diff options
Diffstat (limited to 'test/integration')
69 files changed, 1747 insertions, 227 deletions
diff --git a/test/integration/framework b/test/integration/framework index 7923e23d9..75cec204c 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -47,6 +47,9 @@ msgskip() { printf "${CWARNING}SKIP${CNORMAL}\n" >&2; } msgfail() { if [ $# -gt 0 ]; then printf "${CFAIL}FAIL: $*${CNORMAL}\n" >&2; else printf "${CFAIL}FAIL${CNORMAL}\n" >&2; fi + if [ -n "$APT_DEBUG_TESTS" ]; then + bash + fi EXIT_CODE=$((EXIT_CODE+1)); } @@ -102,10 +105,10 @@ runapt() { local CMD="$1" shift case $CMD in - sh|aptitude|*/*) ;; + sh|aptitude|*/*|command) ;; *) CMD="${BUILDDIRECTORY}/$CMD";; esac - MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH=${BUILDDIRECTORY} $CMD "$@" + MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH=${LIBRARYPATH} $CMD "$@" } aptconfig() { runapt apt-config "$@"; } aptcache() { runapt apt-cache "$@"; } @@ -129,18 +132,9 @@ dpkgcheckbuilddeps() { command dpkg-checkbuilddeps --admindir=${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg "$@" } gdb() { - echo "gdb: run »$*«" - CMD="$1" + local CMD="$1" shift - - APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${LIBRARYPATH} command gdb ${BUILDDIRECTORY}/$CMD --args ${BUILDDIRECTORY}/$CMD "$@" -} -gpg() { - # see apt-key for the whole trickery. Setup is done in setupenvironment - command gpg --ignore-time-conflict --no-options --no-default-keyring \ - --homedir "${TMPWORKINGDIRECTORY}/gnupghome" \ - --no-auto-check-trustdb --trust-model always \ - "$@" + runapt command gdb --quiet -ex run "${BUILDDIRECTORY}/$CMD" --args "${BUILDDIRECTORY}/$CMD" "$@" } exitwithstatus() { @@ -173,9 +167,10 @@ addtrap() { setupenvironment() { TMPWORKINGDIRECTORY=$(mktemp -d) - TESTDIRECTORY=$(readlink -f $(dirname $0)) + addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;" msgninfo "Preparing environment for ${CCMD}$(basename $0)${CINFO} in ${TMPWORKINGDIRECTORY}… " + TESTDIRECTORY=$(readlink -f $(dirname $0)) # allow overriding the default BUILDDIR location BUILDDIRECTORY=${APT_INTEGRATION_TESTS_BUILD_DIR:-"${TESTDIRECTORY}/../../build/bin"} LIBRARYPATH=${APT_INTEGRATION_TESTS_LIBRARY_PATH:-"${BUILDDIRECTORY}"} @@ -186,7 +181,6 @@ setupenvironment() { test -x "${BUILDDIRECTORY}/apt-get" || msgdie "You need to build tree first" # ----- - addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;" cd $TMPWORKINGDIRECTORY mkdir rootdir aptarchive keys cd rootdir @@ -219,12 +213,15 @@ setupenvironment() { cp "${TESTDIRECTORY}/${SOURCESSFILE}" aptarchive/Sources fi cp $(find $TESTDIRECTORY -name '*.pub' -o -name '*.sec') keys/ + chmod 644 $(find keys -name '*.pub' -o -name '*.sec') ln -s ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + echo "Dir \"${TMPWORKINGDIRECTORY}/rootdir\";" > aptconfig.conf echo "Dir::state::status \"${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status\";" >> aptconfig.conf echo "Debug::NoLocking \"true\";" >> aptconfig.conf echo "APT::Get::Show-User-Simulation-Note \"false\";" >> aptconfig.conf echo "Dir::Bin::Methods \"${METHODSDIR}\";" >> aptconfig.conf + echo "Dir::Bin::apt-key \"${BUILDDIRECTORY}/apt-key\";" >> aptconfig.conf echo "Dir::Bin::dpkg \"fakeroot\";" >> aptconfig.conf echo "DPKG::options:: \"dpkg\";" >> aptconfig.conf echo "DPKG::options:: \"--root=${TMPWORKINGDIRECTORY}/rootdir\";" >> aptconfig.conf @@ -235,25 +232,20 @@ setupenvironment() { fi echo "DPKG::options:: \"--log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log\";" >> aptconfig.conf echo 'quiet::NoUpdate "true";' >> aptconfig.conf + echo 'quiet::NoStatistic "true";' >> aptconfig.conf + # too distracting for users, but helpful to detect changes + echo 'Acquire::Progress::Ignore::ShowErrorText "true";' >> aptconfig.conf + # in testcases, it can appear as if localhost has a rotation setup, + # hide this as we can't really deal with it properly + echo 'Acquire::Failure::ShowIP "false";' >> aptconfig.conf + echo "Acquire::https::CaInfo \"${TESTDIR}/apt.pem\";" > rootdir/etc/apt/apt.conf.d/99https - echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary + echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary configcompression '.' 'gz' #'bz2' 'lzma' 'xz' - # gpg needs a trustdb to function, but it can't be invalid (not even empty) - # see also apt-key where this trickery comes from: - local TRUSTDBDIR="${TMPWORKINGDIRECTORY}/gnupghome" - mkdir "$TRUSTDBDIR" - chmod 700 "$TRUSTDBDIR" - # We also don't use a secret keyring, of course, but gpg panics and - # implodes if there isn't one available - and writeable for imports - local SECRETKEYRING="${TRUSTDBDIR}/secring.gpg" - touch $SECRETKEYRING - # now create the trustdb with an (empty) dummy keyring - # newer gpg versions are fine without it, but play it safe for now - gpg --quiet --check-trustdb --secret-keyring $SECRETKEYRING --keyring $SECRETKEYRING >/dev/null 2>&1 - # cleanup the environment a bit - export PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin" + # prefer our apt binaries over the system apt binaries + export PATH="${BUILDDIRECTORY}:${PATH}:/usr/local/sbin:/usr/sbin:/sbin" export LC_ALL=C.UTF-8 unset LANGUAGE APT_CONFIG unset GREP_OPTIONS DEB_BUILD_PROFILES @@ -478,8 +470,8 @@ Package: $NAME" >> ${BUILDDIR}/debian/control | while read SRC; do echo "pool/${SRC}" >> ${BUILDDIR}/../${RELEASE}.${DISTSECTION}.srclist # if expr match "${SRC}" '.*\.dsc' >/dev/null 2>&1; then -# gpg --yes --secret-keyring ./keys/joesixpack.sec \ -# --keyring ./keys/joesixpack.pub --default-key 'Joe Sixpack' \ +# aptkey --keyring ./keys/joesixpack.pub --secret-keyring ./keys/joesixpack.sec --quiet --readonly \ +# adv --yes --default-key 'Joe Sixpack' \ # --clearsign -o "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC" # mv "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC" # fi @@ -733,7 +725,7 @@ buildaptarchivefromincoming() { aptftparchive -qq generate ftparchive.conf cd - > /dev/null msgdone "info" - generatereleasefiles + generatereleasefiles "$@" } buildaptarchivefromfiles() { @@ -848,24 +840,28 @@ setupflataptarchive() { } setupaptarchive() { - buildaptarchive + local NOUPDATE=0 + if [ "$1" = '--no-update' ]; then + NOUPDATE=1 + shift + fi + buildaptarchive "$@" if [ -e aptarchive/dists ]; then setupdistsaptarchive else setupflataptarchive fi - signreleasefiles - if [ "$1" != '--no-update' ]; then - msgninfo "\tSync APT's cache with the archive… " - aptget update -qq - msgdone "info" + signreleasefiles 'Joe Sixpack' "$@" + if [ "1" != "$NOUPDATE" ]; then + testsuccess aptget update -o Debug::pkgAcquire::Worker=true -o Debug::Acquire::gpgv=true fi } signreleasefiles() { local SIGNER="${1:-Joe Sixpack}" - local GPG="gpg --batch --yes" - msgninfo "\tSign archive with $SIGNER key… " + local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')" + local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes" + msgninfo "\tSign archive with $SIGNER key $KEY… " local REXKEY='keys/rexexpired' local SECEXPIREBAK="${REXKEY}.sec.bak" local PUBEXPIREBAK="${REXKEY}.pub.bak" @@ -881,17 +877,14 @@ signreleasefiles() { cp $SECUNEXPIRED ${REXKEY}.sec cp $PUBUNEXPIRED ${REXKEY}.pub else - printf "expire\n1w\nsave\n" | $GPG --keyring ${REXKEY}.pub --secret-keyring ${REXKEY}.sec --command-fd 0 --edit-key "${SIGNER}" >/dev/null 2>&1 || true + if ! printf "expire\n1w\nsave\n" | $GPG --default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then + cat setexpire.gpg + exit 1 + fi cp ${REXKEY}.sec $SECUNEXPIRED cp ${REXKEY}.pub $PUBUNEXPIRED fi fi - for KEY in $(find keys/ -name '*.sec'); do - GPG="$GPG --secret-keyring $KEY" - done - for KEY in $(find keys/ -name '*.pub'); do - GPG="$GPG --keyring $KEY" - done for RELEASE in $(find aptarchive/ -name Release); do $GPG --default-key "$SIGNER" --armor --detach-sign --sign --output ${RELEASE}.gpg ${RELEASE} local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')" @@ -1196,6 +1189,19 @@ testfailure() { fi } +testaccessrights() { + msgtest "Test that file $1 has access rights set to" "$2" + if [ "$2" = "$(stat --format '%a' "$1")" ]; then + msgpass + else + echo >&2 + ls -l >&2 "$1" + echo -n >&2 "stat(1) reports access rights: " + stat --format '%a' "$1" + msgfail + fi +} + testwebserverlaststatuscode() { local DOWNLOG='rootdir/tmp/webserverstatus-testfile.log' local STATUS='rootdir/tmp/webserverstatus-statusfile.log' diff --git a/test/integration/skip-aptwebserver b/test/integration/skip-aptwebserver new file mode 100755 index 000000000..0622941ce --- /dev/null +++ b/test/integration/skip-aptwebserver @@ -0,0 +1,25 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'amd64' + +buildsimplenativepackage 'apt' 'all' '1.0' 'stable' + +setupaptarchive +changetowebserver + +rm -rf rootdir/var/lib/apt/lists +aptget update -qq +testequal 'Hit http://localhost stable InRelease +Hit http://localhost stable/main Sources +Hit http://localhost stable/main amd64 Packages +Hit http://localhost stable/main Translation-en +Reading package lists...' aptget update + +mv rootdir/var/lib/apt/lists/localhost* rootdir/var/lib/apt/lists/partial +aptget update + diff --git a/test/integration/test-allow-scores-for-all-dependency-types b/test/integration/test-allow-scores-for-all-dependency-types index a5c98f3d6..d1bcf1130 100755 --- a/test/integration/test-allow-scores-for-all-dependency-types +++ b/test/integration/test-allow-scores-for-all-dependency-types @@ -39,6 +39,7 @@ insertinstalledpackage 'libdb-dev' 'amd64' '5.1.7' 'Depends: libdb5.1-dev' insertinstalledpackage 'libdb5.1-dev' 'amd64' '5.1.29-7' testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: libdb5.1-dev The following NEW packages will be installed: @@ -53,6 +54,7 @@ Conf libdb5.3-dev (5.3.28-3 unversioned [amd64]) Conf libdb-dev (5.3.0 unversioned [amd64])' aptget dist-upgrade -st unversioned testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: libdb5.1-dev The following NEW packages will be installed: @@ -71,21 +73,25 @@ insertinstalledpackage 'foo' 'amd64' '1' insertinstalledpackage 'bar' 'amd64' '1' testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: bar foo 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.' aptget dist-upgrade -st unversioned testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: bar foo 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.' aptget dist-upgrade -st versioned testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: bar foo 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.' aptget dist-upgrade -st multipleno testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: foo The following packages will be upgraded: diff --git a/test/integration/test-apt-by-hash-update b/test/integration/test-apt-by-hash-update new file mode 100755 index 000000000..6e1ecdaff --- /dev/null +++ b/test/integration/test-apt-by-hash-update @@ -0,0 +1,49 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +insertpackage 'unstable' 'foo' 'all' '1.0' + +setupaptarchive --no-update + +APTARCHIVE=$(readlink -f ./aptarchive) + +# make Packages *only* accessable by-hash for this test +mkdir -p aptarchive/dists/unstable/main/binary-i386/by-hash/SHA512 +(cd aptarchive/dists/unstable/main/binary-i386/by-hash/SHA512 && + mv ../../Packages* . && + ln -s Packages.gz $(sha512sum Packages.gz|cut -f1 -d' ') ) + +# add sources +mkdir -p aptarchive/dists/unstable/main/source/by-hash/SHA512 +(cd aptarchive/dists/unstable/main/source/by-hash/SHA512 && + ln -s ../../Sources.gz $(sha512sum ../../Sources.gz|cut -f1 -d' ') +) + +# we moved the Packages file away, normal update won't work +testfailure aptget upate + +# ensure we do not know about "foo" +testequal "Reading package lists... +Building dependency tree... +E: Unable to locate package foo" aptget install -q -s foo + +# ensure we can apt-get update by hash +testsuccess aptget update -o APT::Acquire::By-Hash=1 + +# ensure it works +testequal "Inst foo (1.0 unstable [all]) +Conf foo (1.0 unstable [all])" aptget install -qq -s foo + +# add magic string to Release file ... +MAGIC="Acquire-By-Hash: true" +sed -i "s#Suite: unstable#Suite: unstable\n$MAGIC#" aptarchive/dists/unstable/Release +signreleasefiles +# ... and verify that it fetches by hash now +testsuccess aptget update + diff --git a/test/integration/test-apt-cdrom b/test/integration/test-apt-cdrom index 8d8fdf167..9fbc4288d 100755 --- a/test/integration/test-apt-cdrom +++ b/test/integration/test-apt-cdrom @@ -29,7 +29,7 @@ aptcdromlog() { test ! -e rootdir/media/cdrom || echo "CD-ROM is mounted, but shouldn't be!" test -e rootdir/media/cdrom-unmounted || echo "Unmounted CD-ROM doesn't exist, but it should!" aptcdrom "$@" -o quiet=1 >rootdir/tmp/apt-cdrom.log 2>&1 </dev/null - sed -e '/gpgv/ d' -e '/^Identifying/ d' -e '/Reading / d' rootdir/tmp/apt-cdrom.log + sed -e '/gpgv\?: Signature made/ d' -e '/gpgv\?: Good signature/ d' -e '/^Identifying/ d' -e '/Reading / d' rootdir/tmp/apt-cdrom.log test ! -e rootdir/media/cdrom || echo "CD-ROM is mounted, but shouldn't be!" test -e rootdir/media/cdrom-unmounted || echo "Unmounted CD-ROM doesn't exist, but it should!" } diff --git a/test/integration/test-apt-ftparchive-src-cachedb b/test/integration/test-apt-ftparchive-src-cachedb index adcca6217..e7b148530 100755 --- a/test/integration/test-apt-ftparchive-src-cachedb +++ b/test/integration/test-apt-ftparchive-src-cachedb @@ -177,6 +177,11 @@ assert_correct_sources_file mkdir aptarchive/pool/invalid printf "meep" > aptarchive/pool/invalid/invalid_1.0.dsc testequal " +E: Could not find a record in the DSC 'aptarchive/pool/invalid/invalid_1.0.dsc'" aptftparchive sources aptarchive/pool/invalid +rm -f aptarchive/pool/invalid/invalid_1.0.dsc + +printf "meep: yes" > aptarchive/pool/invalid/invalid_1.0.dsc +testequal " E: Could not find a Source entry in the DSC 'aptarchive/pool/invalid/invalid_1.0.dsc'" aptftparchive sources aptarchive/pool/invalid rm -f aptarchive/pool/invalid/invalid_1.0.dsc