main/binary-i386/Packages +} + +assert_update_is_refused_and_last_good_state_used() +{ + testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq + + assert_repo_is_intact +} + +assert_repo_is_intact() +{ + testequal "foo/unstable 2.0 all" apt list -q + testsuccess aptget install -y -s foo + testfailure aptget install -y evil + testsuccess aptget source foo --print-uris + + LISTDIR=rootdir/var/lib/apt/lists + if ! ( ls $LISTDIR/*InRelease >/dev/null 2>&1 || + ls $LISTDIR/*Release.gpg >/dev/null 2>&1 ); then + echo "Can not find InRelease/Release.gpg in $(ls $LISTDIR)" + msgfail + fi +} + +setupaptarchive_with_lists_clean() +{ + setupaptarchive --no-update + rm -rf rootdir/var/lib/apt/lists +} + +test_from_inrelease_to_unsigned() +{ + # setup archive with InRelease file + setupaptarchive_with_lists_clean + testsuccess aptget update + listcurrentlistsdirectory > lists.before + + simulate_mitm_and_inject_evil_package + assert_update_is_refused_and_last_good_state_used + testfileequal lists.before "$(listcurrentlistsdirectory)" +} + +test_from_release_gpg_to_unsigned() +{ + # setup archive with Release/Release.gpg (but no InRelease) + setupaptarchive_with_lists_clean + rm $APTARCHIVE/dists/unstable/InRelease + testsuccess aptget update + listcurrentlistsdirectory > lists.before + + simulate_mitm_and_inject_evil_package + assert_update_is_refused_and_last_good_state_used + testfileequal lists.before "$(listcurrentlistsdirectory)" +} + +test_from_inrelease_to_unsigned_with_override() +{ + # setup archive with InRelease file + setupaptarchive_with_lists_clean + # FIXME: is not what the server reported 4104 4106 + testsuccess aptget update #-o Debug::pkgAcquire::Worker=1 + + # simulate moving to a unsigned but otherwise valid repo + simulate_mitm_and_inject_evil_package + generatereleasefiles + + # and ensure we can update to it (with enough force) + testwarning aptget update --allow-insecure-repositories \ + -o Acquire::AllowDowngradeToInsecureRepositories=1 + # but that the individual packages are still considered untrusted + testequal "WARNING: The following packages cannot be authenticated! + evil +E: There are problems and -y was used without --force-yes" aptget install -qq -y evil +} + +test_cve_2012_0214() +{ + # see https://bugs.launchpad.net/ubuntu/+source/apt/+bug/947108 + # + # it was possible to MITM the download so that InRelease/Release.gpg + # are not delivered (404) and a altered Release file was send + # + # apt left the old InRelease file in /var/lib/apt/lists and downloaded + # the unauthenticated Release file too giving the false impression that + # Release was authenticated + # + # Note that this is pretty much impossible nowdays because: + # a) InRelease is left as is, not split to InRelease/Release as it was + # in the old days + # b) we refuse to go from signed->unsigned + # + # Still worth having a regression test the simulates the condition + + # setup archive with InRelease + setupaptarchive_with_lists_clean + testsuccess aptget update + listcurrentlistsdirectory > lists.before + + # do what CVE-2012-0214 did + rm $APTARCHIVE/dists/unstable/InRelease + rm $APTARCHIVE/dists/unstable/Release.gpg + inject_evil_package + # build valid Release file + aptftparchive -qq release ./aptarchive > aptarchive/dists/unstable/Release + + assert_update_is_refused_and_last_good_state_used + testfileequal lists.before "$(listcurrentlistsdirectory)" + + # ensure there is no _Release file downloaded + testfailure ls rootdir/var/lib/apt/lists/*_Release +} + +test_subvert_inrelease() +{ + # setup archive with InRelease + setupaptarchive_with_lists_clean + testsuccess aptget update + listcurrentlistsdirectory > lists.before + + # replace InRelease with something else + mv $APTARCHIVE/dists/unstable/Release $APTARCHIVE/dists/unstable/InRelease + + testequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease Does not start with a cleartext signature + +E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + + # ensure we keep the repo + testfileequal lists.before "$(listcurrentlistsdirectory)" + assert_repo_is_intact +} + +test_inrelease_to_invalid_inrelease() +{ + # setup archive with InRelease + setupaptarchive_with_lists_clean + testsuccess aptget update + listcurrentlistsdirectory > lists.before + + # now remove InRelease and subvert Release do no longer verify + sed -i 's/Codename.*/Codename: evil!'/ $APTARCHIVE/dists/unstable/InRelease + inject_evil_package + + testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> + +W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> + +W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + + # ensure we keep the repo + testfailure grep 'evil' rootdir/var/lib/apt/lists/*InRelease + testfileequal lists.before "$(listcurrentlistsdirectory)" + assert_repo_is_intact +} + +test_release_gpg_to_invalid_release_release_gpg() +{ + # setup archive with InRelease + setupaptarchive_with_lists_clean + rm $APTARCHIVE/dists/unstable/InRelease + testsuccess aptget update + listcurrentlistsdirectory > lists.before + + # now subvert Release do no longer verify + echo "Some evil data" >> $APTARCHIVE/dists/unstable/Release + inject_evil_package + + testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable Release.gpg: The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> + +W: Failed to fetch file:${APTARCHIVE}/dists/unstable/Release.gpg The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> + +W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + + testfailure grep 'evil' rootdir/var/lib/apt/lists/*Release + testfileequal lists.before "$(listcurrentlistsdirectory)" + assert_repo_is_intact +} + + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# a "normal" package with source and binary +buildsimplenativepackage 'foo' 'all' '2.0' + +# setup the archive and ensure we have a single package that installs fine +setupaptarchive +APTARCHIVE=$(readlink -f ./aptarchive) +assert_repo_is_intact + +# test the various cases where a repo may go from signed->unsigned +msgmsg "test_from_inrelease_to_unsigned" +test_from_inrelease_to_unsigned + +msgmsg "test_from_release_gpg_to_unsigned" +test_from_release_gpg_to_unsigned + +# ensure we do not regress on CVE-2012-0214 +msgmsg "test_cve_2012_0214" +test_cve_2012_0214 + +# ensure InRelase can not be subverted +msgmsg "test_subvert_inrelease" +test_subvert_inrelease + +# ensure we revert to last good state if InRelease does not verify +msgmsg "test_inrelease_to_invalid_inrelease" +test_inrelease_to_invalid_inrelease + +# ensure we revert to last good state if Release/Release.gpg does not verify +msgmsg "test_release_gpg_to_invalid_release_release_gpg" +test_release_gpg_to_invalid_release_release_gpg + +# ensure we can override the downgrade error +msgmsg "test_from_inrelease_to_unsigned_with_override" +test_from_inrelease_to_unsigned_with_override diff --git a/test/integration/test-apt-update-rollback b/test/integration/test-apt-update-rollback new file mode 100755 index 000000000..9efc194a0 --- /dev/null +++ b/test/integration/test-apt-update-rollback @@ -0,0 +1,203 @@ +#!/bin/sh +# +# test that apt-get update is transactional +# +set -e + +avoid_ims_hit() { + touch -d '+1hour' aptarchive/dists/unstable/main/binary-i386/Packages* + touch -d '+1hour' aptarchive/dists/unstable/main/source/Sources* + touch -d '+1hour' aptarchive/dists/unstable/*Release* + + touch -d '-1hour' rootdir/var/lib/apt/lists/* +} + +create_fresh_archive() +{ + rm -rf aptarchive/* + rm -f rootdir/var/lib/apt/lists/_* rootdir/var/lib/apt/lists/partial/* + + insertpackage 'unstable' 'old' 'all' '1.0' + + setupaptarchive --no-update +} + +add_new_package() { + insertpackage "unstable" "new" "all" "1.0" + insertsource "unstable" "new" "all" "1.0" + + setupaptarchive --no-update "$@" +} + +break_repository_sources_index() { + printf 'xxx' > $APTARCHIVE/dists/unstable/main/source/Sources + compressfile "$APTARCHIVE/dists/unstable/main/source/Sources" "$@" +} + +start_with_good_inrelease() { + create_fresh_archive + testsuccess aptget update + listcurrentlistsdirectory > lists.before + testequal "old/unstable 1.0 all" apt list -q +} + +test_inrelease_to_new_inrelease() { + msgmsg 'Test InRelease to new InRelease works fine' + start_with_good_inrelease + + add_new_package '+1hour' + testsuccess aptget update -o Debug::Acquire::Transaction=1 + testequal "new/unstable 1.0 all +old/unstable 1.0 all" apt list -q +} + +test_inrelease_to_broken_hash_reverts_all() { + msgmsg 'Test InRelease to broken InRelease reverts everything' + start_with_good_inrelease + + add_new_package '+1hour' + # break the Sources file + break_repository_sources_index '+1hour' + + # test the error condition + testequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/main/source/Sources Hash Sum mismatch + +E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + # ensure that the Packages file is also rolled back + testfileequal lists.before "$(listcurrentlistsdirectory)" + testequal "E: Unable to locate package new" aptget install new -s -qq +} + +test_inrelease_to_valid_release() { + msgmsg 'Test InRelease to valid Release' + start_with_good_inrelease + + add_new_package '+1hour' + # switch to a unsigned repo now + rm $APTARCHIVE/dists/unstable/InRelease + rm $APTARCHIVE/dists/unstable/Release.gpg + + # update fails + testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq + + # test that security downgrade was not successful + testfileequal lists.before "$(listcurrentlistsdirectory)" + testsuccess aptget install old -s + testfailure aptget install new -s + testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease + testfailure ls $ROOTDIR/var/lib/apt/lists/*_Release +} + +test_inrelease_to_release_reverts_all() { + msgmsg 'Test InRelease to broken Release reverts everything' + start_with_good_inrelease + + # switch to a unsigned repo now + add_new_package '+1hour' + rm $APTARCHIVE/dists/unstable/InRelease + rm $APTARCHIVE/dists/unstable/Release.gpg + + # break it + break_repository_sources_index '+1hour' + + # ensure error + testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq # -o Debug::acquire::transaction=1 + + # ensure that the Packages file is also rolled back + testfileequal lists.before "$(listcurrentlistsdirectory)" + testsuccess aptget install old -s + testfailure aptget install new -s + testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease + testfailure ls $ROOTDIR/var/lib/apt/lists/*_Release +} + +test_unauthenticated_to_invalid_inrelease() { + msgmsg 'Test UnAuthenticated to invalid InRelease reverts everything' + create_fresh_archive + rm $APTARCHIVE/dists/unstable/InRelease + rm $APTARCHIVE/dists/unstable/Release.gpg + + testwarning aptget update --allow-insecure-repositories + listcurrentlistsdirectory > lists.before + testequal "WARNING: The following packages cannot be authenticated! + old +E: There are problems and -y was used without --force-yes" aptget install -qq -y old + + # go to authenticated but not correct + add_new_package '+1hour' + break_repository_sources_index '+1hour' + + testequal "W: Failed to fetch file:$APTARCHIVE/dists/unstable/main/source/Sources Hash Sum mismatch + +E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + + testfileequal lists.before "$(listcurrentlistsdirectory)" + testfailure ls rootdir/var/lib/apt/lists/*_InRelease + testequal "WARNING: The following packages cannot be authenticated! + old +E: There are problems and -y was used without --force-yes" aptget install -qq -y old +} + +test_inrelease_to_unauth_inrelease() { + msgmsg 'Test InRelease to InRelease without good sig' + start_with_good_inrelease + + signreleasefiles 'Marvin Paranoid' + + testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2 + +W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2 + +W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + + testfileequal lists.before "$(listcurrentlistsdirectory)" + testsuccess ls rootdir/var/lib/apt/lists/*_InRelease +} + +test_inrelease_to_broken_gzip() { + msgmsg "Test InRelease to broken gzip" + start_with_good_inrelease + + # append junk at the end of the compressed file + echo "lala" >> $APTARCHIVE/dists/unstable/main/source/Sources.gz + touch -d '+2min' $APTARCHIVE/dists/unstable/main/source/Sources.gz + # remove uncompressed file to avoid fallback + rm $APTARCHIVE/dists/unstable/main/source/Sources + + testfailure aptget update + testfileequal lists.before "$(listcurrentlistsdirectory)" +} + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# setup the archive and ensure we have a single package that installs fine +setupaptarchive +APTARCHIVE=$(readlink -f ./aptarchive) +ROOTDIR=${TMPWORKINGDIRECTORY}/rootdir +APTARCHIVE_LISTS="$(echo $APTARCHIVE | tr "/" "_" )" + +# test the following cases: +# - InRelease -> broken InRelease revert to previous state +# - empty lists dir and broken remote leaves nothing on the system +# - InRelease -> hashsum mismatch for one file reverts all files to previous state +# - Release/Release.gpg -> hashsum mismatch +# - InRelease -> Release with hashsum mismatch revert entire state and kills Release +# - Release -> InRelease with broken Sig/Hash removes InRelease +# going from Release/Release.gpg -> InRelease and vice versa +# - unauthenticated -> invalid InRelease + +# stuff to do: +# - ims-hit +# - gzip-index tests + +test_inrelease_to_new_inrelease +test_inrelease_to_broken_hash_reverts_all +test_inrelease_to_valid_release +test_inrelease_to_release_reverts_all +test_unauthenticated_to_invalid_inrelease +test_inrelease_to_unauth_inrelease +test_inrelease_to_broken_gzip diff --git a/test/integration/test-apt-update-stale b/test/integration/test-apt-update-stale index 780ff79af..52f94591f 100755 --- a/test/integration/test-apt-update-stale +++ b/test/integration/test-apt-update-stale @@ -17,6 +17,7 @@ insertpackage 'unstable' 'foo' 'all' '1.0' setupaptarchive changetowebserver aptget update -qq +listcurrentlistsdirectory > lists.before # insert new version mkdir aptarchive/dists/unstable/main/binary-i386/saved @@ -24,23 +25,19 @@ cp -p aptarchive/dists/unstable/main/binary-i386/Packages* \ aptarchive/dists/unstable/main/binary-i386/saved insertpackage 'unstable' 'foo' 'all' '2.0' -# not using compressfile for compat with older apt releases -gzip -c aptarchive/dists/unstable/main/binary-i386/Packages > \ - aptarchive/dists/unstable/main/binary-i386/Packages.gz -generatereleasefiles -signreleasefiles - +compressfile aptarchive/dists/unstable/main/binary-i386/Packages # ensure that we do not get a I-M-S hit for the Release file -touch -d "+1hour" aptarchive/dists/unstable/*Release* + +generatereleasefiles '+1hour' +signreleasefiles # but now only deliver the previous Packages file instead of the new one # (simulating a stale attack) cp -p aptarchive/dists/unstable/main/binary-i386/saved/Packages* \ aptarchive/dists/unstable/main/binary-i386/ -# ensure this raises a error +# ensure this raises an error testequal "W: Failed to fetch http://localhost:8080/dists/unstable/main/binary-i386/Packages Hash Sum mismatch E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq - - +testfileequal lists.before "$(listcurrentlistsdirectory)" diff --git a/test/integration/test-apt-update-transactions b/test/integration/test-apt-update-transactions new file mode 100755 index 000000000..fe352c762 --- /dev/null +++ b/test/integration/test-apt-update-transactions @@ -0,0 +1,67 @@ +#!/bin/sh +set -e + +# ensure that an update will only succeed entirely or not at all + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'i386' + +insertpackage 'unstable' 'foo' 'all' '1.0' +insertsource 'unstable' 'foo' 'all' '1.0' + +setupaptarchive --no-update + +breakfile() { + mv "$1" "${1}.bak" + cat > "$1" <<EOF +Package: bar +EOF + compressfile "$1" +} +restorefile() { + mv "${1}.bak" "$1" +} + +testrun() { + # produce an unsigned repository + find aptarchive \( -name 'Release.gpg' -o -name 'InRelease' \) -delete + testfailure aptget update --no-allow-insecure-repositories + testfileequal "$1" "$(listcurrentlistsdirectory)" + + # signed but broken + signreleasefiles + + breakfile aptarchive/dists/unstable/main/binary-i386/Packages + testfailure aptget update + testfileequal "$1" "$(listcurrentlistsdirectory)" + restorefile aptarchive/dists/unstable/main/binary-i386/Packages + + breakfile aptarchive/dists/unstable/main/source/Sources + testfailure aptget update + testfileequal "$1" "$(listcurrentlistsdirectory)" + restorefile aptarchive/dists/unstable/main/source/Sources +} + +testsetup() { + msgmsg 'Test with no initial data over' "$1" + rm -rf rootdir/var/lib/apt/lists + mkdir -m 700 -p rootdir/var/lib/apt/lists/partial + if [ "$(id -u)" = '0' ]; then + chown _apt:root rootdir/var/lib/apt/lists/partial + fi + listcurrentlistsdirectory > listsdir.lst + testrun 'listsdir.lst' + + msgmsg 'Test with initial data over' "$1" + testsuccess aptget update + listcurrentlistsdirectory > listsdir.lst + testrun 'listsdir.lst' +} + +testsetup 'file' +changetowebserver +testsetup 'http' + diff --git a/test/integration/test-apt-update-unauth b/test/integration/test-apt-update-unauth index 13487603c..7347f7d10 100755 --- a/test/integration/test-apt-update-unauth +++ b/test/integration/test-apt-update-unauth @@ -8,32 +8,61 @@ set -e TESTDIR=$(readlink -f $(dirname $0)) . $TESTDIR/framework +umask 022 + setupenvironment configarchitecture "i386" insertpackage 'unstable' 'foo' 'all' '1.0' insertsource 'unstable' 'foo' 'all' '1.0' -setupaptarchive +setupaptarchive --no-update changetowebserver +# FIXME: +# - also check the unauth -> auth success case, i.e. that all files are +# reverified runtest() { # start unauthenticated - find rootdir/var/lib/apt/lists/ -type f | xargs rm -f - rm -f aptarchive/dists/unstable/*Release* - aptget update -qq + rm -rf rootdir/var/lib/apt/lists/ + find aptarchive/ -name '*Release*' -delete + + testwarning aptget update --allow-insecure-repositories # become authenticated generatereleasefiles signreleasefiles - # and ensure we do download the data again - msgtest "Check that the data is check when going to authenticated" - if aptget update |grep -q Hit; then - msgfail - else + # move uncompressed away + mv aptarchive/dists/unstable/main/binary-i386/Packages \ + aptarchive/dists/unstable/main/binary-i386/Packages.uncompressed + + # and ensure we re-check the downloaded data + + # change the local packages file + PKGS=$(ls rootdir/var/lib/apt/lists/*Packages*) + echo "meep" > $PKGS + listcurrentlistsdirectory > lists.before + + # update and ensure all is reverted on the hashsum failure + testfailure aptget update -o Debug::Acquire::Transaction=0 -o Debug::pkgAcquire::Auth=1 -o Debug::pkgAcquire::worker=0 -o Debug::acquire::http=0 + + # ensure we have before what we have after + msgtest 'Check rollback on going from' 'unauth -> auth' + listcurrentlistsdirectory > lists.after + if cmp lists.before lists.after; then msgpass + else + echo >&2 '### Output of previous apt-get update ###' + cat >&2 rootdir/tmp/testfailure.output + echo >&2 '### Changes in the lists-directory: ###' + diff -u >&2 lists.before lists.after + msgfail fi + + # move uncompressed back for release file + mv aptarchive/dists/unstable/main/binary-i386/Packages.uncompressed \ + aptarchive/dists/unstable/main/binary-i386/Packages } for COMPRESSEDINDEXES in 'false' 'true'; do @@ -43,6 +72,5 @@ for COMPRESSEDINDEXES in 'false' 'true'; do else msgmsg 'Run tests with GzipIndexes disabled' fi - - runtest + runtest done diff --git a/test/integration/test-authentication-basic b/test/integration/test-authentication-basic new file mode 100755 index 000000000..21b024970 --- /dev/null +++ b/test/integration/test-authentication-basic @@ -0,0 +1,106 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'i386' + +insertpackage 'unstable' 'foo' 'all' '1' +setupaptarchive --no-update + +changetohttpswebserver --authorization="$(printf '%s' 'star:hunter2' | base64 )" + +echo 'See, when YOU type hunter2, it shows to us as *******' > aptarchive/bash + +testauthfailure() { + testfailure apthelper download-file "${1}/bash" ./downloaded/bash + # crappy test, but http and https output are wastely different… + testsuccess grep 401 rootdir/tmp/testfailure.output + testfailure test -s ./downloaded/bash +} + +testauthsuccess() { + testsuccess apthelper download-file "${1}/bash" ./downloaded/bash + testfileequal ./downloaded/bash "$(cat aptarchive/bash)" + testfilestats ./downloaded/bash '%U:%G:%a' '=' "${USER}:${USER}:644" + rm -f ./downloaded/bash + + # lets see if got/retains acceptable permissions + if [ -n "$AUTHCONF" ]; then + if [ "$(id -u)" = '0' ]; then + testfilestats "$AUTHCONF" '%U:%G:%a' '=' "_apt:root:600" + else + testfilestats "$AUTHCONF" '%U:%G:%a' '=' "${USER}:${USER}:600" + fi + fi + + rm -rf rootdir/var/lib/apt/lists + testsuccess aptget update + testequal 'Reading package lists... +Building dependency tree... +The following NEW packages will be installed: + foo +0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. +Inst foo (1 unstable [all]) +Conf foo (1 unstable [all])' aptget install foo -s +} + +authfile() { + local AUTHCONF='rootdir/etc/apt/auth.conf' + rm -f "$AUTHCONF" + printf '%s' "$1" > "$AUTHCONF" + chmod 600 "$AUTHCONF" +} + +runtest() { + # unauthorized fails + authfile '' + testauthfailure "$1" + + # good auth + authfile 'machine localhost +login star +password hunter2' + testauthsuccess "$1" + + # bad auth + authfile 'machine localhost +login anonymous +password hunter2' + testauthfailure "$1" + + # 2 stanzas: unmatching + good auth + authfile 'machine debian.org +login debian +password jessie + +machine localhost +login star +password hunter2' + testauthsuccess "$1" +} + +msgmsg 'server basic auth' +rewritesourceslist 'http://localhost:8080' +runtest 'http://localhost:8080' +rewritesourceslist 'https://localhost:4433' +runtest 'https://localhost:4433' +rewritesourceslist 'http://localhost:8080' + +msgmsg 'proxy to server basic auth' +webserverconfig 'aptwebserver::request::absolute' 'uri' +export http_proxy='http://localhost:8080' +runtest 'http://localhost:8080' +unset http_proxy + +msgmsg 'proxy basic auth to server basic auth' +webserverconfig 'aptwebserver::proxy-authorization' "$(printf 'moon:deer2' | base64)" +export http_proxy='http://moon:deer2@localhost:8080' +runtest 'http://localhost:8080' + +msgmsg 'proxy basic auth to server' +authfile '' +webserverconfig 'aptwebserver::authorization' '' +testauthsuccess 'http://localhost:8080' diff --git a/test/integration/test-bug-254770-segfault-if-cache-not-buildable b/test/integration/test-bug-254770-segfault-if-cache-not-buildable index 59102ddc9..6ae8944b2 100755 --- a/test/integration/test-bug-254770-segfault-if-cache-not-buildable +++ b/test/integration/test-bug-254770-segfault-if-cache-not-buildable @@ -3,17 +3,25 @@ set -e TESTDIR=$(readlink -f $(dirname $0)) . $TESTDIR/framework + +msgtest 'Test run as' 'non-root' +if [ "$(id -u)" = '0' ]; then + msgskip 'root has by definition no problems accessing files' + exit 0 +else + msgpass +fi + setupenvironment configarchitecture "i386" setupaptarchive -CURRENTTRAP="chmod a+x rootdir/var/lib/dpkg; $CURRENTTRAP" -trap "$CURRENTTRAP" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM +addtrap 'prefix' 'chmod a+x rootdir/var/lib/dpkg;' chmod a-x rootdir/var/lib/dpkg testsegfault() { msgtest "No segfault in" "$*" - local TEST="$($* 2>&1 | grep -v 