summaryrefslogtreecommitdiff
path: root/test/integration
diff options
context:
space:
mode:
Diffstat (limited to 'test/integration')
-rw-r--r--test/integration/framework426
-rwxr-xr-xtest/integration/run-tests6
-rwxr-xr-xtest/integration/skip-aptwebserver25
-rwxr-xr-xtest/integration/test-allow-scores-for-all-dependency-types6
-rwxr-xr-xtest/integration/test-apt-by-hash-update49
-rwxr-xr-xtest/integration/test-apt-cdrom11
-rwxr-xr-xtest/integration/test-apt-cli-update2
-rwxr-xr-xtest/integration/test-apt-ftparchive-src-cachedb5
-rwxr-xr-xtest/integration/test-apt-get-build-dep129
-rwxr-xr-xtest/integration/test-apt-get-changelog34
-rwxr-xr-xtest/integration/test-apt-get-clean35
-rwxr-xr-xtest/integration/test-apt-get-download61
-rwxr-xr-xtest/integration/test-apt-get-install-deb30
-rwxr-xr-xtest/integration/test-apt-get-source4
-rwxr-xr-xtest/integration/test-apt-get-source-authenticated9
-rwxr-xr-xtest/integration/test-apt-get-update-unauth-warning43
-rwxr-xr-xtest/integration/test-apt-get-upgrade16
-rwxr-xr-xtest/integration/test-apt-helper35
-rwxr-xr-xtest/integration/test-apt-key236
-rwxr-xr-xtest/integration/test-apt-key-net-update9
-rwxr-xr-xtest/integration/test-apt-progress-fd8
-rwxr-xr-xtest/integration/test-apt-sources-deb82248
-rwxr-xr-xtest/integration/test-apt-update-expected-size44
-rwxr-xr-xtest/integration/test-apt-update-file23
-rwxr-xr-xtest/integration/test-apt-update-filesize-mismatch55
-rwxr-xr-xtest/integration/test-apt-update-hashsum-mismatch49
-rwxr-xr-xtest/integration/test-apt-update-ims90
-rwxr-xr-xtest/integration/test-apt-update-nofallback247
-rwxr-xr-xtest/integration/test-apt-update-rollback203
-rwxr-xr-xtest/integration/test-apt-update-stale17
-rwxr-xr-xtest/integration/test-apt-update-transactions67
-rwxr-xr-xtest/integration/test-apt-update-unauth50
-rwxr-xr-xtest/integration/test-authentication-basic106
-rwxr-xr-xtest/integration/test-bug-254770-segfault-if-cache-not-buildable14
-rwxr-xr-xtest/integration/test-bug-507998-dist-upgrade-recommends1
-rwxr-xr-xtest/integration/test-bug-591882-conkeror2
-rwxr-xr-xtest/integration/test-bug-595691-empty-and-broken-archive-files2
-rwxr-xr-xtest/integration/test-bug-596498-trusted-unsigned-repo4
-rwxr-xr-xtest/integration/test-bug-604401-files-are-directories2
-rwxr-xr-xtest/integration/test-bug-605394-versioned-or-groups1
-rwxr-xr-xtest/integration/test-bug-612099-multiarch-conflicts2
-rwxr-xr-xtest/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted15
-rwxr-xr-xtest/integration/test-bug-64141-install-dependencies-for-on-hold2
-rwxr-xr-xtest/integration/test-bug-657695-resolver-breaks-on-virtuals1
-rwxr-xr-xtest/integration/test-bug-673536-pre-depends-breaks-loop5
-rwxr-xr-xtest/integration/test-bug-675449-essential-are-protected1
-rwxr-xr-xtest/integration/test-bug-680041-apt-mark-holds-correctly4
-rwxr-xr-xtest/integration/test-bug-683786-build-dep-on-virtual-packages4
-rwxr-xr-xtest/integration/test-bug-686346-package-missing-architecture1
-rwxr-xr-xtest/integration/test-bug-712435-missing-descriptions9
-rwxr-xr-xtest/integration/test-bug-717891-abolute-uris-for-proxies2
-rwxr-xr-xtest/integration/test-bug-722207-print-uris-even-if-very-quiet8
-rwxr-xr-xtest/integration/test-bug-728500-tempdir3
-rwxr-xr-xtest/integration/test-bug-733028-gpg-resource-limit27
-rwxr-xr-xtest/integration/test-bug-735967-lib32-to-i386-unavailable2
-rwxr-xr-xtest/integration/test-bug-738785-switch-protocol10
-rwxr-xr-xtest/integration/test-bug-740843-versioned-up-down-breaks2
-rwxr-xr-xtest/integration/test-bug-745036-new-foreign-invalidates-cache27
-rwxr-xr-xtest/integration/test-bug-753297-upgradable3
-rwxr-xr-xtest/integration/test-bug-758153-versioned-provides-support1
-rwxr-xr-xtest/integration/test-compressed-indexes46
-rwxr-xr-xtest/integration/test-conflicts-loop3
-rwxr-xr-xtest/integration/test-cve-2013-1051-InRelease-parsing2
-rwxr-xr-xtest/integration/test-essential-force-loopbreak4
-rwxr-xr-xtest/integration/test-hashsum-verification10
-rwxr-xr-xtest/integration/test-http-pipeline-messup47
-rwxr-xr-xtest/integration/test-kernel-helper-autoremove2
-rwxr-xr-xtest/integration/test-partial-file-support31
-rwxr-xr-xtest/integration/test-pdiff-usage57
-rwxr-xr-xtest/integration/test-pin-non-existent-package3
-rwxr-xr-xtest/integration/test-policy-pinning3
-rwxr-xr-xtest/integration/test-prevent-markinstall-multiarch-same-versionscrew10
-rwxr-xr-xtest/integration/test-provides-gone-with-upgrade1
-rwxr-xr-xtest/integration/test-releasefile-valid-until100
-rwxr-xr-xtest/integration/test-releasefile-verification13
-rwxr-xr-xtest/integration/test-resolve-by-keep-new-recommends1
-rwxr-xr-xtest/integration/test-sourceslist-trusted-options201
-rwxr-xr-xtest/integration/test-suggest-installed-multiarch-silbing3
-rwxr-xr-xtest/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum264
-rwxr-xr-xtest/integration/test-ubuntu-bug-1304403-obsolete-priority-standard2
-rwxr-xr-xtest/integration/test-ubuntu-bug-346386-apt-get-update-paywall11
-rwxr-xr-xtest/integration/test-ubuntu-bug-784473-InRelease-one-message-only4
-rwxr-xr-xtest/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering1
-rwxr-xr-xtest/integration/test-very-tight-loop-configure-with-unpacking-new-packages2
-rwxr-xr-xtest/integration/test-xorg-break-providers2
85 files changed, 2673 insertions, 483 deletions
diff --git a/test/integration/framework b/test/integration/framework
index 7923e23d9..153c5bb25 100644
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -23,30 +23,43 @@ if [ "$MSGCOLOR" != 'NO' ]; then
CCMD="\033[1;35m" # pink
fi
-msgdie() { printf "${CERROR}E: $1${CNORMAL}\n" >&2; exit 1; }
-msgwarn() { printf "${CWARNING}W: $1${CNORMAL}\n" >&2; }
-msgmsg() { printf "${CMSG}$1${CNORMAL}\n"; }
-msginfo() { printf "${CINFO}I: $1${CNORMAL}\n"; }
-msgdebug() { printf "${CDEBUG}D: $1${CNORMAL}\n"; }
-msgdone() { printf "${CDONE}DONE${CNORMAL}\n"; }
-msgnwarn() { printf "${CWARNING}W: $1${CNORMAL}" >&2; }
-msgnmsg() { printf "${CMSG}$1${CNORMAL}"; }
-msgninfo() { printf "${CINFO}I: $1${CNORMAL}"; }
-msgndebug() { printf "${CDEBUG}D: $1${CNORMAL}"; }
-msgtest() {
- while [ -n "$1" ]; do
- printf "${CINFO}$1${CCMD} "
- printf -- "$(echo "$2" | sed -e 's#^apt\([cgfs]\)#apt-\1#')${CINFO} "
+msgprintf() {
+ local START="$1"
+ local MIDDLE="$2"
+ local END="$3"
+ shift 3
+ if [ -n "$1" ]; then
+ printf "$START " "$1"
shift
- if [ -n "$1" ]; then shift; else break; fi
- done
- printf "…${CNORMAL} "
+ while [ -n "$1" ]; do
+ printf "$MIDDLE " "$(echo "$1" | sed -e 's#^apt\([cfghs]\)#apt-\1#')"
+ shift
+ done
+ fi
+ printf "${END}"
}
+msgdie() { msgprintf "${CERROR}E: %s" '%s' "${CNORMAL}\n" "$@" >&2; exit 1; }
+msgwarn() { msgprintf "${CWARNING}W: %s" '%s' "${CNORMAL}\n" "$@" >&2; }
+msgmsg() { msgprintf "${CMSG}%s" '%s' "${CNORMAL}\n" "$@"; }
+msginfo() { msgprintf "${CINFO}I: %s" '%s' "${CNORMAL}\n" "$@"; }
+msgdebug() { msgprintf "${CDEBUG}D: %s" '%s' "${CNORMAL}\n" "$@"; }
+msgdone() { msgprintf "${CDONE}DONE" '%s' "${CNORMAL}\n" "$@"; }
+msgnwarn() { msgprintf "${CWARNING}W: %s" '%s' "${CNORMAL}" "$@" >&2; }
+msgnmsg() { msgprintf "${CMSG}%s" '%s' "${CNORMAL}" "$@"; }
+msgninfo() { msgprintf "${CINFO}I: %s" '%s' "${CNORMAL}" "$@"; }
+msgndebug() { msgprintf "${CDEBUG}D: %s" '%s' "${CNORMAL}" "$@"; }
+msgtest() { msgprintf "${CINFO}%s" "${CCMD}%s${CINFO}" "…${CNORMAL} " "$@"; }
msgpass() { printf "${CPASS}PASS${CNORMAL}\n"; }
-msgskip() { printf "${CWARNING}SKIP${CNORMAL}\n" >&2; }
+msgskip() {
+ if [ $# -gt 0 ]; then printf "${CWARNING}SKIP: $*${CNORMAL}\n" >&2;
+ else printf "${CWARNING}SKIP${CNORMAL}\n" >&2; fi
+}
msgfail() {
if [ $# -gt 0 ]; then printf "${CFAIL}FAIL: $*${CNORMAL}\n" >&2;
else printf "${CFAIL}FAIL${CNORMAL}\n" >&2; fi
+ if [ -n "$APT_DEBUG_TESTS" ]; then
+ $SHELL
+ fi
EXIT_CODE=$((EXIT_CODE+1));
}
@@ -64,12 +77,6 @@ if [ $MSGLEVEL -le 2 ]; then
msgnmsg() { true; }
msgtest() { true; }
msgpass() { printf " ${CPASS}P${CNORMAL}"; }
- msgskip() { printf " ${CWARNING}S${CNORMAL}" >&2; }
- if [ -n "$CFAIL" ]; then
- msgfail() { printf " ${CFAIL}FAIL${CNORMAL}" >&2; EXIT_CODE=$((EXIT_CODE+1)); }
- else
- msgfail() { printf " ###FAILED###" >&2; EXIT_CODE=$((EXIT_CODE+1)); }
- fi
fi
if [ $MSGLEVEL -le 3 ]; then
msginfo() { true; }
@@ -102,10 +109,10 @@ runapt() {
local CMD="$1"
shift
case $CMD in
- sh|aptitude|*/*) ;;
+ sh|aptitude|*/*|command) ;;
*) CMD="${BUILDDIRECTORY}/$CMD";;
esac
- MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH=${BUILDDIRECTORY} $CMD "$@"
+ MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH=${LIBRARYPATH} $CMD "$@"
}
aptconfig() { runapt apt-config "$@"; }
aptcache() { runapt apt-cache "$@"; }
@@ -129,18 +136,9 @@ dpkgcheckbuilddeps() {
command dpkg-checkbuilddeps --admindir=${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg "$@"
}
gdb() {
- echo "gdb: run »$*«"
- CMD="$1"
+ local CMD="$1"
shift
-
- APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${LIBRARYPATH} command gdb ${BUILDDIRECTORY}/$CMD --args ${BUILDDIRECTORY}/$CMD "$@"
-}
-gpg() {
- # see apt-key for the whole trickery. Setup is done in setupenvironment
- command gpg --ignore-time-conflict --no-options --no-default-keyring \
- --homedir "${TMPWORKINGDIRECTORY}/gnupghome" \
- --no-auto-check-trustdb --trust-model always \
- "$@"
+ runapt command gdb --quiet -ex run "${BUILDDIRECTORY}/$CMD" --args "${BUILDDIRECTORY}/$CMD" "$@"
}
exitwithstatus() {
@@ -172,10 +170,23 @@ addtrap() {
}
setupenvironment() {
+ # privilege dropping and testing doesn't work if /tmp isn't world-writeable (as e.g. with libpam-tmpdir)
+ if [ -n "$TMPDIR" ] && [ "$(id -u)" = '0' ] && [ "$(stat --format '%a' "$TMPDIR")" != '1777' ]; then
+ unset TMPDIR
+ fi
TMPWORKINGDIRECTORY=$(mktemp -d)
- TESTDIRECTORY=$(readlink -f $(dirname $0))
+ addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;"
msgninfo "Preparing environment for ${CCMD}$(basename $0)${CINFO} in ${TMPWORKINGDIRECTORY}… "
+ mkdir -m 700 "${TMPWORKINGDIRECTORY}/downloaded"
+ if [ "$(id -u)" = '0' ]; then
+ # relax permissions so that running as root with user switching works
+ umask 022
+ chmod 711 "$TMPWORKINGDIRECTORY"
+ chown _apt:root "${TMPWORKINGDIRECTORY}/downloaded"
+ fi
+
+ TESTDIRECTORY=$(readlink -f $(dirname $0))
# allow overriding the default BUILDDIR location
BUILDDIRECTORY=${APT_INTEGRATION_TESTS_BUILD_DIR:-"${TESTDIRECTORY}/../../build/bin"}
LIBRARYPATH=${APT_INTEGRATION_TESTS_LIBRARY_PATH:-"${BUILDDIRECTORY}"}
@@ -186,12 +197,11 @@ setupenvironment() {
test -x "${BUILDDIRECTORY}/apt-get" || msgdie "You need to build tree first"
# -----
- addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;"
cd $TMPWORKINGDIRECTORY
mkdir rootdir aptarchive keys
cd rootdir
mkdir -p etc/apt/apt.conf.d etc/apt/sources.list.d etc/apt/trusted.gpg.d etc/apt/preferences.d
- mkdir -p var/cache var/lib/apt var/log tmp
+ mkdir -p usr/bin var/cache var/lib/apt var/log tmp
mkdir -p var/lib/dpkg/info var/lib/dpkg/updates var/lib/dpkg/triggers
touch var/lib/dpkg/available
mkdir -p usr/lib/apt
@@ -219,12 +229,23 @@ setupenvironment() {
cp "${TESTDIRECTORY}/${SOURCESSFILE}" aptarchive/Sources
fi
cp $(find $TESTDIRECTORY -name '*.pub' -o -name '*.sec') keys/
+ chmod 644 $(find keys -name '*.pub' -o -name '*.sec')
ln -s ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+
echo "Dir \"${TMPWORKINGDIRECTORY}/rootdir\";" > aptconfig.conf
echo "Dir::state::status \"${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status\";" >> aptconfig.conf
echo "Debug::NoLocking \"true\";" >> aptconfig.conf
echo "APT::Get::Show-User-Simulation-Note \"false\";" >> aptconfig.conf
echo "Dir::Bin::Methods \"${METHODSDIR}\";" >> aptconfig.conf
+ # store apt-key were we can access it, even if we run it as a different user
+ # destroys coverage reporting though, so just do it for root for now
+ if [ "$(id -u)" = '0' ]; then
+ cp "${BUILDDIRECTORY}/apt-key" "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/"
+ chmod o+rx "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/apt-key"
+ echo "Dir::Bin::apt-key \"${TMPWORKINGDIRECTORY}/rootdir/usr/bin/apt-key\";" >> aptconfig.conf
+ else
+ echo "Dir::Bin::apt-key \"${BUILDDIRECTORY}/apt-key\";" >> aptconfig.conf
+ fi
echo "Dir::Bin::dpkg \"fakeroot\";" >> aptconfig.conf
echo "DPKG::options:: \"dpkg\";" >> aptconfig.conf
echo "DPKG::options:: \"--root=${TMPWORKINGDIRECTORY}/rootdir\";" >> aptconfig.conf
@@ -235,25 +256,28 @@ setupenvironment() {
fi
echo "DPKG::options:: \"--log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log\";" >> aptconfig.conf
echo 'quiet::NoUpdate "true";' >> aptconfig.conf
- echo "Acquire::https::CaInfo \"${TESTDIR}/apt.pem\";" > rootdir/etc/apt/apt.conf.d/99https
- echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
+ echo 'quiet::NoStatistic "true";' >> aptconfig.conf
+ # too distracting for users, but helpful to detect changes
+ echo 'Acquire::Progress::Ignore::ShowErrorText "true";' >> aptconfig.conf
+ # in testcases, it can appear as if localhost has a rotation setup,
+ # hide this as we can't really deal with it properly
+ echo 'Acquire::Failure::ShowIP "false";' >> aptconfig.conf
+
+ cp "${TESTDIRECTORY}/apt.pem" "${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem"
+ if [ "$(id -u)" = '0' ]; then
+ chown _apt:root "${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem"
+ fi
+ echo "Acquire::https::CaInfo \"${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem\";" > rootdir/etc/apt/apt.conf.d/99https
+ echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
- # gpg needs a trustdb to function, but it can't be invalid (not even empty)
- # see also apt-key where this trickery comes from:
- local TRUSTDBDIR="${TMPWORKINGDIRECTORY}/gnupghome"
- mkdir "$TRUSTDBDIR"
- chmod 700 "$TRUSTDBDIR"
- # We also don't use a secret keyring, of course, but gpg panics and
- # implodes if there isn't one available - and writeable for imports
- local SECRETKEYRING="${TRUSTDBDIR}/secring.gpg"
- touch $SECRETKEYRING
- # now create the trustdb with an (empty) dummy keyring
- # newer gpg versions are fine without it, but play it safe for now
- gpg --quiet --check-trustdb --secret-keyring $SECRETKEYRING --keyring $SECRETKEYRING >/dev/null 2>&1
+ # Acquire::AllowInsecureRepositories=false is not yet the default
+ # but we want it to be the default soon
+ configallowinsecurerepositories "false";
# cleanup the environment a bit
- export PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
+ # prefer our apt binaries over the system apt binaries
+ export PATH="${BUILDDIRECTORY}:${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
export LC_ALL=C.UTF-8
unset LANGUAGE APT_CONFIG
unset GREP_OPTIONS DEB_BUILD_PROFILES
@@ -325,6 +349,11 @@ configdpkg() {
fi
}
+configallowinsecurerepositories() {
+ echo "Acquire::AllowInsecureRepositories \"$1\";" > rootdir/etc/apt/apt.conf.d/allow-insecure-repositories.conf
+
+}
+
configcompression() {
while [ -n "$1" ]; do
case "$1" in
@@ -478,8 +507,8 @@ Package: $NAME" >> ${BUILDDIR}/debian/control
| while read SRC; do
echo "pool/${SRC}" >> ${BUILDDIR}/../${RELEASE}.${DISTSECTION}.srclist
# if expr match "${SRC}" '.*\.dsc' >/dev/null 2>&1; then
-# gpg --yes --secret-keyring ./keys/joesixpack.sec \
-# --keyring ./keys/joesixpack.pub --default-key 'Joe Sixpack' \
+# aptkey --keyring ./keys/joesixpack.pub --secret-keyring ./keys/joesixpack.sec --quiet --readonly \
+# adv --yes --default-key 'Joe Sixpack' \
# --clearsign -o "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
# mv "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
# fi
@@ -629,40 +658,52 @@ buildaptftparchivedirectorystructure() {
}
insertpackage() {
- local RELEASE="$1"
+ local RELEASES="$1"
local NAME="$2"
local ARCH="$3"
local VERSION="$4"
local DEPENDENCIES="$5"
local PRIORITY="${6:-optional}"
- local DESCRIPTION="${7:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
+ local DESCRIPTION="${7:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASES}
If you find such a package installed on your system,
something went horribly wrong! They are autogenerated
und used only by testcases and surf no other propose…"}"
local ARCHS=""
- for arch in $(getarchitecturesfromcommalist "$ARCH"); do
- if [ "$arch" = 'all' -o "$arch" = 'none' ]; then
- ARCHS="$(getarchitectures)"
- else
- ARCHS="$arch"
+ for RELEASE in $(printf '%s' "$RELEASES" | tr ',' '\n'); do
+ if [ "$RELEASE" = 'installed' ]; then
+ insertinstalledpackage "$2" "$3" "$4" "$5" "$6" "$7"
+ continue
fi
- for BUILDARCH in $ARCHS; do
- local PPATH="aptarchive/dists/${RELEASE}/main/binary-${BUILDARCH}"
- mkdir -p $PPATH aptarchive/dists/${RELEASE}/main/source
- touch aptarchive/dists/${RELEASE}/main/source/Sources
- local FILE="${PPATH}/Packages"
- echo "Package: $NAME
+ for arch in $(getarchitecturesfromcommalist "$ARCH"); do
+ if [ "$arch" = 'all' -o "$arch" = 'none' ]; then
+ ARCHS="$(getarchitectures)"
+ else
+ ARCHS="$arch"
+ fi
+ for BUILDARCH in $ARCHS; do
+ local PPATH="aptarchive/dists/${RELEASE}/main/binary-${BUILDARCH}"
+ mkdir -p $PPATH
+ local FILE="${PPATH}/Packages"
+ echo "Package: $NAME
Priority: $PRIORITY
Section: other
Installed-Size: 42
Maintainer: Joe Sixpack <joe@example.org>" >> $FILE
- test "$arch" = 'none' || echo "Architecture: $arch" >> $FILE
- echo "Version: $VERSION
+ test "$arch" = 'none' || echo "Architecture: $arch" >> $FILE
+ echo "Version: $VERSION
Filename: pool/main/${NAME}/${NAME}_${VERSION}_${arch}.deb" >> $FILE
- test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> $FILE
- echo "Description: $DESCRIPTION" >> $FILE
- echo >> $FILE
+ test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> $FILE
+ echo "Description: $(printf '%s' "$DESCRIPTION" | head -n 1)" >> $FILE
+ echo "Description-md5: $(printf '%s' "$DESCRIPTION" | md5sum | cut -d' ' -f 1)" >> $FILE
+ echo >> $FILE
+ done
done
+ mkdir -p aptarchive/dists/${RELEASE}/main/source aptarchive/dists/${RELEASE}/main/i18n
+ touch aptarchive/dists/${RELEASE}/main/source/Sources
+ echo "Package: $NAME
+Description-md5: $(printf '%s' "$DESCRIPTION" | md5sum | cut -d' ' -f 1)
+Description-en: $DESCRIPTION
+" >> aptarchive/dists/${RELEASE}/main/i18n/Translation-en
done
}
@@ -733,12 +774,12 @@ buildaptarchivefromincoming() {
aptftparchive -qq generate ftparchive.conf
cd - > /dev/null
msgdone "info"
- generatereleasefiles
+ generatereleasefiles "$@"
}
buildaptarchivefromfiles() {
msginfo "Build APT archive for ${CCMD}$(basename $0)${CINFO} based on prebuild files…"
- find aptarchive -name 'Packages' -o -name 'Sources' | while read line; do
+ find aptarchive -name 'Packages' -o -name 'Sources' -o -name 'Translation-*' | while read line; do
msgninfo "\t${line} file… "
compressfile "$line" "$1"
msgdone "info"
@@ -848,24 +889,29 @@ setupflataptarchive() {
}
setupaptarchive() {
- buildaptarchive
+ local NOUPDATE=0
+ if [ "$1" = '--no-update' ]; then
+ NOUPDATE=1
+ shift
+ fi
+ buildaptarchive "$@"
if [ -e aptarchive/dists ]; then
setupdistsaptarchive
else
setupflataptarchive
fi
- signreleasefiles
- if [ "$1" != '--no-update' ]; then
- msgninfo "\tSync APT's cache with the archive… "
- aptget update -qq
- msgdone "info"
+ signreleasefiles 'Joe Sixpack'
+ if [ "1" != "$NOUPDATE" ]; then
+ testsuccess aptget update -o Debug::pkgAcquire::Worker=true -o Debug::Acquire::gpgv=true
fi
}
signreleasefiles() {
local SIGNER="${1:-Joe Sixpack}"
- local GPG="gpg --batch --yes"
- msgninfo "\tSign archive with $SIGNER key… "
+ local REPODIR="${2:-aptarchive}"
+ local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')"
+ local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes"
+ msgninfo "\tSign archive with $SIGNER key $KEY… "