diff --git a/test/integration/test-apt-get-build-dep b/test/integration/test-apt-get-build-dep new file mode 100755 index 000000000..87ec6e54d --- /dev/null +++ b/test/integration/test-apt-get-build-dep @@ -0,0 +1,129 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +buildsimplenativepackage 'debhelper' 'i386' '7' 'stable' +buildsimplenativepackage 'build-essential' 'i386' '1' 'stable' + +setupaptarchive +cat > 2vcard_0.5-3.dsc <<EOF +Format: 1.0 +Source: 2vcard +Binary: 2vcard +Architecture: all +Version: 0.5-3 +Maintainer: Martin Albisetti <argentina@gmail.com> +Uploaders: Marcela Tiznado <mlt@debian.org> +Standards-Version: 3.8.0 +Build-Depends: debhelper (>= 5.0.37) +Checksums-Sha1: + b7f1ce31ec856414a3f0f1090689f91aa7456d56 9398 2vcard_0.5.orig.tar.gz + 5f9acd07ebda6ab00fa6b4fe3198c13e94090862 2036 2vcard_0.5-3.diff.gz +Checksums-Sha256: + efdc22859ac2f8f030d038dc4faa9020082ebae34212498c288968ffd45c9764 9398 2vcard_0.5.orig.tar.gz + 82673ff3456af571094066c89bcea87b25c23c87cf1d0050b731e5222563626b 2036 2vcard_0.5-3.diff.gz +Files: + f73a69c170f772f3f6e75f2d11bbb792 9398 2vcard_0.5.orig.tar.gz + 1e806d32233af87437258d86b1561f57 2036 2vcard_0.5-3.diff.gz +EOF + +testequal "Reading package lists... +Building dependency tree... +Note, using file '2vcard_0.5-3.dsc' to get the build dependencies +The following NEW packages will be installed: + build-essential debhelper +0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. +Inst build-essential (1 stable [i386]) +Inst debhelper (7 stable [i386]) +Conf build-essential (1 stable [i386]) +Conf debhelper (7 stable [i386])" aptget build-dep -s 2vcard_0.5-3.dsc + +cat > 2vcard_0.5-3.dsc <<EOF +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +Format: 1.0 +Source: 2vcard +Binary: 2vcard +Architecture: all +Version: 0.5-3 +Maintainer: Martin Albisetti <argentina@gmail.com> +Uploaders: Marcela Tiznado <mlt@debian.org> +Standards-Version: 3.8.0 +Build-Depends: debhelper (>= 5.0.37) +Checksums-Sha1: + b7f1ce31ec856414a3f0f1090689f91aa7456d56 9398 2vcard_0.5.orig.tar.gz + 5f9acd07ebda6ab00fa6b4fe3198c13e94090862 2036 2vcard_0.5-3.diff.gz +Checksums-Sha256: + efdc22859ac2f8f030d038dc4faa9020082ebae34212498c288968ffd45c9764 9398 2vcard_0.5.orig.tar.gz + 82673ff3456af571094066c89bcea87b25c23c87cf1d0050b731e5222563626b 2036 2vcard_0.5-3.diff.gz +Files: + f73a69c170f772f3f6e75f2d11bbb792 9398 2vcard_0.5.orig.tar.gz + 1e806d32233af87437258d86b1561f57 2036 2vcard_0.5-3.diff.gz + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.9 (GNU/Linux) + +iEYEARECAAYFAkijKhsACgkQsrBfRdYmq7aA2gCfaOW9riTYVQMx5ajKQVAcctlC +z2UAn1oXgTai6opwhVfkxrlmJ+iRxzuc +=4eRd +-----END PGP SIGNATURE----- +EOF + +testequal "Reading package lists... +Building dependency tree... +Note, using file '2vcard_0.5-3.dsc' to get the build dependencies +The following NEW packages will be installed: + build-essential debhelper +0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. +Inst build-essential (1 stable [i386]) +Inst debhelper (7 stable [i386]) +Conf build-essential (1 stable [i386]) +Conf debhelper (7 stable [i386])" aptget build-dep --simulate 2vcard_0.5-3.dsc + + +# unpacked source dir +mkdir -p foo-1.0/debian +cat > foo-1.0/debian/control <<'EOF' +Source: apturl +Section: admin +Priority: optional +Maintainer: Michael Vogt <mvo@ubuntu.com> +Build-Depends: debhelper (>= 7) +X-Python3-Version: >= 3.2 +Standards-Version: 3.9.3 + +Package: apturl-common +Architecture: any +Depends: ${python3:Depends}, + ${shlibs:Depends}, + ${misc:Depends}, + python3-apt, + python3-update-manager +Replaces: apturl (<< 0.3.6ubuntu2) +Description: install packages using the apt protocol - common data + AptUrl is a simple graphical application that takes an URL (which follows the + apt-protocol) as a command line option, parses it and carries out the + operations that the URL describes (that is, it asks the user if he wants the + indicated packages to be installed and if the answer is positive does so for + him). + . + This package contains the common data shared between the frontends. + +EOF + +testequal "Reading package lists... +Building dependency tree... +Note, using directory './foo-1.0' to get the build dependencies +The following NEW packages will be installed: + build-essential debhelper +0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. +Inst build-essential (1 stable [i386]) +Inst debhelper (7 stable [i386]) +Conf build-essential (1 stable [i386]) +Conf debhelper (7 stable [i386])" aptget build-dep --simulate ./foo-1.0 diff --git a/test/integration/test-apt-get-changelog b/test/integration/test-apt-get-changelog index 4ee113482..02d6c39ab 100755 --- a/test/integration/test-apt-get-changelog +++ b/test/integration/test-apt-get-changelog @@ -13,6 +13,12 @@ setupaptarchive --no-update changetowebserver testsuccess aptget update +# simulate normal user with non-existent root-owned directories +rm -rf rootdir/var/cache/apt/archives/ +mkdir rootdir/var/cache/apt/archives/ +addtrap 'prefix' "chmod -f -R +w $PWD/rootdir/var/cache/apt/archives || true;" +chmod -R -w rootdir/var/cache/apt/archives + echo 'Apt::Changelogs::Server "http://localhost:8080/";' > rootdir/etc/apt/apt.conf.d/changelog.conf testequal "'http://localhost:8080//pool/apt_1.0/changelog'" aptget changelog apt --print-uris diff --git a/test/integration/test-apt-get-clean b/test/integration/test-apt-get-clean new file mode 100755 index 000000000..98f7c84d0 --- /dev/null +++ b/test/integration/test-apt-get-clean @@ -0,0 +1,35 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'amd64' + +insertpackage 'testing' 'foo' 'all' '1' +insertpackage 'unstable' 'foo' 'all' '2' +insertinstalledpackage 'foo' 'all' '3' + +setupaptarchive + +# nothing to do always works +testsuccess aptget clean + +# generate some dirt and clean it up +touch rootdir/var/lib/apt/lists/partial/http.debian.net_debian_dists_sid_main_i18n_Translation-en +mkdir -p rootdir/var/cache/apt/archives +touch rootdir/var/cache/apt/archives/foo_1_all.deb +touch rootdir/var/cache/apt/archives/foo_2_all.deb +touch rootdir/var/cache/apt/archives/foo_3_all.deb +touch rootdir/var/cache/apt/archives/foo_4_all.deb + +testsuccess aptget clean + +testsuccess test ! -e rootdir/var/lib/apt/lists/partial/http.debian.net_debian_dists_sid_main_i18n_Translation-en +testsuccess test ! -e rootdir/var/cache/apt/archives/foo_1_all.deb +testsuccess test ! -e rootdir/var/cache/apt/archives/foo_2_all.deb +testsuccess test ! -e rootdir/var/cache/apt/archives/foo_3_all.deb +testsuccess test ! -e rootdir/var/cache/apt/archives/foo_4_all.deb + + diff --git a/test/integration/test-apt-get-download b/test/integration/test-apt-get-download index be3144e1f..0514542b3 100755 --- a/test/integration/test-apt-get-download +++ b/test/integration/test-apt-get-download @@ -11,8 +11,23 @@ buildsimplenativepackage 'apt' 'all' '1.0' 'stable' buildsimplenativepackage 'apt' 'all' '2.0' 'unstable' insertinstalledpackage 'vrms' 'all' '1.0' +umask 0027 + setupaptarchive +# apt-ftparchive knows how to chmod files +find aptarchive/dists -name '*Packages*' -type f | while read file; do + testaccessrights "$file" '644' +done +# created by the framework without special care +find aptarchive/dists -name '*Release*' -type f | while read file; do + testaccessrights "$file" '640' +done +# all copied files are properly chmodded +find rootdir/var/lib/apt/lists -type f | while read file; do + testaccessrights "$file" '644' +done + testdownload() { local APT="$2" if [ -n "$3" ]; then @@ -20,10 +35,19 @@ testdownload() { fi msgtest "Test download of package file $1 with" "$APT" testsuccess --nomsg aptget download ${APT} - testsuccess test -f $1 - rm $1 + testsuccess test -f "$1" + rm -f "$1" } +# normal case as "root" +testdownload apt_2.0_all.deb apt + +# simulate normal user with non-existent root-owned directories +rm -rf rootdir/var/cache/apt/archives/ +mkdir rootdir/var/cache/apt/archives/ +addtrap 'prefix' "chmod -f -R +w $PWD/rootdir/var/cache/apt/archives || true;" +chmod -R -w rootdir/var/cache/apt/archives + # normal case(es) testdownload apt_1.0_all.deb apt stable testdownload apt_2.0_all.deb apt @@ -45,3 +69,18 @@ rm -f apt_1.0_all.deb apt_2.0_all.deb testsuccess aptget download apt apt apt/unstable apt=2.0 testsuccess test -s apt_2.0_all.deb +# restore "root" rights +chmod -f -R +w $PWD/rootdir/var/cache/apt/archives +rm -rf rootdir/var/cache/apt/archives/ + +# file: debs aren't copied to archives, so change to http which obviously are +changetowebserver +testsuccess aptget update + +# test with already stored deb +testsuccess aptget install -d apt +testsuccess test -s rootdir/var/cache/apt/archives/apt_2.0_all.deb +testaccessrights 'aptarchive/pool/apt_2.0_all.deb' '644' +mv aptarchive/pool/apt_2.0_all.deb aptarchive/pool/apt_2.0_all.deb.gone +testdownload apt_2.0_all.deb apt +mv aptarchive/pool/apt_2.0_all.deb.gone aptarchive/pool/apt_2.0_all.deb diff --git a/test/integration/test-apt-get-install-deb b/test/integration/test-apt-get-install-deb new file mode 100755 index 000000000..700009da5 --- /dev/null +++ b/test/integration/test-apt-get-install-deb @@ -0,0 +1,30 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# regression test for #754904 +testequal 'E: Unable to locate package /dev/null' aptget install -qq /dev/null + +# and ensure we fail for invalid debs +cat > foo.deb <<EOF +I'm not a deb, I'm a teapot. +EOF +testequal 'E: Sub-process Popen returned an error code (100) +E: Encountered a section with no Package: header +E: Problem with MergeLister for ./foo.deb +E: The package lists or status file could not be parsed or opened.' aptget install -qq ./foo.deb + +# fakeroot is currently not found, framwork needs updating +# +#buildsimplenativepackage 'foo' 'all' '1.0' +# +#testequal 'Selecting previously unselected package foo. +#(Reading database ... 0 files and directories currently installed.) +# Preparing to unpack .../incoming/foo_1.0_all.deb ... +#Unpacking foo (1.0) ... +#Setting up foo (1.0) ...' aptget install -qq ./incoming/foo_1.0_all.deb diff --git a/test/integration/test-apt-get-source-authenticated b/test/integration/test-apt-get-source-authenticated index 2cee13923..d833ddd85 100755 --- a/test/integration/test-apt-get-source-authenticated +++ b/test/integration/test-apt-get-source-authenticated @@ -21,7 +21,7 @@ APTARCHIVE=$(readlink -f ./aptarchive) rm -f $APTARCHIVE/dists/unstable/*Release* # update without authenticated InRelease file -testsuccess aptget update +testsuccess aptget update --allow-insecure-repositories # this all should fail testfailure aptget install -y foo diff --git a/test/integration/test-apt-get-update-unauth-warning b/test/integration/test-apt-get-update-unauth-warning new file mode 100755 index 000000000..8e212a3c4 --- /dev/null +++ b/test/integration/test-apt-get-update-unauth-warning @@ -0,0 +1,46 @@ +#!/bin/sh +# +# ensure we print warnings for unauthenticated repositories +# +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# a "normal" package with source and binary +buildsimplenativepackage 'foo' 'all' '2.0' + +setupaptarchive --no-update + +APTARCHIVE=$(readlink -f ./aptarchive) +rm -f $APTARCHIVE/dists/unstable/*Release* + +# update without authenticated files leads to warning +testequal "Ign file: unstable InRelease + File not found +Err file: unstable Release + File not found +W: The repository 'file: unstable Release' does not have a Release file. This is deprecated, please contact the owner of the repository. +W: Use --allow-insecure-repositories to force the update +W: Failed to fetch file:$APTARCHIVE/dists/unstable/Release File not found + +E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update + +# no package foo +testequal "Listing..." apt list foo +testequal "partial" ls rootdir/var/lib/apt/lists + +# allow override +testequal "Ign file: unstable InRelease + File not found +Ign file: unstable Release + File not found +Reading package lists... +W: The repository 'file: unstable Release' does not have a Release file. This is deprecated, please contact the owner of the repository." aptget update --allow-insecure-repositories +# ensure we can not install the package +testequal "WARNING: The following packages cannot be authenticated! + foo +E: There are problems and -y was used without --force-yes" aptget install -qq -y foo diff --git a/test/integration/test-apt-get-upgrade b/test/integration/test-apt-get-upgrade index 23446299c..5335c243a 100755 --- a/test/integration/test-apt-get-upgrade +++ b/test/integration/test-apt-get-upgrade @@ -31,6 +31,7 @@ setupaptarchive # Test if normal upgrade works as expected testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: upgrade-with-conflict upgrade-with-new-dep The following packages will be upgraded: @@ -42,6 +43,7 @@ Conf upgrade-simple (2.0 unstable [all])' aptget -s upgrade # Test if apt-get upgrade --with-new-pkgs works testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: new-dep The following packages have been kept back: @@ -59,6 +61,7 @@ Conf upgrade-with-new-dep (2.0 unstable [all])' aptget -s upgrade --with-new-pkg # Test if apt-get dist-upgrade works testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: conflicting-dep The following NEW packages will be installed: diff --git a/test/integration/test-apt-helper b/test/integration/test-apt-helper index c749224ca..42c40bb9e 100755 --- a/test/integration/test-apt-helper +++ b/test/integration/test-apt-helper @@ -5,30 +5,30 @@ TESTDIR=$(readlink -f $(dirname $0)) . $TESTDIR/framework setupenvironment -configarchitecture "i386" +configarchitecture 'i386' changetohttpswebserver test_apt_helper_download() { - echo "foo" > aptarchive/foo + echo 'foo' > aptarchive/foo - msgtest 'apt-file download-file md5sum' + msgtest 'apt-file download-file' 'md5sum' apthelper -qq download-file http://localhost:8080/foo foo2 MD5Sum:d3b07384d113edec49eaa6238ad5ff00 && msgpass || msgfail