'E:')" + local TEST="$("$@" 2>&1 | grep -v 'E:')" if [ -z "$TEST" ]; then msgpass else diff --git a/test/integration/test-bug-507998-dist-upgrade-recommends b/test/integration/test-bug-507998-dist-upgrade-recommends index 513421a94..f3b4e04fb 100755 --- a/test/integration/test-bug-507998-dist-upgrade-recommends +++ b/test/integration/test-bug-507998-dist-upgrade-recommends @@ -16,6 +16,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: tshark wireshark-common 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-bug-591882-conkeror b/test/integration/test-bug-591882-conkeror index e1c0b42d1..891ddb8b7 100755 --- a/test/integration/test-bug-591882-conkeror +++ b/test/integration/test-bug-591882-conkeror @@ -9,6 +9,7 @@ setupaptarchive UPGRADEFAIL="Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: conkeror libdatrie0 libkrb53 libxcb-xlib0 xulrunner-1.9 The following NEW packages will be installed: @@ -40,6 +41,7 @@ E: Trivial Only specified but this is not a trivial operation." UPGRADESUCCESS="Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: libdatrie0 libkrb53 libxcb-xlib0 xulrunner-1.9 The following NEW packages will be installed: diff --git a/test/integration/test-bug-595691-empty-and-broken-archive-files b/test/integration/test-bug-595691-empty-and-broken-archive-files index aea340203..fedf82c92 100755 --- a/test/integration/test-bug-595691-empty-and-broken-archive-files +++ b/test/integration/test-bug-595691-empty-and-broken-archive-files @@ -13,7 +13,7 @@ setupflataptarchive testaptgetupdate() { rm -rf rootdir/var/lib/apt aptget update 2>> testaptgetupdate.diff >> testaptgetupdate.diff || true - sed -i -e '/^Fetched / d' -e '/Ign / d' -e '/Release/ d' -e 's#Get:[0-9]\+ #Get: #' -e 's#\[[0-9]* [kMGTPY]*B\]#\[\]#' testaptgetupdate.diff + sed -i -e '/Ign /,+1d' -e '/Release/ d' -e 's#Get:[0-9]\+ #Get: #' -e 's#\[[0-9]* [kMGTPY]*B\]#\[\]#' testaptgetupdate.diff GIVEN="$1" shift msgtest "Test for correctness of" "apt-get update with $*" diff --git a/test/integration/test-bug-596498-trusted-unsigned-repo b/test/integration/test-bug-596498-trusted-unsigned-repo index 06c9c8285..1e5e75b0e 100755 --- a/test/integration/test-bug-596498-trusted-unsigned-repo +++ b/test/integration/test-bug-596498-trusted-unsigned-repo @@ -12,7 +12,7 @@ setupaptarchive aptgetupdate() { rm -rf rootdir/var/lib/apt/ rootdir/var/cache/apt/*.bin - aptget update -qq + ${1:-testwarning} aptget update --allow-insecure-repositories } PKGTEXT="$(aptget install cool --assume-no -d | head -n 7)" @@ -25,7 +25,7 @@ testequal "$PKGTEXT Download complete and in download only mode" aptget install cool --assume-no -d --allow-unauthenticated sed -i -e 's#deb#deb [trusted=no]#' $DEBFILE -aptgetupdate +aptgetupdate 'testsuccess' testequal "$PKGTEXT WARNING: The following packages cannot be authenticated! diff --git a/test/integration/test-bug-604401-files-are-directories b/test/integration/test-bug-604401-files-are-directories index e6913edcf..fe0ccc783 100755 --- a/test/integration/test-bug-604401-files-are-directories +++ b/test/integration/test-bug-604401-files-are-directories @@ -57,7 +57,7 @@ echo 'Package: apt Pin: release a=now Pin-Value: 1000' > rootdir/etc/apt/good-link.pref ln -s rootdir/etc/apt/good-link.pref rootdir/etc/apt/preferences -test -n "$(aptcache policy | grep 1000)" && msgfail || msgpass +test -n "$(aptcache policy | grep '1000 ')" && msgfail || msgpass rm rootdir/etc/apt/preferences msgtest "Broken link instead of a file as preferences ignored" diff --git a/test/integration/test-bug-605394-versioned-or-groups b/test/integration/test-bug-605394-versioned-or-groups index 0f09d2927..bb72d59e3 100755 --- a/test/integration/test-bug-605394-versioned-or-groups +++ b/test/integration/test-bug-605394-versioned-or-groups @@ -9,6 +9,7 @@ setupaptarchive testequal "Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: php5 php5-cgi 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-bug-612099-multiarch-conflicts b/test/integration/test-bug-612099-multiarch-conflicts index 20dc3a7e5..c32600037 100755 --- a/test/integration/test-bug-612099-multiarch-conflicts +++ b/test/integration/test-bug-612099-multiarch-conflicts @@ -70,6 +70,7 @@ Conf foobar (1.0 stable [i386])' aptget install foobar/stable libc6 -st testing testequal 'Reading package lists... Building dependency tree... Reading state information... +Calculating upgrade... The following packages will be upgraded: libc6 1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -168,6 +169,7 @@ Conf libc6-same:amd64 (1.0 stable [amd64])' aptget install libc6-same:amd64 -s - testequal 'Reading package lists... Building dependency tree... Reading state information... +Calculating upgrade... The following packages will be upgraded: libc6-same 1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted index f93510fd7..582e1bf5e 100755 --- a/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted +++ b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted @@ -24,15 +24,19 @@ testfilemissing() { testrun() { rm -rf rootdir/var/lib/apt - testsuccess aptget update + cd downloaded if [ "$1" = 'trusted' ]; then + testsuccess aptget update + testsuccess aptget download cool testfileexists 'cool_1.0_i386.deb' testsuccess aptget download cool --allow-unauthenticated testfileexists 'cool_1.0_i386.deb' else + testwarning aptget update --allow-insecure-repositories + testfailure aptget download cool testfilemissing 'cool_1.0_i386.deb' @@ -40,18 +44,19 @@ testrun() { testfileexists 'cool_1.0_i386.deb' fi - mv aptarchive/pool/cool_1.0_i386.deb aptarchive/pool/cool_1.0_i386.deb.bak - echo 'this is not a good package' > aptarchive/pool/cool_1.0_i386.deb + mv ../aptarchive/pool/cool_1.0_i386.deb ../aptarchive/pool/cool_1.0_i386.deb.bak + echo 'this is not a good package' > ../aptarchive/pool/cool_1.0_i386.deb testfailure aptget download cool testfilemissing cool_1.0_i386.deb testfailure aptget download cool --allow-unauthenticated # unauthenticated doesn't mean unchecked testfilemissing cool_1.0_i386.deb - rm -f aptarchive/pool/cool_1.0_i386.deb - mv aptarchive/pool/cool_1.0_i386.deb.bak aptarchive/pool/cool_1.0_i386.deb + rm -f ../aptarchive/pool/cool_1.0_i386.deb + mv ../aptarchive/pool/cool_1.0_i386.deb.bak ../aptarchive/pool/cool_1.0_i386.deb testsuccess aptget download cool --allow-unauthenticated testfileexists 'cool_1.0_i386.deb' + cd - >/dev/null } testrun 'trusted' diff --git a/test/integration/test-bug-64141-install-dependencies-for-on-hold b/test/integration/test-bug-64141-install-dependencies-for-on-hold index 9a9e7be10..9e6c223a8 100755 --- a/test/integration/test-bug-64141-install-dependencies-for-on-hold +++ b/test/integration/test-bug-64141-install-dependencies-for-on-hold @@ -21,6 +21,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: oldcrap The following NEW packages will be installed: @@ -35,6 +36,7 @@ testsuccess aptmark hold apt testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: apt The following packages will be upgraded: diff --git a/test/integration/test-bug-657695-resolver-breaks-on-virtuals b/test/integration/test-bug-657695-resolver-breaks-on-virtuals index e9b27cfcd..1b92a04fe 100755 --- a/test/integration/test-bug-657695-resolver-breaks-on-virtuals +++ b/test/integration/test-bug-657695-resolver-breaks-on-virtuals @@ -18,6 +18,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: xserver-xorg-video-driver1 xserver-xorg-video-driver10 xserver-xorg-video-driver11 xserver-xorg-video-driver12 diff --git a/test/integration/test-bug-673536-pre-depends-breaks-loop b/test/integration/test-bug-673536-pre-depends-breaks-loop index 21bd5e065..eb47553dc 100755 --- a/test/integration/test-bug-673536-pre-depends-breaks-loop +++ b/test/integration/test-bug-673536-pre-depends-breaks-loop @@ -24,12 +24,11 @@ testloopbreak() { cp -a dpkg.status.backup rootdir/var/lib/dpkg/status rm -f rootdir/var/lib/apt/extended_states - - testsuccess aptget install advanced=1 -y -t "$1" -o Debug::pkgPackageManager=1 + testsuccess aptget install advanced=1 -y -t "$1" testdpkginstalled advanced testdpkgnotinstalled basic common - testsuccess aptget dist-upgrade -y -t "$1" -o Debug::pkgPackageManager=1 + testsuccess aptget dist-upgrade -y -t "$1" testdpkginstalled advanced basic common } diff --git a/test/integration/test-bug-675449-essential-are-protected b/test/integration/test-bug-675449-essential-are-protected index 7d8cc3484..2a27c62b1 100755 --- a/test/integration/test-bug-675449-essential-are-protected +++ b/test/integration/test-bug-675449-essential-are-protected @@ -69,6 +69,7 @@ Purg pkg-none-foreign:i386 [1]' aptget purge pkg-none-foreign:i386 -s testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: pkg-depends-new:i386 pkg-none-new The following packages will be upgraded: diff --git a/test/integration/test-bug-680041-apt-mark-holds-correctly b/test/integration/test-bug-680041-apt-mark-holds-correctly index 2e5e39c8e..3f40c23dc 100755 --- a/test/integration/test-bug-680041-apt-mark-holds-correctly +++ b/test/integration/test-bug-680041-apt-mark-holds-correctly @@ -19,6 +19,7 @@ runtests() { testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: pkgall pkgarch 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -30,6 +31,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget dist-upgr testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: pkgarch The following packages will be upgraded: @@ -43,6 +45,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget dist-upgr testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: pkgall pkgarch 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -54,6 +57,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget dist-upgr testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: pkgall The following packages will be upgraded: diff --git a/test/integration/test-bug-683786-build-dep-on-virtual-packages b/test/integration/test-bug-683786-build-dep-on-virtual-packages index 879d6a3bc..65862c572 100755 --- a/test/integration/test-bug-683786-build-dep-on-virtual-packages +++ b/test/integration/test-bug-683786-build-dep-on-virtual-packages @@ -38,8 +38,8 @@ Building dependency tree... The following NEW packages will be installed: po-debconf 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. -Inst po-debconf (1 unstable, unstable [all]) -Conf po-debconf (1 unstable, unstable [all])' aptget build-dep dash -s +Inst po-debconf (1 unstable [all]) +Conf po-debconf (1 unstable [all])' aptget build-dep dash -s testequal 'Reading package lists... Building dependency tree... diff --git a/test/integration/test-bug-686346-package-missing-architecture b/test/integration/test-bug-686346-package-missing-architecture index dc51861ab..8024f81da 100755 --- a/test/integration/test-bug-686346-package-missing-architecture +++ b/test/integration/test-bug-686346-package-missing-architecture @@ -53,6 +53,7 @@ testnopackage pkge:* # this difference seems so important that it has to be maintained … testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade -s # pkgd has no update with an architecture diff --git a/test/integration/test-bug-712435-missing-descriptions b/test/integration/test-bug-712435-missing-descriptions index 53ecbbeb3..7a3518745 100755 --- a/test/integration/test-bug-712435-missing-descriptions +++ b/test/integration/test-bug-712435-missing-descriptions @@ -87,13 +87,10 @@ $DESCRIPTION Description-md5: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa " aptcache show apt-normal -# displaying the translated Description would be equally valid, -# but we assume only one description is in a Packages file and -# so we prefer "Description" over "Description-*" currently. for variant in 'below' 