local REXKEY='keys/rexexpired'
local SECEXPIREBAK="${REXKEY}.sec.bak"
local PUBEXPIREBAK="${REXKEY}.pub.bak"
@@ -881,18 +927,15 @@ signreleasefiles() {
cp $SECUNEXPIRED ${REXKEY}.sec
cp $PUBUNEXPIRED ${REXKEY}.pub
else
- printf "expire\n1w\nsave\n" | $GPG --keyring ${REXKEY}.pub --secret-keyring ${REXKEY}.sec --command-fd 0 --edit-key "${SIGNER}" >/dev/null 2>&1 || true
+ if ! printf "expire\n1w\nsave\n" | $GPG --default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then
+ cat setexpire.gpg
+ exit 1
+ fi
cp ${REXKEY}.sec $SECUNEXPIRED
cp ${REXKEY}.pub $PUBUNEXPIRED
fi
fi
- for KEY in $(find keys/ -name '*.sec'); do
- GPG="$GPG --secret-keyring $KEY"
- done
- for KEY in $(find keys/ -name '*.pub'); do
- GPG="$GPG --keyring $KEY"
- done
- for RELEASE in $(find aptarchive/ -name Release); do
+ for RELEASE in $(find ${REPODIR}/ -name Release); do
$GPG --default-key "$SIGNER" --armor --detach-sign --sign --output ${RELEASE}.gpg ${RELEASE}
local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')"
$GPG --default-key "$SIGNER" --clearsign --output $INRELEASE $RELEASE
@@ -907,23 +950,35 @@ signreleasefiles() {
}
webserverconfig() {
- msgtest "Set webserver config option '${1}' to" "$2"
+ local NOCHECK=false
+ if [ "$1" = '--no-check' ]; then
+ NOCHECK=true
+ shift
+ fi
local DOWNLOG='rootdir/tmp/download-testfile.log'
- local STATUS='rootdir/tmp/webserverconfig.status'
+ local STATUS='downloaded/webserverconfig.status'
rm -f "$STATUS" "$DOWNLOG"
- if downloadfile "http://localhost:8080/_config/set/${1}/${2}" "$STATUS" > "$DOWNLOG"; then
+ local URI
+ if [ -n "$2" ]; then
+ msgtest "Set webserver config option '${1}' to" "$2"
+ URI="http://localhost:8080/_config/set/${1}/${2}"
+ else
+ msgtest 'Clear webserver config option' "${1}"
+ URI="http://localhost:8080/_config/clear/${1}"
+ fi
+ if downloadfile "$URI" "$STATUS" > "$DOWNLOG"; then
msgpass
else
- cat "$DOWNLOG" "$STATUS"
+ cat "$DOWNLOG" "$STATUS" || true
msgfail
fi
- testwebserverlaststatuscode '200'
+ $NOCHECK || testwebserverlaststatuscode '200'
}
rewritesourceslist() {
local APTARCHIVE="file://$(readlink -f "${TMPWORKINGDIRECTORY}/aptarchive")"
for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do
- sed -i $LIST -e "s#$APTARCHIVE#${1}#" -e "s#http://localhost:8080/#${1}#" -e "s#http://localhost:4433/#${1}#"
+ sed -i $LIST -e "s#$APTARCHIVE#${1}#" -e "s#http://localhost:8080/#${1}#" -e "s#https://localhost:4433/#${1}#"
done
}
@@ -974,7 +1029,7 @@ changetohttpswebserver() {
changetowebserver --no-rewrite "$@"
fi
echo "pid = ${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid
-cert = ${TESTDIRECTORY}/apt.pem
+cert = ${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem
output = /dev/null
[https]
@@ -1010,7 +1065,7 @@ acquire::cdrom::autodetect 0;" > rootdir/etc/apt/apt.conf.d/00cdrom
mv "${CD}" "${CD}-unmounted"
# we don't want the disk to be modifiable
addtrap 'prefix' "chmod -f -R +w $PWD/rootdir/media/cdrom/dists/ $PWD/rootdir/media/cdrom-unmounted/dists/ || true;"
- chmod -R -w rootdir/media/cdrom-unmounted/dists
+ chmod -R 555 rootdir/media/cdrom-unmounted/dists
}
downloadfile() {
@@ -1018,7 +1073,7 @@ downloadfile() {
apthelper -o Debug::Acquire::${PROTO}=1 \
download-file "$1" "$2" 2>&1 || true
# only if the file exists the download was successful
- if [ -e "$2" ]; then
+ if [ -r "$2" ]; then
return 0
else
return 1
@@ -1026,7 +1081,7 @@ downloadfile() {
}
checkdiff() {
- local DIFFTEXT="$(command diff -u "$@" | sed -e '/^---/ d' -e '/^+++/ d' -e '/^@@/ d')"
+ local DIFFTEXT="$(command diff -u "$@" 2>&1 | sed -e '/^---/ d' -e '/^+++/ d' -e '/^@@/ d')"
if [ -n "$DIFFTEXT" ]; then
echo >&2
echo >&2 "$DIFFTEXT"
@@ -1050,12 +1105,13 @@ testfileequal() {
testempty() {
msgtest "Test for no output of" "$*"
local COMPAREFILE="${TMPWORKINGDIRECTORY}/rootdir/tmp/testempty.comparefile"
- if $* >$COMPAREFILE 2>&1 && test ! -s $COMPAREFILE; then
+ if "$@" >$COMPAREFILE 2>&1 && test ! -s $COMPAREFILE; then
msgpass
else
cat $COMPAREFILE
msgfail
fi
+ aptautotest 'testempty' "$@"
}
testequal() {
@@ -1072,7 +1128,8 @@ testequal() {
if [ -n "$MSG" ]; then
msgtest "$MSG" "$*"
fi
- $* 2>&1 | checkdiff $COMPAREFILE - && msgpass || msgfail
+ "$@" 2>&1 | checkdiff $COMPAREFILE - && msgpass || msgfail
+ aptautotest 'testequal' "$@"
}
testequalor2() {
@@ -1083,7 +1140,7 @@ testequalor2() {
echo "$2" > $COMPAREFILE2
shift 2
msgtest "Test for equality OR of" "$*"
- $* >$COMPAREAGAINST 2>&1 || true
+ "$@" >$COMPAREAGAINST 2>&1 || true
if checkdiff $COMPAREFILE1 $COMPAREAGAINST >/dev/null 2>&1 || \
checkdiff $COMPAREFILE2 $COMPAREAGAINST >/dev/null 2>&1
then
@@ -1095,6 +1152,7 @@ testequalor2() {
checkdiff $COMPAREFILE2 $COMPAREAGAINST || true
msgfail
fi
+ aptautotest 'testequalor2' "$@"
}
testshowvirtual() {
@@ -1164,6 +1222,36 @@ testmarkedauto() {
aptmark showauto 2>&1 | checkdiff $COMPAREFILE - && msgpass || msgfail
}
+msgfailoutput() {
+ local MSG="$1"
+ local OUTPUT="$2"
+ shift 2
+ echo >&2
+ if [ "$1" = 'grep' ]; then
+ while [ -n "$2" ]; do shift; done
+ echo "#### Complete file: $1 ####"
+ cat >&2 "$1" || true
+ echo '#### grep output ####'
+ elif [ "$1" = 'test' ]; then
+ # doesn't support ! or non-file flags
+ msgfailoutputstatfile() {
+ local FILEFLAGS='^-[bcdefgGhkLOprsStuwx]$'
+ if expr match "$1" "$FILEFLAGS" >/dev/null; then
+ echo "#### stat(2) of file: $2 ####"
+ stat "$2" || true
+ fi
+ }
+ msgfailoutputstatfile "$2" "$3"
+ while [ -n "$5" ] && [ "$4" = '-o' -o "$4" = '-a' ]; do
+ shift 3
+ msgfailoutputstatfile "$2" "$3"
+ done
+ echo '#### test output ####'
+ fi
+ cat >&2 $OUTPUT
+ msgfail "$MSG"
+}
+
testsuccess() {
if [ "$1" = '--nomsg' ]; then
shift
@@ -1171,15 +1259,53 @@ testsuccess() {
msgtest 'Test for successful execution of' "$*"
fi
local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testsuccess.output"
- if $@ >${OUTPUT} 2>&1; then
- msgpass
+ if "$@" >${OUTPUT} 2>&1; then
+ if expr match "$1" '^apt.*' >/dev/null; then
+ if grep -q -E ' runtime error: ' "$OUTPUT"; then
+ msgfailoutput 'compiler detected undefined behavior' "$OUTPUT" "$@"
+ elif grep -q -E '^[WE]: ' "$OUTPUT"; then
+ msgfailoutput 'successful run, but output contains warnings/errors' "$OUTPUT" "$@"
+ else
+ msgpass
+ fi
+ else
+ msgpass
+ fi
else
+ local EXITCODE=$?
+ msgfailoutput "exitcode $EXITCODE" "$OUTPUT" "$@"
+ fi
+ aptautotest 'testsuccess' "$@"
+}
+testwarning() {
+ if [ "$1" = '--nomsg' ]; then
+ shift
+ else
+ msgtest 'Test for successful execution with warnings of' "$*"
+ fi
+ local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testsuccess.output"
+ if "$@" >${OUTPUT} 2>&1; then
+ if expr match "$1" '^apt.*' >/dev/null; then
+ if grep -q -E ' runtime error: ' "$OUTPUT"; then
+ msgfailoutput 'compiler detected undefined behavior' "$OUTPUT" "$@"
+ elif grep -q -E '^E: ' "$OUTPUT"; then
+ msgfailoutput 'successful run, but output contains errors' "$OUTPUT" "$@"
+ elif ! grep -q -E '^W: ' "$OUTPUT"; then
+ msgfailoutput 'successful run, but output contains no warnings' "$OUTPUT" "$@"
+ else
+ msgpass
+ fi
+ else
+ msgpass
+ fi
+ else
+ local EXITCODE=$?
echo >&2
cat >&2 $OUTPUT
- msgfail
+ msgfail "exitcode $EXITCODE"
fi
+ aptautotest 'testwarning' "$@"
}
-
testfailure() {
if [ "$1" = '--nomsg' ]; then
shift
@@ -1187,22 +1313,48 @@ testfailure() {
msgtest 'Test for failure in execution of' "$*"
fi
local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testfailure.output"
- if $@ >${OUTPUT} 2>&1; then
- echo >&2
- cat >&2 $OUTPUT
- msgfail
+ if "$@" >${OUTPUT} 2>&1; then
+ local EXITCODE=$?
+ msgfailoutput "exitcode $EXITCODE" "$OUTPUT" "$@"
else
+ local EXITCODE=$?
+ if expr match "$1" '^apt.*' >/dev/null; then
+ if grep -q -E ' runtime error: ' "$OUTPUT"; then
+ msgfailoutput 'compiler detected undefined behavior' "$OUTPUT" "$@"
+ elif ! grep -q -E '^E: ' "$OUTPUT"; then
+ msgfailoutput "run failed with exitcode ${EXITCODE}, but with no errors" "$OUTPUT" "$@"
+ else
+ msgpass
+ fi
+ else
+ msgpass
+ fi
+ fi
+ aptautotest 'testfailure' "$@"
+}
+
+testfilestats() {
+ msgtest "Test that file $1 has $2 $3" "$4"
+ if [ "$4" "$3" "$(stat --format "$2" "$1")" ]; then
msgpass
+ else
+ echo >&2
+ ls -l >&2 "$1"
+ echo -n >&2 "stat(1) reports for $2: "
+ stat --format "$2" "$1"
+ msgfail
fi
}
+testaccessrights() {
+ testfilestats "$1" '%a' '=' "$2"
+}
testwebserverlaststatuscode() {
local DOWNLOG='rootdir/tmp/webserverstatus-testfile.log'
- local STATUS='rootdir/tmp/webserverstatus-statusfile.log'
+ local STATUS='downloaded/webserverstatus-statusfile.log'
rm -f "$DOWNLOG" "$STATUS"
msgtest 'Test last status code from the webserver was' "$1"
- downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG"
- if [ "$(cat "$STATUS")" = "$1" ]; then
+ if downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG" && [ "$(cat "$STATUS")" = "$1" ]; then
msgpass
else
echo >&2
@@ -1222,3 +1374,43 @@ pause() {
local IGNORE
read IGNORE
}
+
+listcurrentlistsdirectory() {
+ find rootdir/var/lib/apt/lists -maxdepth 1 -type d | while read line; do
+ stat --format '%U:%G:%a:%n' "$line"
+ done
+ find rootdir/var/lib/apt/lists -maxdepth 1 \! -type d | while read line; do
+ stat --format '%U:%G:%a:%s:%y:%n' "$line"
+ done
+}
+
+### The following tests are run by most test methods automatically to check
+### general things about commands executed without writing the test every time.
+
+aptautotest() {
+ local TESTCALL="$1"
+ local CMD="$2"
+ local FIRSTOPT="$3"
+ local AUTOTEST="aptautotest_$(basename "$CMD" | tr -d '-')_$(echo "$FIRSTOPT" | tr -d '-')"
+ if command -v $AUTOTEST >/dev/null; then
+ shift 3
+ # save and restore the *.output files from other tests
+ # as we might otherwise override them in these automatic tests
+ rm -rf ${TMPWORKINGDIRECTORY}/rootdir/tmp-before
+ mv ${TMPWORKINGDIRECTORY}/rootdir/tmp ${TMPWORKINGDIRECTORY}/rootdir/tmp-before
+ mkdir ${TMPWORKINGDIRECTORY}/rootdir/tmp
+ $AUTOTEST "$TESTCALL" "$@"
+ rm -rf ${TMPWORKINGDIRECTORY}/rootdir/tmp-aptautotest
+ mv ${TMPWORKINGDIRECTORY}/rootdir/tmp ${TMPWORKINGDIRECTORY}/rootdir/tmp-aptautotest
+ mv ${TMPWORKINGDIRECTORY}/rootdir/tmp-before ${TMPWORKINGDIRECTORY}/rootdir/tmp
+ fi
+}
+
+aptautotest_aptget_update() {
+ if ! test -d "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists"; then return; fi
+ # all copied files are properly chmodded
+ for file in $(find "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists" -maxdepth 1 -type f); do
+ testfilestats "$file" '%U:%G:%a' '=' "${USER}:${USER}:644"
+ done
+}
+aptautotest_apt_update() { aptautotest_aptget_update "$@"; }
diff --git a/test/integration/run-tests b/test/integration/run-tests
index c39a2ac68..6c6a37611 100755
--- a/test/integration/run-tests
+++ b/test/integration/run-tests
@@ -46,7 +46,11 @@ for testcase in $(run-parts --list $DIR | grep '/test-'); do
if ! ${testcase}; then
FAIL=$((FAIL+1))
FAILED_TESTS="$FAILED_TESTS $(basename $testcase)"
- echo >&2 "$(basename $testcase) ... FAIL"
+ if [ "$MSGLEVEL" -le 2 ]; then
+ printf >&2 "\n${CHIGH}Running $(basename $testcase) -> FAILED${CRESET}"
+ else
+ echo >&2 "${CHIGH}Running $(basename $testcase) -> FAILED${CRESET}"
+ fi
else
PASS=$((PASS+1))
fi
diff --git a/test/integration/skip-aptwebserver b/test/integration/skip-aptwebserver
new file mode 100755
index 000000000..0622941ce
--- /dev/null
+++ b/test/integration/skip-aptwebserver
@@ -0,0 +1,25 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture 'amd64'
+
+buildsimplenativepackage 'apt' 'all' '1.0' 'stable'
+
+setupaptarchive
+changetowebserver
+
+rm -rf rootdir/var/lib/apt/lists
+aptget update -qq
+testequal 'Hit http://localhost stable InRelease
+Hit http://localhost stable/main Sources
+Hit http://localhost stable/main amd64 Packages
+Hit http://localhost stable/main Translation-en
+Reading package lists...' aptget update
+
+mv rootdir/var/lib/apt/lists/localhost* rootdir/var/lib/apt/lists/partial
+aptget update
+
diff --git a/test/integration/test-allow-scores-for-all-dependency-types b/test/integration/test-allow-scores-for-all-dependency-types
index a5c98f3d6..d1bcf1130 100755
--- a/test/integration/test-allow-scores-for-all-dependency-types
+++ b/test/integration/test-allow-scores-for-all-dependency-types
@@ -39,6 +39,7 @@ insertinstalledpackage 'libdb-dev' 'amd64' '5.1.7' 'Depends: libdb5.1-dev'
insertinstalledpackage 'libdb5.1-dev' 'amd64' '5.1.29-7'
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
libdb5.1-dev
The following NEW packages will be installed:
@@ -53,6 +54,7 @@ Conf libdb5.3-dev (5.3.28-3 unversioned [amd64])
Conf libdb-dev (5.3.0 unversioned [amd64])' aptget dist-upgrade -st unversioned
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
libdb5.1-dev
The following NEW packages will be installed:
@@ -71,21 +73,25 @@ insertinstalledpackage 'foo' 'amd64' '1'
insertinstalledpackage 'bar' 'amd64' '1'
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages have been kept back:
bar foo
0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.' aptget dist-upgrade -st unversioned
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages have been kept back:
bar foo
0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.' aptget dist-upgrade -st versioned
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages have been kept back:
bar foo
0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.' aptget dist-upgrade -st multipleno
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
foo
The following packages will be upgraded:
diff --git a/test/integration/test-apt-by-hash-update b/test/integration/test-apt-by-hash-update
new file mode 100755
index 000000000..d9d0b146f
--- /dev/null
+++ b/test/integration/test-apt-by-hash-update
@@ -0,0 +1,49 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+insertpackage 'unstable' 'foo' 'all' '1.0'
+
+setupaptarchive --no-update
+
+APTARCHIVE=$(readlink -f ./aptarchive)
+
+# make Packages *only* accessable by-hash for this test
+mkdir -p aptarchive/dists/unstable/main/binary-i386/by-hash/SHA512
+(cd aptarchive/dists/unstable/main/binary-i386/by-hash/SHA512 &&
+ mv ../../Packages* . &&
+ ln -s Packages.gz $(sha512sum Packages.gz|cut -f1 -d' ') )
+
+# add sources
+mkdir -p aptarchive/dists/unstable/main/source/by-hash/SHA512
+(cd aptarchive/dists/unstable/main/source/by-hash/SHA512 &&
+ ln -s ../../Sources.gz $(sha512sum ../../Sources.gz|cut -f1 -d' ')
+)
+
+# we moved the Packages file away, normal update won't work
+testfailure aptget upate
+
+# ensure we do not know about "foo"
+testequal "Reading package lists...
+Building dependency tree...
+E: Unable to locate package foo" aptget install -q -s foo
+
+# ensure we can apt-get update by hash
+testsuccess aptget update -o APT::Acquire::By-Hash=1 -o Acquire::Languages=none
+
+# ensure it works
+testequal "Inst foo (1.0 unstable [all])
+Conf foo (1.0 unstable [all])" aptget install -qq -s foo
+
+# add magic string to Release file ...
+MAGIC="Acquire-By-Hash: true"
+sed -i "s#Suite: unstable#Suite: unstable\n$MAGIC#" aptarchive/dists/unstable/Release
+signreleasefiles
+# ... and verify that it fetches by hash now
+testsuccess aptget update -o Acquire::Languages=none
+
diff --git a/test/integration/test-apt-cdrom b/test/integration/test-apt-cdrom
index 44eccb7bf..3a33219fe 100755
--- a/test/integration/test-apt-cdrom
+++ b/test/integration/test-apt-cdrom
@@ -21,7 +21,7 @@ echo 'Description-de: automatisch generiertes Testpaket testing=0.8.15/stable
' >> Translation-de
compressfile Translation-de
rm -f Translation-en Translation-de
-chmod -R -w .
+chmod -R 555 .
cd - > /dev/null
aptcdromlog() {
@@ -29,7 +29,7 @@ aptcdromlog() {
test ! -e rootdir/media/cdrom || echo "CD-ROM is mounted, but shouldn't be!"
test -e rootdir/media/cdrom-unmounted || echo "Unmounted CD-ROM doesn't exist, but it should!"
aptcdrom "$@" -o quiet=1 >rootdir/tmp/apt-cdrom.log 2>&1 </dev/null
- sed -e '/gpgv/ d' -e '/^Identifying/ d' -e '/Reading / d' rootdir/tmp/apt-cdrom.log
+ sed -e '/gpgv\?: Signature made/ d' -e '/gpgv\?: Good signature/ d' -e '/^Identifying/ d' -e '/Reading / d' rootdir/tmp/apt-cdrom.log
test ! -e rootdir/media/cdrom || echo "CD-ROM is mounted, but shouldn't be!"
test -e rootdir/media/cdrom-unmounted || echo "Unmounted CD-ROM doesn't exist, but it should!"
}
@@ -99,6 +99,7 @@ Conf testing:i386 (0.8.15 stable [i386])' aptget install testing:i386 -s
testsuccess aptget purge testing:i386 -y
testdpkgnotinstalled testing:i386
+ cd downloaded
rm -f testing_0.8.15_amd64.deb
testsuccess aptget download testing
testsuccess test -s testing_0.8.15_amd64.deb
@@ -108,6 +109,7 @@ Conf testing:i386 (0.8.15 stable [i386])' aptget install testing:i386 -s
testsuccess aptget source testing --dsc-only -d
testsuccess test -s testing_0.8.15.dsc
rm -f testing_0.8.15.dsc
+ cd - >/dev/null
}
testcdromusage
@@ -142,3 +144,8 @@ testcdromusage
testsuccess aptget update
testfileequal rootdir/tmp/testsuccess.output 'Reading package lists...'
testcdromusage
+
+msgmsg 'Check that nothing touched our' 'CD-ROM'
+for file in $(find rootdir/media/cdrom-unmounted/dists); do
+ testfilestats "$file" '%U:%G:%a' '=' "${USER}:${USER}:555"
+done
diff --git a/test/integration/test-apt-cli-update b/test/integration/test-apt-cli-update
index 8237bf03f..987bb9adb 100755
--- a/test/integration/test-apt-cli-update
+++ b/test/integration/test-apt-cli-update
@@ -10,7 +10,7 @@ configarchitecture "i386"
insertpackage 'unstable' 'foo' 'all' '2.0'
insertinstalledpackage 'foo' 'all' '1.0'
-setupaptarchive
+setupaptarchive --no-update
APTARCHIVE=$(readlink -f ./aptarchive)
diff --git a/test/integration/test-apt-ftparchive-src-cachedb b/test/integration/test-apt-ftparchive-src-cachedb
index adcca6217..e7b148530 100755
--- a/test/integration/test-apt-ftparchive-src-cachedb
+++ b/test/integration/test-apt-ftparchive-src-cachedb
@@ -177,6 +177,11 @@ assert_correct_sources_file
mkdir aptarchive/pool/invalid
printf "meep" > aptarchive/pool/invalid/invalid_1.0.dsc
testequal "
+E: Could not find a record in the DSC 'aptarchive/pool/invalid/invalid_1.0.dsc'" aptftparchive sources aptarchive/pool/invalid
+rm -f aptarchive/pool/invalid/invalid_1.0.dsc
+
+printf "meep: yes" > aptarchive/pool/invalid/invalid_1.0.dsc
+testequal "
E: Could not find a Source entry in the DSC 'aptarchive/pool/invalid/invalid_1.0.dsc'" aptftparchive sources aptarchive/pool/invalid
rm -f aptarchive/pool/invalid/invalid_1.0.dsc
diff --git a/test/integration/test-apt-get-build-dep b/test/integration/test-apt-get-build-dep
new file mode 100755
index 000000000..87ec6e54d
--- /dev/null
+++ b/test/integration/test-apt-get-build-dep
@@ -0,0 +1,129 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+buildsimplenativepackage 'debhelper' 'i386' '7' 'stable'
+buildsimplenativepackage 'build-essential' 'i386' '1' 'stable'
+
+setupaptarchive
+cat > 2vcard_0.5-3.dsc <<EOF
+Format: 1.0
+Source: 2vcard
+Binary: 2vcard
+Architecture: all
+Version: 0.5-3
+Maintainer: Martin Albisetti <argentina@gmail.com>
+Uploaders: Marcela Tiznado <mlt@debian.org>
+Standards-Version: 3.8.0
+Build-Depends: debhelper (>= 5.0.37)
+Checksums-Sha1:
+ b7f1ce31ec856414a3f0f1090689f91aa7456d56 9398 2vcard_0.5.orig.tar.gz
+ 5f9acd07ebda6ab00fa6b4fe3198c13e94090862 2036 2vcard_0.5-3.diff.gz
+Checksums-Sha256:
+ efdc22859ac2f8f030d038dc4faa9020082ebae34212498c288968ffd45c9764 9398 2vcard_0.5.orig.tar.gz
+ 82673ff3456af571094066c89bcea87b25c23c87cf1d0050b731e5222563626b 2036 2vcard_0.5-3.diff.gz
+Files:
+ f73a69c170f772f3f6e75f2d11bbb792 9398 2vcard_0.5.orig.tar.gz
+ 1e806d32233af87437258d86b1561f57 2036 2vcard_0.5-3.diff.gz
+EOF
+
+testequal "Reading package lists...
+Building dependency tree...