testfileequal foo2 'foo' - msgtest 'apt-file download-file sha1' + msgtest 'apt-file download-file' 'sha1' apthelper -qq download-file http://localhost:8080/foo foo1 SHA1:f1d2d2f924e986ac86fdf7b36c94bcdf32beec15 && msgpass || msgfail testfileequal foo1 'foo' - msgtest 'apt-file download-file sha256' + msgtest 'apt-file download-file' 'sha256' apthelper -qq download-file http://localhost:8080/foo foo3 SHA256:b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c && msgpass || msgfail testfileequal foo3 'foo' - msgtest 'apt-file download-file no-hash' + msgtest 'apt-file download-file' 'no-hash' apthelper -qq download-file http://localhost:8080/foo foo4 && msgpass || msgfail testfileequal foo4 'foo' - msgtest 'apt-file download-file wrong hash' + msgtest 'apt-file download-file' 'wrong hash' if ! apthelper -qq download-file http://localhost:8080/foo foo5 MD5Sum:aabbcc 2>&1 2> download.stderr; then msgpass else diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key index 68b3f9710..e6ac530a6 100755 --- a/test/integration/test-apt-key +++ b/test/integration/test-apt-key @@ -7,101 +7,177 @@ TESTDIR=$(readlink -f $(dirname $0)) setupenvironment configarchitecture 'amd64' -msgtest 'Check that paths in list output are not' 'double-slashed' -aptkey list 2>&1 | grep -q '//' && msgfail || msgpass +# start from a clean plate again +cleanplate() { + rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg + mkdir rootdir/etc/apt/trusted.gpg.d/ +} -msgtest 'Check that paths in finger output are not' 'double-slashed' -aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass +testaptkeys() { + if ! aptkey list | grep '^pub' > aptkey.list; then + echo -n > aptkey.list + fi + testequal "$1" cat ./aptkey.list +} echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub"; APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18' +testrun() { + cleanplate + ln -sf ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed + msgtest 'Check that paths in list output are not' 'double-slashed' + aptkey list 2>&1 | grep -q '//' && msgfail || msgpass + + msgtest 'Check that paths in finger output are not' 'double-slashed' + aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass + + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18' + + testequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed gpg: Total number processed: 1 gpg: unchanged: 1' aptkey --fakeroot update -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18' + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18' -testsuccess aptkey --fakeroot add ./keys/rexexpired.pub + testsuccess test ! -e rootdir/etc/apt/trusted.gpg + testsuccess aptkey --fakeroot add ./keys/rexexpired.pub + msgtest 'Check if trusted.gpg is created with permissions set to' '0644' + if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then + msgpass + else + msgfail + fi -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13] + testaptkeys 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13] pub 2048R/DBAC8DAE 2010-08-18' -msgtest 'Execute update again to trigger removal of' 'Rex Expired key' -testsuccess --nomsg aptkey --fakeroot update - -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18' - -msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring' -testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE + msgtest 'Check that Sixpack key can be' 'exported' + aptkey export 'Sixpack' > aptkey.export + aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall + testsuccess --nomsg cmp aptkey.export aptkey.exportall + testsuccess test -s aptkey.export + testsuccess test -s aptkey.exportall + + msgtest 'Execute update again to trigger removal of' 'Rex Expired key' + testsuccess --nomsg aptkey --fakeroot update + + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18' + + msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring' + testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE + + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18' + + testsuccess aptkey --fakeroot del DBAC8DAE + testempty aptkey list + + msgtest 'Test key removal with' 'single key in real file' + cleanplate + cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess --nomsg aptkey --fakeroot del DBAC8DAE + testempty aptkey list + testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ + + msgtest 'Test key removal with' 'long key ID' + cleanplate + cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE + testempty aptkey list + testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ + + msgtest 'Test key removal with' 'fingerprint' + cleanplate + cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE + testempty aptkey list + testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ + + msgtest 'Test key removal with' 'single key in softlink' + cleanplate + ln -s $(readlink -f ./keys/joesixpack.pub) rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess --nomsg aptkey --fakeroot del DBAC8DAE + testempty aptkey list + testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ + + cleanplate + testsuccess aptkey --fakeroot add ./keys/joesixpack.pub + testsuccess aptkey --fakeroot add ./keys/marvinparanoid.pub + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/528144E2 2011-01-16' + cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse + + msgtest 'Test key removal with' 'multi key in real file' + cleanplate + cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testsuccess --nomsg aptkey --fakeroot del DBAC8DAE + testaptkeys 'pub 2048R/528144E2 2011-01-16' + testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ + + msgtest 'Test key removal with' 'multi key in softlink' + cleanplate + ln -s $(readlink -f ./keys/testcase-multikey.pub) rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testsuccess --nomsg aptkey --fakeroot del DBAC8DAE + testaptkeys 'pub 2048R/528144E2 2011-01-16' + testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ + testsuccess test ! -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ + + msgtest 'Test key removal with' 'multiple files including key' + cleanplate + cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testsuccess --nomsg aptkey --fakeroot del DBAC8DAE + testaptkeys 'pub 2048R/528144E2 2011-01-16' + testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ + testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ + + cleanplate + cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg + cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/528144E2 2011-01-16' + msgtest 'Test merge-back of' 'added keys' + testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub + testaptkeys 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13] +pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/528144E2 2011-01-16' -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18' + msgtest 'Test merge-back of' 'removed keys' + testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9 + testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/DBAC8DAE 2010-08-18 +pub 2048R/528144E2 2011-01-16' -testsuccess aptkey --fakeroot del DBAC8DAE -testempty aptkey list + msgtest 'Test merge-back of' 'removed duplicate keys' + testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE + testaptkeys 'pub 2048R/528144E2 2011-01-16' +} -# start from a clean plate again -cleanplate() { - rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg - mkdir rootdir/etc/apt/trusted.gpg.d/ +setupgpgcommand() { + echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd + msgtest 'Test that apt-key uses for the following tests command' "$1" + aptkey adv --version >aptkey.version 2>&1 + if grep -q "^Executing: $1 --" aptkey.version; then + msgpass + else + cat aptkey.version + msgfail + fi } -msgtest 'Test key removal with' 'single key in real file' -cleanplate -cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testsuccess --nomsg aptkey --fakeroot del DBAC8DAE -testempty aptkey list -testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ - -msgtest 'Test key removal with' 'single key in softlink' -cleanplate -ln -s $(readlink -f ./keys/joesixpack.pub) rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testsuccess --nomsg aptkey --fakeroot del DBAC8DAE -testempty aptkey list -testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ - -cleanplate -testsuccess aptkey --fakeroot add ./keys/joesixpack.pub -testsuccess aptkey --fakeroot add ./keys/marvinparanoid.pub -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18 -pub 2048R/528144E2 2011-01-16' -cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse - -msgtest 'Test key removal with' 'multi key in real file' -cleanplate -cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg -testsuccess --nomsg aptkey --fakeroot del DBAC8DAE -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/528144E2 2011-01-16' -testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ - -msgtest 'Test key removal with' 'multi key in softlink' -cleanplate -ln -s $(readlink -f ./keys/testcase-multikey.pub) rootdir/etc/apt/trusted.gpg.d/multikey.gpg -testsuccess --nomsg aptkey --fakeroot del DBAC8DAE -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/528144E2 2011-01-16' -testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ -testsuccess test ! -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg -testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ - -msgtest 'Test key removal with' 'multiple files including key' -cleanplate -cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg -testsuccess --nomsg aptkey --fakeroot del DBAC8DAE -aptkey list | grep '^pub' > aptkey.list -testfileequal ./aptkey.list 'pub 2048R/528144E2 2011-01-16' -testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg -testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~ -testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~ +# run with default (whatever this is) +testrun +# run with … +setupgpgcommand 'gpg' +testrun +setupgpgcommand 'gpg2' +testrun diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update index 4b38cd9b5..b3c118555 100755 --- a/test/integration/test-apt-key-net-update +++ b/test/integration/test-apt-key-net-update @@ -28,6 +28,9 @@ gpg: key F68C85A3: public key "Test Automatic Archive Signing Key <ftpmaster@exa gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1)' aptkey --fakeroot net-update +aptkey list | grep '^pub' > aptkey.list +testfileequal ./aptkey.list 'pub 1024R/F68C85A3 2013-12-19 +pub 2048R/DBAC8DAE 2010-08-18' # now try a different one # setup archive-keyring @@ -38,6 +41,8 @@ echo 'APT::Key::Net-Update-Enabled "1";' >> ./aptconfig.conf # test against the "real" webserver testequal "Checking for new archive signing keys now -Key 'E8525D47528144E2' not added. It is not signed with a master key" aptkey --fakeroot net-update - +Key 'DE66AECA9151AFA1877EC31DE8525D47528144E2' not added. It is not signed with a master key" aptkey --fakeroot net-update +aptkey list | grep '^pub' > aptkey.list +testfileequal ./aptkey.list 'pub 1024R/F68C85A3 2013-12-19 +pub 2048R/DBAC8DAE 2010-08-18' diff --git a/test/integration/test-apt-progress-fd b/test/integration/test-apt-progress-fd index d72e7e72d..af022f582 100755 --- a/test/integration/test-apt-progress-fd +++ b/test/integration/test-apt-progress-fd @@ -16,7 +16,7 @@ setupaptarchive exec 3> apt-progress.log testsuccess aptget install testing=0.1 -y -o APT::Status-Fd=3 testequal "dlstatus:1:0:Retrieving file 1 of 1 -dlstatus:1:0:Retrieving file 1 of 1 +dlstatus:1:20:Retrieving file 1 of 1 pmstatus:dpkg-exec:0:Running dpkg pmstatus:testing:0:Installing testing (amd64) pmstatus:testing:20:Preparing testing (amd64) @@ -31,7 +31,7 @@ pmstatus:testing:100:Installed testing (amd64)" cat apt-progress.log exec 3> apt-progress.log testsuccess aptget install testing=0.8.15 -y -o APT::Status-Fd=3 testequal "dlstatus:1:0:Retrieving file 1 of 1 -dlstatus:1:0:Retrieving file 1 of 1 +dlstatus:1:20:Retrieving file 1 of 1 pmstatus:dpkg-exec:0:Running dpkg pmstatus:testing:0:Installing testing (amd64) pmstatus:testing:20:Preparing testing (amd64) @@ -46,7 +46,7 @@ pmstatus:testing:100:Installed testing (amd64)" cat apt-progress.log exec 3> apt-progress.log testsuccess aptget install testing=0.8.15 --reinstall -y -o APT::Status-Fd=3 testequal "dlstatus:1:0:Retrieving file 1 of 1 -dlstatus:1:0:Retrieving file 1 of 1 +dlstatus:1:20:Retrieving file 1 of 1 pmstatus:dpkg-exec:0:Running dpkg pmstatus:testing:0:Installing testing (amd64) pmstatus:testing:20:Preparing testing (amd64) @@ -72,7 +72,7 @@ testsuccess aptget install testing2:i386 -y -o APT::Status-Fd=3 # and compare testequal "dlstatus:1:0:Retrieving file 1 of 1 -dlstatus:1:0:Retrieving file 1 of 1 +dlstatus:1:20:Retrieving file 1 of 1 pmstatus:dpkg-exec:0:Running dpkg pmstatus:testing2:0:Installing testing2 (i386) pmstatus:testing2:20:Preparing testing2 (i386) diff --git a/test/integration/test-apt-sources-deb822 b/test/integration/test-apt-sources-deb822 index 5f54b7531..d8b2334ad 100755 --- a/test/integration/test-apt-sources-deb822 +++ b/test/integration/test-apt-sources-deb822 @@ -23,14 +23,14 @@ Description: summay msgtest 'Test sources.list' 'old style' echo "deb http://ftp.debian.org/debian stable main" > $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris msgtest 'Test sources.list' 'simple deb822' echo "$BASE" > $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris @@ -39,29 +39,29 @@ msgtest 'Test deb822 with' 'two entries' echo "$BASE" > $SOURCES echo "" >> $SOURCES echo "$BASE" | sed s/stable/unstable/ >> $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 -'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0 : +'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/unstable/InRelease' ftp.debian.org_debian_dists_unstable_InRelease 0 " aptget update --print-uris # two suite entries msgtest 'Test deb822 with' 'two Suite entries' echo "$BASE" | sed -e "s/stable/stable unstable/" > $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 -'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0 : +'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/unstable/InRelease' ftp.debian.org_debian_dists_unstable_InRelease 0 " aptget update --print-uris msgtest 'Test deb822' 'architecture option' echo "$BASE" > $SOURCES echo "Architectures: amd64 armel" >> $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-amd64/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-amd64_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/binary-armel/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-armel_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-amd64/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-amd64_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/binary-armel/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-armel_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris @@ -85,19 +85,19 @@ testempty aptget update --print-uris # multiple URIs msgtest 'Test deb822 sources.list file which has' 'Multiple URIs work' echo "$BASE" | sed -e 's#http://ftp.debian.org/debian#http://ftp.debian.org/debian http://ftp.de.debian.org/debian#' > $SOURCES -testequal --nomsg "'http://ftp.de.