'middle' 'top'; do testequal "Package: apt-both-$variant $PACKAGESTANZA -$DESCRIPTION +$TRANSDESCRIPTION Description-md5: bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb " aptcache show apt-both-$variant done @@ -122,7 +119,7 @@ X-Some-Flag: yes testequal "Package: apt-intermixed2 $PACKAGESTANZA -$DESCRIPTION +$TRANSDESCRIPTION Description-md5: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa X-Some-Flag: yes X-Foo-Flag: Something with a Description @@ -131,7 +128,7 @@ X-Bar-Flag: no testequal "Package: apt-intermixed3 $PACKAGESTANZA -$DESCRIPTION +$TRANSDESCRIPTION Description-md5: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa X-Some-Flag: yes X-Foo-Flag: Something with a Description diff --git a/test/integration/test-bug-717891-abolute-uris-for-proxies b/test/integration/test-bug-717891-abolute-uris-for-proxies index ac1d6ec11..54a616686 100755 --- a/test/integration/test-bug-717891-abolute-uris-for-proxies +++ b/test/integration/test-bug-717891-abolute-uris-for-proxies @@ -12,7 +12,7 @@ setupaptarchive changetowebserver --request-absolute='uri' msgtest 'Check that absolute paths are' 'not accepted' -testfailure --nomsg aptget update +testfailure --nomsg aptget update --allow-insecure-repositories echo 'Acquire::http::Proxy "http://localhost:8080";' > rootdir/etc/apt/apt.conf.d/99proxy diff --git a/test/integration/test-bug-722207-print-uris-even-if-very-quiet b/test/integration/test-bug-722207-print-uris-even-if-very-quiet index f2d95da19..9a5685703 100755 --- a/test/integration/test-bug-722207-print-uris-even-if-very-quiet +++ b/test/integration/test-bug-722207-print-uris-even-if-very-quiet @@ -16,10 +16,10 @@ setupaptarchive APTARCHIVE=$(readlink -f ./aptarchive) -testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget upgrade -qq --print-uris -testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget dist-upgrade -qq --print-uris -testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget install apt -qq --print-uris -testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget download apt -qq --print-uris +testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget upgrade -qq --print-uris +testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget dist-upgrade -qq --print-uris +testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget install apt -qq --print-uris +testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget download apt -qq --print-uris testequal "'file://${APTARCHIVE}/apt_2.dsc' apt_2.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e 'file://${APTARCHIVE}/apt_2.tar.gz' apt_2.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source apt -qq --print-uris testequal "'http://packages.debian.org/changelogs/pool/main/apt/apt_2/changelog'" aptget changelog apt -qq --print-uris diff --git a/test/integration/test-bug-728500-tempdir b/test/integration/test-bug-728500-tempdir index 0451fc1ed..37e5a013e 100755 --- a/test/integration/test-bug-728500-tempdir +++ b/test/integration/test-bug-728500-tempdir @@ -17,7 +17,7 @@ msgtest 'Test apt-get update with incorrect' 'TMPDIR' OUTPUT=$(mktemp) addtrap "rm $OUTPUT;" export TMPDIR=/does-not-exists -if aptget update >${OUTPUT} 2>&1; then +if aptget update -o Debug::Acquire::gpg=1 >${OUTPUT} 2>&1; then msgpass else echo @@ -27,3 +27,4 @@ fi unset TMPDIR testequal 'coolstuff' aptcache pkgnames +testsuccess ls rootdir/var/lib/apt/lists/*InRelease diff --git a/test/integration/test-bug-733028-gpg-resource-limit b/test/integration/test-bug-733028-gpg-resource-limit new file mode 100755 index 000000000..7040856b3 --- /dev/null +++ b/test/integration/test-bug-733028-gpg-resource-limit @@ -0,0 +1,27 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'i386' + +insertpackage 'unstable' 'foobar' 'all' '1' + +setupaptarchive --no-update + +for i in $(seq 1 50); do + touch rootdir/etc/apt/trusted.gpg.d/emptykey-${i}.gpg +done + +aptkey list | grep '^pub' > aptkey.list +testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18' + +testsuccess aptget update +msgtest 'Test for no gpg errors/warnings in' 'apt-get update' +if grep -iq 'GPG' rootdir/tmp/testsuccess.output; then + cat rootdir/tmp/testsuccess.output + msgfail +else + msgpass +fi diff --git a/test/integration/test-bug-735967-lib32-to-i386-unavailable b/test/integration/test-bug-735967-lib32-to-i386-unavailable index e9f3bf96d..826931fe4 100755 --- a/test/integration/test-bug-735967-lib32-to-i386-unavailable +++ b/test/integration/test-bug-735967-lib32-to-i386-unavailable @@ -33,6 +33,7 @@ testsuccess aptget update testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: lib32nss-mdns The following packages will be upgraded: @@ -60,6 +61,7 @@ testsuccess aptget update testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: libnss-mdns:i386 libnss-mdns-i386:i386 The following packages will be upgraded: diff --git a/test/integration/test-bug-738785-switch-protocol b/test/integration/test-bug-738785-switch-protocol index 1e5748eae..0f458e099 100755 --- a/test/integration/test-bug-738785-switch-protocol +++ b/test/integration/test-bug-738785-switch-protocol @@ -25,6 +25,7 @@ downloadfile 'http://localhost:8080/pool/apt_1.0/changelog' changelog >/dev/null echo 'Apt::Changelogs::Server "http://localhost:8080/redirectme";' > rootdir/etc/apt/apt.conf.d/changelog.conf testequal "'http://localhost:8080/redirectme/pool/apt_1.0/changelog'" aptget changelog apt --print-uris +cd downloaded testsuccess aptget changelog apt -d testsuccess test -s apt.changelog rm -f apt.changelog @@ -32,6 +33,7 @@ rm -f apt.changelog testsuccess aptget download apt testsuccess test -s apt_1.0_all.deb rm apt_1.0_all.deb +cd - >/dev/null testsuccess aptget install apt -y testdpkginstalled 'apt' @@ -49,9 +51,11 @@ rm https cd - >/dev/null echo "Dir::Bin::Methods \"${COPYMETHODS}\";" >> aptconfig.conf -testequal "E: The method driver $(pwd)/rootdir/usr/lib/apt/methods/https could not be found. +cd downloaded +testequal "E: The method driver $(readlink -f './../')/rootdir/usr/lib/apt/methods/https could not be found. N: Is the package apt-transport-https installed?" aptget download apt -q=0 -testsuccess test ! -e apt_1.0_all.deb +testfailure test -e apt_1.0_all.deb +cd - >/dev/null # revert to all methods rm -rf rootdir/$COPYMETHODS @@ -60,4 +64,4 @@ mv rootdir/${COPYMETHODS}.bak rootdir/${COPYMETHODS} # check that downgrades from https to http are not allowed webserverconfig 'aptwebserver::support::http' 'true' sed -i -e 's#:8080/redirectme#:4433/downgrademe#' -e 's# http:# https:#' rootdir/etc/apt/sources.list.d/* -testfailure aptget update +testfailure aptget update --allow-insecure-repositories diff --git a/test/integration/test-bug-740843-versioned-up-down-breaks b/test/integration/test-bug-740843-versioned-up-down-breaks index cb035a71f..9426ffad1 100755 --- a/test/integration/test-bug-740843-versioned-up-down-breaks +++ b/test/integration/test-bug-740843-versioned-up-down-breaks @@ -24,6 +24,7 @@ setupaptarchive testequalor2 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: foo-driver libfoo libfoo:i386 libgl1-foo-glx libgl1-foo-glx:i386 5 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -38,6 +39,7 @@ Conf libgl1-foo-glx:i386 (2 stable [i386]) Conf libgl1-foo-glx (2 stable [amd64]) Conf foo-driver (2 stable [amd64])' 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: foo-driver libfoo libfoo:i386 libgl1-foo-glx libgl1-foo-glx:i386 5 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-bug-745036-new-foreign-invalidates-cache b/test/integration/test-bug-745036-new-foreign-invalidates-cache new file mode 100755 index 000000000..2b7ee06ad --- /dev/null +++ b/test/integration/test-bug-745036-new-foreign-invalidates-cache @@ -0,0 +1,27 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'amd64' + +insertpackage 'unstable,installed' 'cool-foo' 'amd64' '1.0' 'Depends: foo' +insertpackage 'unstable,installed' 'foo' 'amd64' '1.0' 'Multi-Arch: foreign' + +setupaptarchive + +testsuccess aptget check -s + +configarchitecture 'amd64' 'i386' +testequal 'E: The package cache was built for different architectures: amd64 vs amd64,i386' aptget check -s -o pkgCacheFile::Generate=false + +testsuccess aptget check -s + +insertinstalledpackage 'awesome-foo' 'i386' '1.0' 'Depends: foo' + +testsuccess aptget check -s + +testsuccess aptget update --no-download + +testsuccess aptget check -s diff --git a/test/integration/test-bug-753297-upgradable b/test/integration/test-bug-753297-upgradable index 068704b3e..01395a095 100755 --- a/test/integration/test-bug-753297-upgradable +++ b/test/integration/test-bug-753297-upgradable @@ -16,8 +16,7 @@ Pin: release unstable Pin-Priority: 1 EOF -insertinstalledpackage 'foo' 'all' '1' -insertpackage 'testing' 'foo' 'all' '1' +insertpackage 'testing,installed' 'foo' 'all' '1' insertpackage 'testing-updates' 'foo' 'all' '2' insertpackage 'unstable' 'foo' 'all' '3' diff --git a/test/integration/test-bug-758153-versioned-provides-support b/test/integration/test-bug-758153-versioned-provides-support index 2904ae5a1..21f9123c9 100755 --- a/test/integration/test-bug-758153-versioned-provides-support +++ b/test/integration/test-bug-758153-versioned-provides-support @@ -28,6 +28,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: webapp webserver 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-compressed-indexes b/test/integration/test-compressed-indexes index 805ed5964..92e7c0e84 100755 --- a/test/integration/test-compressed-indexes +++ b/test/integration/test-compressed-indexes @@ -39,10 +39,10 @@ testrun() { test -e rootdir/var/lib/apt/lists/*_Translation-en.${COMPRESS} || F=1 # there is no point in trying pdiff if we have compressed indexes # as we can't patch compressed files (well, we can, but what is the point?) - ! test -e rootdir/var/lib/apt/lists/*.IndexDiff || F=1 + ! test -e rootdir/var/lib/apt/lists/*diff_Index || F=1 else # clear the faked pdiff indexes so the glob below works - rm -f rootdir/var/lib/apt/lists/*.IndexDiff + rm -f rootdir/var/lib/apt/lists/*diff_Index test -e rootdir/var/lib/apt/lists/*_Packages || F=1 test -e rootdir/var/lib/apt/lists/*_Sources || F=1 test -e rootdir/var/lib/apt/lists/*_Translation-en || F=1 @@ -51,15 +51,18 @@ testrun() { ! test -e rootdir/var/lib/apt/lists/*_Translation-en.