+Note, using file '2vcard_0.5-3.dsc' to get the build dependencies
+The following NEW packages will be installed:
+ build-essential debhelper
+0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
+Inst build-essential (1 stable [i386])
+Inst debhelper (7 stable [i386])
+Conf build-essential (1 stable [i386])
+Conf debhelper (7 stable [i386])" aptget build-dep -s 2vcard_0.5-3.dsc
+
+cat > 2vcard_0.5-3.dsc <<EOF
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Format: 1.0
+Source: 2vcard
+Binary: 2vcard
+Architecture: all
+Version: 0.5-3
+Maintainer: Martin Albisetti <argentina@gmail.com>
+Uploaders: Marcela Tiznado <mlt@debian.org>
+Standards-Version: 3.8.0
+Build-Depends: debhelper (>= 5.0.37)
+Checksums-Sha1:
+ b7f1ce31ec856414a3f0f1090689f91aa7456d56 9398 2vcard_0.5.orig.tar.gz
+ 5f9acd07ebda6ab00fa6b4fe3198c13e94090862 2036 2vcard_0.5-3.diff.gz
+Checksums-Sha256:
+ efdc22859ac2f8f030d038dc4faa9020082ebae34212498c288968ffd45c9764 9398 2vcard_0.5.orig.tar.gz
+ 82673ff3456af571094066c89bcea87b25c23c87cf1d0050b731e5222563626b 2036 2vcard_0.5-3.diff.gz
+Files:
+ f73a69c170f772f3f6e75f2d11bbb792 9398 2vcard_0.5.orig.tar.gz
+ 1e806d32233af87437258d86b1561f57 2036 2vcard_0.5-3.diff.gz
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.9 (GNU/Linux)
+
+iEYEARECAAYFAkijKhsACgkQsrBfRdYmq7aA2gCfaOW9riTYVQMx5ajKQVAcctlC
+z2UAn1oXgTai6opwhVfkxrlmJ+iRxzuc
+=4eRd
+-----END PGP SIGNATURE-----
+EOF
+
+testequal "Reading package lists...
+Building dependency tree...
+Note, using file '2vcard_0.5-3.dsc' to get the build dependencies
+The following NEW packages will be installed:
+ build-essential debhelper
+0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
+Inst build-essential (1 stable [i386])
+Inst debhelper (7 stable [i386])
+Conf build-essential (1 stable [i386])
+Conf debhelper (7 stable [i386])" aptget build-dep --simulate 2vcard_0.5-3.dsc
+
+
+# unpacked source dir
+mkdir -p foo-1.0/debian
+cat > foo-1.0/debian/control <<'EOF'
+Source: apturl
+Section: admin
+Priority: optional
+Maintainer: Michael Vogt <mvo@ubuntu.com>
+Build-Depends: debhelper (>= 7)
+X-Python3-Version: >= 3.2
+Standards-Version: 3.9.3
+
+Package: apturl-common
+Architecture: any
+Depends: ${python3:Depends},
+ ${shlibs:Depends},
+ ${misc:Depends},
+ python3-apt,
+ python3-update-manager
+Replaces: apturl (<< 0.3.6ubuntu2)
+Description: install packages using the apt protocol - common data
+ AptUrl is a simple graphical application that takes an URL (which follows the
+ apt-protocol) as a command line option, parses it and carries out the
+ operations that the URL describes (that is, it asks the user if he wants the
+ indicated packages to be installed and if the answer is positive does so for
+ him).
+ .
+ This package contains the common data shared between the frontends.
+
+EOF
+
+testequal "Reading package lists...
+Building dependency tree...
+Note, using directory './foo-1.0' to get the build dependencies
+The following NEW packages will be installed:
+ build-essential debhelper
+0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
+Inst build-essential (1 stable [i386])
+Inst debhelper (7 stable [i386])
+Conf build-essential (1 stable [i386])
+Conf debhelper (7 stable [i386])" aptget build-dep --simulate ./foo-1.0
diff --git a/test/integration/test-apt-get-changelog b/test/integration/test-apt-get-changelog
index 4ee113482..648dccf40 100755
--- a/test/integration/test-apt-get-changelog
+++ b/test/integration/test-apt-get-changelog
@@ -13,26 +13,36 @@ setupaptarchive --no-update
changetowebserver
testsuccess aptget update
+# simulate normal user with non-existent root-owned directories
+rm -rf rootdir/var/cache/apt/archives/
+mkdir rootdir/var/cache/apt/archives/
+addtrap 'prefix' "chmod -f -R +w $PWD/rootdir/var/cache/apt/archives || true;"
+chmod -R -w rootdir/var/cache/apt/archives
+
echo 'Apt::Changelogs::Server "http://localhost:8080/";' > rootdir/etc/apt/apt.conf.d/changelog.conf
-testequal "'http://localhost:8080//pool/apt_1.0/changelog'" aptget changelog apt --print-uris
+testequal "'http://localhost:8080/pool/apt_1.0/changelog'" aptget changelog apt --print-uris
+
+testequal "'http://localhost:8080/pool/apt_1.0/changelog'
+'http://localhost:8080/pool/apt_1.0/changelog'" aptget changelog apt apt --print-uris
-testequal "'http://localhost:8080//pool/apt_1.0/changelog'
-'http://localhost:8080//pool/apt_1.0/changelog'" aptget changelog apt apt --print-uris
+cd downloaded
-aptget changelog apt -qq > apt.changelog
-testfileequal 'apt.changelog' "$(cat aptarchive/pool/apt_1.0/changelog)"
-rm apt.changelog
+testsuccess aptget changelog apt -qq
+testfileequal '../rootdir/tmp/testsuccess.output' "$(cat ../aptarchive/pool/apt_1.0/changelog)"
testsuccess aptget changelog apt -d
-testfileequal 'apt.changelog' "$(cat aptarchive/pool/apt_1.0/changelog)"
-rm apt.changelog aptarchive/pool/apt_1.0/changelog
+testfileequal 'apt.changelog' "$(cat ../aptarchive/pool/apt_1.0/changelog)"
+testfilestats 'apt.changelog' '%U:%G:%a' '=' "${USER}:${USER}:644"
+rm -f apt.changelog ../aptarchive/pool/apt_1.0/changelog
-testequal "$(cat aptarchive/pool/apt_1.0.changelog)" aptget changelog apt \
+testequal "$(cat ../aptarchive/pool/apt_1.0.changelog)" aptget changelog apt \
-qq -o APT::Changelogs::Server='http://not-on-the-main-server:8080/'
testsuccess aptget changelog apt -d
-testfileequal 'apt.changelog' "$(cat aptarchive/pool/apt_1.0.changelog)"
-rm apt.changelog aptarchive/pool/apt_1.0.changelog
+testfileequal 'apt.changelog' "$(cat ../aptarchive/pool/apt_1.0.changelog)"
+testfilestats 'apt.changelog' '%U:%G:%a' '=' "${USER}:${USER}:644"
+rm -f apt.changelog ../aptarchive/pool/apt_1.0.changelog
-testequal 'E: changelog download failed' aptget changelog apt -qq -o APT::Changelogs::Server='http://not-on-the-main-server:8080/'
+testequal 'E: changelog download failed' aptget changelog apt -qq -d -o APT::Changelogs::Server='http://not-on-the-main-server:8080/'
+testfailure test -e apt.changelog
diff --git a/test/integration/test-apt-get-clean b/test/integration/test-apt-get-clean
new file mode 100755
index 000000000..457bff9d3
--- /dev/null
+++ b/test/integration/test-apt-get-clean
@@ -0,0 +1,35 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture 'amd64'
+
+insertpackage 'testing' 'foo' 'all' '1'
+insertpackage 'unstable' 'foo' 'all' '2'
+insertinstalledpackage 'foo' 'all' '3'
+
+setupaptarchive
+
+# nothing to do always works
+testsuccess aptget clean
+
+# generate some dirt and clean it up
+touch rootdir/var/lib/apt/lists/partial/http.debian.net_debian_dists_sid_main_i18n_Translation-en
+mkdir -p rootdir/var/cache/apt/archives
+touch rootdir/var/cache/apt/archives/foo_1_all.deb
+touch rootdir/var/cache/apt/archives/foo_2_all.deb
+touch rootdir/var/cache/apt/archives/foo_3_all.deb
+touch rootdir/var/cache/apt/archives/foo_4_all.deb
+
+testsuccess aptget clean
+
+testfailure test -e rootdir/var/lib/apt/lists/partial/http.debian.net_debian_dists_sid_main_i18n_Translation-en
+testfailure test -e rootdir/var/cache/apt/archives/foo_1_all.deb
+testfailure test -e rootdir/var/cache/apt/archives/foo_2_all.deb
+testfailure test -e rootdir/var/cache/apt/archives/foo_3_all.deb
+testfailure test -e rootdir/var/cache/apt/archives/foo_4_all.deb
+
+
diff --git a/test/integration/test-apt-get-download b/test/integration/test-apt-get-download
index be3144e1f..6503bbd1c 100755
--- a/test/integration/test-apt-get-download
+++ b/test/integration/test-apt-get-download
@@ -11,7 +11,26 @@ buildsimplenativepackage 'apt' 'all' '1.0' 'stable'
buildsimplenativepackage 'apt' 'all' '2.0' 'unstable'
insertinstalledpackage 'vrms' 'all' '1.0'
-setupaptarchive
+OLD_UMASK="$(umask)"
+umask 0027
+setupaptarchive --no-update
+umask "$OLD_UMASK"
+
+# directories should be readable by everyone
+find aptarchive/dists -type d | while read dir; do
+ chmod o+rx "$dir"
+done
+# apt-ftparchive knows how to chmod files
+find aptarchive/dists -name '*Packages*' -type f | while read file; do
+ testaccessrights "$file" '644'
+ chmod 640 "$file"
+done
+# created by the framework without special care
+find aptarchive/dists -name '*Release*' -type f | while read file; do
+ testaccessrights "$file" '640'
+done
+
+testsuccess aptget update
testdownload() {
local APT="$2"
@@ -20,18 +39,34 @@ testdownload() {
fi
msgtest "Test download of package file $1 with" "$APT"
testsuccess --nomsg aptget download ${APT}
- testsuccess test -f $1
- rm $1
+ testsuccess test -f "$1"
+ rm -f "$1"
}
+# normal case as "root"
+OLDPWD="$(pwd)"
+cd downloaded
+testdownload apt_2.0_all.deb apt
+cd "$OLDPWD"
+
+# simulate normal user with non-existent root-owned directories
+rm -rf rootdir/var/cache/apt/archives/
+mkdir rootdir/var/cache/apt/archives/
+addtrap 'prefix' "chmod -f -R +w $PWD/rootdir/var/cache/apt/archives || true;"
+chmod -R -w rootdir/var/cache/apt/archives
+
+OLDPWD="$(pwd)"
+cd downloaded
+
# normal case(es)
testdownload apt_1.0_all.deb apt stable
testdownload apt_2.0_all.deb apt
-DEBFILE="$(readlink -f aptarchive)/pool/apt_2.0_all.deb"
+DEBFILE="$(readlink -f ../aptarchive)/pool/apt_2.0_all.deb"
testequal "'file://${DEBFILE}' apt_2.0_all.deb $(stat -c%s $DEBFILE) SHA512:$(sha512sum $DEBFILE | cut -d' ' -f 1)" aptget download apt --print-uris
# deb:677887
+testequal "E: Can't find a source to download version '1.0' of 'vrms:i386'" aptget download vrms --print-uris
testequal "E: Can't find a source to download version '1.0' of 'vrms:i386'" aptget download vrms
# deb:736962
@@ -45,3 +80,21 @@ rm -f apt_1.0_all.deb apt_2.0_all.deb
testsuccess aptget download apt apt apt/unstable apt=2.0
testsuccess test -s apt_2.0_all.deb
+# restore "root" rights
+cd "$OLDPWD"
+chmod -f -R +w $PWD/rootdir/var/cache/apt/archives
+rm -rf rootdir/var/cache/apt/archives/
+
+# file: debs aren't copied to archives, so change to http which obviously are
+changetowebserver
+testsuccess aptget update
+
+# test with already stored deb
+testsuccess aptget install -d apt
+testsuccess test -s rootdir/var/cache/apt/archives/apt_2.0_all.deb
+testaccessrights 'aptarchive/pool/apt_2.0_all.deb' '644'
+mv aptarchive/pool/apt_2.0_all.deb aptarchive/pool/apt_2.0_all.deb.gone
+cd downloaded
+testdownload apt_2.0_all.deb apt
+cd "$OLDPWD"
+mv aptarchive/pool/apt_2.0_all.deb.gone aptarchive/pool/apt_2.0_all.deb
diff --git a/test/integration/test-apt-get-install-deb b/test/integration/test-apt-get-install-deb
new file mode 100755
index 000000000..700009da5
--- /dev/null
+++ b/test/integration/test-apt-get-install-deb
@@ -0,0 +1,30 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+# regression test for #754904
+testequal 'E: Unable to locate package /dev/null' aptget install -qq /dev/null
+
+# and ensure we fail for invalid debs
+cat > foo.deb <<EOF
+I'm not a deb, I'm a teapot.
+EOF
+testequal 'E: Sub-process Popen returned an error code (100)
+E: Encountered a section with no Package: header
+E: Problem with MergeLister for ./foo.deb
+E: The package lists or status file could not be parsed or opened.' aptget install -qq ./foo.deb
+
+# fakeroot is currently not found, framwork needs updating
+#
+#buildsimplenativepackage 'foo' 'all' '1.0'
+#
+#testequal 'Selecting previously unselected package foo.
+#(Reading database ... 0 files and directories currently installed.)
+# Preparing to unpack .../incoming/foo_1.0_all.deb ...
+#Unpacking foo (1.0) ...
+#Setting up foo (1.0) ...' aptget install -qq ./incoming/foo_1.0_all.deb
diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source
index 33bd980d0..b27cbbe96 100755
--- a/test/integration/test-apt-get-source
+++ b/test/integration/test-apt-get-source
@@ -82,3 +82,7 @@ testequal "$HEADER
Need to get 0 B of source archives.
'file://${APTARCHIVE}/foo_0.0.1.dsc' foo_0.0.1.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e
'file://${APTARCHIVE}/foo_0.0.1.tar.gz' foo_0.0.1.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris -t unstable foo=0.0.1
+
+testequal "$HEADER
+Need to get 0 B of source archives.
+Fetch source foo" aptget source -q -s foo
diff --git a/test/integration/test-apt-get-source-authenticated b/test/integration/test-apt-get-source-authenticated
index 2cee13923..f68c32386 100755
--- a/test/integration/test-apt-get-source-authenticated
+++ b/test/integration/test-apt-get-source-authenticated
@@ -21,11 +21,14 @@ APTARCHIVE=$(readlink -f ./aptarchive)
rm -f $APTARCHIVE/dists/unstable/*Release*
# update without authenticated InRelease file
-testsuccess aptget update
+testwarning aptget update --allow-insecure-repositories
# this all should fail
testfailure aptget install -y foo
+cd downloaded
testfailure aptget source foo
-
+testfailure test -e foo_2.0.dsc
# allow overriding the warning
-testsuccess aptget source --allow-unauthenticated foo
+testsuccess aptget source --allow-unauthenticated foo -o Debug::pkgAcquire::Worker=1
+testsuccess test -s foo_2.0.dsc -a -L foo_2.0.dsc
+testaccessrights 'foo_2.0.dsc' '777'
diff --git a/test/integration/test-apt-get-update-unauth-warning b/test/integration/test-apt-get-update-unauth-warning
new file mode 100755
index 000000000..0389415c1
--- /dev/null
+++ b/test/integration/test-apt-get-update-unauth-warning
@@ -0,0 +1,43 @@
+#!/bin/sh
+#
+# ensure we print warnings for unauthenticated repositories
+#
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+# a "normal" package with source and binary
+buildsimplenativepackage 'foo' 'all' '2.0'
+
+setupaptarchive --no-update
+
+APTARCHIVE=$(readlink -f ./aptarchive)
+rm -f $APTARCHIVE/dists/unstable/*Release*
+
+# update without authenticated files leads to warning
+testequal "Ign file: unstable InRelease
+ File not found
+Err file: unstable Release
+ File not found
+W: The repository 'file: unstable Release' does not have a Release file. This is deprecated, please contact the owner of the repository.
+E: Use --allow-insecure-repositories to force the update" aptget update --no-allow-insecure-repositories
+
+# no package foo
+testequal "Listing..." apt list foo
+testequal "partial" ls rootdir/var/lib/apt/lists
+
+# allow override
+testequal "Ign file: unstable InRelease
+ File not found
+Ign file: unstable Release
+ File not found
+Reading package lists...
+W: The repository 'file: unstable Release' does not have a Release file. This is deprecated, please contact the owner of the repository." aptget update --allow-insecure-repositories
+# ensure we can not install the package
+testequal "WARNING: The following packages cannot be authenticated!
+ foo
+E: There are problems and -y was used without --force-yes" aptget install -qq -y foo
diff --git a/test/integration/test-apt-get-upgrade b/test/integration/test-apt-get-upgrade
index 23446299c..d042e4fb7 100755
--- a/test/integration/test-apt-get-upgrade
+++ b/test/integration/test-apt-get-upgrade
@@ -8,29 +8,25 @@ setupenvironment
configarchitecture "i386"
# simple case
-insertpackage 'stable' 'upgrade-simple' 'all' '1.0'
+insertpackage 'stable,installed' 'upgrade-simple' 'all' '1.0'
insertpackage 'unstable' 'upgrade-simple' 'all' '2.0'
-insertinstalledpackage 'upgrade-simple' 'all' '1.0'
# upgrade with a new dependency
-insertpackage 'stable' 'upgrade-with-new-dep' 'all' '1.0'
+insertpackage 'stable,installed' 'upgrade-with-new-dep' 'all' '1.0'
insertpackage 'unstable' 'upgrade-with-new-dep' 'all' '2.0' 'Depends: new-dep'
insertpackage 'stable' 'new-dep' 'all' '1.0'
-insertinstalledpackage 'upgrade-with-new-dep' 'all' '1.0'
# upgrade with conflict and a new pkg with higher priority than conflict
-insertpackage 'stable' 'upgrade-with-conflict' 'all' '1.0'
+insertpackage 'stable,installed' 'upgrade-with-conflict' 'all' '1.0'
insertpackage 'unstable' 'upgrade-with-conflict' 'all' '2.0' 'Conflicts: conflicting-dep' 'standard'
-insertpackage 'stable' 'conflicting-dep' 'all' '1.0'
-insertinstalledpackage 'upgrade-with-conflict' 'all' '1.0'
-insertinstalledpackage 'conflicting-dep' 'all' '1.0'
-
+insertpackage 'stable,installed' 'conflicting-dep' 'all' '1.0'
setupaptarchive
# Test if normal upgrade works as expected
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages have been kept back:
upgrade-with-conflict upgrade-with-new-dep
The following packages will be upgraded:
@@ -42,6 +38,7 @@ Conf upgrade-simple (2.0 unstable [all])' aptget -s upgrade
# Test if apt-get upgrade --with-new-pkgs works
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following NEW packages will be installed:
new-dep
The following packages have been kept back:
@@ -59,6 +56,7 @@ Conf upgrade-with-new-dep (2.0 unstable [all])' aptget -s upgrade --with-new-pkg
# Test if apt-get dist-upgrade works
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
conflicting-dep
The following NEW packages will be installed:
diff --git a/test/integration/test-apt-helper b/test/integration/test-apt-helper
index c749224ca..06e497ff7 100755
--- a/test/integration/test-apt-helper
+++ b/test/integration/test-apt-helper
@@ -5,31 +5,31 @@ TESTDIR=$(readlink -f $(dirname $0))
. $TESTDIR/framework
setupenvironment
-configarchitecture "i386"
+configarchitecture 'i386'
changetohttpswebserver
test_apt_helper_download() {
- echo "foo" > aptarchive/foo
+ echo 'foo' > aptarchive/foo
- msgtest 'apt-file download-file md5sum'
- apthelper -qq download-file http://localhost:8080/foo foo2 MD5Sum:d3b07384d113edec49eaa6238ad5ff00 && msgpass || msgfail
- testfileequal foo2 'foo'
+ msgtest 'apt-file download-file' 'md5sum'
+ apthelper -qq download-file http://localhost:8080/foo downloaded/foo2 MD5Sum:d3b07384d113edec49eaa6238ad5ff00 && msgpass || msgfail
+ testfileequal downloaded/foo2 'foo'
- msgtest 'apt-file download-file sha1'
- apthelper -qq download-file http://localhost:8080/foo foo1 SHA1:f1d2d2f924e986ac86fdf7b36c94bcdf32beec15 && msgpass || msgfail
- testfileequal foo1 'foo'
+ msgtest 'apt-file download-file' 'sha1'
+ apthelper -qq download-file http://localhost:8080/foo downloaded/foo1 SHA1:f1d2d2f924e986ac86fdf7b36c94bcdf32beec15 && msgpass || msgfail
+ testfileequal downloaded/foo1 'foo'
- msgtest 'apt-file download-file sha256'
- apthelper -qq download-file http://localhost:8080/foo foo3 SHA256:b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c && msgpass || msgfail
- testfileequal foo3 'foo'
+ msgtest 'apt-file download-file' 'sha256'
+ apthelper -qq download-file http://localhost:8080/foo downloaded/foo3 SHA256:b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c && msgpass || msgfail
+ testfileequal downloaded/foo3 'foo'
- msgtest 'apt-file download-file no-hash'
- apthelper -qq download-file http://localhost:8080/foo foo4 && msgpass || msgfail
- testfileequal foo4 'foo'
+ msgtest 'apt-file download-file' 'no-hash'
+ apthelper -qq download-file http://localhost:8080/foo downloaded/foo4 && msgpass || msgfail
+ testfileequal downloaded/foo4 'foo'
- msgtest 'apt-file download-file wrong hash'
- if ! apthelper -qq download-file http://localhost:8080/foo foo5 MD5Sum:aabbcc 2>&1 2> download.stderr; then
+ msgtest 'apt-file download-file' 'wrong hash'
+ if ! apthelper -qq download-file http://localhost:8080/foo downloaded/foo5 MD5Sum:aabbcc 2>&1 2> download.stderr; then
msgpass
else
msgfail
@@ -37,7 +37,8 @@ test_apt_helper_download() {
testfileequal download.stderr 'E: Failed to fetch http://localhost:8080/foo Hash Sum mismatch
E: Download Failed'
- testfileequal foo5.FAILED 'foo'
+ testfileequal downloaded/foo5.FAILED 'foo'
+ testfailure test -e downloaded/foo5
}
test_apt_helper_detect_proxy() {
diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key
index 68b3f9710..b6b7b7909 100755
--- a/test/integration/test-apt-key
+++ b/test/integration/test-apt-key
@@ -7,101 +7,177 @@ TESTDIR=$(readlink -f $(dirname $0))
setupenvironment
configarchitecture 'amd64'
-msgtest 'Check that paths in list output are not' 'double-slashed'
-aptkey list 2>&1 | grep -q '//' && msgfail || msgpass
+# start from a clean plate again
+cleanplate() {
+ rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg
+ mkdir rootdir/etc/apt/trusted.gpg.d/
+}
-msgtest 'Check that paths in finger output are not' 'double-slashed'
-aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass
+testaptkeys() {
+ if ! aptkey list | grep '^pub' > aptkey.list; then
+ echo -n > aptkey.list
+ fi
+ testequal "$1" cat ./aptkey.list
+}
echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub";
APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18'
+testrun() {
+ cleanplate
+ ln -sf ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
-testequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
+ msgtest 'Check that paths in list output are not' 'double-slashed'
+ aptkey list 2>&1 | grep -q '//' && msgfail || msgpass
+
+ msgtest 'Check that paths in finger output are not' 'double-slashed'
+ aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass
+
+ testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18'
+
+ testequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1' aptkey --fakeroot update
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18'
+ testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18'
-testsuccess aptkey --fakeroot add ./keys/rexexpired.pub
+ testfailure test -e rootdir/etc/apt/trusted.gpg
+ testsuccess aptkey --fakeroot add ./keys/rexexpired.pub
+ msgtest 'Check if trusted.gpg is created with permissions set to' '0644'
+ if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then
+ msgpass
+ else
+ msgfail
+ fi
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]
+ testaptkeys 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]
pub 2048R/DBAC8DAE 2010-08-18'
-msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
-testsuccess --nomsg aptkey --fakeroot update
-
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18'
-
-msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
-testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE
+ msgtest 'Check that Sixpack key can be' 'exported'
+ aptkey export 'Sixpack' > aptkey.export
+ aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall
+ testsuccess --nomsg cmp aptkey.export aptkey.exportall
+ testsuccess test -s aptkey.export
+ testsuccess test -s aptkey.exportall
+
+ msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
+ testsuccess --nomsg aptkey --fakeroot update
+
+ testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18'
+
+ msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
+ testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE
+
+ testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18'
+
+ testsuccess aptkey --fakeroot del DBAC8DAE
+ testempty aptkey list
+
+ msgtest 'Test key removal with' 'single key in real file'
+ cleanplate
+ cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
+ testempty aptkey list
+ testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
+
+ msgtest 'Test key removal with' 'long key ID'
+ cleanplate
+ cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
+ testempty aptkey list
+ testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
+
+ msgtest 'Test key removal with' 'fingerprint'
+ cleanplate
+ cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
+ testempty aptkey list
+ testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
+
+ msgtest 'Test key removal with' 'single key in softlink'
+ cleanplate
+ ln -s $(readlink -f ./keys/joesixpack.pub) rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
+ testempty aptkey list
+ testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
+
+ cleanplate
+ testsuccess aptkey --fakeroot add ./keys/joesixpack.pub
+ testsuccess aptkey --fakeroot add ./keys/marvinparanoid.pub
+ testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18
+pub 2048R/528144E2 2011-01-16'
+ cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse
+