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.de.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.de.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.de.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.de.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.de.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.de.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.de.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.de.debian.org/debian/dists/stable/InRelease' ftp.de.debian.org_debian_dists_stable_InRelease 0 -'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris # multiple Type in one field msgtest 'Test deb822 sources.list file which has' 'Multiple Types work' echo "$BASE" | sed -e 's#Types: deb#Types: deb deb-src#' > $SOURCES -testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/source/Sources.bz2' ftp.debian.org_debian_dists_stable_main_source_Sources 0 : -'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 : -'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 : +testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/source/Sources.bz2' ftp.debian.org_debian_dists_stable_main_source_Sources 0 +'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 +'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris # a Suite @@ -107,6 +107,6 @@ Types: deb URIs: http://emacs.naquadah.org Suites: stable/ EOF -testequal --nomsg "'http://emacs.naquadah.org/stable/Packages.bz2' emacs.naquadah.org_stable_Packages 0 : -'http://emacs.naquadah.org/stable/en.bz2' emacs.naquadah.org_stable_en 0 : +testequal --nomsg "'http://emacs.naquadah.org/stable/Packages.bz2' emacs.naquadah.org_stable_Packages 0 +'http://emacs.naquadah.org/stable/en.bz2' emacs.naquadah.org_stable_en 0 'http://emacs.naquadah.org/stable/InRelease' emacs.naquadah.org_stable_InRelease 0 " aptget update --print-uris diff --git a/test/integration/test-apt-update-expected-size b/test/integration/test-apt-update-expected-size new file mode 100755 index 000000000..58920f544 --- /dev/null +++ b/test/integration/test-apt-update-expected-size @@ -0,0 +1,44 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +insertpackage 'unstable' 'apt' 'all' '1.0' + +setupaptarchive --no-update +changetowebserver + +# normal update works fine +testsuccess aptget update + +# make InRelease really big +mv aptarchive/dists/unstable/InRelease aptarchive/dists/unstable/InRelease.good +dd if=/dev/zero of=aptarchive/dists/unstable/InRelease bs=1M count=2 2>/dev/null +touch -d '+1hour' aptarchive/dists/unstable/InRelease +aptget update -o Apt::Get::List-Cleanup=0 -o acquire::MaxReleaseFileSize=$((1*1000*1000)) -o Debug::pkgAcquire::worker=0 > output.log +msgtest 'Check that the max write warning is triggered' +if grep -q "Writing more data than expected" output.log; then + msgpass +else + cat output.log + msgfail +fi +# ensure the failed InRelease file got renamed +testsuccess ls rootdir/var/lib/apt/lists/partial/*InRelease.FAILED +mv aptarchive/dists/unstable/InRelease.good aptarchive/dists/unstable/InRelease + + +# append junk at the end of the Packages.gz/Packages +SIZE="$(stat --printf=%s aptarchive/dists/unstable/main/binary-i386/Packages)" +echo "1234567890" >> aptarchive/dists/unstable/main/binary-i386/Packages.gz +echo "1234567890" >> aptarchive/dists/unstable/main/binary-i386/Packages +NEW_SIZE="$(stat --printf=%s aptarchive/dists/unstable/main/binary-i386/Packages)" +rm -f rootdir/var/lib/apt/lists/localhost* +testequal "W: Failed to fetch http://localhost:8080/dists/unstable/main/binary-i386/Packages Writing more data than expected ($NEW_SIZE > $SIZE) [IP: ::1 8080] + +E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + diff --git a/test/integration/test-apt-update-file b/test/integration/test-apt-update-file index fbcd473cc..e6332dc3b 100755 --- a/test/integration/test-apt-update-file +++ b/test/integration/test-apt-update-file @@ -14,7 +14,6 @@ configcompression 'bz2' 'gz' insertpackage 'unstable' 'foo' 'all' '1.0' -umask 022 setupaptarchive --no-update # ensure the archive is not writable @@ -27,10 +26,12 @@ aptget update -qq -o Debug::pkgAcquire::Auth=1 2> output.log # ensure that the hash of the uncompressed file was verified even on a local # ims hit canary="SHA512:$(bzcat aptarchive/dists/unstable/main/binary-amd64/Packages.bz2 | sha512sum |cut -f1 -d' ')" -grep -q "RecivedHash: $canary" output.log +grep -q -- "- $canary" output.log # foo is still available testsuccess aptget install -s foo # the cleanup should still work chmod 750 aptarchive/dists/unstable/main/binary-amd64 + + diff --git a/test/integration/test-apt-update-ims b/test/integration/test-apt-update-ims new file mode 100755 index 000000000..8aa5a7262 --- /dev/null +++ b/test/integration/test-apt-update-ims @@ -0,0 +1,85 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'amd64' + +buildsimplenativepackage 'unrelated' 'all' '0.5~squeeze1' 'unstable' + +setupaptarchive +changetowebserver + +runtest() { + rm -f rootdir/var/lib/apt/lists/localhost* + + testsuccess aptget update + + # ensure no leftovers in partial + testfailure ls "rootdir/var/lib/apt/lists/partial/*" + + # check that I-M-S header is kept in redirections + testequal "$EXPECT" aptget update -o Debug::pkgAcquire::Worker=0 -o Debug::Acquire::http=0 + + # ensure that we still do a hash check on ims hit + msgtest 'Test I-M-S reverify' + aptget update -o Debug::pkgAcquire::Auth=1 2>&1 | grep -A1 'RecivedHash:' | grep -q -- '- SHA' && msgpass || msgfail + + # ensure no leftovers in partial + testfailure ls "rootdir/var/lib/apt/lists/partial/*" +} + +msgmsg "InRelease" +EXPECT="Hit http://localhost:8080 unstable InRelease +Hit http://localhost:8080 unstable/main Sources +Hit http://localhost:8080 unstable/main amd64 Packages +Hit http://localhost:8080 unstable/main Translation-en +Reading package lists..." +# with InRelease +runtest + +# with gzip +echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex +runtest + +msgmsg "Release/Release.gpg" +# with Release/Release.gpg +EXPECT="Ign http://localhost:8080 unstable InRelease + 404 Not Found +Hit http://localhost:8080 unstable Release +Hit http://localhost:8080 unstable Release.gpg +Hit http://localhost:8080 unstable/main Sources +Hit http://localhost:8080 unstable/main amd64 Packages +Hit http://localhost:8080 unstable/main Translation-en +Reading package lists..." + +find aptarchive -name "InRelease" | xargs rm -f + +echo "Acquire::GzipIndexes "0";" > rootdir/etc/apt/apt.conf.d/02compressindex +runtest + +echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex +runtest + + +# no Release.gpg or InRelease +msgmsg "Release only" +EXPECT="Ign http://localhost:8080 unstable InRelease + 404 Not Found +Hit http://localhost:8080 unstable Release +Ign http://localhost:8080 unstable Release.gpg + 404 Not Found +Hit http://localhost:8080 unstable/main Sources +Hit http://localhost:8080 unstable/main amd64 Packages +Hit http://localhost:8080 unstable/main Translation-en +Reading package lists..." + +find aptarchive -name "Release.gpg" | xargs rm -f + +echo 'Acquire::AllowInsecureRepositories "1";' > rootdir/etc/apt/apt.conf.d/insecure.conf +echo "Acquire::GzipIndexes "0";" > rootdir/etc/apt/apt.conf.d/02compressindex +runtest + +echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex +runtest diff --git a/test/integration/test-apt-update-nofallback b/test/integration/test-apt-update-nofallback new file mode 100755 index 000000000..321472c2e --- /dev/null +++ b/test/integration/test-apt-update-nofallback @@ -0,0 +1,234 @@ +#!/bin/sh +# +# ensure we never fallback from a signed to a unsigned repo +# +# hash checks are done in +# +set -e + +simulate_mitm_and_inject_evil_package() +{ + rm -f $APTARCHIVE/dists/unstable/InRelease + rm -f $APTARCHIVE/dists/unstable/Release.gpg + inject_evil_package +} + +inject_evil_package() +{ + cat > $APTARCHIVE/dists/unstable/main/binary-i386/Packages <<EOF +Package: evil +Installed-Size: 29 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Version: 1.0 +Filename: pool/evil_1.0_all.deb +Size: 1270 +Description: an autogenerated evil package +EOF + # avoid ims hit + touch -d '+1hour' aptarchive/dists/unstable/main/binary-i386/Packages +} + +assert_update_is_refused_and_last_good_state_used() +{ + testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq + + assert_repo_is_intact +} + +assert_repo_is_intact() +{ + testequal "foo/unstable 2.0 all" apt list -q + testsuccess "" aptget install -y -s foo + testfailure "" aptget install -y evil + + LISTDIR=rootdir/var/lib/apt/lists + if ! ( ls $LISTDIR/*InRelease >/dev/null 2>&1 || + ls $LISTDIR/*Release.gpg >/dev/null 2>&1 ); then + echo "Can not find InRelease/Release.gpg in $(ls $LISTDIR)" + msgfail + fi +} + +setupaptarchive_with_lists_clean() +{ + setupaptarchive --no-update + rm -f rootdir/var/lib/apt/lists/_* + #rm -rf rootdir/var/lib/apt/lists +} + +test_from_inrelease_to_unsigned() +{ + # setup archive with InRelease file + setupaptarchive_with_lists_clean + testsuccess aptget update + + simulate_mitm_and_inject_evil_package + assert_update_is_refused_and_last_good_state_used +} + +test_from_release_gpg_to_unsigned() +{ + # setup archive with Release/Release.gpg (but no InRelease) + setupaptarchive_with_lists_clean + rm $APTARCHIVE/dists/unstable/InRelease + testsuccess aptget update + + simulate_mitm_and_inject_evil_package + assert_update_is_refused_and_last_good_state_used +} + +test_from_inrelease_to_unsigned_with_override() +{ + # setup archive with InRelease file + setupaptarchive_with_lists_clean + testsuccess aptget update + + # simulate moving to a unsigned but otherwise valid repo + simulate_mitm_and_inject_evil_package + generatereleasefiles + + # and ensure we can update to it (with enough force) + testsuccess aptget update --allow-insecure-repositories \ + -o Acquire::AllowDowngradeToInsecureRepositories=1 + # but that the individual packages are still considered untrusted + testequal "WARNING: The following packages cannot be authenticated! + evil +E: There are problems and -y was used without --force-yes" aptget install -qq -y evil +} + +test_cve_2012_0214() +{ + # see https://bugs.launchpad.net/ubuntu/+source/apt/+bug/947108 + # + # it was possible to MITM the download so that InRelease/Release.gpg + # are not delivered (404) and a altered Release file was send + # + # apt left the old InRelease file in /var/lib/apt/lists and downloaded + # the unauthenticated Release file too giving the false impression that + # Release was authenticated + # + # Note that this is pretty much impossible nowdays because: + # a) InRelease is left as is, not split to InRelease/Release as it was + # in the old days + # b) we refuse to go from signed->unsigned + # + # Still worth having a regression test the simulates the condition + + # setup archive with InRelease + setupaptarchive_with_lists_clean + testsuccess aptget update + + # do what CVE-2012-0214 did + rm $APTARCHIVE/dists/unstable/InRelease + rm $APTARCHIVE/dists/unstable/Release.gpg + inject_evil_package + # build valid Release file + aptftparchive -qq release ./aptarchive > aptarchive/dists/unstable/Release + + assert_update_is_refused_and_last_good_state_used + + # ensure there is no _Release file downloaded + testfailure ls rootdir/var/lib/apt/lists/*_Release +} + +test_subvert_inrelease() +{ + # setup archive with InRelease + setupaptarchive_with_lists_clean + testsuccess aptget update + + # replace InRelease with something else + mv $APTARCHIVE/dists/unstable/Release $APTARCHIVE/dists/unstable/InRelease + + testequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease Does not start with a cleartext signature + +E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + + # ensure we keep the repo + assert_repo_is_intact +} + +test_inrelease_to_invalid_inrelease() +{ + # setup archive with InRelease + setupaptarchive_with_lists_clean + testsuccess aptget update + + # now remove InRelease and subvert Release do no longer verify + sed -i 's/Codename.*/Codename: evil!'