* || F=1 fi if [ -n "$F" ]; then + cat rootdir/tmp/testsuccess.output ls -laR rootdir/var/lib/apt/lists/ msgfail else msgpass fi msgtest 'Check if package is downloadable' + cd downloaded testsuccess --nomsg aptget download testpkg msgtest '\tdeb file is present'; testsuccess --nomsg test -f testpkg_1.0_i386.deb rm testpkg_1.0_i386.deb + cd - >/dev/null testequal 'Reading package lists... Building dependency tree... The following NEW packages will be installed: @@ -78,17 +81,20 @@ Conf testpkg (1.0 unstable [i386])' aptget install testpkg -s testequal "$GOODSHOWSRC" aptcache showsrc testpkg aptget clean msgtest 'Check if the source is aptgetable' + cd downloaded testsuccess --nomsg aptget source testpkg - msgtest '\tdsc file is present'; testsuccess --nomsg test -f testpkg_1.0.dsc - msgtest '\tdirectory is present'; testsuccess --nomsg test -d testpkg-1.0 + testsuccess test -s testpkg_1.0.dsc + testsuccess test -d testpkg-1.0 rm -rf testpkg-1.0* + cd - >/dev/null testequal "$(aptcache show testpkg -o Acquire::Languages=none) " aptcache dumpavail } echo 'Debug::pkgAcquire::worker "true"; debug::pkgAcquire::Auth "true"; -Debug::pkgAcquire::Diffs "true";' > rootdir/etc/apt/apt.conf.d/99debugconf +Debug::pkgAcquire::Diffs "true"; +Debug::Acquire::http "true";' > rootdir/etc/apt/apt.conf.d/99debugconf testovermethod() { forcecompressor $2 @@ -97,23 +103,28 @@ testovermethod() { rm -rf rootdir/var/lib/apt/lists echo "Acquire::GzipIndexes \"${INDEX}\";" > rootdir/etc/apt/apt.conf.d/02compressindex local INDCOMP - if [ "$INDEX" = 'false' ]; then + if [ "$INDEX" = 'false' -o "$1" = 'cdrom' ]; then INDCOMP='uncompressed' else INDCOMP='compressed' fi + msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes gzip=$INDEX" + if [ "${1}" = 'cdrom' ]; then + testsuccess aptcdrom add </dev/null + fi testsuccess aptget update - msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes" testrun "$INDCOMP" - testsuccess aptget update -o Acquire::Pdiffs=1 - msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes (update unchanged with pdiffs)" - testrun "$INDCOMP" + if [ "${1}" != 'cdrom' ]; then + testsuccess aptget update -o Acquire::Pdiffs=1 + msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes gzip=$INDEX (update unchanged with pdiffs)" + testrun "$INDCOMP" - testsuccess aptget update -o Acquire::Pdiffs=0 - msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes (update unchanged without pdiffs)" - testrun "$INDCOMP" + testsuccess aptget update -o Acquire::Pdiffs=0 + msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes gzip=$INDEX (update unchanged without pdiffs)" + testrun "$INDCOMP" + fi rm rootdir/etc/apt/apt.conf.d/02compressindex done @@ -142,3 +153,12 @@ test $(echo "$GOODPOLICY" | grep -e '^testpkg:' -e '^ Candidate:' -e '^ Instal testequal "$GOODPOLICY" aptcache policy testpkg for COMPRESSOR in 'gzip' 'bzip2' 'lzma' 'xz'; do testovermethod 'http' $COMPRESSOR; done + +changetocdrom 'Debian APT Testdisk 0.8.15' +rm -rf rootdir/var/lib/apt/lists +testsuccess aptcdrom add </dev/null +GOODPOLICY="$(aptcache policy testpkg)" +test $(echo "$GOODPOLICY" | grep -e '^testpkg:' -e '^ Candidate:' -e '^ Installed: (none)' -e '500 cdrom://' | wc -l) -eq 4 || msgdie 'policy is broken' +testequal "$GOODPOLICY" aptcache policy testpkg + +for COMPRESSOR in 'gzip' 'bzip2' 'lzma' 'xz'; do testovermethod 'cdrom' $COMPRESSOR; done diff --git a/test/integration/test-conflicts-loop b/test/integration/test-conflicts-loop index a2c411aaf..81731dfe4 100755 --- a/test/integration/test-conflicts-loop +++ b/test/integration/test-conflicts-loop @@ -17,6 +17,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: openjdk-6-jre openjdk-6-jre-headless openjdk-6-jre-lib 3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -29,4 +30,4 @@ Conf openjdk-6-jre (6b20-1.9.8-0ubuntu1~10.04.1 unstable [i386]) Inst openjdk-6-jre-headless [6b16-1.8-0ubuntu1] (6b20-1.9.8-0ubuntu1~10.04.1 unstable [i386]) Conf openjdk-6-jre-headless (6b20-1.9.8-0ubuntu1~10.04.1 unstable [i386])' aptget dist-upgrade -s -o APT::Immediate-Configure-All=true -testsuccess aptget dist-upgrade -s -o Debug::pkgPackageManager=1 +testsuccess aptget dist-upgrade -s diff --git a/test/integration/test-cve-2013-1051-InRelease-parsing b/test/integration/test-cve-2013-1051-InRelease-parsing index 41b27f691..8f9803991 100755 --- a/test/integration/test-cve-2013-1051-InRelease-parsing +++ b/test/integration/test-cve-2013-1051-InRelease-parsing @@ -42,7 +42,7 @@ touch -d '+1hour' aptarchive/dists/stable/InRelease # ensure the update fails # useful for debugging to add "-o Debug::pkgAcquire::auth=true" msgtest 'apt-get update for should fail with the modified' 'InRelease' -aptget update 2>&1 | grep -q 'Hash Sum mismatch' > /dev/null && msgpass || msgfail +aptget update 2>&1 | grep -E -q '(Writing more data than expected|Hash Sum mismatch)' > /dev/null && msgpass || msgfail # ensure there is no package testequal 'Reading package lists... diff --git a/test/integration/test-essential-force-loopbreak b/test/integration/test-essential-force-loopbreak index ac8fc6d28..1493430d8 100755 --- a/test/integration/test-essential-force-loopbreak +++ b/test/integration/test-essential-force-loopbreak @@ -37,13 +37,13 @@ The following packages will be upgraded: E: This installation run will require temporarily removing the essential package sysvinit:$(getarchitecture 'native') due to a Conflicts/Pre-Depends loop. This is often bad, but if you really want to do it, activate the APT::Force-LoopBreak option. E: Internal Error, Could not early remove sysvinit:$(dpkg --print-architecture) (2)" aptget install systemd-sysv -t "$1" -s # ensure that really nothing happens - testfailure aptget install systemd-sysv -y -t "$1" -o Debug::pkgPackageManager=1 + testfailure aptget install systemd-sysv -y -t "$1" testdpkginstalled 'sysvinit' testdpkgnotinstalled 'systemd-sysv' # with enough force however … cp -a dpkg.status.backup rootdir/var/lib/dpkg/status - testsuccess aptget install systemd-sysv -y -t "$1" -o Debug::pkgPackageManager=1 -o APT::Force-LoopBreak=1 + testsuccess aptget install systemd-sysv -y -t "$1" -o APT::Force-LoopBreak=1 testdpkginstalled 'sysvinit' 'systemd-sysv' } diff --git a/test/integration/test-hashsum-verification b/test/integration/test-hashsum-verification index 2a400dcb4..5f88110b3 100755 --- a/test/integration/test-hashsum-verification +++ b/test/integration/test-hashsum-verification @@ -70,9 +70,13 @@ runtest() { rm -rf rootdir/var/lib/apt/lists rm aptarchive/InRelease aptarchive/Release.gpg msgtest 'unsigned apt-get update gets the expected hashsum mismatch' - aptget update 2>&1 | grep "Hash Sum mismatch" > /dev/null && msgpass || msgfail - - + aptget update --allow-insecure-repositories >output.log 2>&1 || true + if grep -q "Hash Sum mismatch" output.log; then + msgpass + else + cat output.log + msgfail + fi } for COMPRESSEDINDEXES in 'false' 'true'; do diff --git a/test/integration/test-http-pipeline-messup b/test/integration/test-http-pipeline-messup new file mode 100755 index 000000000..dda8ef7eb --- /dev/null +++ b/test/integration/test-http-pipeline-messup @@ -0,0 +1,47 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# try a little harder to create a size mismatch +buildsimplenativepackage 'pkga' 'all' '1.0' 'stable' "Depends: foo" '' '' '' '' 'none' +buildsimplenativepackage 'pkgb' 'all' '1.0' 'stable' "Depends: foo" '' '' '' '' 'none' +buildsimplenativepackage 'pkgc' 'all' '1.0' 'stable' "Depends: f$(for i in $(seq 0 1000); do printf 'o'; done)" '' '' '' '' 'none' +buildsimplenativepackage 'pkgd' 'all' '1.0' 'stable' "Depends: f$(for i in $(seq 0 1000); do printf 'o'; done)" '' '' '' '' 'none' + +setupaptarchive --no-update + +# simulate (and be a predictable) pipeline mess-up by the server/proxy +changetowebserver \ + -o 'aptwebserver::overwrite::.*pkga.*::filename=/pool/pkgd_1.0_all.deb' \ + -o 'aptwebserver::overwrite::.*pkgc.*::filename=/pool/pkgb_1.0_all.deb' \ + -o 'aptwebserver::overwrite::.*pkgb.*::filename=/pool/pkgc_1.0_all.deb' \ + -o 'aptwebserver::overwrite::.*pkgd.*::filename=/pool/pkga_1.0_all.deb' + +echo 'Debug::Acquire::http "true"; +Debug::pkgAcquire::Worker "true";' > rootdir/etc/apt/apt.conf.d/99debug + +testsuccess aptget update + +# messup is bigger than pipeline: checks if fixup isn't trying to hard +testfailure aptget download pkga pkgb pkgc pkgd -o Acquire::http::Pipeline-Depth=2 +testfailure test -f pkga_1.0_all.deb + +# ensure that pipeling is enabled for rest of this test +echo 'Acquire::http::Pipeline-Depth 10;' > rootdir/etc/apt/apt.conf.d/99enable-pipeline + +# the output is a bit strange: it looks like it has downloaded pkga 4 times +testwarning aptget download pkga pkgb pkgc pkgd +for pkg in 'pkga' 'pkgb' 'pkgc' 'pkgd'; do + testsuccess test -f ${pkg}_1.0_all.deb + testsuccess cmp incoming/${pkg}_1.0_all.deb ${pkg}_1.0_all.deb + rm -f ${pkg}_1.0_all.deb +done + +# while hashes will pass (as none are available), sizes will not match, so failure +# checks that no hashes means that pipeline depth is ignored as we can't fixup +testfailure aptget download pkga pkgb pkgc pkgd --allow-unauthenticated -o Acquire::ForceHash=ROT26 diff --git a/test/integration/test-kernel-helper-autoremove b/test/integration/test-kernel-helper-autoremove index c51caa758..22c36890b 100755 --- a/test/integration/test-kernel-helper-autoremove +++ b/test/integration/test-kernel-helper-autoremove @@ -9,7 +9,7 @@ configarchitecture 'amd64' # the executed script would use the installed apt-config, # which is outside of our control msgtest 'Check that the installed apt-config supports' '--no-empty' -if apt-config dump --no-empty >/dev/null 2>&1; then +if /usr/bin/apt-config dump --no-empty >/dev/null 2>&1; then msgpass else msgskip diff --git a/test/integration/test-partial-file-support b/test/integration/test-partial-file-support index 5ab326def..98b2f242a 100755 --- a/test/integration/test-partial-file-support +++ b/test/integration/test-partial-file-support @@ -52,36 +52,37 @@ cp -a ${TESTDIR}/framework $TESTFILE testrun() { webserverconfig 'aptwebserver::support::range' 'true' + local DOWN='./downloaded/testfile' - copysource $TESTFILE 0 ./testfile - testdownloadfile 'no data' "${1}/testfile" './testfile' '=' + copysource $TESTFILE 0 $DOWN + testdownloadfile 'no data' "${1}/testfile" "$DOWN" '=' testwebserverlaststatuscode '200' "$DOWNLOADLOG" - copysource $TESTFILE 20 ./testfile - testdownloadfile 'valid partial data' "${1}/testfile" './testfile' '=' + copysource $TESTFILE 20 $DOWN + testdownloadfile 'valid partial data' "${1}/testfile" "$DOWN" '=' testwebserverlaststatuscode '206' "$DOWNLOADLOG" - copysource /dev/zero 20 ./testfile - testdownloadfile 'invalid partial data' "${1}/testfile" './testfile' '!=' + copysource /dev/zero 20 $DOWN + testdownloadfile 'invalid partial data' "${1}/testfile" "$DOWN" '!=' testwebserverlaststatuscode '206' "$DOWNLOADLOG" - copysource $TESTFILE 1M ./testfile - testdownloadfile 'completely downloaded file' "${1}/testfile" './testfile' '=' + copysource $TESTFILE 1M $DOWN + testdownloadfile 'completely downloaded file' "${1}/testfile" "$DOWN" '=' testwebserverlaststatuscode '416' "$DOWNLOADLOG" - copysource /dev/zero 1M ./testfile - testdownloadfile 'too-big partial file' "${1}/testfile" './testfile' '=' + copysource /dev/zero 1M $DOWN + testdownloadfile 'too-big partial file' "${1}/testfile" "$DOWN" '=' testwebserverlaststatuscode '200' "$DOWNLOADLOG" - copysource /dev/zero 20 ./testfile - touch ./testfile - testdownloadfile 'old data' "${1}/testfile" './testfile' '=' + copysource /dev/zero 20 $DOWN + touch $DOWN + testdownloadfile 'old data' "${1}/testfile" "$DOWN" '=' testwebserverlaststatuscode '200' "$DOWNLOADLOG" webserverconfig 'aptwebserver::support::range' 'false' - copysource $TESTFILE 20 ./testfile - testdownloadfile 'no server support' "${1}/testfile" './testfile' '=' + copysource $TESTFILE 20 $DOWN + testdownloadfile 'no server support' "${1}/testfile" "$DOWN" '=' testwebserverlaststatuscode '200' "$DOWNLOADLOG" } diff --git a/test/integration/test-pdiff-usage b/test/integration/test-pdiff-usage index afe1ad443..5bad90214 100755 --- a/test/integration/test-pdiff-usage +++ b/test/integration/test-pdiff-usage @@ -13,12 +13,6 @@ changetowebserver PKGFILE="${TESTDIR}/$(echo "$(basename $0)" | sed 's#^test-#Packages-#')" -echo '#!