+ msgtest 'Test key removal with' 'multi key in real file'
+ cleanplate
+ cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
+ testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
+ testaptkeys 'pub 2048R/528144E2 2011-01-16'
+ testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
+
+ msgtest 'Test key removal with' 'multi key in softlink'
+ cleanplate
+ ln -s $(readlink -f ./keys/testcase-multikey.pub) rootdir/etc/apt/trusted.gpg.d/multikey.gpg
+ testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
+ testaptkeys 'pub 2048R/528144E2 2011-01-16'
+ testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
+ testfailure test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg
+ testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
+
+ msgtest 'Test key removal with' 'multiple files including key'
+ cleanplate
+ cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
+ testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
+ testaptkeys 'pub 2048R/528144E2 2011-01-16'
+ testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
+ testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
+
+ cleanplate
+ cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
+ testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18
+pub 2048R/DBAC8DAE 2010-08-18
+pub 2048R/528144E2 2011-01-16'
+ msgtest 'Test merge-back of' 'added keys'
+ testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub
+ testaptkeys 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]
+pub 2048R/DBAC8DAE 2010-08-18
+pub 2048R/DBAC8DAE 2010-08-18
+pub 2048R/528144E2 2011-01-16'
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18'
+ msgtest 'Test merge-back of' 'removed keys'
+ testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
+ testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18
+pub 2048R/DBAC8DAE 2010-08-18
+pub 2048R/528144E2 2011-01-16'
-testsuccess aptkey --fakeroot del DBAC8DAE
-testempty aptkey list
+ msgtest 'Test merge-back of' 'removed duplicate keys'
+ testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
+ testaptkeys 'pub 2048R/528144E2 2011-01-16'
+}
-# start from a clean plate again
-cleanplate() {
- rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg
- mkdir rootdir/etc/apt/trusted.gpg.d/
+setupgpgcommand() {
+ echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd
+ msgtest 'Test that apt-key uses for the following tests command' "$1"
+ aptkey adv --version >aptkey.version 2>&1
+ if grep -q "^Executing: $1 --" aptkey.version; then
+ msgpass
+ else
+ cat aptkey.version
+ msgfail
+ fi
}
-msgtest 'Test key removal with' 'single key in real file'
-cleanplate
-cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
-testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
-testempty aptkey list
-testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
-testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
-
-msgtest 'Test key removal with' 'single key in softlink'
-cleanplate
-ln -s $(readlink -f ./keys/joesixpack.pub) rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
-testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
-testempty aptkey list
-testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
-testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
-
-cleanplate
-testsuccess aptkey --fakeroot add ./keys/joesixpack.pub
-testsuccess aptkey --fakeroot add ./keys/marvinparanoid.pub
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18
-pub 2048R/528144E2 2011-01-16'
-cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse
-
-msgtest 'Test key removal with' 'multi key in real file'
-cleanplate
-cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
-testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 2048R/528144E2 2011-01-16'
-testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
-
-msgtest 'Test key removal with' 'multi key in softlink'
-cleanplate
-ln -s $(readlink -f ./keys/testcase-multikey.pub) rootdir/etc/apt/trusted.gpg.d/multikey.gpg
-testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 2048R/528144E2 2011-01-16'
-testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
-testsuccess test ! -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg
-testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
-
-msgtest 'Test key removal with' 'multiple files including key'
-cleanplate
-cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
-cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
-testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 2048R/528144E2 2011-01-16'
-testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
-testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
-testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
+# run with default (whatever this is)
+testrun
+# run with …
+setupgpgcommand 'gpg'
+testrun
+setupgpgcommand 'gpg2'
+testrun
diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update
index 4b38cd9b5..b3c118555 100755
--- a/test/integration/test-apt-key-net-update
+++ b/test/integration/test-apt-key-net-update
@@ -28,6 +28,9 @@ gpg: key F68C85A3: public key "Test Automatic Archive Signing Key <ftpmaster@exa
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)' aptkey --fakeroot net-update
+aptkey list | grep '^pub' > aptkey.list
+testfileequal ./aptkey.list 'pub 1024R/F68C85A3 2013-12-19
+pub 2048R/DBAC8DAE 2010-08-18'
# now try a different one
# setup archive-keyring
@@ -38,6 +41,8 @@ echo 'APT::Key::Net-Update-Enabled "1";' >> ./aptconfig.conf
# test against the "real" webserver
testequal "Checking for new archive signing keys now
-Key 'E8525D47528144E2' not added. It is not signed with a master key" aptkey --fakeroot net-update
-
+Key 'DE66AECA9151AFA1877EC31DE8525D47528144E2' not added. It is not signed with a master key" aptkey --fakeroot net-update
+aptkey list | grep '^pub' > aptkey.list
+testfileequal ./aptkey.list 'pub 1024R/F68C85A3 2013-12-19
+pub 2048R/DBAC8DAE 2010-08-18'
diff --git a/test/integration/test-apt-progress-fd b/test/integration/test-apt-progress-fd
index d72e7e72d..af022f582 100755
--- a/test/integration/test-apt-progress-fd
+++ b/test/integration/test-apt-progress-fd
@@ -16,7 +16,7 @@ setupaptarchive
exec 3> apt-progress.log
testsuccess aptget install testing=0.1 -y -o APT::Status-Fd=3
testequal "dlstatus:1:0:Retrieving file 1 of 1
-dlstatus:1:0:Retrieving file 1 of 1
+dlstatus:1:20:Retrieving file 1 of 1
pmstatus:dpkg-exec:0:Running dpkg
pmstatus:testing:0:Installing testing (amd64)
pmstatus:testing:20:Preparing testing (amd64)
@@ -31,7 +31,7 @@ pmstatus:testing:100:Installed testing (amd64)" cat apt-progress.log
exec 3> apt-progress.log
testsuccess aptget install testing=0.8.15 -y -o APT::Status-Fd=3
testequal "dlstatus:1:0:Retrieving file 1 of 1
-dlstatus:1:0:Retrieving file 1 of 1
+dlstatus:1:20:Retrieving file 1 of 1
pmstatus:dpkg-exec:0:Running dpkg
pmstatus:testing:0:Installing testing (amd64)
pmstatus:testing:20:Preparing testing (amd64)
@@ -46,7 +46,7 @@ pmstatus:testing:100:Installed testing (amd64)" cat apt-progress.log
exec 3> apt-progress.log
testsuccess aptget install testing=0.8.15 --reinstall -y -o APT::Status-Fd=3
testequal "dlstatus:1:0:Retrieving file 1 of 1
-dlstatus:1:0:Retrieving file 1 of 1
+dlstatus:1:20:Retrieving file 1 of 1
pmstatus:dpkg-exec:0:Running dpkg
pmstatus:testing:0:Installing testing (amd64)
pmstatus:testing:20:Preparing testing (amd64)
@@ -72,7 +72,7 @@ testsuccess aptget install testing2:i386 -y -o APT::Status-Fd=3
# and compare
testequal "dlstatus:1:0:Retrieving file 1 of 1
-dlstatus:1:0:Retrieving file 1 of 1
+dlstatus:1:20:Retrieving file 1 of 1
pmstatus:dpkg-exec:0:Running dpkg
pmstatus:testing2:0:Installing testing2 (i386)
pmstatus:testing2:20:Preparing testing2 (i386)
diff --git a/test/integration/test-apt-sources-deb822 b/test/integration/test-apt-sources-deb822
index 5f54b7531..d8b2334ad 100755
--- a/test/integration/test-apt-sources-deb822
+++ b/test/integration/test-apt-sources-deb822
@@ -23,14 +23,14 @@ Description: summay
msgtest 'Test sources.list' 'old style'
echo "deb http://ftp.debian.org/debian stable main" > $SOURCES
-testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 :
-'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 :
+testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0
+'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0
'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris
msgtest 'Test sources.list' 'simple deb822'
echo "$BASE" > $SOURCES
-testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 :
-'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 :
+testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0
+'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0
'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris
@@ -39,29 +39,29 @@ msgtest 'Test deb822 with' 'two entries'
echo "$BASE" > $SOURCES
echo "" >> $SOURCES
echo "$BASE" | sed s/stable/unstable/ >> $SOURCES
-testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 :
-'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 :
+testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0
+'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0
'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0
-'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0 :
-'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0 :
+'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0
+'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0
'http://ftp.debian.org/debian/dists/unstable/InRelease' ftp.debian.org_debian_dists_unstable_InRelease 0 " aptget update --print-uris
# two suite entries
msgtest 'Test deb822 with' 'two Suite entries'
echo "$BASE" | sed -e "s/stable/stable unstable/" > $SOURCES
-testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 :
-'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 :
+testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0
+'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0
'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0
-'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0 :
-'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0 :
+'http://ftp.debian.org/debian/dists/unstable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_unstable_main_binary-i386_Packages 0
+'http://ftp.debian.org/debian/dists/unstable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_unstable_main_i18n_Translation-en 0
'http://ftp.debian.org/debian/dists/unstable/InRelease' ftp.debian.org_debian_dists_unstable_InRelease 0 " aptget update --print-uris
msgtest 'Test deb822' 'architecture option'
echo "$BASE" > $SOURCES
echo "Architectures: amd64 armel" >> $SOURCES
-testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-amd64/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-amd64_Packages 0 :
-'http://ftp.debian.org/debian/dists/stable/main/binary-armel/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-armel_Packages 0 :
-'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 :
+testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/binary-amd64/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-amd64_Packages 0
+'http://ftp.debian.org/debian/dists/stable/main/binary-armel/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-armel_Packages 0
+'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0
'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris
@@ -85,19 +85,19 @@ testempty aptget update --print-uris
# multiple URIs
msgtest 'Test deb822 sources.list file which has' 'Multiple URIs work'
echo "$BASE" | sed -e 's#http://ftp.debian.org/debian#http://ftp.debian.org/debian http://ftp.de.debian.org/debian#' > $SOURCES
-testequal --nomsg "'http://ftp.de.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.de.debian.org_debian_dists_stable_main_binary-i386_Packages 0 :
-'http://ftp.de.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.de.debian.org_debian_dists_stable_main_i18n_Translation-en 0 :
+testequal --nomsg "'http://ftp.de.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.de.debian.org_debian_dists_stable_main_binary-i386_Packages 0
+'http://ftp.de.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.de.debian.org_debian_dists_stable_main_i18n_Translation-en 0
'http://ftp.de.debian.org/debian/dists/stable/InRelease' ftp.de.debian.org_debian_dists_stable_InRelease 0
-'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 :
-'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 :
+'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0
+'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0
'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris
# multiple Type in one field
msgtest 'Test deb822 sources.list file which has' 'Multiple Types work'
echo "$BASE" | sed -e 's#Types: deb#Types: deb deb-src#' > $SOURCES
-testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/source/Sources.bz2' ftp.debian.org_debian_dists_stable_main_source_Sources 0 :
-'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0 :
-'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0 :
+testequal --nomsg "'http://ftp.debian.org/debian/dists/stable/main/source/Sources.bz2' ftp.debian.org_debian_dists_stable_main_source_Sources 0
+'http://ftp.debian.org/debian/dists/stable/main/binary-i386/Packages.bz2' ftp.debian.org_debian_dists_stable_main_binary-i386_Packages 0
+'http://ftp.debian.org/debian/dists/stable/main/i18n/Translation-en.bz2' ftp.debian.org_debian_dists_stable_main_i18n_Translation-en 0
'http://ftp.debian.org/debian/dists/stable/InRelease' ftp.debian.org_debian_dists_stable_InRelease 0 " aptget update --print-uris
# a Suite
@@ -107,6 +107,6 @@ Types: deb
URIs: http://emacs.naquadah.org
Suites: stable/
EOF
-testequal --nomsg "'http://emacs.naquadah.org/stable/Packages.bz2' emacs.naquadah.org_stable_Packages 0 :
-'http://emacs.naquadah.org/stable/en.bz2' emacs.naquadah.org_stable_en 0 :
+testequal --nomsg "'http://emacs.naquadah.org/stable/Packages.bz2' emacs.naquadah.org_stable_Packages 0
+'http://emacs.naquadah.org/stable/en.bz2' emacs.naquadah.org_stable_en 0
'http://emacs.naquadah.org/stable/InRelease' emacs.naquadah.org_stable_InRelease 0 " aptget update --print-uris
diff --git a/test/integration/test-apt-update-expected-size b/test/integration/test-apt-update-expected-size
new file mode 100755
index 000000000..045217a77
--- /dev/null
+++ b/test/integration/test-apt-update-expected-size
@@ -0,0 +1,44 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+insertpackage 'unstable' 'apt' 'all' '1.0'
+
+setupaptarchive --no-update
+changetowebserver
+
+# normal update works fine
+testsuccess aptget update
+
+# make InRelease really big to trigger fallback
+mv aptarchive/dists/unstable/InRelease aptarchive/dists/unstable/InRelease.good
+dd if=/dev/zero of=aptarchive/dists/unstable/InRelease bs=1M count=2 2>/dev/null
+touch -d '+1hour' aptarchive/dists/unstable/InRelease
+testsuccess aptget update -o Apt::Get::List-Cleanup=0 -o acquire::MaxReleaseFileSize=$((1*1000*1000)) -o Debug::pkgAcquire::worker=0
+msgtest 'Check that the max write warning is triggered'
+if grep -q "Writing more data than expected" rootdir/tmp/testsuccess.output; then
+ msgpass
+else
+ cat rootdir/tmp/testsuccess.output
+ msgfail
+fi
+# ensure the failed InRelease file got renamed
+testsuccess ls rootdir/var/lib/apt/lists/partial/*InRelease.FAILED
+mv aptarchive/dists/unstable/InRelease.good aptarchive/dists/unstable/InRelease
+
+
+# append junk at the end of the Packages.gz/Packages
+SIZE="$(stat --printf=%s aptarchive/dists/unstable/main/binary-i386/Packages)"
+find aptarchive -name 'Packages*' | while read pkg; do
+ echo "1234567890" >> "$pkg"
+done
+NEW_SIZE="$(stat --printf=%s aptarchive/dists/unstable/main/binary-i386/Packages)"
+rm -f rootdir/var/lib/apt/lists/localhost*
+testequal "W: Failed to fetch http://localhost:8080/dists/unstable/main/binary-i386/Packages Writing more data than expected ($NEW_SIZE > $SIZE)
+
+E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
diff --git a/test/integration/test-apt-update-file b/test/integration/test-apt-update-file
index fbcd473cc..1ecf9a38a 100755
--- a/test/integration/test-apt-update-file
+++ b/test/integration/test-apt-update-file
@@ -10,27 +10,26 @@ TESTDIR=$(readlink -f $(dirname $0))
setupenvironment
configarchitecture "amd64"
-configcompression 'bz2' 'gz'
+configcompression 'bz2' 'gz'
-insertpackage 'unstable' 'foo' 'all' '1.0'
+insertpackage 'unstable' 'foo' 'all' '1'
+insertsource 'unstable' 'foo' 'all' '1'
-umask 022
setupaptarchive --no-update
# ensure the archive is not writable
+addtrap 'prefix' 'chmod 750 aptarchive/dists/unstable/main/binary-amd64;'
chmod 550 aptarchive/dists/unstable/main/binary-amd64
-testsuccess aptget update -qq
-testsuccess aptget update -qq
-aptget update -qq -o Debug::pkgAcquire::Auth=1 2> output.log
+testsuccess aptget update
+testsuccess aptget update -o Debug::pkgAcquire::Auth=1
+cp -a rootdir/tmp/testsuccess.output rootdir/tmp/update.output
-# ensure that the hash of the uncompressed file was verified even on a local
-# ims hit
+# ensure that the hash of the uncompressed file was verified even on a local ims hit
canary="SHA512:$(bzcat aptarchive/dists/unstable/main/binary-amd64/Packages.bz2 | sha512sum |cut -f1 -d' ')"
-grep -q "RecivedHash: $canary" output.log
+testsuccess grep -- "$canary" rootdir/tmp/update.output
# foo is still available
testsuccess aptget install -s foo
-
-# the cleanup should still work
-chmod 750 aptarchive/dists/unstable/main/binary-amd64
+testsuccess aptcache showsrc foo
+testsuccess aptget source foo --print-uris
diff --git a/test/integration/test-apt-update-filesize-mismatch b/test/integration/test-apt-update-filesize-mismatch
new file mode 100755
index 000000000..b484c5161
--- /dev/null
+++ b/test/integration/test-apt-update-filesize-mismatch
@@ -0,0 +1,55 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture 'i386'
+configcompression 'gz'
+
+insertpackage 'testing' 'foo' 'all' '1'
+insertpackage 'testing' 'foo2' 'all' '1'
+insertsource 'testing' 'foo' 'all' '1'
+insertsource 'testing' 'foo2' 'all' '1'
+
+setupaptarchive --no-update
+changetowebserver
+
+find aptarchive \( -name 'Packages' -o -name 'Sources' -o -name 'Translation-en' \) -delete
+for release in $(find aptarchive -name 'Release'); do
+ cp "$release" "${release}.backup"
+done
+
+testsuccess aptget update
+testsuccess aptcache show foo
+testsuccess aptget install foo -s
+
+for get in $(sed -n 's#^GET /\([^ ]\+\.gz\) HTTP.\+$#\1#p' aptarchive/webserver.log); do
+ for ext in '' '.gz'; do
+ COMPRESSFILE="$get"
+ get="${get}${ext}"
+ FILE="$(basename "$get" '.gz')"
+ msgmsg 'Test filesize mismatch with file' "$FILE"
+ rm -rf rootdir/var/lib/apt/lists
+
+ for release in $(find aptarchive -name 'Release'); do
+ SIZE="$(awk "/$FILE\$/ { print \$2; exit }" "${release}.backup")"
+ sed "s# $SIZE # $(($SIZE + 111)) #" "${release}.backup" > "$release"
+ done
+ signreleasefiles
+
+ TEST='testfailure'
+ if expr match "$COMPRESSFILE" '^.*Translation-.*$' >/dev/null; then
+ TEST='testsuccess'
+ unset COMPRESSFILE
+ fi
+ $TEST aptget update -o Debug::pkgAcquire::Worker=1
+ cp rootdir/tmp/${TEST}.output rootdir/tmp/update.output
+ testsuccess grep -E "$(basename -s '.gz' "$COMPRESSFILE").*Hash Sum mismatch" rootdir/tmp/update.output
+ $TEST aptcache show foo
+ $TEST aptget install foo -s
+
+ testfailure aptcache show bar
+ testfailure aptget install bar -s
+ done
+done
diff --git a/test/integration/test-apt-update-hashsum-mismatch b/test/integration/test-apt-update-hashsum-mismatch
new file mode 100755
index 000000000..747418c53
--- /dev/null
+++ b/test/integration/test-apt-update-hashsum-mismatch
@@ -0,0 +1,49 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture 'i386'
+configcompression 'gz'
+
+insertpackage 'testing' 'foo' 'all' '1'
+insertpackage 'testing' 'foo2' 'all' '1'
+insertsource 'testing' 'foo' 'all' '1'
+insertsource 'testing' 'foo2' 'all' '1'
+
+setupaptarchive --no-update
+changetowebserver
+
+echo 'Package: bar
+Maintainer: Doctor Evil <evil@example.com>
+Description: come to the dark side
+' > aptarchive/DoctorEvil
+compressfile aptarchive/DoctorEvil
+
+find aptarchive \( -name 'Packages' -o -name 'Sources' -o -name 'Translation-en' \) -delete
+
+testsuccess aptget update
+testsuccess aptcache show foo
+testsuccess aptget install foo -s
+
+for get in $(sed -n 's#^GET /\([^ ]\+\.gz\) HTTP.\+$#\1#p' aptarchive/webserver.log); do
+ msgmsg 'Test hashsum mismatch with file' "$get"
+ rm -rf rootdir/var/lib/apt/lists
+ webserverconfig 'aptwebserver::overwrite' ''
+ webserverconfig "aptwebserver::overwrite::$(printf '%s' "${get}" | sed 's#/#%2F#g' )::filename" '%2FDoctorEvil.gz'
+
+ TEST='testfailure'
+ if expr match "$get" '^.*Translation-.*$' >/dev/null; then
+ TEST='testsuccess'
+ unset get
+ fi
+ $TEST aptget update
+ cp rootdir/tmp/${TEST}.output rootdir/tmp/update.output
+ testsuccess grep -E "$(basename -s '.gz' "$get").*Hash Sum mismatch" rootdir/tmp/update.output
+ $TEST aptcache show foo
+ $TEST aptget install foo -s
+
+ testfailure aptcache show bar
+ testfailure aptget install bar -s
+done
diff --git a/test/integration/test-apt-update-ims b/test/integration/test-apt-update-ims
new file mode 100755
index 000000000..5394a9f30
--- /dev/null
+++ b/test/integration/test-apt-update-ims
@@ -0,0 +1,90 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture 'amd64'
+
+buildsimplenativepackage 'unrelated' 'all' '0.5~squeeze1' 'unstable'
+
+setupaptarchive --no-update
+changetowebserver
+
+runtest() {
+ configallowinsecurerepositories "${1:-false}"
+
+ rm -f rootdir/var/lib/apt/lists/localhost*
+
+ if [ "$1" = 'true' ]; then
+ testwarning aptget update
+ else
+ testsuccess aptget update
+ fi
+
+ # ensure no leftovers in partial
+ testfailure ls "rootdir/var/lib/apt/lists/partial/*"
+
+ # check that I-M-S header is kept in redirections
+ testequal "$EXPECT" aptget update -o Debug::pkgAcquire::Worker=0 -o Debug::Acquire::http=0
+
+ # ensure that we still do a hash check on ims hit
+ msgtest 'Test I-M-S' 'reverify'
+ aptget update -o Debug::pkgAcquire::Auth=1 2>&1 | grep -A2 'RecivedHash:' | grep -q -- '- SHA' && msgpass || msgfail
+
+ # ensure no leftovers in partial
+ testfailure ls "rootdir/var/lib/apt/lists/partial/*"
+}
+
+msgmsg "InRelease"
+EXPECT="Hit http://localhost:8080 unstable InRelease
+Hit http://localhost:8080 unstable/main Sources
+Hit http://localhost:8080 unstable/main amd64 Packages
+Hit http://localhost:8080 unstable/main Translation-en
+Reading package lists..."
+# with InRelease
+runtest
+
+# with gzip
+echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest
+
+msgmsg "Release/Release.gpg"
+# with Release/Release.gpg
+EXPECT="Ign http://localhost:8080 unstable InRelease
+ 404 Not Found
+Hit http://localhost:8080 unstable Release
+Hit http://localhost:8080 unstable Release.gpg
+Hit http://localhost:8080 unstable/main Sources
+Hit http://localhost:8080 unstable/main amd64 Packages
+Hit http://localhost:8080 unstable/main Translation-en
+Reading package lists..."
+
+find aptarchive -name 'InRelease' -delete
+
+echo "Acquire::GzipIndexes "0";" > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest
+
+echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest
+
+# no Release.gpg or InRelease
+msgmsg "Release only"
+EXPECT="Ign http://localhost:8080 unstable InRelease
+ 404 Not Found
+Hit http://localhost:8080 unstable Release
+Ign http://localhost:8080 unstable Release.gpg
+ 404 Not Found
+Hit http://localhost:8080 unstable/main Sources
+Hit http://localhost:8080 unstable/main amd64 Packages
+Hit http://localhost:8080 unstable/main Translation-en
+Reading package lists...
+W: The data from 'http://localhost:8080 unstable Release.gpg' is not signed. Packages from that repository can not be authenticated."