/ $APTARCHIVE/dists/unstable/InRelease + inject_evil_package + + testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> + +W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> + +W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + + # ensure we keep the repo + assert_repo_is_intact + testfailure grep "evil" rootdir/var/lib/apt/lists/*InRelease +} + +test_release_gpg_to_invalid_release_release_gpg() +{ + # setup archive with InRelease + setupaptarchive_with_lists_clean + rm $APTARCHIVE/dists/unstable/InRelease + testsuccess aptget update + + # now subvert Release do no longer verify + echo "Some evil data" >> $APTARCHIVE/dists/unstable/Release + inject_evil_package + + testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable Release.gpg: The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org> + +W: Failed to fetch file:${APTARCHIVE}/dists/unstable/Release.gpg + +W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + + assert_repo_is_intact + testfailure grep "evil" rootdir/var/lib/apt/lists/*Release +} + + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# a "normal" package with source and binary +buildsimplenativepackage 'foo' 'all' '2.0' + +# setup the archive and ensure we have a single package that installs fine +setupaptarchive +APTARCHIVE=$(readlink -f ./aptarchive) +assert_repo_is_intact + +# test the various cases where a repo may go from signed->unsigned +msgmsg "test_from_inrelease_to_unsigned" +test_from_inrelease_to_unsigned + +msgmsg "test_from_release_gpg_to_unsigned" +test_from_release_gpg_to_unsigned + +# ensure we do not regress on CVE-2012-0214 +msgmsg "test_cve_2012_0214" +test_cve_2012_0214 + +# ensure InRelase can not be subverted +msgmsg "test_subvert_inrelease" +test_subvert_inrelease + +# ensure we revert to last good state if InRelease does not verify +msgmsg "test_inrelease_to_invalid_inrelease" +test_inrelease_to_invalid_inrelease + +# ensure we revert to last good state if Release/Release.gpg does not verify +msgmsg "test_release_gpg_to_invalid_release_release_gpg" +test_release_gpg_to_invalid_release_release_gpg + +# ensure we can ovveride the downgrade error +msgmsg "test_from_inrelease_to_unsigned" +test_from_inrelease_to_unsigned_with_override diff --git a/test/integration/test-apt-update-rollback b/test/integration/test-apt-update-rollback new file mode 100755 index 000000000..5b9c200fe --- /dev/null +++ b/test/integration/test-apt-update-rollback @@ -0,0 +1,195 @@ +#!/bin/sh +# +# test that apt-get update is transactional +# +set -e + +avoid_ims_hit() { + touch -d '+1hour' aptarchive/dists/unstable/main/binary-i386/Packages* + touch -d '+1hour' aptarchive/dists/unstable/main/source/Sources* + touch -d '+1hour' aptarchive/dists/unstable/*Release* + + touch -d '-1hour' rootdir/var/lib/apt/lists/* +} + +create_fresh_archive() +{ + rm -rf aptarchive/* + rm -f rootdir/var/lib/apt/lists/_* rootdir/var/lib/apt/lists/partial/* + + insertpackage 'unstable' 'old' 'all' '1.0' + + setupaptarchive --no-update +} + +add_new_package() { + insertpackage "unstable" "new" "all" "1.0" + insertsource "unstable" "new" "all" "1.0" + + setupaptarchive --no-update "$@" +} + +break_repository_sources_index() { + printf 'xxx' > $APTARCHIVE/dists/unstable/main/source/Sources + compressfile "$APTARCHIVE/dists/unstable/main/source/Sources" "$@" +} + +start_with_good_inrelease() { + create_fresh_archive + testsuccess aptget update + testequal "old/unstable 1.0 all" apt list -q +} + +test_inrelease_to_new_inrelease() { + msgmsg 'Test InRelease to new InRelease works fine' + start_with_good_inrelease + + add_new_package '+1hour' + testsuccess aptget update -o Debug::Acquire::Transaction=1 + testequal "new/unstable 1.0 all +old/unstable 1.0 all" apt list -q +} + +test_inrelease_to_broken_hash_reverts_all() { + msgmsg 'Test InRelease to broken InRelease reverts everything' + start_with_good_inrelease + + add_new_package '+1hour' + # break the Sources file + break_repository_sources_index '+1hour' + + # test the error condition + testequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/main/source/Sources Hash Sum mismatch + +E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + # ensure that the Packages file is also rolled back + testequal "E: Unable to locate package new" aptget install new -s -qq +} + +test_inrelease_to_valid_release() { + msgmsg 'Test InRelease to valid Release' + start_with_good_inrelease + + add_new_package '+1hour' + # switch to a unsigned repo now + rm $APTARCHIVE/dists/unstable/InRelease + rm $APTARCHIVE/dists/unstable/Release.gpg + + # update fails + testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq + + # test that we can install the new packages but do no longer have a sig + testsuccess aptget install old -s + testfailure aptget install new -s + testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease + testfailure ls $ROOTDIR/var/lib/apt/lists/*_Release +} + +test_inrelease_to_release_reverts_all() { + msgmsg 'Test InRelease to broken Release reverts everything' + start_with_good_inrelease + + # switch to a unsigned repo now + add_new_package '+1hour' + rm $APTARCHIVE/dists/unstable/InRelease + rm $APTARCHIVE/dists/unstable/Release.gpg + + # break it + break_repository_sources_index '+1hour' + + # ensure error + testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq # -o Debug::acquire::transaction=1 + + # ensure that the Packages file is also rolled back + testsuccess aptget install old -s + testfailure aptget install new -s + testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease + testfailure ls $ROOTDIR/var/lib/apt/lists/*_Release +} + +test_unauthenticated_to_invalid_inrelease() { + msgmsg 'Test UnAuthenticated to invalid InRelease reverts everything' + create_fresh_archive + rm $APTARCHIVE/dists/unstable/InRelease + rm $APTARCHIVE/dists/unstable/Release.gpg + + testsuccess aptget update --allow-insecure-repositories + testequal "WARNING: The following packages cannot be authenticated! + old +E: There are problems and -y was used without --force-yes" aptget install -qq -y old + + # go to authenticated but not correct + add_new_package '+1hour' + break_repository_sources_index '+1hour' + + testequal "W: Failed to fetch file:$APTARCHIVE/dists/unstable/main/source/Sources Hash Sum mismatch + +E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + + testfailure ls rootdir/var/lib/apt/lists/*_InRelease + testequal "WARNING: The following packages cannot be authenticated! + old +E: There are problems and -y was used without --force-yes" aptget install -qq -y old +} + +test_inrelease_to_unauth_inrelease() { + msgmsg 'Test InRelease to InRelease without good sig' + start_with_good_inrelease + + signreleasefiles 'Marvin Paranoid' '+1hour' + + testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2 + +W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2 + +W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + + testsuccess ls rootdir/var/lib/apt/lists/*_InRelease +} + +test_inrelease_to_broken_gzip() { + msgmsg "Test InRelease to broken gzip" + start_with_good_inrelease + + # append junk at the end of the compressed file + echo "lala" >> $APTARCHIVE/dists/unstable/main/source/Sources.gz + touch -d '+2min' $APTARCHIVE/dists/unstable/main/source/Sources.gz + # remove uncompressed file to avoid fallback + rm $APTARCHIVE/dists/unstable/main/source/Sources + + testfailure aptget update +} + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# setup the archive and ensure we have a single package that installs fine +setupaptarchive +APTARCHIVE=$(readlink -f ./aptarchive) +ROOTDIR=${TMPWORKINGDIRECTORY}/rootdir +APTARCHIVE_LISTS="$(echo $APTARCHIVE | tr "/" "_" )" + +# test the following cases: +# - InRelease -> broken InRelease revert to previous state +# - empty lists dir and broken remote leaves nothing on the system +# - InRelease -> hashsum mismatch for one file reverts all files to previous state +# - Release/Release.gpg -> hashsum mismatch +# - InRelease -> Release with hashsum mismatch revert entire state and kills Release +# - Release -> InRelease with broken Sig/Hash removes InRelease +# going from Release/Release.gpg -> InRelease and vice versa +# - unauthenticated -> invalid InRelease + +# stuff to do: +# - ims-hit +# - gzip-index tests + +test_inrelease_to_new_inrelease +test_inrelease_to_broken_hash_reverts_all +test_inrelease_to_valid_release +test_inrelease_to_release_reverts_all +test_unauthenticated_to_invalid_inrelease +test_inrelease_to_unauth_inrelease +test_inrelease_to_broken_gzip diff --git a/test/integration/test-apt-update-transactions b/test/integration/test-apt-update-transactions new file mode 100755 index 000000000..247334991 --- /dev/null +++ b/test/integration/test-apt-update-transactions @@ -0,0 +1,24 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +insertpackage 'unstable' 'foo' 'all' '1.0' + +setupaptarchive --no-update +changetowebserver + +# break package file +cat > aptarchive/dists/unstable/main/binary-i386/Packages <<EOF +Package: bar +EOF +compressfile aptarchive/dists/unstable/main/binary-i386/Packages '+1hour' + +# ensure that a update will only succeed entirely or not at all +testfailure aptget update +testequal "partial" ls rootdir/var/lib/apt/lists + diff --git a/test/integration/test-apt-update-unauth b/test/integration/test-apt-update-unauth index 13487603c..b7ccd6cf3 100755 --- a/test/integration/test-apt-update-unauth +++ b/test/integration/test-apt-update-unauth @@ -8,6 +8,8 @@ set -e TESTDIR=$(readlink -f $(dirname $0)) . $TESTDIR/framework +umask 022 + setupenvironment configarchitecture "i386" @@ -17,23 +19,53 @@ insertsource 'unstable' 'foo' 'all' '1.0' setupaptarchive changetowebserver +# FIXME: +# - also check the unauth -> auth success case, i.e. that all files are +# reverified runtest() { # start unauthenticated find rootdir/var/lib/apt/lists/ -type f | xargs rm -f rm -f aptarchive/dists/unstable/*Release* - aptget update -qq + + testsuccess aptget update -qq --allow-insecure-repositories + + # FIXME: this really shouldn't be needed + rm -f rootdir/var/lib/apt/lists/partial/* # become authenticated generatereleasefiles signreleasefiles - # and ensure we do download the data again - msgtest "Check that the data is check when going to authenticated" - if aptget update |grep -q Hit; then - msgfail - else + # move uncompressed away + mv aptarchive/dists/unstable/main/binary-i386/Packages \ + aptarchive/dists/unstable/main/binary-i386/Packages.uncompressed + + # and ensure we re-check the downloaded data + + # change the local packages file + PKGS=$(ls rootdir/var/lib/apt/lists/*Packages*) + echo "meep" > $PKGS + ls rootdir/var/lib/apt/lists/ > lists.before + + # update and ensure all is reverted on the hashsum failure + testfailure aptget update -o Debug::Acquire::Transaction=0 -o Debug::pkgAcquire::Auth=1 -o Debug::pkgAcquire::worker=0 -o Debug::acquire::http=0 + + # ensure we have before what we have after + msgtest 'Check rollback on going from' 'unauth -> auth' + ls rootdir/var/lib/apt/lists/ > lists.after + if cmp lists.before lists.after; then msgpass + else + echo >&2 '### Output of previous apt-get update ###' + cat >&2 rootdir/tmp/testfailure.output + echo >&2 '### Changes in the lists-directory: ###' + diff -u >&2 lists.before lists.after + msgfail fi + + # move uncompressed back for release file + mv aptarchive/dists/unstable/main/binary-i386/Packages.uncompressed \ + aptarchive/dists/unstable/main/binary-i386/Packages } for COMPRESSEDINDEXES in 'false' 'true'; do @@ -43,6 +75,5 @@ for COMPRESSEDINDEXES in 'false' 'true'; do else msgmsg 'Run tests with GzipIndexes disabled' fi - - runtest + runtest done diff --git a/test/integration/test-bug-507998-dist-upgrade-recommends b/test/integration/test-bug-507998-dist-upgrade-recommends index 513421a94..f3b4e04fb 100755 --- a/test/integration/test-bug-507998-dist-upgrade-recommends +++ b/test/integration/test-bug-507998-dist-upgrade-recommends @@ -16,6 +16,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: tshark wireshark-common 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-bug-591882-conkeror b/test/integration/test-bug-591882-conkeror index e1c0b42d1..891ddb8b7 100755 --- a/test/integration/test-bug-591882-conkeror +++ b/test/integration/test-bug-591882-conkeror @@ -9,6 +9,7 @@ setupaptarchive UPGRADEFAIL="Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: conkeror libdatrie0 libkrb53 libxcb-xlib0 xulrunner-1.9 The following NEW packages will be installed: @@ -40,6 +41,7 @@ E: Trivial Only specified but this is not a trivial operation." UPGRADESUCCESS="Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: libdatrie0 libkrb53 libxcb-xlib0 xulrunner-1.9 The following NEW packages will be installed: diff --git a/test/integration/test-bug-595691-empty-and-broken-archive-files b/test/integration/test-bug-595691-empty-and-broken-archive-files index aea340203..fedf82c92 100755 --- a/test/integration/test-bug-595691-empty-and-broken-archive-files +++ b/test/integration/test-bug-595691-empty-and-broken-archive-files @@ -13,7 +13,7 @@ setupflataptarchive testaptgetupdate() { rm -rf rootdir/var/lib/apt aptget update 2>> testaptgetupdate.diff >> testaptgetupdate.diff || true - sed -i -e '/^Fetched / d' -e '/Ign / d' -e '/Release/ d' -e 's#Get:[0-9]\+ #Get: #' -e 's#\[[0-9]* [kMGTPY]*B\]#\[\]#' testaptgetupdate.diff + sed -i -e '/Ign /,+1d' -e '/Release/ d' -e 's#Get:[0-9]\+ #Get: #' -e 's#\[[0-9]* [kMGTPY]*B\]#\[\]#' testaptgetupdate.diff GIVEN="$1" shift msgtest "Test for correctness of" "apt-get update with $*" diff --git a/test/integration/test-bug-596498-trusted-unsigned-repo b/test/integration/test-bug-596498-trusted-unsigned-repo index 06c9c8285..3104a70c2 100755 --- a/test/integration/test-bug-596498-trusted-unsigned-repo +++ b/test/integration/test-bug-596498-trusted-unsigned-repo @@ -12,7 +12,7 @@ setupaptarchive aptgetupdate() { rm -rf rootdir/var/lib/apt/ rootdir/var/cache/apt/*.bin - aptget update -qq + aptget update -qq --allow-insecure-repositories } PKGTEXT="$(aptget install cool --assume-no -d | head -n 7)" diff --git a/test/integration/test-bug-605394-versioned-or-groups b/test/integration/test-bug-605394-versioned-or-groups index 0f09d2927..bb72d59e3 100755 --- a/test/integration/test-bug-605394-versioned-or-groups +++ b/test/integration/test-bug-605394-versioned-or-groups @@ -9,6 +9,7 @@ setupaptarchive testequal "Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: php5 php5-cgi 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-bug-612099-multiarch-conflicts