/bin/sh -touch merge-was-used -/usr/bin/diffindex-rred "$@"' > extrred -chmod +x extrred -echo 'Dir::Bin::rred "./extrred";' > rootdir/etc/apt/apt.conf.d/99rred - wasmergeused() { msgtest 'Test for successful execution of' "$*" local OUTPUT=$(mktemp) @@ -82,8 +76,15 @@ SHA1-History: 9f4148e06d7faa37062994ff10d0c842d7017513 33053002 2010-08-18-2013.28 $(sha1sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE) SHA1-Patches: - 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-0814.28 - $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX + 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-2013.28 + $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE) +SHA256-Current: $(sha256sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new) +SHA256-History: + 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 33053002 2010-08-18-2013.28 + $(sha256sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE) +SHA256-Patches: + e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 19722 2010-08-18-2013.28 + $(sha256sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX generatereleasefiles '+1hour' signreleasefiles find aptarchive -name 'Packages*' -type f -delete @@ -93,7 +94,7 @@ SHA1-Patches: " aptcache show apt newstuff msgmsg "Testcase: index is already up-to-date: $*" - find rootdir/var/lib/apt/lists -name '*.IndexDiff' -type f -delete + find rootdir/var/lib/apt/lists -name '*diff_Index' -type f -delete testsuccess aptget update "$@" testequal "$(cat ${PKGFILE}-new) " aptcache show apt newstuff @@ -125,9 +126,18 @@ SHA1-History: $(sha1sum ${PKGFILE} | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}) $(basename ${PATCHFILE}) $(sha1sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new) $(basename ${PATCHFILE2}) SHA1-Patches: - 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-0814.28 + 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-2013.28 $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE) - $(sha1sum ${PATCHFILE2} | cut -d' ' -f 1) $(stat -c%s ${PATCHFILE2}) $(basename ${PATCHFILE2})" > $PATCHINDEX + $(sha1sum ${PATCHFILE2} | cut -d' ' -f 1) $(stat -c%s ${PATCHFILE2}) $(basename ${PATCHFILE2}) +SHA256-Current: $(sha256sum aptarchive/Packages | cut -d' ' -f 1) $(stat -c%s aptarchive/Packages) +SHA256-History: + 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 33053002 2010-08-18-2013.28 + $(sha256sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE) + $(sha256sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new) $(basename ${PATCHFILE2}) +SHA256-Patches: + e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 19722 2010-08-18-2013.28 + $(sha256sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE) + $(sha256sum ${PATCHFILE2} | cut -d' ' -f 1) $(stat -c%s ${PATCHFILE2}) $(basename ${PATCHFILE2})" > $PATCHINDEX generatereleasefiles '+2hour' signreleasefiles cp -a aptarchive/Packages Packages-future @@ -153,8 +163,15 @@ SHA1-History: 9f4148e06d7faa37062994ff10d0c842d7017513 33053002 2010-08-18-2013.28 $(sha1sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE) SHA1-Patches: - 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-0814.28 - $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX + 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-2013.28 + $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE) +SHA256-Current: $(sha256sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new) +SHA256-History: + 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 33053002 2010-08-18-2013.28 + $(sha256sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE) +SHA256-Patches: + e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 19722 2010-08-18-2013.28 + $(sha256sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX echo 'I am Mallory and I change files' >> $PATCHFILE cat $PATCHFILE | gzip > ${PATCHFILE}.gz generatereleasefiles '+1hour' @@ -165,9 +182,23 @@ SHA1-Patches: " aptcache show apt newstuff } echo 'Debug::pkgAcquire::Diffs "true"; +Debug::Acquire::Transaction "true"; Debug::pkgAcquire::rred "true";' > rootdir/etc/apt/apt.conf.d/rreddebug.conf testrun -o Acquire::PDiffs::Merge=0 -o APT::Get::List-Cleanup=1 testrun -o Acquire::PDiffs::Merge=1 -o APT::Get::List-Cleanup=1 testrun -o Acquire::PDiffs::Merge=0 -o APT::Get::List-Cleanup=0 testrun -o Acquire::PDiffs::Merge=1 -o APT::Get::List-Cleanup=0 + +sha256sum() { + echo '01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b -' +} +testrun -o Acquire::PDiffs::Merge=0 -o Acquire::ForceHash=SHA1 +testrun -o Acquire::PDiffs::Merge=1 -o Acquire::ForceHash=SHA1 + +unset -f sha256sum +sha1sum() { + echo 'adc83b19e793491b1c6ea0fd8b46cd9f32e592fc -' +} +testrun -o Acquire::PDiffs::Merge=0 -o Acquire::ForceHash=SHA256 +testrun -o Acquire::PDiffs::Merge=1 -o Acquire::ForceHash=SHA256 diff --git a/test/integration/test-pin-non-existent-package b/test/integration/test-pin-non-existent-package index 35de22115..c567e5285 100755 --- a/test/integration/test-pin-non-existent-package +++ b/test/integration/test-pin-non-existent-package @@ -26,6 +26,7 @@ testcandidate rapt '0.8.15' testequal 'N: Unable to locate package doesntexist' aptcache policy doesntexist -q=0 testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade --trivial-only echo 'Package: rapt @@ -36,6 +37,7 @@ testcandidate rapt '(none)' testequal 'N: Unable to locate package doesntexist' aptcache policy doesntexist -q=0 testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade --trivial-only echo ' @@ -55,6 +57,7 @@ testequal 'N: Unable to locate package doesntexist' aptcache policy doesntexist testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade --trivial-only echo 'Package: arch:amd64 diff --git a/test/integration/test-policy-pinning b/test/integration/test-policy-pinning index 8eb4bcbad..c08a2f103 100755 --- a/test/integration/test-policy-pinning +++ b/test/integration/test-policy-pinning @@ -28,7 +28,7 @@ Pinned packages:" aptcache policy $* aptgetupdate() { # just to be sure that no old files are used rm -rf rootdir/var/lib/apt - if aptget update -qq 2>&1 | grep '^E: '; then + if aptget update --allow-insecure-repositories -qq 2>&1 | grep '^E: '; then msgwarn 'apt-get update failed with an error' fi } @@ -36,6 +36,7 @@ aptgetupdate() { ### not signed archive aptgetupdate + testequalpolicy 100 500 testequalpolicy 990 500 -t now diff --git a/test/integration/test-prevent-markinstall-multiarch-same-versionscrew b/test/integration/test-prevent-markinstall-multiarch-same-versionscrew index d647856cb..db97687ce 100755 --- a/test/integration/test-prevent-markinstall-multiarch-same-versionscrew +++ b/test/integration/test-prevent-markinstall-multiarch-same-versionscrew @@ -9,20 +9,17 @@ configarchitecture 'amd64' 'i386' 'armel' insertpackage 'stable' 'allarchs' 'all' '1' insertpackage 'unstable' 'allarchs' 'all' '2' -insertinstalledpackage 'fine' 'i386,amd64' '1' 'Multi-Arch: same' -insertpackage 'stable' 'fine' 'i386,amd64' '1' 'Multi-Arch: same' +insertpackage 'stable,installed' 'fine' 'i386,amd64' '1' 'Multi-Arch: same' insertpackage 'unstable' 'fine' 'amd64,i386' '2' 'Multi-Arch: same' insertinstalledpackage 'fine-installed' 'i386,amd64' '1' 'Multi-Arch: same' insertpackage 'stable' 'fine-installed' 'i386,amd64,armel' '1' 'Multi-Arch: same' insertpackage 'unstable' 'fine-installed' 'i386,amd64' '2' 'Multi-Arch: same' -insertinstalledpackage 'out-of-sync-native' 'i386,amd64' '1' 'Multi-Arch: same' -insertpackage 'stable' 'out-of-sync-native' 'i386,amd64' '1' 'Multi-Arch: same' +insertpackage 'stable,installed' 'out-of-sync-native' 'i386,amd64' '1' 'Multi-Arch: same' insertpackage 'unstable' 'out-of-sync-native' 'amd64' '2' 'Multi-Arch: same' -insertinstalledpackage 'out-of-sync-foreign' 'i386,amd64' '1' 'Multi-Arch: same' -insertpackage 'stable' 'out-of-sync-foreign' 'i386,amd64' '1' 'Multi-Arch: same' +insertpackage 'stable,installed' 'out-of-sync-foreign' 'i386,amd64' '1' 'Multi-Arch: same' insertpackage 'unstable' 'out-of-sync-foreign' 'i386' '2' 'Multi-Arch: same' insertinstalledpackage 'out-of-sync-gone-native' 'i386,amd64' '1' 'Multi-Arch: same' @@ -43,6 +40,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: out-of-sync-gone-foreign:i386 out-of-sync-gone-native The following packages have been kept back: diff --git a/test/integration/test-provides-gone-with-upgrade b/test/integration/test-provides-gone-with-upgrade index 70384ce29..3b4bc2d04 100755 --- a/test/integration/test-provides-gone-with-upgrade +++ b/test/integration/test-provides-gone-with-upgrade @@ -15,6 +15,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: libapt-pkg4.10 The following packages will be upgraded: diff --git a/test/integration/test-releasefile-valid-until b/test/integration/test-releasefile-valid-until index e673d5f71..0d9a91254 100755 --- a/test/integration/test-releasefile-valid-until +++ b/test/integration/test-releasefile-valid-until @@ -12,84 +12,38 @@ getlabelfromsuite() { echo -n 'Testcases' } +setupaptarchive --no-update -setupaptarchive - -setupreleasefile() { +runtest() { + local MSG="$1" + msgtest "$1" "$2" rm -rf rootdir/var/lib/apt/lists aptget clean - generatereleasefiles "$1" "$2" + generatereleasefiles "$3" "$4" signreleasefiles -} - -aptgetupdate() { - if aptget update $* 2>&1 | grep -q 'is expired'; then - return 1 + shift 4 + if expr match "$MSG" '.*accepted.*' >/dev/null; then + testsuccess --nomsg aptget update "$@" + testfailure grep -q 'is expired' rootdir/tmp/testsuccess.output else - return 0 + testfailure --nomsg aptget update "$@" + testsuccess grep -q 'is expired' rootdir/tmp/testfailure.output fi } -setupreleasefile -msgtest 'Release file is accepted as it has' 'no Until' -testsuccess --nomsg aptgetupdate - -setupreleasefile -msgtest 'Release file is accepted as it has' 'no Until and good Max-Valid' -testsuccess --nomsg aptgetupdate -o Acquire::Max-ValidTime=3600 - -setupreleasefile 'now - 2 days' -msgtest 'Release file is rejected as it has' 'no Until, but bad Max-Valid' -testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=3600 - -setupreleasefile 'now - 3 days' 'now + 1 day' -msgtest 'Release file is accepted as it has' 'good Until' -testsuccess --nomsg aptgetupdate - -setupreleasefile 'now - 7 days' 'now - 4 days' -msgtest 'Release file is rejected as it has' 'bad Until' -testfailure --nomsg aptgetupdate - -setupreleasefile 'now - 7 days' 'now - 4 days' -msgtest 'Release file is rejected as it has' 'bad Until (ignore good Max-Valid)' -testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=1209600 - -setupreleasefile 'now - 7 days' 'now - 4 days' -msgtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until)' -testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=86400 - -setupreleasefile 'now - 7 days' 'now + 4 days' -msgtest 'Release file is rejected as it has' 'bad Max-Valid (good Until)' -testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=86400 - -setupreleasefile 'now - 7 days' 'now + 4 days' -msgtest 'Release file is accepted as it has' 'good labeled Max-Valid' -testsuccess --nomsg aptgetupdate -o Acquire::Max-ValidTime=86400 -o Acquire::Max-ValidTime::Testcases=1209600 - -setupreleasefile 'now - 7 days' 'now + 4 days' -msgtest 'Release file is rejected as it has' 'bad labeled Max-Valid' -testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=1209600 -o Acquire::Max-ValidTime::Testcases=86400 - -setupreleasefile 'now - 7 days' 'now + 1 days' -msgtest 'Release file is accepted as it has' 'good Until (good Min-Valid, no Max-Valid)' -testsuccess --nomsg aptgetupdate -o Acquire::Min-ValidTime=1209600 - -setupreleasefile 'now - 7 days' 'now - 4 days' -msgtest 'Release file is accepted as it has' 'good Min-Valid (bad Until, no Max-Valid)' -testsuccess --nomsg aptgetupdate -o Acquire::Min-ValidTime=1209600 - -setupreleasefile 'now - 7 days' 'now - 2 days' -msgtest 'Release file is accepted as it has' 'good Min-Valid (bad Until, good Max-Valid) <' -testsuccess --nomsg aptgetupdate -o Acquire::Min-ValidTime=1209600 -o Acquire::Max-ValidTime=2419200 - -setupreleasefile 'now - 7 days' 'now - 2 days' -msgtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, good Min-Valid) >' -testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=12096 -o Acquire::Min-ValidTime=2419200 - -setupreleasefile 'now - 7 days' 'now - 2 days' -msgtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, bad Min-Valid) <' -testfailure --nomsg aptgetupdate -o Acquire::Min-ValidTime=12096 -o Acquire::Max-ValidTime=241920 - -setupreleasefile 