+
+find aptarchive -name 'Release.gpg' -delete
+
+echo "Acquire::GzipIndexes "0";" > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest "true"
+
+echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest "true"
diff --git a/test/integration/test-apt-update-nofallback b/test/integration/test-apt-update-nofallback
new file mode 100755
index 000000000..e82a976a6
--- /dev/null
+++ b/test/integration/test-apt-update-nofallback
@@ -0,0 +1,247 @@
+#!/bin/sh
+#
+# ensure we never fallback from a signed to a unsigned repo
+#
+# hash checks are done in
+#
+set -e
+
+simulate_mitm_and_inject_evil_package()
+{
+ rm -f $APTARCHIVE/dists/unstable/InRelease
+ rm -f $APTARCHIVE/dists/unstable/Release.gpg
+ inject_evil_package
+}
+
+inject_evil_package()
+{
+ cat > $APTARCHIVE/dists/unstable/main/binary-i386/Packages <<EOF
+Package: evil
+Installed-Size: 29
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Version: 1.0
+Filename: pool/evil_1.0_all.deb
+Size: 1270
+Description: an autogenerated evil package
+EOF
+ # avoid ims hit
+ touch -d '+1hour' aptarchive/dists/unstable/main/binary-i386/Packages
+}
+
+assert_update_is_refused_and_last_good_state_used()
+{
+ testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq
+
+ assert_repo_is_intact
+}
+
+assert_repo_is_intact()
+{
+ testequal "foo/unstable 2.0 all" apt list -q
+ testsuccess aptget install -y -s foo
+ testfailure aptget install -y evil
+ testsuccess aptget source foo --print-uris
+
+ LISTDIR=rootdir/var/lib/apt/lists
+ if ! ( ls $LISTDIR/*InRelease >/dev/null 2>&1 ||
+ ls $LISTDIR/*Release.gpg >/dev/null 2>&1 ); then
+ echo "Can not find InRelease/Release.gpg in $(ls $LISTDIR)"
+ msgfail
+ fi
+}
+
+setupaptarchive_with_lists_clean()
+{
+ setupaptarchive --no-update
+ rm -rf rootdir/var/lib/apt/lists
+}
+
+test_from_inrelease_to_unsigned()
+{
+ # setup archive with InRelease file
+ setupaptarchive_with_lists_clean
+ testsuccess aptget update
+ listcurrentlistsdirectory > lists.before
+
+ simulate_mitm_and_inject_evil_package
+ assert_update_is_refused_and_last_good_state_used
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+}
+
+test_from_release_gpg_to_unsigned()
+{
+ # setup archive with Release/Release.gpg (but no InRelease)
+ setupaptarchive_with_lists_clean
+ rm $APTARCHIVE/dists/unstable/InRelease
+ testsuccess aptget update
+ listcurrentlistsdirectory > lists.before
+
+ simulate_mitm_and_inject_evil_package
+ assert_update_is_refused_and_last_good_state_used
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+}
+
+test_from_inrelease_to_unsigned_with_override()
+{
+ # setup archive with InRelease file
+ setupaptarchive_with_lists_clean
+ # FIXME: is not what the server reported 4104 4106
+ testsuccess aptget update #-o Debug::pkgAcquire::Worker=1
+
+ # simulate moving to a unsigned but otherwise valid repo
+ simulate_mitm_and_inject_evil_package
+ generatereleasefiles
+
+ # and ensure we can update to it (with enough force)
+ testwarning aptget update --allow-insecure-repositories \
+ -o Acquire::AllowDowngradeToInsecureRepositories=1
+ # but that the individual packages are still considered untrusted
+ testequal "WARNING: The following packages cannot be authenticated!
+ evil
+E: There are problems and -y was used without --force-yes" aptget install -qq -y evil
+}
+
+test_cve_2012_0214()
+{
+ # see https://bugs.launchpad.net/ubuntu/+source/apt/+bug/947108
+ #
+ # it was possible to MITM the download so that InRelease/Release.gpg
+ # are not delivered (404) and a altered Release file was send
+ #
+ # apt left the old InRelease file in /var/lib/apt/lists and downloaded
+ # the unauthenticated Release file too giving the false impression that
+ # Release was authenticated
+ #
+ # Note that this is pretty much impossible nowdays because:
+ # a) InRelease is left as is, not split to InRelease/Release as it was
+ # in the old days
+ # b) we refuse to go from signed->unsigned
+ #
+ # Still worth having a regression test the simulates the condition
+
+ # setup archive with InRelease
+ setupaptarchive_with_lists_clean
+ testsuccess aptget update
+ listcurrentlistsdirectory > lists.before
+
+ # do what CVE-2012-0214 did
+ rm $APTARCHIVE/dists/unstable/InRelease
+ rm $APTARCHIVE/dists/unstable/Release.gpg
+ inject_evil_package
+ # build valid Release file
+ aptftparchive -qq release ./aptarchive > aptarchive/dists/unstable/Release
+
+ assert_update_is_refused_and_last_good_state_used
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+
+ # ensure there is no _Release file downloaded
+ testfailure ls rootdir/var/lib/apt/lists/*_Release
+}
+
+test_subvert_inrelease()
+{
+ # setup archive with InRelease
+ setupaptarchive_with_lists_clean
+ testsuccess aptget update
+ listcurrentlistsdirectory > lists.before
+
+ # replace InRelease with something else
+ mv $APTARCHIVE/dists/unstable/Release $APTARCHIVE/dists/unstable/InRelease
+
+ testequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease Does not start with a cleartext signature
+
+E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
+
+ # ensure we keep the repo
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+ assert_repo_is_intact
+}
+
+test_inrelease_to_invalid_inrelease()
+{
+ # setup archive with InRelease
+ setupaptarchive_with_lists_clean
+ testsuccess aptget update
+ listcurrentlistsdirectory > lists.before
+
+ # now remove InRelease and subvert Release do no longer verify
+ sed -i 's/Codename.*/Codename: evil!'/ $APTARCHIVE/dists/unstable/InRelease
+ inject_evil_package
+
+ testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org>
+
+W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org>
+
+W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
+
+ # ensure we keep the repo
+ testfailure grep 'evil' rootdir/var/lib/apt/lists/*InRelease
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+ assert_repo_is_intact
+}
+
+test_release_gpg_to_invalid_release_release_gpg()
+{
+ # setup archive with InRelease
+ setupaptarchive_with_lists_clean
+ rm $APTARCHIVE/dists/unstable/InRelease
+ testsuccess aptget update
+ listcurrentlistsdirectory > lists.before
+
+ # now subvert Release do no longer verify
+ echo "Some evil data" >> $APTARCHIVE/dists/unstable/Release
+ inject_evil_package
+
+ testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable Release.gpg: The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org>
+
+W: Failed to fetch file:${APTARCHIVE}/dists/unstable/Release.gpg The following signatures were invalid: BADSIG 5A90D141DBAC8DAE Joe Sixpack (APT Testcases Dummy) <joe@example.org>
+
+W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
+
+ testfailure grep 'evil' rootdir/var/lib/apt/lists/*Release
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+ assert_repo_is_intact
+}
+
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+# a "normal" package with source and binary
+buildsimplenativepackage 'foo' 'all' '2.0'
+
+# setup the archive and ensure we have a single package that installs fine
+setupaptarchive
+APTARCHIVE=$(readlink -f ./aptarchive)
+assert_repo_is_intact
+
+# test the various cases where a repo may go from signed->unsigned
+msgmsg "test_from_inrelease_to_unsigned"
+test_from_inrelease_to_unsigned
+
+msgmsg "test_from_release_gpg_to_unsigned"
+test_from_release_gpg_to_unsigned
+
+# ensure we do not regress on CVE-2012-0214
+msgmsg "test_cve_2012_0214"
+test_cve_2012_0214
+
+# ensure InRelase can not be subverted
+msgmsg "test_subvert_inrelease"
+test_subvert_inrelease
+
+# ensure we revert to last good state if InRelease does not verify
+msgmsg "test_inrelease_to_invalid_inrelease"
+test_inrelease_to_invalid_inrelease
+
+# ensure we revert to last good state if Release/Release.gpg does not verify
+msgmsg "test_release_gpg_to_invalid_release_release_gpg"
+test_release_gpg_to_invalid_release_release_gpg
+
+# ensure we can override the downgrade error
+msgmsg "test_from_inrelease_to_unsigned_with_override"
+test_from_inrelease_to_unsigned_with_override
diff --git a/test/integration/test-apt-update-rollback b/test/integration/test-apt-update-rollback
new file mode 100755
index 000000000..9efc194a0
--- /dev/null
+++ b/test/integration/test-apt-update-rollback
@@ -0,0 +1,203 @@
+#!/bin/sh
+#
+# test that apt-get update is transactional
+#
+set -e
+
+avoid_ims_hit() {
+ touch -d '+1hour' aptarchive/dists/unstable/main/binary-i386/Packages*
+ touch -d '+1hour' aptarchive/dists/unstable/main/source/Sources*
+ touch -d '+1hour' aptarchive/dists/unstable/*Release*
+
+ touch -d '-1hour' rootdir/var/lib/apt/lists/*
+}
+
+create_fresh_archive()
+{
+ rm -rf aptarchive/*
+ rm -f rootdir/var/lib/apt/lists/_* rootdir/var/lib/apt/lists/partial/*
+
+ insertpackage 'unstable' 'old' 'all' '1.0'
+
+ setupaptarchive --no-update
+}
+
+add_new_package() {
+ insertpackage "unstable" "new" "all" "1.0"
+ insertsource "unstable" "new" "all" "1.0"
+
+ setupaptarchive --no-update "$@"
+}
+
+break_repository_sources_index() {
+ printf 'xxx' > $APTARCHIVE/dists/unstable/main/source/Sources
+ compressfile "$APTARCHIVE/dists/unstable/main/source/Sources" "$@"
+}
+
+start_with_good_inrelease() {
+ create_fresh_archive
+ testsuccess aptget update
+ listcurrentlistsdirectory > lists.before
+ testequal "old/unstable 1.0 all" apt list -q
+}
+
+test_inrelease_to_new_inrelease() {
+ msgmsg 'Test InRelease to new InRelease works fine'
+ start_with_good_inrelease
+
+ add_new_package '+1hour'
+ testsuccess aptget update -o Debug::Acquire::Transaction=1
+ testequal "new/unstable 1.0 all
+old/unstable 1.0 all" apt list -q
+}
+
+test_inrelease_to_broken_hash_reverts_all() {
+ msgmsg 'Test InRelease to broken InRelease reverts everything'
+ start_with_good_inrelease
+
+ add_new_package '+1hour'
+ # break the Sources file
+ break_repository_sources_index '+1hour'
+
+ # test the error condition
+ testequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/main/source/Sources Hash Sum mismatch
+
+E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
+ # ensure that the Packages file is also rolled back
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+ testequal "E: Unable to locate package new" aptget install new -s -qq
+}
+
+test_inrelease_to_valid_release() {
+ msgmsg 'Test InRelease to valid Release'
+ start_with_good_inrelease
+
+ add_new_package '+1hour'
+ # switch to a unsigned repo now
+ rm $APTARCHIVE/dists/unstable/InRelease
+ rm $APTARCHIVE/dists/unstable/Release.gpg
+
+ # update fails
+ testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq
+
+ # test that security downgrade was not successful
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+ testsuccess aptget install old -s
+ testfailure aptget install new -s
+ testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease
+ testfailure ls $ROOTDIR/var/lib/apt/lists/*_Release
+}
+
+test_inrelease_to_release_reverts_all() {
+ msgmsg 'Test InRelease to broken Release reverts everything'
+ start_with_good_inrelease
+
+ # switch to a unsigned repo now
+ add_new_package '+1hour'
+ rm $APTARCHIVE/dists/unstable/InRelease
+ rm $APTARCHIVE/dists/unstable/Release.gpg
+
+ # break it
+ break_repository_sources_index '+1hour'
+
+ # ensure error
+ testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq # -o Debug::acquire::transaction=1
+
+ # ensure that the Packages file is also rolled back
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+ testsuccess aptget install old -s
+ testfailure aptget install new -s
+ testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease
+ testfailure ls $ROOTDIR/var/lib/apt/lists/*_Release
+}
+
+test_unauthenticated_to_invalid_inrelease() {
+ msgmsg 'Test UnAuthenticated to invalid InRelease reverts everything'
+ create_fresh_archive
+ rm $APTARCHIVE/dists/unstable/InRelease
+ rm $APTARCHIVE/dists/unstable/Release.gpg
+
+ testwarning aptget update --allow-insecure-repositories
+ listcurrentlistsdirectory > lists.before
+ testequal "WARNING: The following packages cannot be authenticated!
+ old
+E: There are problems and -y was used without --force-yes" aptget install -qq -y old
+
+ # go to authenticated but not correct
+ add_new_package '+1hour'
+ break_repository_sources_index '+1hour'
+
+ testequal "W: Failed to fetch file:$APTARCHIVE/dists/unstable/main/source/Sources Hash Sum mismatch
+
+E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
+
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+ testfailure ls rootdir/var/lib/apt/lists/*_InRelease
+ testequal "WARNING: The following packages cannot be authenticated!
+ old
+E: There are problems and -y was used without --force-yes" aptget install -qq -y old
+}
+
+test_inrelease_to_unauth_inrelease() {
+ msgmsg 'Test InRelease to InRelease without good sig'
+ start_with_good_inrelease
+
+ signreleasefiles 'Marvin Paranoid'
+
+ testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
+
+W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
+
+W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
+
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+ testsuccess ls rootdir/var/lib/apt/lists/*_InRelease
+}
+
+test_inrelease_to_broken_gzip() {
+ msgmsg "Test InRelease to broken gzip"
+ start_with_good_inrelease
+
+ # append junk at the end of the compressed file
+ echo "lala" >> $APTARCHIVE/dists/unstable/main/source/Sources.gz
+ touch -d '+2min' $APTARCHIVE/dists/unstable/main/source/Sources.gz
+ # remove uncompressed file to avoid fallback
+ rm $APTARCHIVE/dists/unstable/main/source/Sources
+
+ testfailure aptget update
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+}
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+# setup the archive and ensure we have a single package that installs fine
+setupaptarchive
+APTARCHIVE=$(readlink -f ./aptarchive)
+ROOTDIR=${TMPWORKINGDIRECTORY}/rootdir
+APTARCHIVE_LISTS="$(echo $APTARCHIVE | tr "/" "_" )"
+
+# test the following cases:
+# - InRelease -> broken InRelease revert to previous state
+# - empty lists dir and broken remote leaves nothing on the system
+# - InRelease -> hashsum mismatch for one file reverts all files to previous state
+# - Release/Release.gpg -> hashsum mismatch
+# - InRelease -> Release with hashsum mismatch revert entire state and kills Release
+# - Release -> InRelease with broken Sig/Hash removes InRelease
+# going from Release/Release.gpg -> InRelease and vice versa
+# - unauthenticated -> invalid InRelease
+
+# stuff to do:
+# - ims-hit
+# - gzip-index tests
+
+test_inrelease_to_new_inrelease
+test_inrelease_to_broken_hash_reverts_all
+test_inrelease_to_valid_release
+test_inrelease_to_release_reverts_all
+test_unauthenticated_to_invalid_inrelease
+test_inrelease_to_unauth_inrelease
+test_inrelease_to_broken_gzip
diff --git a/test/integration/test-apt-update-stale b/test/integration/test-apt-update-stale
index 780ff79af..52f94591f 100755
--- a/test/integration/test-apt-update-stale
+++ b/test/integration/test-apt-update-stale
@@ -17,6 +17,7 @@ insertpackage 'unstable' 'foo' 'all' '1.0'
setupaptarchive
changetowebserver
aptget update -qq
+listcurrentlistsdirectory > lists.before
# insert new version
mkdir aptarchive/dists/unstable/main/binary-i386/saved
@@ -24,23 +25,19 @@ cp -p aptarchive/dists/unstable/main/binary-i386/Packages* \
aptarchive/dists/unstable/main/binary-i386/saved
insertpackage 'unstable' 'foo' 'all' '2.0'
-# not using compressfile for compat with older apt releases
-gzip -c aptarchive/dists/unstable/main/binary-i386/Packages > \
- aptarchive/dists/unstable/main/binary-i386/Packages.gz
-generatereleasefiles
-signreleasefiles
-
+compressfile aptarchive/dists/unstable/main/binary-i386/Packages
# ensure that we do not get a I-M-S hit for the Release file
-touch -d "+1hour" aptarchive/dists/unstable/*Release*
+
+generatereleasefiles '+1hour'
+signreleasefiles
# but now only deliver the previous Packages file instead of the new one
# (simulating a stale attack)
cp -p aptarchive/dists/unstable/main/binary-i386/saved/Packages* \
aptarchive/dists/unstable/main/binary-i386/
-# ensure this raises a error
+# ensure this raises an error
testequal "W: Failed to fetch http://localhost:8080/dists/unstable/main/binary-i386/Packages Hash Sum mismatch
E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
-
-
+testfileequal lists.before "$(listcurrentlistsdirectory)"
diff --git a/test/integration/test-apt-update-transactions b/test/integration/test-apt-update-transactions
new file mode 100755
index 000000000..fe352c762
--- /dev/null
+++ b/test/integration/test-apt-update-transactions
@@ -0,0 +1,67 @@
+#!/bin/sh
+set -e
+
+# ensure that an update will only succeed entirely or not at all
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture 'i386'
+
+insertpackage 'unstable' 'foo' 'all' '1.0'
+insertsource 'unstable' 'foo' 'all' '1.0'
+
+setupaptarchive --no-update
+
+breakfile() {
+ mv "$1" "${1}.bak"
+ cat > "$1" <<EOF
+Package: bar
+EOF
+ compressfile "$1"
+}
+restorefile() {
+ mv "${1}.bak" "$1"
+}
+
+testrun() {
+ # produce an unsigned repository
+ find aptarchive \( -name 'Release.gpg' -o -name 'InRelease' \) -delete
+ testfailure aptget update --no-allow-insecure-repositories
+ testfileequal "$1" "$(listcurrentlistsdirectory)"
+
+ # signed but broken
+ signreleasefiles
+
+ breakfile aptarchive/dists/unstable/main/binary-i386/Packages
+ testfailure aptget update
+ testfileequal "$1" "$(listcurrentlistsdirectory)"
+ restorefile aptarchive/dists/unstable/main/binary-i386/Packages
+
+ breakfile aptarchive/dists/unstable/main/source/Sources
+ testfailure aptget update
+ testfileequal "$1" "$(listcurrentlistsdirectory)"
+ restorefile aptarchive/dists/unstable/main/source/Sources
+}
+
+testsetup() {
+ msgmsg 'Test with no initial data over' "$1"
+ rm -rf rootdir/var/lib/apt/lists
+ mkdir -m 700 -p rootdir/var/lib/apt/lists/partial
+ if [ "$(id -u)" = '0' ]; then
+ chown _apt:root rootdir/var/lib/apt/lists/partial
+ fi
+ listcurrentlistsdirectory > listsdir.lst
+ testrun 'listsdir.lst'
+
+ msgmsg 'Test with initial data over' "$1"
+ testsuccess aptget update
+ listcurrentlistsdirectory > listsdir.lst
+ testrun 'listsdir.lst'
+}
+
+testsetup 'file'
+changetowebserver
+testsetup 'http'
+
diff --git a/test/integration/test-apt-update-unauth b/test/integration/test-apt-update-unauth
index 13487603c..7347f7d10 100755
--- a/test/integration/test-apt-update-unauth
+++ b/test/integration/test-apt-update-unauth
@@ -8,32 +8,61 @@ set -e
TESTDIR=$(readlink -f $(dirname $0))
. $TESTDIR/framework
+umask 022
+
setupenvironment
configarchitecture "i386"
insertpackage 'unstable' 'foo' 'all' '1.0'
insertsource 'unstable' 'foo' 'all' '1.0'
-setupaptarchive
+setupaptarchive --no-update
changetowebserver
+# FIXME:
+# - also check the unauth -> auth success case, i.e. that all files are
+# reverified
runtest() {
# start unauthenticated
- find rootdir/var/lib/apt/lists/ -type f | xargs rm -f
- rm -f aptarchive/dists/unstable/*Release*
- aptget update -qq
+ rm -rf rootdir/var/lib/apt/lists/
+ find aptarchive/ -name '*Release*' -delete
+
+ testwarning aptget update --allow-insecure-repositories
# become authenticated
generatereleasefiles
signreleasefiles
- # and ensure we do download the data again
- msgtest "Check that the data is check when going to authenticated"
- if aptget update |grep -q Hit; then
- msgfail
- else
+ # move uncompressed away
+ mv aptarchive/dists/unstable/main/binary-i386/Packages \
+ aptarchive/dists/unstable/main/binary-i386/Packages.uncompressed
+
+ # and ensure we re-check the downloaded data
+
+ # change the local packages file
+ PKGS=$(ls rootdir/var/lib/apt/lists/*Packages*)
+ echo "meep" > $PKGS
+ listcurrentlistsdirectory > lists.before
+
+ # update and ensure all is reverted on the hashsum failure
+ testfailure aptget update -o Debug::Acquire::Transaction=0 -o Debug::pkgAcquire::Auth=1 -o Debug::pkgAcquire::worker=0 -o Debug::acquire::http=0
+
+ # ensure we have before what we have after
+ msgtest 'Check rollback on going from' 'unauth -> auth'
+ listcurrentlistsdirectory > lists.after
+ if cmp lists.before lists.after; then
msgpass
+ else
+ echo >&2 '### Output of previous apt-get update ###'
+ cat >&2 rootdir/tmp/testfailure.output
+ echo >&2 '### Changes in the lists-directory: ###'
+ diff -u >&2 lists.before lists.after
+ msgfail
fi
+
+ # move uncompressed back for release file
+ mv aptarchive/dists/unstable/main/binary-i386/Packages.uncompressed \
+ aptarchive/dists/unstable/main/binary-i386/Packages
}
for COMPRESSEDINDEXES in 'false' 'true'; do
@@ -43,6 +72,5 @@ for COMPRESSEDINDEXES in 'false' 'true'; do
else
msgmsg 'Run tests with GzipIndexes disabled'
fi
-
- runtest
+ runtest
done
diff --git a/test/integration/test-authentication-basic b/test/integration/test-authentication-basic
new file mode 100755
index 000000000..21b024970
--- /dev/null
+++ b/test/integration/test-authentication-basic
@@ -0,0 +1,106 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture 'i386'
+
+insertpackage 'unstable' 'foo' 'all' '1'
+setupaptarchive --no-update
+
+changetohttpswebserver --authorization="$(printf '%s' 'star:hunter2' | base64 )"
+
+echo 'See, when YOU type hunter2, it shows to us as *******' > aptarchive/bash
+
+testauthfailure() {
+ testfailure apthelper download-file "${1}/bash" ./downloaded/bash
+ # crappy test, but http and https output are wastely different…
+ testsuccess grep 401 rootdir/tmp/testfailure.output
+ testfailure test -s ./downloaded/bash
+}
+
+testauthsuccess() {
+ testsuccess apthelper download-file "${1}/bash" ./downloaded/bash
+ testfileequal ./downloaded/bash "$(cat aptarchive/bash)"
+ testfilestats ./downloaded/bash '%U:%G:%a' '=' "${USER}:${USER}:644"
+ rm -f ./downloaded/bash
+
+ # lets see if got/retains acceptable permissions
+ if [ -n "$AUTHCONF" ]; then
+ if [ "$(id -u)" = '0' ]; then
+ testfilestats "$AUTHCONF" '%U:%G:%a' '=' "_apt:root:600"
+ else
+ testfilestats "$AUTHCONF" '%U:%G:%a' '=' "${USER}:${USER}:600"
+ fi
+ fi
+
+ rm -rf rootdir/var/lib/apt/lists
+ testsuccess aptget update
+ testequal 'Reading package lists...
+Building dependency tree...
+The following NEW packages will be installed:
+ foo
+0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
+Inst foo (1 unstable [all])
+Conf foo (1 unstable [all])' aptget install foo -s
+}
+
+authfile() {
+ local AUTHCONF='rootdir/etc/apt/auth.conf'
+ rm -f "$AUTHCONF"
+ printf '%s' "$1" > "$AUTHCONF"
+ chmod 600 "$AUTHCONF"
+}
+
+runtest() {
+ # unauthorized fails
+ authfile ''
+ testauthfailure "$1"
+
+ # good auth
+ authfile 'machine localhost
+login star
+password hunter2'
+ testauthsuccess "$1"
+
+ # bad auth
+ authfile 'machine localhost
+login anonymous
+password hunter2'
+ testauthfailure "$1"
+
+ # 2 stanzas: unmatching + good auth
+ authfile 'machine debian.org
+login debian
+password jessie
+
+machine localhost
+login star
+password hunter2'
+ testauthsuccess "$1"
+}
+
+msgmsg 'server basic auth'
+rewritesourceslist 'http://localhost:8080'
+runtest 'http://localhost:8080'
+rewritesourceslist 'https://localhost:4433'
+runtest 'https://localhost:4433'
+rewritesourceslist 'http://localhost:8080'
+
+msgmsg 'proxy to server basic auth'
+webserverconfig 'aptwebserver::request::absolute' 'uri'
+export http_proxy='http://localhost:8080'
+runtest 'http://localhost:8080'
+unset http_proxy
+
+msgmsg 'proxy basic auth to server basic auth'
+webserverconfig 'aptwebserver::proxy-authorization' "$(printf 'moon:deer2' | base64)"
+export http_proxy='http://moon:deer2@localhost:8080'
+runtest 'http://localhost:8080'
+
+msgmsg 'proxy basic auth to server'
+authfile ''
+webserverconfig 'aptwebserver::authorization' ''
+testauthsuccess 'http://localhost:8080'
diff --git a/test/integration/test-bug-254770-segfault-if-cache-not-buildable b/test/integration/test-bug-254770-segfault-if-cache-not-buildable
index 59102ddc9..6ae8944b2 100755
--- a/test/integration/test-bug-254770-segfault-if-cache-not-buildable
+++ b/test/integration/test-bug-254770-segfault-if-cache-not-buildable
@@ -3,17 +3,25 @@ set -e
TESTDIR=$(readlink -f $(dirname $0))
. $TESTDIR/framework
+
+msgtest 'Test run as' 'non-root'
+if [ "$(id -u)" = '0' ]; then
+ msgskip 'root has by definition no problems accessing files'
+ exit 0
+else
+ msgpass
+fi
+
setupenvironment
configarchitecture "i386"
setupaptarchive
-CURRENTTRAP="chmod a+x rootdir/var/lib/dpkg; $CURRENTTRAP"
-trap "$CURRENTTRAP" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
+addtrap 'prefix' 'chmod a+x rootdir/var/lib/dpkg;'
chmod a-x rootdir/var/lib/dpkg
testsegfault() {
msgtest "No segfault in" "$*"
- local TEST="$($* 2>&1 | grep -v 'E:')"
+ local TEST="$("$@" 2>&1 | grep -v 'E:')"
if [ -z "$TEST" ]; then
msgpass
else
diff --git a/test/integration/test-bug-507998-dist-upgrade-recommends b/test/integration/test-bug-507998-dist-upgrade-recommends
index 513421a94..f3b4e04fb 100755
--- a/test/integration/test-bug-507998-dist-upgrade-recommends
+++ b/test/integration/test-bug-507998-dist-upgrade-recommends
@@ -16,6 +16,7 @@ setupaptarchive
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
tshark wireshark-common
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
diff --git a/test/integration/test-bug-591882-conkeror b/test/integration/test-bug-591882-conkeror
index e1c0b42d1..891ddb8b7 100755
--- a/test/integration/test-bug-591882-conkeror
+++ b/test/integration/test-bug-591882-conkeror
@@ -9,6 +9,7 @@ setupaptarchive
UPGRADEFAIL="Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
conkeror libdatrie0 libkrb53 libxcb-xlib0 xulrunner-1.9
The following NEW packages will be installed:
@@ -40,6 +41,7 @@ E: Trivial Only specified but this is not a trivial operation."