b/test/integration/test-bug-612099-multiarch-conflicts index 20dc3a7e5..c32600037 100755 --- a/test/integration/test-bug-612099-multiarch-conflicts +++ b/test/integration/test-bug-612099-multiarch-conflicts @@ -70,6 +70,7 @@ Conf foobar (1.0 stable [i386])' aptget install foobar/stable libc6 -st testing testequal 'Reading package lists... Building dependency tree... Reading state information... +Calculating upgrade... The following packages will be upgraded: libc6 1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -168,6 +169,7 @@ Conf libc6-same:amd64 (1.0 stable [amd64])' aptget install libc6-same:amd64 -s - testequal 'Reading package lists... Building dependency tree... Reading state information... +Calculating upgrade... The following packages will be upgraded: libc6-same 1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted index f93510fd7..0736bb6dc 100755 --- a/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted +++ b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted @@ -24,15 +24,18 @@ testfilemissing() { testrun() { rm -rf rootdir/var/lib/apt - testsuccess aptget update if [ "$1" = 'trusted' ]; then + testsuccess aptget update + testsuccess aptget download cool testfileexists 'cool_1.0_i386.deb' testsuccess aptget download cool --allow-unauthenticated testfileexists 'cool_1.0_i386.deb' else + testsuccess aptget update --allow-insecure-repositories + testfailure aptget download cool testfilemissing 'cool_1.0_i386.deb' diff --git a/test/integration/test-bug-64141-install-dependencies-for-on-hold b/test/integration/test-bug-64141-install-dependencies-for-on-hold index 9a9e7be10..9e6c223a8 100755 --- a/test/integration/test-bug-64141-install-dependencies-for-on-hold +++ b/test/integration/test-bug-64141-install-dependencies-for-on-hold @@ -21,6 +21,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: oldcrap The following NEW packages will be installed: @@ -35,6 +36,7 @@ testsuccess aptmark hold apt testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: apt The following packages will be upgraded: diff --git a/test/integration/test-bug-657695-resolver-breaks-on-virtuals b/test/integration/test-bug-657695-resolver-breaks-on-virtuals index e9b27cfcd..1b92a04fe 100755 --- a/test/integration/test-bug-657695-resolver-breaks-on-virtuals +++ b/test/integration/test-bug-657695-resolver-breaks-on-virtuals @@ -18,6 +18,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: xserver-xorg-video-driver1 xserver-xorg-video-driver10 xserver-xorg-video-driver11 xserver-xorg-video-driver12 diff --git a/test/integration/test-bug-675449-essential-are-protected b/test/integration/test-bug-675449-essential-are-protected index 7d8cc3484..2a27c62b1 100755 --- a/test/integration/test-bug-675449-essential-are-protected +++ b/test/integration/test-bug-675449-essential-are-protected @@ -69,6 +69,7 @@ Purg pkg-none-foreign:i386 [1]' aptget purge pkg-none-foreign:i386 -s testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: pkg-depends-new:i386 pkg-none-new The following packages will be upgraded: diff --git a/test/integration/test-bug-680041-apt-mark-holds-correctly b/test/integration/test-bug-680041-apt-mark-holds-correctly index 2e5e39c8e..3f40c23dc 100755 --- a/test/integration/test-bug-680041-apt-mark-holds-correctly +++ b/test/integration/test-bug-680041-apt-mark-holds-correctly @@ -19,6 +19,7 @@ runtests() { testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: pkgall pkgarch 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -30,6 +31,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget dist-upgr testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: pkgarch The following packages will be upgraded: @@ -43,6 +45,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget dist-upgr testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: pkgall pkgarch 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -54,6 +57,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget dist-upgr testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: pkgall The following packages will be upgraded: diff --git a/test/integration/test-bug-683786-build-dep-on-virtual-packages b/test/integration/test-bug-683786-build-dep-on-virtual-packages index 879d6a3bc..65862c572 100755 --- a/test/integration/test-bug-683786-build-dep-on-virtual-packages +++ b/test/integration/test-bug-683786-build-dep-on-virtual-packages @@ -38,8 +38,8 @@ Building dependency tree... The following NEW packages will be installed: po-debconf 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. -Inst po-debconf (1 unstable, unstable [all]) -Conf po-debconf (1 unstable, unstable [all])' aptget build-dep dash -s +Inst po-debconf (1 unstable [all]) +Conf po-debconf (1 unstable [all])' aptget build-dep dash -s testequal 'Reading package lists... Building dependency tree... diff --git a/test/integration/test-bug-686346-package-missing-architecture b/test/integration/test-bug-686346-package-missing-architecture index dc51861ab..8024f81da 100755 --- a/test/integration/test-bug-686346-package-missing-architecture +++ b/test/integration/test-bug-686346-package-missing-architecture @@ -53,6 +53,7 @@ testnopackage pkge:* # this difference seems so important that it has to be maintained … testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade -s # pkgd has no update with an architecture diff --git a/test/integration/test-bug-712435-missing-descriptions b/test/integration/test-bug-712435-missing-descriptions index 53ecbbeb3..7a3518745 100755 --- a/test/integration/test-bug-712435-missing-descriptions +++ b/test/integration/test-bug-712435-missing-descriptions @@ -87,13 +87,10 @@ $DESCRIPTION Description-md5: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa " aptcache show apt-normal -# displaying the translated Description would be equally valid, -# but we assume only one description is in a Packages file and -# so we prefer "Description" over "Description-*" currently. for variant in 'below' 'middle' 'top'; do testequal "Package: apt-both-$variant $PACKAGESTANZA -$DESCRIPTION +$TRANSDESCRIPTION Description-md5: bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb " aptcache show apt-both-$variant done @@ -122,7 +119,7 @@ X-Some-Flag: yes testequal "Package: apt-intermixed2 $PACKAGESTANZA -$DESCRIPTION +$TRANSDESCRIPTION Description-md5: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa X-Some-Flag: yes X-Foo-Flag: Something with a Description @@ -131,7 +128,7 @@ X-Bar-Flag: no testequal "Package: apt-intermixed3 $PACKAGESTANZA -$DESCRIPTION +$TRANSDESCRIPTION Description-md5: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa X-Some-Flag: yes X-Foo-Flag: Something with a Description diff --git a/test/integration/test-bug-717891-abolute-uris-for-proxies b/test/integration/test-bug-717891-abolute-uris-for-proxies index ac1d6ec11..54a616686 100755 --- a/test/integration/test-bug-717891-abolute-uris-for-proxies +++ b/test/integration/test-bug-717891-abolute-uris-for-proxies @@ -12,7 +12,7 @@ setupaptarchive changetowebserver --request-absolute='uri' msgtest 'Check that absolute paths are' 'not accepted' -testfailure --nomsg aptget update +testfailure --nomsg aptget update --allow-insecure-repositories echo 'Acquire::http::Proxy "http://localhost:8080";' > rootdir/etc/apt/apt.conf.d/99proxy diff --git a/test/integration/test-bug-722207-print-uris-even-if-very-quiet b/test/integration/test-bug-722207-print-uris-even-if-very-quiet index f2d95da19..9a5685703 100755 --- a/test/integration/test-bug-722207-print-uris-even-if-very-quiet +++ b/test/integration/test-bug-722207-print-uris-even-if-very-quiet @@ -16,10 +16,10 @@ setupaptarchive APTARCHIVE=$(readlink -f ./aptarchive) -testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget upgrade -qq --print-uris -testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget dist-upgrade -qq --print-uris -testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget install apt -qq --print-uris -testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget download apt -qq --print-uris +testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget upgrade -qq --print-uris +testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget dist-upgrade -qq --print-uris +testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget install apt -qq --print-uris +testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget download apt -qq --print-uris testequal "'file://${APTARCHIVE}/apt_2.dsc' apt_2.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e 'file://${APTARCHIVE}/apt_2.tar.gz' apt_2.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source apt -qq --print-uris testequal "'http://packages.debian.org/changelogs/pool/main/apt/apt_2/changelog'" aptget changelog apt -qq --print-uris diff --git a/test/integration/test-bug-728500-tempdir b/test/integration/test-bug-728500-tempdir index 0451fc1ed..37e5a013e 100755 --- a/test/integration/test-bug-728500-tempdir +++ b/test/integration/test-bug-728500-tempdir @@ -17,7 +17,7 @@ msgtest 'Test apt-get update with incorrect' 'TMPDIR' OUTPUT=$(mktemp) addtrap "rm $OUTPUT;" export TMPDIR=/does-not-exists -if aptget update >${OUTPUT} 2>&1; then +if aptget update -o Debug::Acquire::gpg=1 >${OUTPUT} 2>&1; then msgpass else echo @@ -27,3 +27,4 @@ fi unset TMPDIR testequal 'coolstuff' aptcache pkgnames +testsuccess ls rootdir/var/lib/apt/lists/*InRelease diff --git a/test/integration/test-bug-733028-gpg-resource-limit b/test/integration/test-bug-733028-gpg-resource-limit new file mode 100755 index 000000000..f9c804963 --- /dev/null +++ b/test/integration/test-bug-733028-gpg-resource-limit @@ -0,0 +1,27 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'i386' + +insertpackage 'unstable' 'foobar' 'all' '1' + +setupaptarchive --no-update + +for i in $(seq 1 50); do + touch rootdir/etc/apt/trusted.gpg.d/emptykey-${i}.gpg +done + +aptkey list | grep '^pub' > aptkey.list +testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18' + +msgtest 'Test for no gpg errors/warnings in' 'apt-get update' +aptget update > update.log 2>&1 +if grep -iq 'GPG' update.log; then + msgfail + cat update.log +else + msgpass +fi diff --git a/test/integration/test-bug-735967-lib32-to-i386-unavailable b/test/integration/test-bug-735967-lib32-to-i386-unavailable index e9f3bf96d..826931fe4 100755 --- a/test/integration/test-bug-735967-lib32-to-i386-unavailable +++ b/test/integration/test-bug-735967-lib32-to-i386-unavailable @@ -33,6 +33,7 @@ testsuccess aptget update testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: lib32nss-mdns The following packages will be upgraded: @@ -60,6 +61,7 @@ testsuccess aptget update testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: libnss-mdns:i386 libnss-mdns-i386:i386 The following packages will be upgraded: diff --git a/test/integration/test-bug-738785-switch-protocol b/test/integration/test-bug-738785-switch-protocol index 1e5748eae..f81bba4b9 100755 --- a/test/integration/test-bug-738785-switch-protocol +++ b/test/integration/test-bug-738785-switch-protocol @@ -60,4 +60,4 @@ mv rootdir/${COPYMETHODS}.bak rootdir/${COPYMETHODS} # check that downgrades from https to http are not allowed webserverconfig 'aptwebserver::support::http' 'true' sed -i -e 's#:8080/redirectme#:4433/downgrademe#' -e 's# http:# https:#' rootdir/etc/apt/sources.list.d/* -testfailure aptget update +testfailure aptget update --allow-insecure-repositories diff --git a/test/integration/test-bug-740843-versioned-up-down-breaks b/test/integration/test-bug-740843-versioned-up-down-breaks index cb035a71f..9426ffad1 100755 --- a/test/integration/test-bug-740843-versioned-up-down-breaks +++ b/test/integration/test-bug-740843-versioned-up-down-breaks @@ -24,6 +24,7 @@ setupaptarchive testequalor2 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: foo-driver libfoo libfoo:i386 libgl1-foo-glx libgl1-foo-glx:i386 5 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -38,6 +39,7 @@ Conf libgl1-foo-glx:i386 (2 stable [i386]) Conf libgl1-foo-glx (2 stable [amd64]) Conf foo-driver (2 stable [amd64])' 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: foo-driver libfoo libfoo:i386 libgl1-foo-glx libgl1-foo-glx:i386 5 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-bug-745036-new-foreign-invalidates-cache b/test/integration/test-bug-745036-new-foreign-invalidates-cache new file mode 100755 index 000000000..490cbecdd --- /dev/null +++ b/test/integration/test-bug-745036-new-foreign-invalidates-cache @@ -0,0 +1,29 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'amd64' + +insertpackage 'unstable' 'cool-foo' 'amd64' '1.0' 'Depends: foo' +insertpackage 'unstable' 'foo' 'amd64' '1.0' 'Multi-Arch: foreign' +insertinstalledpackage 'cool-foo' 'amd64' '1.0' 'Depends: foo' +insertinstalledpackage 'foo' 'amd64' '1.0' 'Multi-Arch: foreign' + +setupaptarchive + +testsuccess aptget check -s + +configarchitecture 'amd64' 'i386' +testequal 'E: The package cache was built for different architectures: amd64 vs amd64,i386' aptget check -s -o pkgCacheFile::Generate=false + +testsuccess aptget check -s + +insertinstalledpackage 'awesome-foo' 'i386' '1.0' 'Depends: foo' + +testsuccess aptget check -s + +testsuccess aptget update --no-download + +testsuccess aptget check -s diff --git a/test/integration/test-bug-758153-versioned-provides-support b/test/integration/test-bug-758153-versioned-provides-support index 2904ae5a1..21f9123c9 100755 --- a/test/integration/test-bug-758153-versioned-provides-support +++ b/test/integration/test-bug-758153-versioned-provides-support @@ -28,6 +28,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: webapp webserver 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-compressed-indexes b/test/integration/test-compressed-indexes index 805ed5964..1beb5d831 100755 --- a/test/integration/test-compressed-indexes +++ b/test/integration/test-compressed-indexes @@ -39,10 +39,10 @@ testrun() { test -e rootdir/var/lib/apt/lists/*_Translation-en.