'now - 7 days' 'now - 2 days' -msgtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, bad Min-Valid) >' -testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=12096 -o Acquire::Min-ValidTime=241920 +runtest 'Release file is accepted as it has' 'no Until' '' '' +runtest 'Release file is accepted as it has' 'no Until and good Max-Valid' '' '' -o Acquire::Max-ValidTime=3600 +runtest 'Release file is rejected as it has' 'no Until, but bad Max-Valid' 'now - 2 days' '' -o Acquire::Max-ValidTime=3600 +runtest 'Release file is accepted as it has' 'good Until' 'now - 3 days' 'now + 1 day' +runtest 'Release file is rejected as it has' 'bad Until' 'now - 7 days' 'now - 4 days' +runtest 'Release file is rejected as it has' 'bad Until (ignore good Max-Valid)' 'now - 7 days' 'now - 4 days' -o Acquire::Max-ValidTime=1209600 +runtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until)' 'now - 7 days' 'now - 4 days' -o Acquire::Max-ValidTime=86400 +runtest 'Release file is rejected as it has' 'bad Max-Valid (good Until)' 'now - 7 days' 'now + 4 days' -o Acquire::Max-ValidTime=86400 +runtest 'Release file is accepted as it has' 'good labeled Max-Valid' 'now - 7 days' 'now + 4 days' -o Acquire::Max-ValidTime=86400 -o Acquire::Max-ValidTime::Testcases=1209600 +runtest 'Release file is rejected as it has' 'bad labeled Max-Valid' 'now - 7 days' 'now + 4 days' -o Acquire::Max-ValidTime=1209600 -o Acquire::Max-ValidTime::Testcases=86400 +runtest 'Release file is accepted as it has' 'good Until (good Min-Valid, no Max-Valid)' 'now - 7 days' 'now + 1 days' -o Acquire::Min-ValidTime=1209600 +runtest 'Release file is accepted as it has' 'good Min-Valid (bad Until, no Max-Valid)' 'now - 7 days' 'now - 4 days' -o Acquire::Min-ValidTime=1209600 +runtest 'Release file is accepted as it has' 'good Min-Valid (bad Until, good Max-Valid) <' 'now - 7 days' 'now - 2 days' -o Acquire::Min-ValidTime=1209600 -o Acquire::Max-ValidTime=2419200 +runtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, good Min-Valid) >' 'now - 7 days' 'now - 2 days' -o Acquire::Max-ValidTime=12096 -o Acquire::Min-ValidTime=2419200 +runtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, bad Min-Valid) <' 'now - 7 days' 'now - 2 days' -o Acquire::Min-ValidTime=12096 -o Acquire::Max-ValidTime=241920 +runtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, bad Min-Valid) >' 'now - 7 days' 'now - 2 days' -o Acquire::Max-ValidTime=12096 -o Acquire::Min-ValidTime=241920 diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index e558b83e8..3765a4b1f 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -235,10 +235,21 @@ runtest2() { " aptcache show apt failaptnew } -runtest2 +# diable some protection by default and ensure we still do the verification +# correctly +cat > rootdir/etc/apt/apt.conf.d/weaken-security <<EOF +Acquire::AllowInsecureRepositories "1"; +Acquire::AllowDowngradeToInsecureRepositories "1"; +EOF + +msgmsg "Runing base test" +runtest2 DELETEFILE="InRelease" +msgmsg "Running test with deletion of $DELETEFILE" runtest + DELETEFILE="Release.gpg" +msgmsg "Running test with deletion of $DELETEFILE" runtest diff --git a/test/integration/test-resolve-by-keep-new-recommends b/test/integration/test-resolve-by-keep-new-recommends index 8134b76aa..6b1772877 100755 --- a/test/integration/test-resolve-by-keep-new-recommends +++ b/test/integration/test-resolve-by-keep-new-recommends @@ -13,6 +13,7 @@ setupaptarchive UPGRADE_KEEP="Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: foo 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded." diff --git a/test/integration/test-sourceslist-trusted-options b/test/integration/test-sourceslist-trusted-options new file mode 100755 index 000000000..55d4e0233 --- /dev/null +++ b/test/integration/test-sourceslist-trusted-options @@ -0,0 +1,201 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'amd64' + +buildsimplenativepackage 'foo' 'amd64' '1' 'stable' +buildsimplenativepackage 'foo' 'amd64' '2' 'testing' + +setupaptarchive --no-update + +APTARCHIVE=$(readlink -f ./aptarchive) + +everythingsucceeds() { + testequal 'Listing... +foo/testing 2 amd64 +foo/stable 1 amd64 +' apt list foo -a + + cd downloaded + rm -f foo_1_amd64.deb foo_2_amd64.deb + testsuccess aptget download foo "$@" + testsuccess test -s foo_1_amd64.deb -o -s foo_2_amd64.deb + + rm -f foo_1.dsc foo_2.dsc + testsuccess aptget source foo --dsc-only -d "$@" + testsuccess test -s foo_1.dsc -o -s foo_2.dsc + cd - >/dev/null +} + +everythingfails() { + testequal 'Listing... +foo/testing 2 amd64 +foo/stable 1 amd64 +' apt list foo -a + + local WARNING='WARNING: The following packages cannot be authenticated! + foo +E: Some packages could not be authenticated' + + cd downloaded + rm -f foo_1_amd64.deb foo_2_amd64.deb + testfailure aptget download foo "$@" + testequal "$WARNING" tail -n 3 ../rootdir/tmp/testfailure.output + testfailure test -s foo_1_amd64.deb -o -s foo_2_amd64.deb + + rm -f foo_1.dsc foo_2.dsc + testfailure aptget source foo --dsc-only -d "$@" + testequal "$WARNING" tail -n 3 ../rootdir/tmp/testfailure.output + testfailure test -s foo_1.dsc -o -s foo_2.dsc + cd - >/dev/null +} + +cp -a rootdir/etc/apt/sources.list.d/ rootdir/etc/apt/sources.list.d.bak/ +echo 'Debug::Acquire::Transaction "true"; +Debug::pkgAcquire::Worker "true";' > rootdir/etc/apt/apt.conf.d/00debugging + +aptgetupdate() { + rm -rf rootdir/var/lib/apt/lists + # note that insecure with trusted=yes are allowed + # as the trusted=yes indicates that security is provided by + # something above the understanding of apt + ${1:-testsuccess} aptget update --no-allow-insecure-repositories +} + +insecureaptgetupdate() { + rm -rf rootdir/var/lib/apt/lists + testfailure aptget update --no-allow-insecure-repositories + rm -rf rootdir/var/lib/apt/lists + testwarning aptget update --allow-insecure-repositories +} + +msgmsg 'Test without trusted option and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +aptgetupdate +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=yes option and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/* +aptgetupdate +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=no option and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/* +# we want the warnings on the actions, but for 'update' everything is fine +aptgetupdate +everythingfails +everythingfails -t stable +everythingfails -t testing + +find aptarchive/dists/stable \( -name 'InRelease' -o -name 'Release.gpg' \) -delete + +msgmsg 'Test without trusted option and good and unsigned sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +insecureaptgetupdate +everythingsucceeds +everythingfails -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=yes option and good and unsigned sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/* +aptgetupdate 'testwarning' +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=no option and good and unsigned sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/* +insecureaptgetupdate +everythingfails +everythingfails -t stable +everythingfails -t testing + +signreleasefiles 'Marvin Paranoid' 'aptarchive/dists/stable' + +msgmsg 'Test without trusted option and good and unknown sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +insecureaptgetupdate +everythingsucceeds +everythingfails -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=yes option and good and unknown sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/* +aptgetupdate 'testwarning' +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=no option and good and unknown sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/* +insecureaptgetupdate +everythingfails +everythingfails -t stable +everythingfails -t testing + +signreleasefiles 'Rex Expired' 'aptarchive/dists/stable' +cp -a keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg + +msgmsg 'Test without trusted option and good and expired sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +insecureaptgetupdate +everythingsucceeds +everythingfails -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=yes option and good and expired sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/* +aptgetupdate 'testwarning' +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=no option and good and expired sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/* +insecureaptgetupdate +everythingfails +everythingfails -t stable +everythingfails -t testing + +# same as the one further above, but this time testing is unsigned +find aptarchive/ \( -name 'InRelease' -o -name 'Release.gpg' \) -delete +signreleasefiles 'Joe Sixpack' 'aptarchive/dists/stable' + +msgmsg 'Test without trusted option and unsigned and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +insecureaptgetupdate +everythingfails +everythingsucceeds -t stable +everythingfails -t testing + +msgmsg 'Test with trusted=yes option and unsigned and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/* +aptgetupdate 'testwarning' +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=no option and unsigned and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/* +insecureaptgetupdate +everythingfails +everythingfails -t stable +everythingfails -t testing diff --git a/test/integration/test-suggest-installed-multiarch-silbing b/test/integration/test-suggest-installed-multiarch-silbing index d55d250aa..89640a30c 100755 --- a/test/integration/test-suggest-installed-multiarch-silbing +++ b/test/integration/test-suggest-installed-multiarch-silbing @@ -9,8 +9,7 @@ configarchitecture 'amd64' 'i386' 'armel' insertinstalledpackage 'foo' 'i386' '1' insertpackage 'unstable' 'foo' 'amd64,i386' '1' -insertinstalledpackage 'foo2' 'i386' '1' -insertpackage 'unstable' 'foo2' 'i386' '1' +insertpackage 'unstable,installed' 'foo2' 'i386' '1' insertinstalledpackage 'foo3' 'amd64' '1' insertpackage 'unstable' 'foo3' 'amd64,i386' '1' diff --git a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum new file mode 100755 index 000000000..574183b0a --- /dev/null +++ b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum @@ -0,0 +1,264 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'native' + +cat > aptarchive/Sources <<EOF +Package: pkg-md5-ok +Binary: pkg-md5-ok +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz + +Package: pkg-sha256-ok +Binary: pkg-sha256-ok +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-ok_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-ok_1.0.tar.gz +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-ok_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-ok_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz + +Package: pkg-sha256-bad +Binary: pkg-sha256-bad +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-bad_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-bad_1.0.tar.gz +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-bad_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-bad_1.0.tar.gz +Checksums-Sha256: + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz + +Package: pkg-no-md5 +Binary: pkg-no-md5 +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-no-md5_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-no-md5_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-no-md5_1.0.dsc + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-no-md5_1.0.tar.gz + +Package: pkg-mixed-ok +Binary: pkg-mixed-ok +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Checksums-Sha1: + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-mixed-ok_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-mixed-ok_1.0.dsc + +Package: pkg-mixed-sha1-bad +Binary: pkg-mixed-sha1-bad +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Checksums-Sha1: + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-mixed-sha1-bad_1.0.dsc +Checksums-Sha256: + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-mixed-sha1-bad_1.0.tar.gz + +Package: pkg-mixed-sha2-bad +Binary: pkg-mixed-sha2-bad +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-mixed-sha2-bad_1.0.dsc +Checksums-Sha256: + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-mixed-sha2-bad_1.0.tar.gz + +Package: pkg-md5-disagree +Binary: pkg-md5-disagree +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-disagree_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-disagree_1.0.tar.gz + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-disagree_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-disagree_1.0.tar.gz + +Package: pkg-md5-agree +Binary: pkg-md5-agree +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc + +Package: pkg-sha256-disagree +Binary: pkg-sha256-disagree +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-disagree_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-disagree_1.0.tar.gz +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-disagree_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-disagree_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-disagree_1.0.dsc + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-disagree_1.0.tar.gz + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-disagree_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-disagree_1.0.tar.gz +EOF + +# create fetchable files +for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \ + 'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \ + 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree'; do + echo -n 'dsc' > aptarchive/${x}_1.0.dsc + echo -n 'tar' > aptarchive/${x}_1.0.tar.gz +done + +setupaptarchive +changetowebserver +testsuccess aptget update + +cd downloaded + +testok() { + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testequal "Reading package lists... +Building dependency tree... +Need to get 6 B of source archives. +Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B] +Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B] +Download complete and in download only mode" aptget source -d "$@" + msgtest 'Files were successfully downloaded for' "$1" + testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz +} + +testkeep() { + echo -n 'dsc' > ${1}_1.0.dsc + echo -n 'tar' > ${1}_1.0.tar.gz + testequal "Reading package lists... +Building dependency tree... +Skipping already downloaded file '${1}_1.0.dsc' +Skipping already downloaded file '${1}_1.0.tar.gz' +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d "$@" + msgtest 'Files already downloaded are kept for' "$1" + testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz +} + +testmismatch() { + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testequal "Reading package lists... +Building dependency tree... +Need to get 6 B of source archives. +Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B] +Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B] +E: Failed to fetch http://localhost:8080/${1}_1.0.dsc Hash Sum mismatch + +E: Failed to fetch http://localhost:8080/${1}_1.0.tar.gz Hash Sum mismatch + +E: Failed to fetch some archives." aptget source -d "$@" + msgtest 'Files were not download as they have hashsum mismatches for' "$1" + testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testequal "Reading package lists... +Building dependency tree... +Skipping download of file 'pkg-sha256-bad_1.0.dsc' as requested hashsum is not available for authentication +Skipping download of file 'pkg-sha256-bad_1.0.tar.gz' as requested hashsum is not available for authentication +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26 + msgtest 'Files were not download as hash is unavailable for' "$1" + testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testequal "Reading package lists... +Building dependency tree... +Need to get 6 B of source archives. +Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B] +Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B] +Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26 + msgtest 'Files were downloaded unauthenticated as user allowed it' "$1" + testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz +} + +testok pkg-md5-ok +testkeep pkg-md5-ok +testok pkg-sha256-ok +testkeep pkg-sha256-ok + +# pkg-sha256-bad has a bad SHA sum, but good MD5 sum. If apt is +# checking the best available hash (as it should), this will trigger +# a hash mismatch. +testmismatch pkg-sha256-bad +testmismatch pkg-sha256-bad +testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum + +# not having MD5 sum doesn't mean the file doesn't exist at all … +testok pkg-no-md5 +testok pkg-no-md5 -o Acquire::ForceHash=SHA256 +testequal "Reading package lists... +Building dependency tree... +Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication +Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d pkg-no-md5 -o Acquire::ForceHash=MD5Sum +msgtest 'Files were not download as MD5 is not available for this package' 'pkg-no-md5' +testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz + +# deal with cases in which we haven't for all files the same checksum type +# mostly pathologic as this shouldn't happen, but just to be sure +testok pkg-mixed-ok +testequal 'Reading package lists... +Building dependency tree... +Need to get 6 B of source archives. +Get:1 http://localhost:8080/ pkg-mixed-sha1-bad 1.0 (tar) [3 B] +Get:2 http://localhost:8080/ pkg-mixed-sha1-bad 1.0 (dsc) [3 B] +E: Failed to fetch http://localhost:8080/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch + +E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha1-bad +msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad' +testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz +testequal 'Reading package lists... +Building dependency tree... +Need to get 6 B of source archives. +Get:1 http://localhost:8080/ pkg-mixed-sha2-bad 1.0 (tar) [3 B] +Get:2 http://localhost:8080/ pkg-mixed-sha2-bad 1.0 (dsc) [3 B] +E: Failed to fetch http://localhost:8080/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch + +E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha2-bad +msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad' +testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz + +# it gets even more pathologic: multiple entries for one file, some even disagreeing! +testok pkg-md5-agree +testequal 'Reading package lists... +Building dependency tree... +E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree +testequal 'Reading package lists... +Building dependency tree... +E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree diff --git a/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard b/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard index 2f2d384e1..45f70a898 100755 --- a/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard +++ b/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard @@ -27,6 +27,7 @@ setupaptarchive # discourage keeping obsolete high-priority packages … testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: not-downloadable The following packages will be upgraded: @@ -43,6 +44,7 @@ done testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: upgradable 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.' aptget -s dist-upgrade diff --git a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall index a773660d2..df2c69cf6 100755 --- a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall +++ b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall @@ -21,6 +21,7 @@ if downloadfile http://localhost:8080/holygrail ./knights-talking >/dev/null; th else msgfail fi + testfileequal knights-talking 'ni ni ni' ensure_n_canary_strings_in_dir() { @@ -35,8 +36,8 @@ ensure_n_canary_strings_in_dir() { LISTS='rootdir/var/lib/apt/lists' rm -rf rootdir/var/lib/apt/lists -msgtest 'Got expected NODATA failure in' 'apt-get update' -aptget update -qq 2>&1 | grep -q 'E: GPG error.*NODATA' && msgpass || msgfail +msgtest 'Got expected failure message' 'apt-get update' +aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0 testequal 'partial' ls $LISTS @@ -46,8 +47,8 @@ for f in Release Release.gpg main_binary-amd64_Packages main_source_Sources; do echo 'peng neee-wom' > $LISTS/localhost:8080_dists_stable_${f} done -msgtest 'Got expected NODATA failure in' 'apt-get update' -aptget update -qq 2>&1 | grep -q 'E: GPG error.*NODATA' && msgpass || msgfail +msgtest 'Got expected failure message in' 'apt-get update' +aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail ensure_n_canary_strings_in_dir $LISTS 'peng neee-wom' 4 ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0 @@ -56,7 +57,7 @@ ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0 echo 'peng neee-wom' > $LISTS/localhost:8080_dists_stable_InRelease rm -f $LISTS/localhost:8080_dists_stable_Release $LISTS/localhost:8080_dists_stable_Release.gpg msgtest 'excpected failure of' 'apt-get update' -aptget update -qq 2>&1 | grep -q 'E: GPG error.*NODATA' && msgpass || msgfail +aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail ensure_n_canary_strings_in_dir $LISTS 'peng neee-wom' 3 ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0 diff --git a/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only b/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only index 50ca2bf57..09315868b 100755 --- a/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only +++ b/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only @@ -28,12 +28,10 @@ MD5Sum: done msgtest 'The unsigned garbage before signed block is' 'ignored' -testsuccess --nomsg aptget update +aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail ROOTDIR="$(readlink -f .)" testequal "Package files: 100 ${ROOTDIR}/rootdir/var/lib/dpkg/status release a=now - 500 file:${ROOTDIR}/aptarchive/ unstable/main i386 Packages - release a=unstable,n=sid,c=main Pinned packages:" aptcache policy diff --git a/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering b/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering index 462acad00..d2b6b9bad 100755 --- a/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering +++ b/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering @@ -14,6 +14,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: custom 1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages b/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages index c1d454f88..409d1212c 100755 --- a/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages +++ b/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages @@ -28,6 +28,7 @@ setupaptarchive testequalor2 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: ure The following packages will be upgraded: @@ -44,6 +45,7 @@ Conf libreoffice-core (4 sid [amd64]) Conf libreoffice-style-galaxy (4 sid [amd64]) Conf libreoffice (4 sid [amd64])' 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: ure The following packages will be upgraded: diff --git a/test/integration/test-xorg-break-providers b/test/integration/test-xorg-break-providers index 139d2c915..0be57d979 100755 --- a/test/integration/test-xorg-break-providers +++ b/test/integration/test-xorg-break-providers @@ -26,6 +26,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget install x testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: xserver-xorg-core xserver-xorg-video-intel 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -35,6 +36,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget upgrade - testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: xserver-xorg-core xserver-xorg-video-intel 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. |