UPGRADESUCCESS="Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
libdatrie0 libkrb53 libxcb-xlib0 xulrunner-1.9
The following NEW packages will be installed:
diff --git a/test/integration/test-bug-595691-empty-and-broken-archive-files b/test/integration/test-bug-595691-empty-and-broken-archive-files
index aea340203..fedf82c92 100755
--- a/test/integration/test-bug-595691-empty-and-broken-archive-files
+++ b/test/integration/test-bug-595691-empty-and-broken-archive-files
@@ -13,7 +13,7 @@ setupflataptarchive
testaptgetupdate() {
rm -rf rootdir/var/lib/apt
aptget update 2>> testaptgetupdate.diff >> testaptgetupdate.diff || true
- sed -i -e '/^Fetched / d' -e '/Ign / d' -e '/Release/ d' -e 's#Get:[0-9]\+ #Get: #' -e 's#\[[0-9]* [kMGTPY]*B\]#\[\]#' testaptgetupdate.diff
+ sed -i -e '/Ign /,+1d' -e '/Release/ d' -e 's#Get:[0-9]\+ #Get: #' -e 's#\[[0-9]* [kMGTPY]*B\]#\[\]#' testaptgetupdate.diff
GIVEN="$1"
shift
msgtest "Test for correctness of" "apt-get update with $*"
diff --git a/test/integration/test-bug-596498-trusted-unsigned-repo b/test/integration/test-bug-596498-trusted-unsigned-repo
index 06c9c8285..1e5e75b0e 100755
--- a/test/integration/test-bug-596498-trusted-unsigned-repo
+++ b/test/integration/test-bug-596498-trusted-unsigned-repo
@@ -12,7 +12,7 @@ setupaptarchive
aptgetupdate() {
rm -rf rootdir/var/lib/apt/ rootdir/var/cache/apt/*.bin
- aptget update -qq
+ ${1:-testwarning} aptget update --allow-insecure-repositories
}
PKGTEXT="$(aptget install cool --assume-no -d | head -n 7)"
@@ -25,7 +25,7 @@ testequal "$PKGTEXT
Download complete and in download only mode" aptget install cool --assume-no -d --allow-unauthenticated
sed -i -e 's#deb#deb [trusted=no]#' $DEBFILE
-aptgetupdate
+aptgetupdate 'testsuccess'
testequal "$PKGTEXT
WARNING: The following packages cannot be authenticated!
diff --git a/test/integration/test-bug-604401-files-are-directories b/test/integration/test-bug-604401-files-are-directories
index e6913edcf..fe0ccc783 100755
--- a/test/integration/test-bug-604401-files-are-directories
+++ b/test/integration/test-bug-604401-files-are-directories
@@ -57,7 +57,7 @@ echo 'Package: apt
Pin: release a=now
Pin-Value: 1000' > rootdir/etc/apt/good-link.pref
ln -s rootdir/etc/apt/good-link.pref rootdir/etc/apt/preferences
-test -n "$(aptcache policy | grep 1000)" && msgfail || msgpass
+test -n "$(aptcache policy | grep '1000 ')" && msgfail || msgpass
rm rootdir/etc/apt/preferences
msgtest "Broken link instead of a file as preferences ignored"
diff --git a/test/integration/test-bug-605394-versioned-or-groups b/test/integration/test-bug-605394-versioned-or-groups
index 0f09d2927..bb72d59e3 100755
--- a/test/integration/test-bug-605394-versioned-or-groups
+++ b/test/integration/test-bug-605394-versioned-or-groups
@@ -9,6 +9,7 @@ setupaptarchive
testequal "Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
php5 php5-cgi
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
diff --git a/test/integration/test-bug-612099-multiarch-conflicts b/test/integration/test-bug-612099-multiarch-conflicts
index 20dc3a7e5..c32600037 100755
--- a/test/integration/test-bug-612099-multiarch-conflicts
+++ b/test/integration/test-bug-612099-multiarch-conflicts
@@ -70,6 +70,7 @@ Conf foobar (1.0 stable [i386])' aptget install foobar/stable libc6 -st testing
testequal 'Reading package lists...
Building dependency tree...
Reading state information...
+Calculating upgrade...
The following packages will be upgraded:
libc6
1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
@@ -168,6 +169,7 @@ Conf libc6-same:amd64 (1.0 stable [amd64])' aptget install libc6-same:amd64 -s -
testequal 'Reading package lists...
Building dependency tree...
Reading state information...
+Calculating upgrade...
The following packages will be upgraded:
libc6-same
1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
diff --git a/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted
index f93510fd7..582e1bf5e 100755
--- a/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted
+++ b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted
@@ -24,15 +24,19 @@ testfilemissing() {
testrun() {
rm -rf rootdir/var/lib/apt
- testsuccess aptget update
+ cd downloaded
if [ "$1" = 'trusted' ]; then
+ testsuccess aptget update
+
testsuccess aptget download cool
testfileexists 'cool_1.0_i386.deb'
testsuccess aptget download cool --allow-unauthenticated
testfileexists 'cool_1.0_i386.deb'
else
+ testwarning aptget update --allow-insecure-repositories
+
testfailure aptget download cool
testfilemissing 'cool_1.0_i386.deb'
@@ -40,18 +44,19 @@ testrun() {
testfileexists 'cool_1.0_i386.deb'
fi
- mv aptarchive/pool/cool_1.0_i386.deb aptarchive/pool/cool_1.0_i386.deb.bak
- echo 'this is not a good package' > aptarchive/pool/cool_1.0_i386.deb
+ mv ../aptarchive/pool/cool_1.0_i386.deb ../aptarchive/pool/cool_1.0_i386.deb.bak
+ echo 'this is not a good package' > ../aptarchive/pool/cool_1.0_i386.deb
testfailure aptget download cool
testfilemissing cool_1.0_i386.deb
testfailure aptget download cool --allow-unauthenticated # unauthenticated doesn't mean unchecked
testfilemissing cool_1.0_i386.deb
- rm -f aptarchive/pool/cool_1.0_i386.deb
- mv aptarchive/pool/cool_1.0_i386.deb.bak aptarchive/pool/cool_1.0_i386.deb
+ rm -f ../aptarchive/pool/cool_1.0_i386.deb
+ mv ../aptarchive/pool/cool_1.0_i386.deb.bak ../aptarchive/pool/cool_1.0_i386.deb
testsuccess aptget download cool --allow-unauthenticated
testfileexists 'cool_1.0_i386.deb'
+ cd - >/dev/null
}
testrun 'trusted'
diff --git a/test/integration/test-bug-64141-install-dependencies-for-on-hold b/test/integration/test-bug-64141-install-dependencies-for-on-hold
index 9a9e7be10..9e6c223a8 100755
--- a/test/integration/test-bug-64141-install-dependencies-for-on-hold
+++ b/test/integration/test-bug-64141-install-dependencies-for-on-hold
@@ -21,6 +21,7 @@ setupaptarchive
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
oldcrap
The following NEW packages will be installed:
@@ -35,6 +36,7 @@ testsuccess aptmark hold apt
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages have been kept back:
apt
The following packages will be upgraded:
diff --git a/test/integration/test-bug-657695-resolver-breaks-on-virtuals b/test/integration/test-bug-657695-resolver-breaks-on-virtuals
index e9b27cfcd..1b92a04fe 100755
--- a/test/integration/test-bug-657695-resolver-breaks-on-virtuals
+++ b/test/integration/test-bug-657695-resolver-breaks-on-virtuals
@@ -18,6 +18,7 @@ setupaptarchive
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
xserver-xorg-video-driver1 xserver-xorg-video-driver10
xserver-xorg-video-driver11 xserver-xorg-video-driver12
diff --git a/test/integration/test-bug-673536-pre-depends-breaks-loop b/test/integration/test-bug-673536-pre-depends-breaks-loop
index 21bd5e065..eb47553dc 100755
--- a/test/integration/test-bug-673536-pre-depends-breaks-loop
+++ b/test/integration/test-bug-673536-pre-depends-breaks-loop
@@ -24,12 +24,11 @@ testloopbreak() {
cp -a dpkg.status.backup rootdir/var/lib/dpkg/status
rm -f rootdir/var/lib/apt/extended_states
-
- testsuccess aptget install advanced=1 -y -t "$1" -o Debug::pkgPackageManager=1
+ testsuccess aptget install advanced=1 -y -t "$1"
testdpkginstalled advanced
testdpkgnotinstalled basic common
- testsuccess aptget dist-upgrade -y -t "$1" -o Debug::pkgPackageManager=1
+ testsuccess aptget dist-upgrade -y -t "$1"
testdpkginstalled advanced basic common
}
diff --git a/test/integration/test-bug-675449-essential-are-protected b/test/integration/test-bug-675449-essential-are-protected
index 7d8cc3484..2a27c62b1 100755
--- a/test/integration/test-bug-675449-essential-are-protected
+++ b/test/integration/test-bug-675449-essential-are-protected
@@ -69,6 +69,7 @@ Purg pkg-none-foreign:i386 [1]' aptget purge pkg-none-foreign:i386 -s
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following NEW packages will be installed:
pkg-depends-new:i386 pkg-none-new
The following packages will be upgraded:
diff --git a/test/integration/test-bug-680041-apt-mark-holds-correctly b/test/integration/test-bug-680041-apt-mark-holds-correctly
index 2e5e39c8e..3f40c23dc 100755
--- a/test/integration/test-bug-680041-apt-mark-holds-correctly
+++ b/test/integration/test-bug-680041-apt-mark-holds-correctly
@@ -19,6 +19,7 @@ runtests() {
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
pkgall pkgarch
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
@@ -30,6 +31,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget dist-upgr
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages have been kept back:
pkgarch
The following packages will be upgraded:
@@ -43,6 +45,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget dist-upgr
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
pkgall pkgarch
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
@@ -54,6 +57,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget dist-upgr
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages have been kept back:
pkgall
The following packages will be upgraded:
diff --git a/test/integration/test-bug-683786-build-dep-on-virtual-packages b/test/integration/test-bug-683786-build-dep-on-virtual-packages
index 879d6a3bc..65862c572 100755
--- a/test/integration/test-bug-683786-build-dep-on-virtual-packages
+++ b/test/integration/test-bug-683786-build-dep-on-virtual-packages
@@ -38,8 +38,8 @@ Building dependency tree...
The following NEW packages will be installed:
po-debconf
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
-Inst po-debconf (1 unstable, unstable [all])
-Conf po-debconf (1 unstable, unstable [all])' aptget build-dep dash -s
+Inst po-debconf (1 unstable [all])
+Conf po-debconf (1 unstable [all])' aptget build-dep dash -s
testequal 'Reading package lists...
Building dependency tree...
diff --git a/test/integration/test-bug-686346-package-missing-architecture b/test/integration/test-bug-686346-package-missing-architecture
index dc51861ab..8024f81da 100755
--- a/test/integration/test-bug-686346-package-missing-architecture
+++ b/test/integration/test-bug-686346-package-missing-architecture
@@ -53,6 +53,7 @@ testnopackage pkge:*
# this difference seems so important that it has to be maintained …
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade -s
# pkgd has no update with an architecture
diff --git a/test/integration/test-bug-712435-missing-descriptions b/test/integration/test-bug-712435-missing-descriptions
index 53ecbbeb3..7a3518745 100755
--- a/test/integration/test-bug-712435-missing-descriptions
+++ b/test/integration/test-bug-712435-missing-descriptions
@@ -87,13 +87,10 @@ $DESCRIPTION
Description-md5: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
" aptcache show apt-normal
-# displaying the translated Description would be equally valid,
-# but we assume only one description is in a Packages file and
-# so we prefer "Description" over "Description-*" currently.
for variant in 'below' 'middle' 'top'; do
testequal "Package: apt-both-$variant
$PACKAGESTANZA
-$DESCRIPTION
+$TRANSDESCRIPTION
Description-md5: bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
" aptcache show apt-both-$variant
done
@@ -122,7 +119,7 @@ X-Some-Flag: yes
testequal "Package: apt-intermixed2
$PACKAGESTANZA
-$DESCRIPTION
+$TRANSDESCRIPTION
Description-md5: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
X-Some-Flag: yes
X-Foo-Flag: Something with a Description
@@ -131,7 +128,7 @@ X-Bar-Flag: no
testequal "Package: apt-intermixed3
$PACKAGESTANZA
-$DESCRIPTION
+$TRANSDESCRIPTION
Description-md5: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
X-Some-Flag: yes
X-Foo-Flag: Something with a Description
diff --git a/test/integration/test-bug-717891-abolute-uris-for-proxies b/test/integration/test-bug-717891-abolute-uris-for-proxies
index ac1d6ec11..54a616686 100755
--- a/test/integration/test-bug-717891-abolute-uris-for-proxies
+++ b/test/integration/test-bug-717891-abolute-uris-for-proxies
@@ -12,7 +12,7 @@ setupaptarchive
changetowebserver --request-absolute='uri'
msgtest 'Check that absolute paths are' 'not accepted'
-testfailure --nomsg aptget update
+testfailure --nomsg aptget update --allow-insecure-repositories
echo 'Acquire::http::Proxy "http://localhost:8080";' > rootdir/etc/apt/apt.conf.d/99proxy
diff --git a/test/integration/test-bug-722207-print-uris-even-if-very-quiet b/test/integration/test-bug-722207-print-uris-even-if-very-quiet
index f2d95da19..9a5685703 100755
--- a/test/integration/test-bug-722207-print-uris-even-if-very-quiet
+++ b/test/integration/test-bug-722207-print-uris-even-if-very-quiet
@@ -16,10 +16,10 @@ setupaptarchive
APTARCHIVE=$(readlink -f ./aptarchive)
-testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget upgrade -qq --print-uris
-testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget dist-upgrade -qq --print-uris
-testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget install apt -qq --print-uris
-testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 MD5Sum:" aptget download apt -qq --print-uris
+testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget upgrade -qq --print-uris
+testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget dist-upgrade -qq --print-uris
+testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget install apt -qq --print-uris
+testequal "'file://${APTARCHIVE}/pool/main/apt/apt_2_all.deb' apt_2_all.deb 0 " aptget download apt -qq --print-uris
testequal "'file://${APTARCHIVE}/apt_2.dsc' apt_2.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e
'file://${APTARCHIVE}/apt_2.tar.gz' apt_2.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source apt -qq --print-uris
testequal "'http://packages.debian.org/changelogs/pool/main/apt/apt_2/changelog'" aptget changelog apt -qq --print-uris
diff --git a/test/integration/test-bug-728500-tempdir b/test/integration/test-bug-728500-tempdir
index 0451fc1ed..37e5a013e 100755
--- a/test/integration/test-bug-728500-tempdir
+++ b/test/integration/test-bug-728500-tempdir
@@ -17,7 +17,7 @@ msgtest 'Test apt-get update with incorrect' 'TMPDIR'
OUTPUT=$(mktemp)
addtrap "rm $OUTPUT;"
export TMPDIR=/does-not-exists
-if aptget update >${OUTPUT} 2>&1; then
+if aptget update -o Debug::Acquire::gpg=1 >${OUTPUT} 2>&1; then
msgpass
else
echo
@@ -27,3 +27,4 @@ fi
unset TMPDIR
testequal 'coolstuff' aptcache pkgnames
+testsuccess ls rootdir/var/lib/apt/lists/*InRelease
diff --git a/test/integration/test-bug-733028-gpg-resource-limit b/test/integration/test-bug-733028-gpg-resource-limit
new file mode 100755
index 000000000..7040856b3
--- /dev/null
+++ b/test/integration/test-bug-733028-gpg-resource-limit
@@ -0,0 +1,27 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture 'i386'
+
+insertpackage 'unstable' 'foobar' 'all' '1'
+
+setupaptarchive --no-update
+
+for i in $(seq 1 50); do
+ touch rootdir/etc/apt/trusted.gpg.d/emptykey-${i}.gpg
+done
+
+aptkey list | grep '^pub' > aptkey.list
+testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18'
+
+testsuccess aptget update
+msgtest 'Test for no gpg errors/warnings in' 'apt-get update'
+if grep -iq 'GPG' rootdir/tmp/testsuccess.output; then
+ cat rootdir/tmp/testsuccess.output
+ msgfail
+else
+ msgpass
+fi
diff --git a/test/integration/test-bug-735967-lib32-to-i386-unavailable b/test/integration/test-bug-735967-lib32-to-i386-unavailable
index e9f3bf96d..826931fe4 100755
--- a/test/integration/test-bug-735967-lib32-to-i386-unavailable
+++ b/test/integration/test-bug-735967-lib32-to-i386-unavailable
@@ -33,6 +33,7 @@ testsuccess aptget update
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
lib32nss-mdns
The following packages will be upgraded:
@@ -60,6 +61,7 @@ testsuccess aptget update
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following NEW packages will be installed:
libnss-mdns:i386 libnss-mdns-i386:i386
The following packages will be upgraded:
diff --git a/test/integration/test-bug-738785-switch-protocol b/test/integration/test-bug-738785-switch-protocol
index 1e5748eae..0f458e099 100755
--- a/test/integration/test-bug-738785-switch-protocol
+++ b/test/integration/test-bug-738785-switch-protocol
@@ -25,6 +25,7 @@ downloadfile 'http://localhost:8080/pool/apt_1.0/changelog' changelog >/dev/null
echo 'Apt::Changelogs::Server "http://localhost:8080/redirectme";' > rootdir/etc/apt/apt.conf.d/changelog.conf
testequal "'http://localhost:8080/redirectme/pool/apt_1.0/changelog'" aptget changelog apt --print-uris
+cd downloaded
testsuccess aptget changelog apt -d
testsuccess test -s apt.changelog
rm -f apt.changelog
@@ -32,6 +33,7 @@ rm -f apt.changelog
testsuccess aptget download apt
testsuccess test -s apt_1.0_all.deb
rm apt_1.0_all.deb
+cd - >/dev/null
testsuccess aptget install apt -y
testdpkginstalled 'apt'
@@ -49,9 +51,11 @@ rm https
cd - >/dev/null
echo "Dir::Bin::Methods \"${COPYMETHODS}\";" >> aptconfig.conf
-testequal "E: The method driver $(pwd)/rootdir/usr/lib/apt/methods/https could not be found.
+cd downloaded
+testequal "E: The method driver $(readlink -f './../')/rootdir/usr/lib/apt/methods/https could not be found.
N: Is the package apt-transport-https installed?" aptget download apt -q=0
-testsuccess test ! -e apt_1.0_all.deb
+testfailure test -e apt_1.0_all.deb
+cd - >/dev/null
# revert to all methods
rm -rf rootdir/$COPYMETHODS
@@ -60,4 +64,4 @@ mv rootdir/${COPYMETHODS}.bak rootdir/${COPYMETHODS}
# check that downgrades from https to http are not allowed
webserverconfig 'aptwebserver::support::http' 'true'
sed -i -e 's#:8080/redirectme#:4433/downgrademe#' -e 's# http:# https:#' rootdir/etc/apt/sources.list.d/*
-testfailure aptget update
+testfailure aptget update --allow-insecure-repositories
diff --git a/test/integration/test-bug-740843-versioned-up-down-breaks b/test/integration/test-bug-740843-versioned-up-down-breaks
index cb035a71f..9426ffad1 100755
--- a/test/integration/test-bug-740843-versioned-up-down-breaks
+++ b/test/integration/test-bug-740843-versioned-up-down-breaks
@@ -24,6 +24,7 @@ setupaptarchive
testequalor2 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
foo-driver libfoo libfoo:i386 libgl1-foo-glx libgl1-foo-glx:i386
5 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
@@ -38,6 +39,7 @@ Conf libgl1-foo-glx:i386 (2 stable [i386])
Conf libgl1-foo-glx (2 stable [amd64])
Conf foo-driver (2 stable [amd64])' 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
foo-driver libfoo libfoo:i386 libgl1-foo-glx libgl1-foo-glx:i386
5 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
diff --git a/test/integration/test-bug-745036-new-foreign-invalidates-cache b/test/integration/test-bug-745036-new-foreign-invalidates-cache
new file mode 100755
index 000000000..2b7ee06ad
--- /dev/null
+++ b/test/integration/test-bug-745036-new-foreign-invalidates-cache
@@ -0,0 +1,27 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture 'amd64'
+
+insertpackage 'unstable,installed' 'cool-foo' 'amd64' '1.0' 'Depends: foo'
+insertpackage 'unstable,installed' 'foo' 'amd64' '1.0' 'Multi-Arch: foreign'
+
+setupaptarchive
+
+testsuccess aptget check -s
+
+configarchitecture 'amd64' 'i386'
+testequal 'E: The package cache was built for different architectures: amd64 vs amd64,i386' aptget check -s -o pkgCacheFile::Generate=false
+
+testsuccess aptget check -s
+
+insertinstalledpackage 'awesome-foo' 'i386' '1.0' 'Depends: foo'
+
+testsuccess aptget check -s
+
+testsuccess aptget update --no-download
+
+testsuccess aptget check -s
diff --git a/test/integration/test-bug-753297-upgradable b/test/integration/test-bug-753297-upgradable
index 068704b3e..01395a095 100755
--- a/test/integration/test-bug-753297-upgradable
+++ b/test/integration/test-bug-753297-upgradable
@@ -16,8 +16,7 @@ Pin: release unstable
Pin-Priority: 1
EOF
-insertinstalledpackage 'foo' 'all' '1'
-insertpackage 'testing' 'foo' 'all' '1'
+insertpackage 'testing,installed' 'foo' 'all' '1'
insertpackage 'testing-updates' 'foo' 'all' '2'
insertpackage 'unstable' 'foo' 'all' '3'
diff --git a/test/integration/test-bug-758153-versioned-provides-support b/test/integration/test-bug-758153-versioned-provides-support
index 2904ae5a1..21f9123c9 100755
--- a/test/integration/test-bug-758153-versioned-provides-support
+++ b/test/integration/test-bug-758153-versioned-provides-support
@@ -28,6 +28,7 @@ setupaptarchive
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
webapp webserver
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
diff --git a/test/integration/test-compressed-indexes b/test/integration/test-compressed-indexes
index 805ed5964..92e7c0e84 100755
--- a/test/integration/test-compressed-indexes
+++ b/test/integration/test-compressed-indexes
@@ -39,10 +39,10 @@ testrun() {
test -e rootdir/var/lib/apt/lists/*_Translation-en.${COMPRESS} || F=1
# there is no point in trying pdiff if we have compressed indexes
# as we can't patch compressed files (well, we can, but what is the point?)
- ! test -e rootdir/var/lib/apt/lists/*.IndexDiff || F=1
+ ! test -e rootdir/var/lib/apt/lists/*diff_Index || F=1
else
# clear the faked pdiff indexes so the glob below works
- rm -f rootdir/var/lib/apt/lists/*.IndexDiff
+ rm -f rootdir/var/lib/apt/lists/*diff_Index
test -e rootdir/var/lib/apt/lists/*_Packages || F=1
test -e rootdir/var/lib/apt/lists/*_Sources || F=1
test -e rootdir/var/lib/apt/lists/*_Translation-en || F=1
@@ -51,15 +51,18 @@ testrun() {
! test -e rootdir/var/lib/apt/lists/*_Translation-en.* || F=1
fi
if [ -n "$F" ]; then
+ cat rootdir/tmp/testsuccess.output
ls -laR rootdir/var/lib/apt/lists/
msgfail
else
msgpass
fi
msgtest 'Check if package is downloadable'
+ cd downloaded
testsuccess --nomsg aptget download testpkg
msgtest '\tdeb file is present'; testsuccess --nomsg test -f testpkg_1.0_i386.deb
rm testpkg_1.0_i386.deb
+ cd - >/dev/null
testequal 'Reading package lists...
Building dependency tree...