${COMPRESS} || F=1 # there is no point in trying pdiff if we have compressed indexes # as we can't patch compressed files (well, we can, but what is the point?) - ! test -e rootdir/var/lib/apt/lists/*.IndexDiff || F=1 + ! test -e rootdir/var/lib/apt/lists/*diff_Index || F=1 else # clear the faked pdiff indexes so the glob below works - rm -f rootdir/var/lib/apt/lists/*.IndexDiff + rm -f rootdir/var/lib/apt/lists/*diff_Index test -e rootdir/var/lib/apt/lists/*_Packages || F=1 test -e rootdir/var/lib/apt/lists/*_Sources || F=1 test -e rootdir/var/lib/apt/lists/*_Translation-en || F=1 diff --git a/test/integration/test-conflicts-loop b/test/integration/test-conflicts-loop index a2c411aaf..0906ef8fa 100755 --- a/test/integration/test-conflicts-loop +++ b/test/integration/test-conflicts-loop @@ -17,6 +17,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: openjdk-6-jre openjdk-6-jre-headless openjdk-6-jre-lib 3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-cve-2013-1051-InRelease-parsing b/test/integration/test-cve-2013-1051-InRelease-parsing index 41b27f691..8f9803991 100755 --- a/test/integration/test-cve-2013-1051-InRelease-parsing +++ b/test/integration/test-cve-2013-1051-InRelease-parsing @@ -42,7 +42,7 @@ touch -d '+1hour' aptarchive/dists/stable/InRelease # ensure the update fails # useful for debugging to add "-o Debug::pkgAcquire::auth=true" msgtest 'apt-get update for should fail with the modified' 'InRelease' -aptget update 2>&1 | grep -q 'Hash Sum mismatch' > /dev/null && msgpass || msgfail +aptget update 2>&1 | grep -E -q '(Writing more data than expected|Hash Sum mismatch)' > /dev/null && msgpass || msgfail # ensure there is no package testequal 'Reading package lists... diff --git a/test/integration/test-hashsum-verification b/test/integration/test-hashsum-verification index 2a400dcb4..5f88110b3 100755 --- a/test/integration/test-hashsum-verification +++ b/test/integration/test-hashsum-verification @@ -70,9 +70,13 @@ runtest() { rm -rf rootdir/var/lib/apt/lists rm aptarchive/InRelease aptarchive/Release.gpg msgtest 'unsigned apt-get update gets the expected hashsum mismatch' - aptget update 2>&1 | grep "Hash Sum mismatch" > /dev/null && msgpass || msgfail - - + aptget update --allow-insecure-repositories >output.log 2>&1 || true + if grep -q "Hash Sum mismatch" output.log; then + msgpass + else + cat output.log + msgfail + fi } for COMPRESSEDINDEXES in 'false' 'true'; do diff --git a/test/integration/test-http-pipeline-messup b/test/integration/test-http-pipeline-messup new file mode 100755 index 000000000..405574e8a --- /dev/null +++ b/test/integration/test-http-pipeline-messup @@ -0,0 +1,47 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# try a little harder to create a size mismatch +buildsimplenativepackage 'pkga' 'all' '1.0' 'stable' "Depends: foo" '' '' '' '' 'none' +buildsimplenativepackage 'pkgb' 'all' '1.0' 'stable' "Depends: foo" '' '' '' '' 'none' +buildsimplenativepackage 'pkgc' 'all' '1.0' 'stable' "Depends: f$(for i in $(seq 0 1000); do printf 'o'; done)" '' '' '' '' 'none' +buildsimplenativepackage 'pkgd' 'all' '1.0' 'stable' "Depends: f$(for i in $(seq 0 1000); do printf 'o'; done)" '' '' '' '' 'none' + +setupaptarchive --no-update + +# simulate (and be a predictable) pipeline mess-up by the server/proxy +changetowebserver \ + -o 'aptwebserver::overwrite::.*pkga.*::filename=/pool/pkgd_1.0_all.deb' \ + -o 'aptwebserver::overwrite::.*pkgc.*::filename=/pool/pkgb_1.0_all.deb' \ + -o 'aptwebserver::overwrite::.*pkgb.*::filename=/pool/pkgc_1.0_all.deb' \ + -o 'aptwebserver::overwrite::.*pkgd.*::filename=/pool/pkga_1.0_all.deb' + +echo 'Debug::Acquire::http "true"; +Debug::pkgAcquire::Worker "true";' > rootdir/etc/apt/apt.conf.d/99debug + +testsuccess aptget update + +# messup is bigger than pipeline: checks if fixup isn't trying to hard +testfailure aptget download pkga pkgb pkgc pkgd -o Acquire::http::Pipeline-Depth=2 +testfailure test -f pkga_1.0_all.deb + +# ensure that pipeling is enabled for rest of this test +echo 'Acquire::http::Pipeline-Depth 10;' > rootdir/etc/apt/apt.conf.d/99enable-pipeline + +# the output is a bit strange: it looks like it has downloaded pkga 4 times +testsuccess aptget download pkga pkgb pkgc pkgd +for pkg in 'pkga' 'pkgb' 'pkgc' 'pkgd'; do + testsuccess test -f ${pkg}_1.0_all.deb + testsuccess cmp incoming/${pkg}_1.0_all.deb ${pkg}_1.0_all.deb + rm -f ${pkg}_1.0_all.deb +done + +# while hashes will pass (as none are available), sizes will not match, so failure +# checks that no hashes means that pipeline depth is ignored as we can't fixup +testfailure aptget download pkga pkgb pkgc pkgd --allow-unauthenticated -o Acquire::ForceHash=ROT26 diff --git a/test/integration/test-kernel-helper-autoremove b/test/integration/test-kernel-helper-autoremove index c51caa758..22c36890b 100755 --- a/test/integration/test-kernel-helper-autoremove +++ b/test/integration/test-kernel-helper-autoremove @@ -9,7 +9,7 @@ configarchitecture 'amd64' # the executed script would use the installed apt-config, # which is outside of our control msgtest 'Check that the installed apt-config supports' '--no-empty' -if apt-config dump --no-empty >/dev/null 2>&1; then +if /usr/bin/apt-config dump --no-empty >/dev/null 2>&1; then msgpass else msgskip diff --git a/test/integration/test-pdiff-usage b/test/integration/test-pdiff-usage index afe1ad443..5bad90214 100755 --- a/test/integration/test-pdiff-usage +++ b/test/integration/test-pdiff-usage @@ -13,12 +13,6 @@ changetowebserver PKGFILE="${TESTDIR}/$(echo "$(basename $0)" | sed 's#^test-#Packages-#')" -echo '#!/bin/sh -touch merge-was-used -/usr/bin/diffindex-rred "$@"' > extrred -chmod +x extrred -echo 'Dir::Bin::rred "./extrred";' > rootdir/etc/apt/apt.conf.d/99rred - wasmergeused() { msgtest 'Test for successful execution of' "$*" local OUTPUT=$(mktemp) @@ -82,8 +76,15 @@ SHA1-History: 9f4148e06d7faa37062994ff10d0c842d7017513 33053002 2010-08-18-2013.28 $(sha1sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE) SHA1-Patches: - 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-0814.28 - $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX + 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-2013.28 + $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE) +SHA256-Current: $(sha256sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new) +SHA256-History: + 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 33053002 2010-08-18-2013.28 + $(sha256sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE) +SHA256-Patches: + e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 19722 2010-08-18-2013.28 + $(sha256sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX generatereleasefiles '+1hour' signreleasefiles find aptarchive -name 'Packages*' -type f -delete @@ -93,7 +94,7 @@ SHA1-Patches: " aptcache show apt newstuff msgmsg "Testcase: index is already up-to-date: $*" - find rootdir/var/lib/apt/lists -name '*.IndexDiff' -type f -delete + find rootdir/var/lib/apt/lists -name '*diff_Index' -type f -delete testsuccess aptget update "$@" testequal "$(cat ${PKGFILE}-new) " aptcache show apt newstuff @@ -125,9 +126,18 @@ SHA1-History: $(sha1sum ${PKGFILE} | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}) $(basename ${PATCHFILE}) $(sha1sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new) $(basename ${PATCHFILE2}) SHA1-Patches: - 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-0814.28 + 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-2013.28 $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE) - $(sha1sum ${PATCHFILE2} | cut -d' ' -f 1) $(stat -c%s ${PATCHFILE2}) $(basename ${PATCHFILE2})" > $PATCHINDEX + $(sha1sum ${PATCHFILE2} | cut -d' ' -f 1) $(stat -c%s ${PATCHFILE2}) $(basename ${PATCHFILE2}) +SHA256-Current: $(sha256sum aptarchive/Packages | cut -d' ' -f 1) $(stat -c%s aptarchive/Packages) +SHA256-History: + 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 33053002 2010-08-18-2013.28 + $(sha256sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE) + $(sha256sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new) $(basename ${PATCHFILE2}) +SHA256-Patches: + e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 19722 2010-08-18-2013.28 + $(sha256sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE) + $(sha256sum ${PATCHFILE2} | cut -d' ' -f 1) $(stat -c%s ${PATCHFILE2}) $(basename ${PATCHFILE2})" > $PATCHINDEX generatereleasefiles '+2hour' signreleasefiles cp -a aptarchive/Packages Packages-future @@ -153,8 +163,15 @@ SHA1-History: 9f4148e06d7faa37062994ff10d0c842d7017513 33053002 2010-08-18-2013.28 $(sha1sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE) SHA1-Patches: - 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-0814.28 - $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX + 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-2013.28 + $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE) +SHA256-Current: $(sha256sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new) +SHA256-History: + 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 33053002 2010-08-18-2013.28 + $(sha256sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE) +SHA256-Patches: + e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 19722 2010-08-18-2013.28 + $(sha256sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX echo 'I am Mallory and I change files' >> $PATCHFILE cat $PATCHFILE | gzip > ${PATCHFILE}.gz generatereleasefiles '+1hour' @@ -165,9 +182,23 @@ SHA1-Patches: " aptcache show apt newstuff } echo 'Debug::pkgAcquire::Diffs "true"; +Debug::Acquire::Transaction "true"; Debug::pkgAcquire::rred "true";' > rootdir/etc/apt/apt.conf.d/rreddebug.conf testrun -o Acquire::PDiffs::Merge=0 -o APT::Get::List-Cleanup=1 testrun -o Acquire::PDiffs::Merge=1 -o APT::Get::List-Cleanup=1 testrun -o Acquire::PDiffs::Merge=0 -o APT::Get::List-Cleanup=0 testrun -o Acquire::PDiffs::Merge=1 -o APT::Get::List-Cleanup=0 + +sha256sum() { + echo '01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b -' +} +testrun -o Acquire::PDiffs::Merge=0 -o Acquire::ForceHash=SHA1 +testrun -o Acquire::PDiffs::Merge=1 -o Acquire::ForceHash=SHA1 + +unset -f sha256sum +sha1sum() { + echo 'adc83b19e793491b1c6ea0fd8b46cd9f32e592fc -' +} +testrun -o Acquire::PDiffs::Merge=0 -o Acquire::ForceHash=SHA256 +testrun -o Acquire::PDiffs::Merge=1 -o Acquire::ForceHash=SHA256 diff --git a/test/integration/test-pin-non-existent-package b/test/integration/test-pin-non-existent-package index 35de22115..c567e5285 100755 --- a/test/integration/test-pin-non-existent-package +++ b/test/integration/test-pin-non-existent-package @@ -26,6 +26,7 @@ testcandidate rapt '0.8.15' testequal 'N: Unable to locate package doesntexist' aptcache policy doesntexist -q=0 testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade --trivial-only echo 'Package: rapt @@ -36,6 +37,7 @@ testcandidate rapt '(none)' testequal 'N: Unable to locate package doesntexist' aptcache policy doesntexist -q=0 testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade --trivial-only echo ' @@ -55,6 +57,7 @@ testequal 'N: Unable to locate package doesntexist' aptcache policy doesntexist testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade --trivial-only echo 'Package: arch:amd64 diff --git a/test/integration/test-policy-pinning b/test/integration/test-policy-pinning index 8eb4bcbad..c08a2f103 100755 --- a/test/integration/test-policy-pinning +++ b/test/integration/test-policy-pinning @@ -28,7 +28,7 @@ Pinned packages:" aptcache policy $* aptgetupdate() { # just to be sure that no old files are used rm -rf rootdir/var/lib/apt - if aptget update -qq 2>&1 | grep '^E: '; then + if aptget update --allow-insecure-repositories -qq 2>&1 | grep '^E: '; then msgwarn 'apt-get update failed with an error' fi } @@ -36,6 +36,7 @@ aptgetupdate() { ### not signed archive aptgetupdate + testequalpolicy 100 500 testequalpolicy 990 500 -t now diff --git a/test/integration/test-prevent-markinstall-multiarch-same-versionscrew b/test/integration/test-prevent-markinstall-multiarch-same-versionscrew index d647856cb..9d2ea2d5d 100755 --- a/test/integration/test-prevent-markinstall-multiarch-same-versionscrew +++ b/test/integration/test-prevent-markinstall-multiarch-same-versionscrew @@ -43,6 +43,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: out-of-sync-gone-foreign:i386 out-of-sync-gone-native The following packages have been kept back: diff --git a/test/integration/test-provides-gone-with-upgrade b/test/integration/test-provides-gone-with-upgrade index 70384ce29..3b4bc2d04 100755 --- a/test/integration/test-provides-gone-with-upgrade +++ b/test/integration/test-provides-gone-with-upgrade @@ -15,6 +15,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: libapt-pkg4.10 The following packages will be upgraded: diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index e558b83e8..3765a4b1f 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -235,10 +235,21 @@ runtest2() { " aptcache show apt failaptnew } -runtest2 +# diable some protection by default and ensure we still do the verification +# correctly +cat > rootdir/etc/apt/apt.conf.d/weaken-security <<EOF +Acquire::AllowInsecureRepositories "1"; +Acquire::AllowDowngradeToInsecureRepositories "1"; +EOF + +msgmsg "Runing base test" +runtest2 DELETEFILE="InRelease" +msgmsg "Running test with deletion of $DELETEFILE" runtest + DELETEFILE="Release.gpg" +msgmsg "Running test with deletion of $DELETEFILE" runtest diff --git a/test/integration/test-resolve-by-keep-new-recommends b/test/integration/test-resolve-by-keep-new-recommends index 8134b76aa..6b1772877 100755 --- a/test/integration/test-resolve-by-keep-new-recommends +++ b/test/integration/test-resolve-by-keep-new-recommends @@ -13,6 +13,7 @@ setupaptarchive UPGRADE_KEEP="Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: foo 