The following NEW packages will be installed:
@@ -78,17 +81,20 @@ Conf testpkg (1.0 unstable [i386])' aptget install testpkg -s
testequal "$GOODSHOWSRC" aptcache showsrc testpkg
aptget clean
msgtest 'Check if the source is aptgetable'
+ cd downloaded
testsuccess --nomsg aptget source testpkg
- msgtest '\tdsc file is present'; testsuccess --nomsg test -f testpkg_1.0.dsc
- msgtest '\tdirectory is present'; testsuccess --nomsg test -d testpkg-1.0
+ testsuccess test -s testpkg_1.0.dsc
+ testsuccess test -d testpkg-1.0
rm -rf testpkg-1.0*
+ cd - >/dev/null
testequal "$(aptcache show testpkg -o Acquire::Languages=none)
" aptcache dumpavail
}
echo 'Debug::pkgAcquire::worker "true";
debug::pkgAcquire::Auth "true";
-Debug::pkgAcquire::Diffs "true";' > rootdir/etc/apt/apt.conf.d/99debugconf
+Debug::pkgAcquire::Diffs "true";
+Debug::Acquire::http "true";' > rootdir/etc/apt/apt.conf.d/99debugconf
testovermethod() {
forcecompressor $2
@@ -97,23 +103,28 @@ testovermethod() {
rm -rf rootdir/var/lib/apt/lists
echo "Acquire::GzipIndexes \"${INDEX}\";" > rootdir/etc/apt/apt.conf.d/02compressindex
local INDCOMP
- if [ "$INDEX" = 'false' ]; then
+ if [ "$INDEX" = 'false' -o "$1" = 'cdrom' ]; then
INDCOMP='uncompressed'
else
INDCOMP='compressed'
fi
+ msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes gzip=$INDEX"
+ if [ "${1}" = 'cdrom' ]; then
+ testsuccess aptcdrom add </dev/null
+ fi
testsuccess aptget update
- msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes"
testrun "$INDCOMP"
- testsuccess aptget update -o Acquire::Pdiffs=1
- msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes (update unchanged with pdiffs)"
- testrun "$INDCOMP"
+ if [ "${1}" != 'cdrom' ]; then
+ testsuccess aptget update -o Acquire::Pdiffs=1
+ msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes gzip=$INDEX (update unchanged with pdiffs)"
+ testrun "$INDCOMP"
- testsuccess aptget update -o Acquire::Pdiffs=0
- msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes (update unchanged without pdiffs)"
- testrun "$INDCOMP"
+ testsuccess aptget update -o Acquire::Pdiffs=0
+ msgmsg "${1}: ${COMPRESSOR}: Test with $INDCOMP indexes gzip=$INDEX (update unchanged without pdiffs)"
+ testrun "$INDCOMP"
+ fi
rm rootdir/etc/apt/apt.conf.d/02compressindex
done
@@ -142,3 +153,12 @@ test $(echo "$GOODPOLICY" | grep -e '^testpkg:' -e '^ Candidate:' -e '^ Instal
testequal "$GOODPOLICY" aptcache policy testpkg
for COMPRESSOR in 'gzip' 'bzip2' 'lzma' 'xz'; do testovermethod 'http' $COMPRESSOR; done
+
+changetocdrom 'Debian APT Testdisk 0.8.15'
+rm -rf rootdir/var/lib/apt/lists
+testsuccess aptcdrom add </dev/null
+GOODPOLICY="$(aptcache policy testpkg)"
+test $(echo "$GOODPOLICY" | grep -e '^testpkg:' -e '^ Candidate:' -e '^ Installed: (none)' -e '500 cdrom://' | wc -l) -eq 4 || msgdie 'policy is broken'
+testequal "$GOODPOLICY" aptcache policy testpkg
+
+for COMPRESSOR in 'gzip' 'bzip2' 'lzma' 'xz'; do testovermethod 'cdrom' $COMPRESSOR; done
diff --git a/test/integration/test-conflicts-loop b/test/integration/test-conflicts-loop
index a2c411aaf..81731dfe4 100755
--- a/test/integration/test-conflicts-loop
+++ b/test/integration/test-conflicts-loop
@@ -17,6 +17,7 @@ setupaptarchive
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
openjdk-6-jre openjdk-6-jre-headless openjdk-6-jre-lib
3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
@@ -29,4 +30,4 @@ Conf openjdk-6-jre (6b20-1.9.8-0ubuntu1~10.04.1 unstable [i386])
Inst openjdk-6-jre-headless [6b16-1.8-0ubuntu1] (6b20-1.9.8-0ubuntu1~10.04.1 unstable [i386])
Conf openjdk-6-jre-headless (6b20-1.9.8-0ubuntu1~10.04.1 unstable [i386])' aptget dist-upgrade -s -o APT::Immediate-Configure-All=true
-testsuccess aptget dist-upgrade -s -o Debug::pkgPackageManager=1
+testsuccess aptget dist-upgrade -s
diff --git a/test/integration/test-cve-2013-1051-InRelease-parsing b/test/integration/test-cve-2013-1051-InRelease-parsing
index 41b27f691..8f9803991 100755
--- a/test/integration/test-cve-2013-1051-InRelease-parsing
+++ b/test/integration/test-cve-2013-1051-InRelease-parsing
@@ -42,7 +42,7 @@ touch -d '+1hour' aptarchive/dists/stable/InRelease
# ensure the update fails
# useful for debugging to add "-o Debug::pkgAcquire::auth=true"
msgtest 'apt-get update for should fail with the modified' 'InRelease'
-aptget update 2>&1 | grep -q 'Hash Sum mismatch' > /dev/null && msgpass || msgfail
+aptget update 2>&1 | grep -E -q '(Writing more data than expected|Hash Sum mismatch)' > /dev/null && msgpass || msgfail
# ensure there is no package
testequal 'Reading package lists...
diff --git a/test/integration/test-essential-force-loopbreak b/test/integration/test-essential-force-loopbreak
index ac8fc6d28..1493430d8 100755
--- a/test/integration/test-essential-force-loopbreak
+++ b/test/integration/test-essential-force-loopbreak
@@ -37,13 +37,13 @@ The following packages will be upgraded:
E: This installation run will require temporarily removing the essential package sysvinit:$(getarchitecture 'native') due to a Conflicts/Pre-Depends loop. This is often bad, but if you really want to do it, activate the APT::Force-LoopBreak option.
E: Internal Error, Could not early remove sysvinit:$(dpkg --print-architecture) (2)" aptget install systemd-sysv -t "$1" -s
# ensure that really nothing happens
- testfailure aptget install systemd-sysv -y -t "$1" -o Debug::pkgPackageManager=1
+ testfailure aptget install systemd-sysv -y -t "$1"
testdpkginstalled 'sysvinit'
testdpkgnotinstalled 'systemd-sysv'
# with enough force however …
cp -a dpkg.status.backup rootdir/var/lib/dpkg/status
- testsuccess aptget install systemd-sysv -y -t "$1" -o Debug::pkgPackageManager=1 -o APT::Force-LoopBreak=1
+ testsuccess aptget install systemd-sysv -y -t "$1" -o APT::Force-LoopBreak=1
testdpkginstalled 'sysvinit' 'systemd-sysv'
}
diff --git a/test/integration/test-hashsum-verification b/test/integration/test-hashsum-verification
index 2a400dcb4..5f88110b3 100755
--- a/test/integration/test-hashsum-verification
+++ b/test/integration/test-hashsum-verification
@@ -70,9 +70,13 @@ runtest() {
rm -rf rootdir/var/lib/apt/lists
rm aptarchive/InRelease aptarchive/Release.gpg
msgtest 'unsigned apt-get update gets the expected hashsum mismatch'
- aptget update 2>&1 | grep "Hash Sum mismatch" > /dev/null && msgpass || msgfail
-
-
+ aptget update --allow-insecure-repositories >output.log 2>&1 || true
+ if grep -q "Hash Sum mismatch" output.log; then
+ msgpass
+ else
+ cat output.log
+ msgfail
+ fi
}
for COMPRESSEDINDEXES in 'false' 'true'; do
diff --git a/test/integration/test-http-pipeline-messup b/test/integration/test-http-pipeline-messup
new file mode 100755
index 000000000..dda8ef7eb
--- /dev/null
+++ b/test/integration/test-http-pipeline-messup
@@ -0,0 +1,47 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+# try a little harder to create a size mismatch
+buildsimplenativepackage 'pkga' 'all' '1.0' 'stable' "Depends: foo" '' '' '' '' 'none'
+buildsimplenativepackage 'pkgb' 'all' '1.0' 'stable' "Depends: foo" '' '' '' '' 'none'
+buildsimplenativepackage 'pkgc' 'all' '1.0' 'stable' "Depends: f$(for i in $(seq 0 1000); do printf 'o'; done)" '' '' '' '' 'none'
+buildsimplenativepackage 'pkgd' 'all' '1.0' 'stable' "Depends: f$(for i in $(seq 0 1000); do printf 'o'; done)" '' '' '' '' 'none'
+
+setupaptarchive --no-update
+
+# simulate (and be a predictable) pipeline mess-up by the server/proxy
+changetowebserver \
+ -o 'aptwebserver::overwrite::.*pkga.*::filename=/pool/pkgd_1.0_all.deb' \
+ -o 'aptwebserver::overwrite::.*pkgc.*::filename=/pool/pkgb_1.0_all.deb' \
+ -o 'aptwebserver::overwrite::.*pkgb.*::filename=/pool/pkgc_1.0_all.deb' \
+ -o 'aptwebserver::overwrite::.*pkgd.*::filename=/pool/pkga_1.0_all.deb'
+
+echo 'Debug::Acquire::http "true";
+Debug::pkgAcquire::Worker "true";' > rootdir/etc/apt/apt.conf.d/99debug
+
+testsuccess aptget update
+
+# messup is bigger than pipeline: checks if fixup isn't trying to hard
+testfailure aptget download pkga pkgb pkgc pkgd -o Acquire::http::Pipeline-Depth=2
+testfailure test -f pkga_1.0_all.deb
+
+# ensure that pipeling is enabled for rest of this test
+echo 'Acquire::http::Pipeline-Depth 10;' > rootdir/etc/apt/apt.conf.d/99enable-pipeline
+
+# the output is a bit strange: it looks like it has downloaded pkga 4 times
+testwarning aptget download pkga pkgb pkgc pkgd
+for pkg in 'pkga' 'pkgb' 'pkgc' 'pkgd'; do
+ testsuccess test -f ${pkg}_1.0_all.deb
+ testsuccess cmp incoming/${pkg}_1.0_all.deb ${pkg}_1.0_all.deb
+ rm -f ${pkg}_1.0_all.deb
+done
+
+# while hashes will pass (as none are available), sizes will not match, so failure
+# checks that no hashes means that pipeline depth is ignored as we can't fixup
+testfailure aptget download pkga pkgb pkgc pkgd --allow-unauthenticated -o Acquire::ForceHash=ROT26
diff --git a/test/integration/test-kernel-helper-autoremove b/test/integration/test-kernel-helper-autoremove
index c51caa758..22c36890b 100755
--- a/test/integration/test-kernel-helper-autoremove
+++ b/test/integration/test-kernel-helper-autoremove
@@ -9,7 +9,7 @@ configarchitecture 'amd64'
# the executed script would use the installed apt-config,
# which is outside of our control
msgtest 'Check that the installed apt-config supports' '--no-empty'
-if apt-config dump --no-empty >/dev/null 2>&1; then
+if /usr/bin/apt-config dump --no-empty >/dev/null 2>&1; then
msgpass
else
msgskip
diff --git a/test/integration/test-partial-file-support b/test/integration/test-partial-file-support
index 5ab326def..98b2f242a 100755
--- a/test/integration/test-partial-file-support
+++ b/test/integration/test-partial-file-support
@@ -52,36 +52,37 @@ cp -a ${TESTDIR}/framework $TESTFILE
testrun() {
webserverconfig 'aptwebserver::support::range' 'true'
+ local DOWN='./downloaded/testfile'
- copysource $TESTFILE 0 ./testfile
- testdownloadfile 'no data' "${1}/testfile" './testfile' '='
+ copysource $TESTFILE 0 $DOWN
+ testdownloadfile 'no data' "${1}/testfile" "$DOWN" '='
testwebserverlaststatuscode '200' "$DOWNLOADLOG"
- copysource $TESTFILE 20 ./testfile
- testdownloadfile 'valid partial data' "${1}/testfile" './testfile' '='
+ copysource $TESTFILE 20 $DOWN
+ testdownloadfile 'valid partial data' "${1}/testfile" "$DOWN" '='
testwebserverlaststatuscode '206' "$DOWNLOADLOG"
- copysource /dev/zero 20 ./testfile
- testdownloadfile 'invalid partial data' "${1}/testfile" './testfile' '!='
+ copysource /dev/zero 20 $DOWN
+ testdownloadfile 'invalid partial data' "${1}/testfile" "$DOWN" '!='
testwebserverlaststatuscode '206' "$DOWNLOADLOG"
- copysource $TESTFILE 1M ./testfile
- testdownloadfile 'completely downloaded file' "${1}/testfile" './testfile' '='
+ copysource $TESTFILE 1M $DOWN
+ testdownloadfile 'completely downloaded file' "${1}/testfile" "$DOWN" '='
testwebserverlaststatuscode '416' "$DOWNLOADLOG"
- copysource /dev/zero 1M ./testfile
- testdownloadfile 'too-big partial file' "${1}/testfile" './testfile' '='
+ copysource /dev/zero 1M $DOWN
+ testdownloadfile 'too-big partial file' "${1}/testfile" "$DOWN" '='
testwebserverlaststatuscode '200' "$DOWNLOADLOG"
- copysource /dev/zero 20 ./testfile
- touch ./testfile
- testdownloadfile 'old data' "${1}/testfile" './testfile' '='
+ copysource /dev/zero 20 $DOWN
+ touch $DOWN
+ testdownloadfile 'old data' "${1}/testfile" "$DOWN" '='
testwebserverlaststatuscode '200' "$DOWNLOADLOG"
webserverconfig 'aptwebserver::support::range' 'false'
- copysource $TESTFILE 20 ./testfile
- testdownloadfile 'no server support' "${1}/testfile" './testfile' '='
+ copysource $TESTFILE 20 $DOWN
+ testdownloadfile 'no server support' "${1}/testfile" "$DOWN" '='
testwebserverlaststatuscode '200' "$DOWNLOADLOG"
}
diff --git a/test/integration/test-pdiff-usage b/test/integration/test-pdiff-usage
index afe1ad443..5bad90214 100755
--- a/test/integration/test-pdiff-usage
+++ b/test/integration/test-pdiff-usage
@@ -13,12 +13,6 @@ changetowebserver
PKGFILE="${TESTDIR}/$(echo "$(basename $0)" | sed 's#^test-#Packages-#')"
-echo '#!/bin/sh
-touch merge-was-used
-/usr/bin/diffindex-rred "$@"' > extrred
-chmod +x extrred
-echo 'Dir::Bin::rred "./extrred";' > rootdir/etc/apt/apt.conf.d/99rred
-
wasmergeused() {
msgtest 'Test for successful execution of' "$*"
local OUTPUT=$(mktemp)
@@ -82,8 +76,15 @@ SHA1-History:
9f4148e06d7faa37062994ff10d0c842d7017513 33053002 2010-08-18-2013.28
$(sha1sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE)
SHA1-Patches:
- 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-0814.28
- $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX
+ 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-2013.28
+ $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)
+SHA256-Current: $(sha256sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new)
+SHA256-History:
+ 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 33053002 2010-08-18-2013.28
+ $(sha256sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE)
+SHA256-Patches:
+ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 19722 2010-08-18-2013.28
+ $(sha256sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX
generatereleasefiles '+1hour'
signreleasefiles
find aptarchive -name 'Packages*' -type f -delete
@@ -93,7 +94,7 @@ SHA1-Patches:
" aptcache show apt newstuff
msgmsg "Testcase: index is already up-to-date: $*"
- find rootdir/var/lib/apt/lists -name '*.IndexDiff' -type f -delete
+ find rootdir/var/lib/apt/lists -name '*diff_Index' -type f -delete
testsuccess aptget update "$@"
testequal "$(cat ${PKGFILE}-new)
" aptcache show apt newstuff
@@ -125,9 +126,18 @@ SHA1-History:
$(sha1sum ${PKGFILE} | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}) $(basename ${PATCHFILE})
$(sha1sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new) $(basename ${PATCHFILE2})
SHA1-Patches:
- 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-0814.28
+ 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-2013.28
$(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)
- $(sha1sum ${PATCHFILE2} | cut -d' ' -f 1) $(stat -c%s ${PATCHFILE2}) $(basename ${PATCHFILE2})" > $PATCHINDEX
+ $(sha1sum ${PATCHFILE2} | cut -d' ' -f 1) $(stat -c%s ${PATCHFILE2}) $(basename ${PATCHFILE2})
+SHA256-Current: $(sha256sum aptarchive/Packages | cut -d' ' -f 1) $(stat -c%s aptarchive/Packages)
+SHA256-History:
+ 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 33053002 2010-08-18-2013.28
+ $(sha256sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE)
+ $(sha256sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new) $(basename ${PATCHFILE2})
+SHA256-Patches:
+ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 19722 2010-08-18-2013.28
+ $(sha256sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)
+ $(sha256sum ${PATCHFILE2} | cut -d' ' -f 1) $(stat -c%s ${PATCHFILE2}) $(basename ${PATCHFILE2})" > $PATCHINDEX
generatereleasefiles '+2hour'
signreleasefiles
cp -a aptarchive/Packages Packages-future
@@ -153,8 +163,15 @@ SHA1-History:
9f4148e06d7faa37062994ff10d0c842d7017513 33053002 2010-08-18-2013.28
$(sha1sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE)
SHA1-Patches:
- 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-0814.28
- $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX
+ 7651fc0ac57cd83d41c63195a9342e2db5650257 19722 2010-08-18-2013.28
+ $(sha1sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)
+SHA256-Current: $(sha256sum ${PKGFILE}-new | cut -d' ' -f 1) $(stat -c%s ${PKGFILE}-new)
+SHA256-History:
+ 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 33053002 2010-08-18-2013.28
+ $(sha256sum $PKGFILE | cut -d' ' -f 1) $(stat -c%s $PKGFILE) $(basename $PATCHFILE)
+SHA256-Patches:
+ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 19722 2010-08-18-2013.28
+ $(sha256sum $PATCHFILE | cut -d' ' -f 1) $(stat -c%s $PATCHFILE) $(basename $PATCHFILE)" > $PATCHINDEX
echo 'I am Mallory and I change files' >> $PATCHFILE
cat $PATCHFILE | gzip > ${PATCHFILE}.gz
generatereleasefiles '+1hour'
@@ -165,9 +182,23 @@ SHA1-Patches:
" aptcache show apt newstuff
}
echo 'Debug::pkgAcquire::Diffs "true";
+Debug::Acquire::Transaction "true";
Debug::pkgAcquire::rred "true";' > rootdir/etc/apt/apt.conf.d/rreddebug.conf
testrun -o Acquire::PDiffs::Merge=0 -o APT::Get::List-Cleanup=1
testrun -o Acquire::PDiffs::Merge=1 -o APT::Get::List-Cleanup=1
testrun -o Acquire::PDiffs::Merge=0 -o APT::Get::List-Cleanup=0
testrun -o Acquire::PDiffs::Merge=1 -o APT::Get::List-Cleanup=0
+
+sha256sum() {
+ echo '01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b -'
+}
+testrun -o Acquire::PDiffs::Merge=0 -o Acquire::ForceHash=SHA1
+testrun -o Acquire::PDiffs::Merge=1 -o Acquire::ForceHash=SHA1
+
+unset -f sha256sum
+sha1sum() {
+ echo 'adc83b19e793491b1c6ea0fd8b46cd9f32e592fc -'
+}
+testrun -o Acquire::PDiffs::Merge=0 -o Acquire::ForceHash=SHA256
+testrun -o Acquire::PDiffs::Merge=1 -o Acquire::ForceHash=SHA256
diff --git a/test/integration/test-pin-non-existent-package b/test/integration/test-pin-non-existent-package
index 35de22115..c567e5285 100755
--- a/test/integration/test-pin-non-existent-package
+++ b/test/integration/test-pin-non-existent-package
@@ -26,6 +26,7 @@ testcandidate rapt '0.8.15'
testequal 'N: Unable to locate package doesntexist' aptcache policy doesntexist -q=0
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade --trivial-only
echo 'Package: rapt
@@ -36,6 +37,7 @@ testcandidate rapt '(none)'
testequal 'N: Unable to locate package doesntexist' aptcache policy doesntexist -q=0
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade --trivial-only
echo '
@@ -55,6 +57,7 @@ testequal 'N: Unable to locate package doesntexist' aptcache policy doesntexist
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.' aptget dist-upgrade --trivial-only
echo 'Package: arch:amd64
diff --git a/test/integration/test-policy-pinning b/test/integration/test-policy-pinning
index 8eb4bcbad..c08a2f103 100755
--- a/test/integration/test-policy-pinning
+++ b/test/integration/test-policy-pinning
@@ -28,7 +28,7 @@ Pinned packages:" aptcache policy $*
aptgetupdate() {
# just to be sure that no old files are used
rm -rf rootdir/var/lib/apt
- if aptget update -qq 2>&1 | grep '^E: '; then
+ if aptget update --allow-insecure-repositories -qq 2>&1 | grep '^E: '; then
msgwarn 'apt-get update failed with an error'
fi
}
@@ -36,6 +36,7 @@ aptgetupdate() {
### not signed archive
aptgetupdate
+
testequalpolicy 100 500
testequalpolicy 990 500 -t now
diff --git a/test/integration/test-prevent-markinstall-multiarch-same-versionscrew b/test/integration/test-prevent-markinstall-multiarch-same-versionscrew
index d647856cb..db97687ce 100755
--- a/test/integration/test-prevent-markinstall-multiarch-same-versionscrew
+++ b/test/integration/test-prevent-markinstall-multiarch-same-versionscrew
@@ -9,20 +9,17 @@ configarchitecture 'amd64' 'i386' 'armel'
insertpackage 'stable' 'allarchs' 'all' '1'
insertpackage 'unstable' 'allarchs' 'all' '2'
-insertinstalledpackage 'fine' 'i386,amd64' '1' 'Multi-Arch: same'
-insertpackage 'stable' 'fine' 'i386,amd64' '1' 'Multi-Arch: same'
+insertpackage 'stable,installed' 'fine' 'i386,amd64' '1' 'Multi-Arch: same'
insertpackage 'unstable' 'fine' 'amd64,i386' '2' 'Multi-Arch: same'
insertinstalledpackage 'fine-installed' 'i386,amd64' '1' 'Multi-Arch: same'
insertpackage 'stable' 'fine-installed' 'i386,amd64,armel' '1' 'Multi-Arch: same'
insertpackage 'unstable' 'fine-installed' 'i386,amd64' '2' 'Multi-Arch: same'
-insertinstalledpackage 'out-of-sync-native' 'i386,amd64' '1' 'Multi-Arch: same'
-insertpackage 'stable' 'out-of-sync-native' 'i386,amd64' '1' 'Multi-Arch: same'
+insertpackage 'stable,installed' 'out-of-sync-native' 'i386,amd64' '1' 'Multi-Arch: same'
insertpackage 'unstable' 'out-of-sync-native' 'amd64' '2' 'Multi-Arch: same'
-insertinstalledpackage 'out-of-sync-foreign' 'i386,amd64' '1' 'Multi-Arch: same'
-insertpackage 'stable' 'out-of-sync-foreign' 'i386,amd64' '1' 'Multi-Arch: same'
+insertpackage 'stable,installed' 'out-of-sync-foreign' 'i386,amd64' '1' 'Multi-Arch: same'
insertpackage 'unstable' 'out-of-sync-foreign' 'i386' '2' 'Multi-Arch: same'
insertinstalledpackage 'out-of-sync-gone-native' 'i386,amd64' '1' 'Multi-Arch: same'
@@ -43,6 +40,7 @@ setupaptarchive
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
out-of-sync-gone-foreign:i386 out-of-sync-gone-native
The following packages have been kept back:
diff --git a/test/integration/test-provides-gone-with-upgrade b/test/integration/test-provides-gone-with-upgrade
index 70384ce29..3b4bc2d04 100755
--- a/test/integration/test-provides-gone-with-upgrade
+++ b/test/integration/test-provides-gone-with-upgrade
@@ -15,6 +15,7 @@ setupaptarchive
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following NEW packages will be installed:
libapt-pkg4.10
The following packages will be upgraded:
diff --git a/test/integration/test-releasefile-valid-until b/test/integration/test-releasefile-valid-until
index e673d5f71..0d9a91254 100755
--- a/test/integration/test-releasefile-valid-until
+++ b/test/integration/test-releasefile-valid-until
@@ -12,84 +12,38 @@ getlabelfromsuite() {
echo -n 'Testcases'
}
+setupaptarchive --no-update
-setupaptarchive
-
-setupreleasefile() {
+runtest() {
+ local MSG="$1"
+ msgtest "$1" "$2"
rm -rf rootdir/var/lib/apt/lists
aptget clean
- generatereleasefiles "$1" "$2"
+ generatereleasefiles "$3" "$4"
signreleasefiles
-}
-
-aptgetupdate() {
- if aptget update $* 2>&1 | grep -q 'is expired'; then
- return 1
+ shift 4
+ if expr match "$MSG" '.*accepted.*' >/dev/null; then
+ testsuccess --nomsg aptget update "$@"
+ testfailure grep -q 'is expired' rootdir/tmp/testsuccess.output
else
- return 0
+ testfailure --nomsg aptget update "$@"
+ testsuccess grep -q 'is expired' rootdir/tmp/testfailure.output
fi
}
-setupreleasefile
-msgtest 'Release file is accepted as it has' 'no Until'
-testsuccess --nomsg aptgetupdate
-
-setupreleasefile
-msgtest 'Release file is accepted as it has' 'no Until and good Max-Valid'
-testsuccess --nomsg aptgetupdate -o Acquire::Max-ValidTime=3600
-
-setupreleasefile 'now - 2 days'
-msgtest 'Release file is rejected as it has' 'no Until, but bad Max-Valid'
-testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=3600
-
-setupreleasefile 'now - 3 days' 'now + 1 day'
-msgtest 'Release file is accepted as it has' 'good Until'
-testsuccess --nomsg aptgetupdate
-
-setupreleasefile 'now - 7 days' 'now - 4 days'
-msgtest 'Release file is rejected as it has' 'bad Until'
-testfailure --nomsg aptgetupdate
-
-setupreleasefile 'now - 7 days' 'now - 4 days'
-msgtest 'Release file is rejected as it has' 'bad Until (ignore good Max-Valid)'
-testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=1209600
-
-setupreleasefile 'now - 7 days' 'now - 4 days'
-msgtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until)'
-testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=86400
-
-setupreleasefile 'now - 7 days' 'now + 4 days'
-msgtest 'Release file is rejected as it has' 'bad Max-Valid (good Until)'
-testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=86400
-
-setupreleasefile 'now - 7 days' 'now + 4 days'
-msgtest 'Release file is accepted as it has' 'good labeled Max-Valid'
-testsuccess --nomsg aptgetupdate -o Acquire::Max-ValidTime=86400 -o Acquire::Max-ValidTime::Testcases=1209600
-
-setupreleasefile 'now - 7 days' 'now + 4 days'
-msgtest 'Release file is rejected as it has' 'bad labeled Max-Valid'
-testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=1209600 -o Acquire::Max-ValidTime::Testcases=86400
-
-setupreleasefile 'now - 7 days' 'now + 1 days'
-msgtest 'Release file is accepted as it has' 'good Until (good Min-Valid, no Max-Valid)'
-testsuccess --nomsg aptgetupdate -o Acquire::Min-ValidTime=1209600
-
-setupreleasefile 'now - 7 days' 'now - 4 days'
-msgtest 'Release file is accepted as it has' 'good Min-Valid (bad Until, no Max-Valid)'
-testsuccess --nomsg aptgetupdate -o Acquire::Min-ValidTime=1209600
-
-setupreleasefile 'now - 7 days' 'now - 2 days'
-msgtest 'Release file is accepted as it has' 'good Min-Valid (bad Until, good Max-Valid) <'
-testsuccess --nomsg aptgetupdate -o Acquire::Min-ValidTime=1209600 -o Acquire::Max-ValidTime=2419200
-
-setupreleasefile 'now - 7 days' 'now - 2 days'
-msgtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, good Min-Valid) >'
-testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=12096 -o Acquire::Min-ValidTime=2419200
-
-setupreleasefile 'now - 7 days' 'now - 2 days'
-msgtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, bad Min-Valid) <'
-testfailure --nomsg aptgetupdate -o Acquire::Min-ValidTime=12096 -o Acquire::Max-ValidTime=241920
-
-setupreleasefile 'now - 7 days' 'now - 2 days'
-msgtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, bad Min-Valid) >'
-testfailure --nomsg aptgetupdate -o Acquire::Max-ValidTime=12096 -o Acquire::Min-ValidTime=241920
+runtest 'Release file is accepted as it has' 'no Until' '' ''
+runtest 'Release file is accepted as it has' 'no Until and good Max-Valid' '' '' -o Acquire::Max-ValidTime=3600
+runtest 'Release file is rejected as it has' 'no Until, but bad Max-Valid' 'now - 2 days' '' -o Acquire::Max-ValidTime=3600
+runtest 'Release file is accepted as it has' 'good Until' 'now - 3 days' 'now + 1 day'
+runtest 'Release file is rejected as it has' 'bad Until' 'now - 7 days' 'now - 4 days'
+runtest 'Release file is rejected as it has' 'bad Until (ignore good Max-Valid)' 'now - 7 days' 'now - 4 days' -o Acquire::Max-ValidTime=1209600
+runtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until)' 'now - 7 days' 'now - 4 days' -o Acquire::Max-ValidTime=86400
+runtest 'Release file is rejected as it has' 'bad Max-Valid (good Until)' 'now - 7 days' 'now + 4 days' -o Acquire::Max-ValidTime=86400
+runtest 'Release file is accepted as it has' 'good labeled Max-Valid' 'now - 7 days' 'now + 4 days' -o Acquire::Max-ValidTime=86400 -o Acquire::Max-ValidTime::Testcases=1209600
+runtest 'Release file is rejected as it has' 'bad labeled Max-Valid' 'now - 7 days' 'now + 4 days' -o Acquire::Max-ValidTime=1209600 -o Acquire::Max-ValidTime::Testcases=86400
+runtest 'Release file is accepted as it has' 'good Until (good Min-Valid, no Max-Valid)' 'now - 7 days' 'now + 1 days' -o Acquire::Min-ValidTime=1209600
+runtest 'Release file is accepted as it has' 'good Min-Valid (bad Until, no Max-Valid)' 'now - 7 days' 'now - 4 days' -o Acquire::Min-ValidTime=1209600
+runtest 'Release file is accepted as it has' 'good Min-Valid (bad Until, good Max-Valid) <' 'now - 7 days' 'now - 2 days' -o Acquire::Min-ValidTime=1209600 -o Acquire::Max-ValidTime=2419200
+runtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, good Min-Valid) >' 'now - 7 days' 'now - 2 days' -o Acquire::Max-ValidTime=12096 -o Acquire::Min-ValidTime=2419200
+runtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, bad Min-Valid) <' 'now - 7 days' 'now - 2 days' -o Acquire::Min-ValidTime=12096 -o Acquire::Max-ValidTime=241920
+runtest 'Release file is rejected as it has' 'bad Max-Valid (bad Until, bad Min-Valid) >' 'now - 7 days' 'now - 2 days' -o Acquire::Max-ValidTime=12096 -o Acquire::Min-ValidTime=241920
diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification
index e558b83e8..3765a4b1f 100755
--- a/test/integration/test-releasefile-verification
+++ b/test/integration/test-releasefile-verification
@@ -235,10 +235,21 @@ runtest2() {
" aptcache show apt
failaptnew
}
-runtest2
+# diable some protection by default and ensure we still do the verification
+# correctly
+cat > rootdir/etc/apt/apt.conf.d/weaken-security <<EOF
+Acquire::AllowInsecureRepositories "1";
+Acquire::AllowDowngradeToInsecureRepositories "1";
+EOF
+
+msgmsg "Runing base test"
+runtest2
DELETEFILE="InRelease"
+msgmsg "Running test with deletion of $DELETEFILE"
runtest
+
DELETEFILE="Release.gpg"
+msgmsg "Running test with deletion of $DELETEFILE"
runtest
diff --git a/test/integration/test-resolve-by-keep-new-recommends b/test/integration/test-resolve-by-keep-new-recommends
index 8134b76aa..6b1772877 100755
--- a/test/integration/test-resolve-by-keep-new-recommends
+++ b/test/integration/test-resolve-by-keep-new-recommends
@@ -13,6 +13,7 @@ setupaptarchive
UPGRADE_KEEP="Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages have been kept back:
foo
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded."