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded." diff --git a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum new file mode 100755 index 000000000..8c9c9c767 --- /dev/null +++ b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum @@ -0,0 +1,262 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'native' + +cat > aptarchive/Sources <<EOF +Package: pkg-md5-ok +Binary: pkg-md5-ok +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz + +Package: pkg-sha256-ok +Binary: pkg-sha256-ok +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-ok_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-ok_1.0.tar.gz +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-ok_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-ok_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz + +Package: pkg-sha256-bad +Binary: pkg-sha256-bad +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-bad_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-bad_1.0.tar.gz +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-bad_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-bad_1.0.tar.gz +Checksums-Sha256: + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz + +Package: pkg-no-md5 +Binary: pkg-no-md5 +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-no-md5_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-no-md5_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-no-md5_1.0.dsc + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-no-md5_1.0.tar.gz + +Package: pkg-mixed-ok +Binary: pkg-mixed-ok +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Checksums-Sha1: + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-mixed-ok_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-mixed-ok_1.0.dsc + +Package: pkg-mixed-sha1-bad +Binary: pkg-mixed-sha1-bad +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Checksums-Sha1: + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-mixed-sha1-bad_1.0.dsc +Checksums-Sha256: + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-mixed-sha1-bad_1.0.tar.gz + +Package: pkg-mixed-sha2-bad +Binary: pkg-mixed-sha2-bad +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-mixed-sha2-bad_1.0.dsc +Checksums-Sha256: + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-mixed-sha2-bad_1.0.tar.gz + +Package: pkg-md5-disagree +Binary: pkg-md5-disagree +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-disagree_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-disagree_1.0.tar.gz + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-disagree_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-disagree_1.0.tar.gz + +Package: pkg-md5-agree +Binary: pkg-md5-agree +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc + +Package: pkg-sha256-disagree +Binary: pkg-sha256-disagree +Version: 1.0 +Maintainer: Joe Sixpack <joe@example.org> +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-disagree_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-disagree_1.0.tar.gz +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-disagree_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-disagree_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-disagree_1.0.dsc + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-disagree_1.0.tar.gz + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-disagree_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-disagree_1.0.tar.gz +EOF + +# create fetchable files +for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \ + 'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \ + 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree'; do + echo -n 'dsc' > aptarchive/${x}_1.0.dsc + echo -n 'tar' > aptarchive/${x}_1.0.tar.gz +done + +setupaptarchive +changetowebserver +testsuccess aptget update + +testok() { + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testequal "Reading package lists... +Building dependency tree... +Need to get 6 B of source archives. +Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B] +Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B] +Download complete and in download only mode" aptget source -d "$@" + msgtest 'Files were successfully downloaded for' "$1" + testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz +} + +testkeep() { + echo -n 'dsc' > ${1}_1.0.dsc + echo -n 'tar' > ${1}_1.0.tar.gz + testequal "Reading package lists... +Building dependency tree... +Skipping already downloaded file '${1}_1.0.dsc' +Skipping already downloaded file '${1}_1.0.tar.gz' +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d "$@" + msgtest 'Files already downloaded are kept for' "$1" + testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz +} + +testmismatch() { + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testequal "Reading package lists... +Building dependency tree... +Need to get 6 B of source archives. +Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B] +Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B] +E: Failed to fetch http://localhost:8080/${1}_1.0.dsc Hash Sum mismatch + +E: Failed to fetch http://localhost:8080/${1}_1.0.tar.gz Hash Sum mismatch + +E: Failed to fetch some archives." aptget source -d "$@" + msgtest 'Files were not download as they have hashsum mismatches for' "$1" + testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testequal "Reading package lists... +Building dependency tree... +Skipping download of file 'pkg-sha256-bad_1.0.dsc' as requested hashsum is not available for authentication +Skipping download of file 'pkg-sha256-bad_1.0.tar.gz' as requested hashsum is not available for authentication +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26 + msgtest 'Files were not download as hash is unavailable for' "$1" + testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testequal "Reading package lists... +Building dependency tree... +Need to get 6 B of source archives. +Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B] +Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B] +Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26 + msgtest 'Files were downloaded unauthenticated as user allowed it' "$1" + testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz +} + +testok pkg-md5-ok +testkeep pkg-md5-ok +testok pkg-sha256-ok +testkeep pkg-sha256-ok + +# pkg-sha256-bad has a bad SHA sum, but good MD5 sum. If apt is +# checking the best available hash (as it should), this will trigger +# a hash mismatch. +testmismatch pkg-sha256-bad +testmismatch pkg-sha256-bad +testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum + +# not having MD5 sum doesn't mean the file doesn't exist at all … +testok pkg-no-md5 +testok pkg-no-md5 -o Acquire::ForceHash=SHA256 +testequal "Reading package lists... +Building dependency tree... +Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication +Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d pkg-no-md5 -o Acquire::ForceHash=MD5Sum +msgtest 'Files were not download as MD5 is not available for this package' 'pkg-no-md5' +testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz + +# deal with cases in which we haven't for all files the same checksum type +# mostly pathologic as this shouldn't happen, but just to be sure +testok pkg-mixed-ok +testequal 'Reading package lists... +Building dependency tree... +Need to get 6 B of source archives. +Get:1 http://localhost:8080/ pkg-mixed-sha1-bad 1.0 (tar) [3 B] +Get:2 http://localhost:8080/ pkg-mixed-sha1-bad 1.0 (dsc) [3 B] +E: Failed to fetch http://localhost:8080/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch + +E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha1-bad +msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad' +testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz +testequal 'Reading package lists... +Building dependency tree... +Need to get 6 B of source archives. +Get:1 http://localhost:8080/ pkg-mixed-sha2-bad 1.0 (tar) [3 B] +Get:2 http://localhost:8080/ pkg-mixed-sha2-bad 1.0 (dsc) [3 B] +E: Failed to fetch http://localhost:8080/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch + +E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha2-bad +msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad' +testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz + +# it gets even more pathologic: multiple entries for one file, some even disagreeing! +testok pkg-md5-agree +testequal 'Reading package lists... +Building dependency tree... +E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree +testequal 'Reading package lists... +Building dependency tree... +E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree diff --git a/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard b/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard index 2f2d384e1..45f70a898 100755 --- a/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard +++ b/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard @@ -27,6 +27,7 @@ setupaptarchive # discourage keeping obsolete high-priority packages … testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be REMOVED: not-downloadable The following packages will be upgraded: @@ -43,6 +44,7 @@ done testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages have been kept back: upgradable 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.' aptget -s dist-upgrade diff --git a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall index a773660d2..df2c69cf6 100755 --- a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall +++ b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall @@ -21,6 +21,7 @@ if downloadfile http://localhost:8080/holygrail ./knights-talking >/dev/null; th else msgfail fi + testfileequal knights-talking 'ni ni ni' ensure_n_canary_strings_in_dir() { @@ -35,8 +36,8 @@ ensure_n_canary_strings_in_dir() { LISTS='rootdir/var/lib/apt/lists' rm -rf rootdir/var/lib/apt/lists -msgtest 'Got expected NODATA failure in' 'apt-get update' -aptget update -qq 2>&1 | grep -q 'E: GPG error.*NODATA' && msgpass || msgfail +msgtest 'Got expected failure message' 'apt-get update' +aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0 testequal 'partial' ls $LISTS @@ -46,8 +47,8 @@ for f in Release Release.gpg main_binary-amd64_Packages main_source_Sources; do echo 'peng neee-wom' > $LISTS/localhost:8080_dists_stable_${f} done -msgtest 'Got expected NODATA failure in' 'apt-get update' -aptget update -qq 2>&1 | grep -q 'E: GPG error.*NODATA' && msgpass || msgfail +msgtest 'Got expected failure message in' 'apt-get update' +aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail ensure_n_canary_strings_in_dir $LISTS 'peng neee-wom' 4 ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0 @@ -56,7 +57,7 @@ ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0 echo 'peng neee-wom' > $LISTS/localhost:8080_dists_stable_InRelease rm -f $LISTS/localhost:8080_dists_stable_Release $LISTS/localhost:8080_dists_stable_Release.gpg msgtest 'excpected failure of' 'apt-get update' -aptget update -qq 2>&1 | grep -q 'E: GPG error.*NODATA' && msgpass || msgfail +aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail ensure_n_canary_strings_in_dir $LISTS 'peng neee-wom' 3 ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0 diff --git a/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only b/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only index 50ca2bf57..09315868b 100755 --- a/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only +++ b/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only @@ -28,12 +28,10 @@ MD5Sum: done msgtest 'The unsigned garbage before signed block is' 'ignored' -testsuccess --nomsg aptget update +aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail ROOTDIR="$(readlink -f .)" testequal "Package files: 100 ${ROOTDIR}/rootdir/var/lib/dpkg/status release a=now - 500 file:${ROOTDIR}/aptarchive/ unstable/main i386 Packages - release a=unstable,n=sid,c=main Pinned packages:" aptcache policy diff --git a/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering b/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering index 462acad00..d2b6b9bad 100755 --- a/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering +++ b/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering @@ -14,6 +14,7 @@ setupaptarchive testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: custom 1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. diff --git a/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages b/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages index c1d454f88..409d1212c 100755 --- a/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages +++ b/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages @@ -28,6 +28,7 @@ setupaptarchive testequalor2 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: ure The following packages will be upgraded: @@ -44,6 +45,7 @@ Conf libreoffice-core (4 sid [amd64]) Conf libreoffice-style-galaxy (4 sid [amd64]) Conf libreoffice (4 sid [amd64])' 'Reading package lists... Building dependency tree... +Calculating upgrade... The following NEW packages will be installed: ure The following packages will be upgraded: diff --git a/test/integration/test-xorg-break-providers b/test/integration/test-xorg-break-providers index 139d2c915..0be57d979 100755 --- a/test/integration/test-xorg-break-providers +++ b/test/integration/test-xorg-break-providers @@ -26,6 +26,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget install x testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: xserver-xorg-core xserver-xorg-video-intel 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. @@ -35,6 +36,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget upgrade - testequal 'Reading package lists... Building dependency tree... +Calculating upgrade... The following packages will be upgraded: xserver-xorg-core xserver-xorg-video-intel 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. |