diff --git a/test/integration/test-sourceslist-trusted-options b/test/integration/test-sourceslist-trusted-options
new file mode 100755
index 000000000..55d4e0233
--- /dev/null
+++ b/test/integration/test-sourceslist-trusted-options
@@ -0,0 +1,201 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture 'amd64'
+
+buildsimplenativepackage 'foo' 'amd64' '1' 'stable'
+buildsimplenativepackage 'foo' 'amd64' '2' 'testing'
+
+setupaptarchive --no-update
+
+APTARCHIVE=$(readlink -f ./aptarchive)
+
+everythingsucceeds() {
+ testequal 'Listing...
+foo/testing 2 amd64
+foo/stable 1 amd64
+' apt list foo -a
+
+ cd downloaded
+ rm -f foo_1_amd64.deb foo_2_amd64.deb
+ testsuccess aptget download foo "$@"
+ testsuccess test -s foo_1_amd64.deb -o -s foo_2_amd64.deb
+
+ rm -f foo_1.dsc foo_2.dsc
+ testsuccess aptget source foo --dsc-only -d "$@"
+ testsuccess test -s foo_1.dsc -o -s foo_2.dsc
+ cd - >/dev/null
+}
+
+everythingfails() {
+ testequal 'Listing...
+foo/testing 2 amd64
+foo/stable 1 amd64
+' apt list foo -a
+
+ local WARNING='WARNING: The following packages cannot be authenticated!
+ foo
+E: Some packages could not be authenticated'
+
+ cd downloaded
+ rm -f foo_1_amd64.deb foo_2_amd64.deb
+ testfailure aptget download foo "$@"
+ testequal "$WARNING" tail -n 3 ../rootdir/tmp/testfailure.output
+ testfailure test -s foo_1_amd64.deb -o -s foo_2_amd64.deb
+
+ rm -f foo_1.dsc foo_2.dsc
+ testfailure aptget source foo --dsc-only -d "$@"
+ testequal "$WARNING" tail -n 3 ../rootdir/tmp/testfailure.output
+ testfailure test -s foo_1.dsc -o -s foo_2.dsc
+ cd - >/dev/null
+}
+
+cp -a rootdir/etc/apt/sources.list.d/ rootdir/etc/apt/sources.list.d.bak/
+echo 'Debug::Acquire::Transaction "true";
+Debug::pkgAcquire::Worker "true";' > rootdir/etc/apt/apt.conf.d/00debugging
+
+aptgetupdate() {
+ rm -rf rootdir/var/lib/apt/lists
+ # note that insecure with trusted=yes are allowed
+ # as the trusted=yes indicates that security is provided by
+ # something above the understanding of apt
+ ${1:-testsuccess} aptget update --no-allow-insecure-repositories
+}
+
+insecureaptgetupdate() {
+ rm -rf rootdir/var/lib/apt/lists
+ testfailure aptget update --no-allow-insecure-repositories
+ rm -rf rootdir/var/lib/apt/lists
+ testwarning aptget update --allow-insecure-repositories
+}
+
+msgmsg 'Test without trusted option and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+aptgetupdate
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=yes option and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
+aptgetupdate
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=no option and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
+# we want the warnings on the actions, but for 'update' everything is fine
+aptgetupdate
+everythingfails
+everythingfails -t stable
+everythingfails -t testing
+
+find aptarchive/dists/stable \( -name 'InRelease' -o -name 'Release.gpg' \) -delete
+
+msgmsg 'Test without trusted option and good and unsigned sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+insecureaptgetupdate
+everythingsucceeds
+everythingfails -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=yes option and good and unsigned sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
+aptgetupdate 'testwarning'
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=no option and good and unsigned sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
+insecureaptgetupdate
+everythingfails
+everythingfails -t stable
+everythingfails -t testing
+
+signreleasefiles 'Marvin Paranoid' 'aptarchive/dists/stable'
+
+msgmsg 'Test without trusted option and good and unknown sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+insecureaptgetupdate
+everythingsucceeds
+everythingfails -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=yes option and good and unknown sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
+aptgetupdate 'testwarning'
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=no option and good and unknown sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
+insecureaptgetupdate
+everythingfails
+everythingfails -t stable
+everythingfails -t testing
+
+signreleasefiles 'Rex Expired' 'aptarchive/dists/stable'
+cp -a keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
+
+msgmsg 'Test without trusted option and good and expired sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+insecureaptgetupdate
+everythingsucceeds
+everythingfails -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=yes option and good and expired sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
+aptgetupdate 'testwarning'
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=no option and good and expired sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
+insecureaptgetupdate
+everythingfails
+everythingfails -t stable
+everythingfails -t testing
+
+# same as the one further above, but this time testing is unsigned
+find aptarchive/ \( -name 'InRelease' -o -name 'Release.gpg' \) -delete
+signreleasefiles 'Joe Sixpack' 'aptarchive/dists/stable'
+
+msgmsg 'Test without trusted option and unsigned and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+insecureaptgetupdate
+everythingfails
+everythingsucceeds -t stable
+everythingfails -t testing
+
+msgmsg 'Test with trusted=yes option and unsigned and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
+aptgetupdate 'testwarning'
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=no option and unsigned and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
+insecureaptgetupdate
+everythingfails
+everythingfails -t stable
+everythingfails -t testing
diff --git a/test/integration/test-suggest-installed-multiarch-silbing b/test/integration/test-suggest-installed-multiarch-silbing
index d55d250aa..89640a30c 100755
--- a/test/integration/test-suggest-installed-multiarch-silbing
+++ b/test/integration/test-suggest-installed-multiarch-silbing
@@ -9,8 +9,7 @@ configarchitecture 'amd64' 'i386' 'armel'
insertinstalledpackage 'foo' 'i386' '1'
insertpackage 'unstable' 'foo' 'amd64,i386' '1'
-insertinstalledpackage 'foo2' 'i386' '1'
-insertpackage 'unstable' 'foo2' 'i386' '1'
+insertpackage 'unstable,installed' 'foo2' 'i386' '1'
insertinstalledpackage 'foo3' 'amd64' '1'
insertpackage 'unstable' 'foo3' 'amd64,i386' '1'
diff --git a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum
new file mode 100755
index 000000000..574183b0a
--- /dev/null
+++ b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum
@@ -0,0 +1,264 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture 'native'
+
+cat > aptarchive/Sources <<EOF
+Package: pkg-md5-ok
+Binary: pkg-md5-ok
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Files:
+ 9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz
+
+Package: pkg-sha256-ok
+Binary: pkg-sha256-ok
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Files:
+ 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-ok_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-ok_1.0.tar.gz
+Checksums-Sha1:
+ 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-ok_1.0.dsc
+ 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-ok_1.0.tar.gz
+Checksums-Sha256:
+ 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc
+ 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz
+
+Package: pkg-sha256-bad
+Binary: pkg-sha256-bad
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Files:
+ 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-bad_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-bad_1.0.tar.gz
+Checksums-Sha1:
+ 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-bad_1.0.dsc
+ 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-bad_1.0.tar.gz
+Checksums-Sha256:
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz
+
+Package: pkg-no-md5
+Binary: pkg-no-md5
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Checksums-Sha1:
+ 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-no-md5_1.0.dsc
+ 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-no-md5_1.0.tar.gz
+Checksums-Sha256:
+ 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-no-md5_1.0.dsc
+ 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-no-md5_1.0.tar.gz
+
+Package: pkg-mixed-ok
+Binary: pkg-mixed-ok
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Checksums-Sha1:
+ 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-mixed-ok_1.0.tar.gz
+Checksums-Sha256:
+ 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-mixed-ok_1.0.dsc
+
+Package: pkg-mixed-sha1-bad
+Binary: pkg-mixed-sha1-bad
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Checksums-Sha1:
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-mixed-sha1-bad_1.0.dsc
+Checksums-Sha256:
+ 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-mixed-sha1-bad_1.0.tar.gz
+
+Package: pkg-mixed-sha2-bad
+Binary: pkg-mixed-sha2-bad
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Checksums-Sha1:
+ 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-mixed-sha2-bad_1.0.dsc
+Checksums-Sha256:
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-mixed-sha2-bad_1.0.tar.gz
+
+Package: pkg-md5-disagree
+Binary: pkg-md5-disagree
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Files:
+ 9604ba9427a280db542279d9ed78400b 3 pkg-md5-disagree_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-disagree_1.0.tar.gz
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-disagree_1.0.dsc
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-disagree_1.0.tar.gz
+
+Package: pkg-md5-agree
+Binary: pkg-md5-agree
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Files:
+ 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
+ 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
+
+Package: pkg-sha256-disagree
+Binary: pkg-sha256-disagree
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Files:
+ 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-disagree_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-disagree_1.0.tar.gz
+Checksums-Sha1:
+ 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-disagree_1.0.dsc
+ 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-disagree_1.0.tar.gz
+Checksums-Sha256:
+ 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-disagree_1.0.dsc
+ 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-disagree_1.0.tar.gz
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-disagree_1.0.dsc
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-disagree_1.0.tar.gz
+EOF
+
+# create fetchable files
+for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
+ 'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
+ 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree'; do
+ echo -n 'dsc' > aptarchive/${x}_1.0.dsc
+ echo -n 'tar' > aptarchive/${x}_1.0.tar.gz
+done
+
+setupaptarchive
+changetowebserver
+testsuccess aptget update
+
+cd downloaded
+
+testok() {
+ rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+ testequal "Reading package lists...
+Building dependency tree...
+Need to get 6 B of source archives.
+Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B]
+Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B]
+Download complete and in download only mode" aptget source -d "$@"
+ msgtest 'Files were successfully downloaded for' "$1"
+ testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+ rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+}
+
+testkeep() {
+ echo -n 'dsc' > ${1}_1.0.dsc
+ echo -n 'tar' > ${1}_1.0.tar.gz
+ testequal "Reading package lists...
+Building dependency tree...
+Skipping already downloaded file '${1}_1.0.dsc'
+Skipping already downloaded file '${1}_1.0.tar.gz'
+Need to get 0 B of source archives.
+Download complete and in download only mode" aptget source -d "$@"
+ msgtest 'Files already downloaded are kept for' "$1"
+ testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+ rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+}
+
+testmismatch() {
+ rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+ testequal "Reading package lists...
+Building dependency tree...
+Need to get 6 B of source archives.
+Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B]
+Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B]
+E: Failed to fetch http://localhost:8080/${1}_1.0.dsc Hash Sum mismatch
+
+E: Failed to fetch http://localhost:8080/${1}_1.0.tar.gz Hash Sum mismatch
+
+E: Failed to fetch some archives." aptget source -d "$@"
+ msgtest 'Files were not download as they have hashsum mismatches for' "$1"
+ testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+
+ rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+ testequal "Reading package lists...
+Building dependency tree...
+Skipping download of file 'pkg-sha256-bad_1.0.dsc' as requested hashsum is not available for authentication
+Skipping download of file 'pkg-sha256-bad_1.0.tar.gz' as requested hashsum is not available for authentication
+Need to get 0 B of source archives.
+Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
+ msgtest 'Files were not download as hash is unavailable for' "$1"
+ testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+
+ rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+ testequal "Reading package lists...
+Building dependency tree...
+Need to get 6 B of source archives.
+Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B]
+Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B]
+Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
+ msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
+ testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+}
+
+testok pkg-md5-ok
+testkeep pkg-md5-ok
+testok pkg-sha256-ok
+testkeep pkg-sha256-ok
+
+# pkg-sha256-bad has a bad SHA sum, but good MD5 sum. If apt is
+# checking the best available hash (as it should), this will trigger
+# a hash mismatch.
+testmismatch pkg-sha256-bad
+testmismatch pkg-sha256-bad
+testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum
+
+# not having MD5 sum doesn't mean the file doesn't exist at all …
+testok pkg-no-md5
+testok pkg-no-md5 -o Acquire::ForceHash=SHA256
+testequal "Reading package lists...
+Building dependency tree...
+Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
+Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
+Need to get 0 B of source archives.
+Download complete and in download only mode" aptget source -d pkg-no-md5 -o Acquire::ForceHash=MD5Sum
+msgtest 'Files were not download as MD5 is not available for this package' 'pkg-no-md5'
+testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz
+
+# deal with cases in which we haven't for all files the same checksum type
+# mostly pathologic as this shouldn't happen, but just to be sure
+testok pkg-mixed-ok
+testequal 'Reading package lists...
+Building dependency tree...
+Need to get 6 B of source archives.
+Get:1 http://localhost:8080/ pkg-mixed-sha1-bad 1.0 (tar) [3 B]
+Get:2 http://localhost:8080/ pkg-mixed-sha1-bad 1.0 (dsc) [3 B]
+E: Failed to fetch http://localhost:8080/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch
+
+E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha1-bad
+msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
+testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
+testequal 'Reading package lists...
+Building dependency tree...
+Need to get 6 B of source archives.
+Get:1 http://localhost:8080/ pkg-mixed-sha2-bad 1.0 (tar) [3 B]
+Get:2 http://localhost:8080/ pkg-mixed-sha2-bad 1.0 (dsc) [3 B]
+E: Failed to fetch http://localhost:8080/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch
+
+E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha2-bad
+msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad'
+testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz
+
+# it gets even more pathologic: multiple entries for one file, some even disagreeing!
+testok pkg-md5-agree
+testequal 'Reading package lists...
+Building dependency tree...
+E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
+testequal 'Reading package lists...
+Building dependency tree...
+E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree
diff --git a/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard b/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard
index 2f2d384e1..45f70a898 100755
--- a/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard
+++ b/test/integration/test-ubuntu-bug-1304403-obsolete-priority-standard
@@ -27,6 +27,7 @@ setupaptarchive
# discourage keeping obsolete high-priority packages …
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be REMOVED:
not-downloadable
The following packages will be upgraded:
@@ -43,6 +44,7 @@ done
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages have been kept back:
upgradable
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.' aptget -s dist-upgrade
diff --git a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall
index a773660d2..df2c69cf6 100755
--- a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall
+++ b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall
@@ -21,6 +21,7 @@ if downloadfile http://localhost:8080/holygrail ./knights-talking >/dev/null; th
else
msgfail
fi
+
testfileequal knights-talking 'ni ni ni'
ensure_n_canary_strings_in_dir() {
@@ -35,8 +36,8 @@ ensure_n_canary_strings_in_dir() {
LISTS='rootdir/var/lib/apt/lists'
rm -rf rootdir/var/lib/apt/lists
-msgtest 'Got expected NODATA failure in' 'apt-get update'
-aptget update -qq 2>&1 | grep -q 'E: GPG error.*NODATA' && msgpass || msgfail
+msgtest 'Got expected failure message' 'apt-get update'
+aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail
ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0
testequal 'partial' ls $LISTS
@@ -46,8 +47,8 @@ for f in Release Release.gpg main_binary-amd64_Packages main_source_Sources; do
echo 'peng neee-wom' > $LISTS/localhost:8080_dists_stable_${f}
done
-msgtest 'Got expected NODATA failure in' 'apt-get update'
-aptget update -qq 2>&1 | grep -q 'E: GPG error.*NODATA' && msgpass || msgfail
+msgtest 'Got expected failure message in' 'apt-get update'
+aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail
ensure_n_canary_strings_in_dir $LISTS 'peng neee-wom' 4
ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0
@@ -56,7 +57,7 @@ ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0
echo 'peng neee-wom' > $LISTS/localhost:8080_dists_stable_InRelease
rm -f $LISTS/localhost:8080_dists_stable_Release $LISTS/localhost:8080_dists_stable_Release.gpg
msgtest 'excpected failure of' 'apt-get update'
-aptget update -qq 2>&1 | grep -q 'E: GPG error.*NODATA' && msgpass || msgfail
+aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail
ensure_n_canary_strings_in_dir $LISTS 'peng neee-wom' 3
ensure_n_canary_strings_in_dir $LISTS 'ni ni ni' 0
diff --git a/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only b/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only
index 50ca2bf57..09315868b 100755
--- a/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only
+++ b/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only
@@ -28,12 +28,10 @@ MD5Sum:
done
msgtest 'The unsigned garbage before signed block is' 'ignored'
-testsuccess --nomsg aptget update
+aptget update -qq 2>&1 | grep -q 'W:.*Does not start with a cleartext signature' && msgpass || msgfail
ROOTDIR="$(readlink -f .)"
testequal "Package files:
100 ${ROOTDIR}/rootdir/var/lib/dpkg/status
release a=now
- 500 file:${ROOTDIR}/aptarchive/ unstable/main i386 Packages
- release a=unstable,n=sid,c=main
Pinned packages:" aptcache policy
diff --git a/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering b/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering
index 462acad00..d2b6b9bad 100755
--- a/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering
+++ b/test/integration/test-ubuntu-bug-985852-pre-depends-or-group-ordering
@@ -14,6 +14,7 @@ setupaptarchive
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
custom
1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
diff --git a/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages b/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages
index c1d454f88..409d1212c 100755
--- a/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages
+++ b/test/integration/test-very-tight-loop-configure-with-unpacking-new-packages
@@ -28,6 +28,7 @@ setupaptarchive
testequalor2 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following NEW packages will be installed:
ure
The following packages will be upgraded:
@@ -44,6 +45,7 @@ Conf libreoffice-core (4 sid [amd64])
Conf libreoffice-style-galaxy (4 sid [amd64])
Conf libreoffice (4 sid [amd64])' 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following NEW packages will be installed:
ure
The following packages will be upgraded:
diff --git a/test/integration/test-xorg-break-providers b/test/integration/test-xorg-break-providers
index 139d2c915..0be57d979 100755
--- a/test/integration/test-xorg-break-providers
+++ b/test/integration/test-xorg-break-providers
@@ -26,6 +26,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget install x
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
xserver-xorg-core xserver-xorg-video-intel
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
@@ -35,6 +36,7 @@ E: Trivial Only specified but this is not a trivial operation.' aptget upgrade -
testequal 'Reading package lists...
Building dependency tree...
+Calculating upgrade...
The following packages will be upgraded:
xserver-xorg-core xserver-xorg-video-intel
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.