diff options
Diffstat (limited to 'test/integration')
| -rw-r--r-- | test/integration/framework | 45 | ||||
| -rwxr-xr-x | test/integration/test-apt-key | 34 | ||||
| -rwxr-xr-x | test/integration/test-apt-key-net-update | 9 | ||||
| -rwxr-xr-x | test/integration/test-releasefile-verification | 5 |
4 files changed, 39 insertions, 54 deletions
diff --git a/test/integration/framework b/test/integration/framework index 8d124858b..1e356ffaf 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -1856,49 +1856,24 @@ testwebserverlaststatuscode() { msggroup } -createlistofkeys() { - local OUTPUT="$1" - shift +mapkeynametokeyid() { while [ -n "$1" ]; do - # gpg 2.1.something starts printing [SC] at some point - if grep -q ' rsa2048/' "$OUTPUT" && grep -qF '[SC]' "$OUTPUT"; then - case "$1" in - *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18 [SC]';; - *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [SC] [expired: 2013-07-13]';; - *Marvin*|*Paranoid*) echo 'pub rsa2048/528144E2 2011-01-16 [SC]';; - oldarchive) echo 'pub rsa1024/F68C85A3 2013-12-19 [SC]';; - newarchive) echo 'pub rsa2048/DBAC8DAE 2010-08-18 [SC]';; - *) echo 'UNKNOWN KEY';; - esac - # gpg 2.1 has a slightly different output format - elif grep -q ' rsa2048/' "$OUTPUT"; then - case "$1" in - *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18';; - *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [expired: 2013-07-13]';; - *Marvin*|*Paranoid*) echo 'pub rsa2048/528144E2 2011-01-16';; - oldarchive) echo 'pub rsa1024/F68C85A3 2013-12-19';; - newarchive) echo 'pub rsa2048/DBAC8DAE 2010-08-18';; - *) echo 'UNKNOWN KEY';; - esac - else - case "$1" in - *Joe*|*Sixpack*) echo 'pub 2048R/DBAC8DAE 2010-08-18';; - *Rex*|*Expired*) echo 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]';; - *Marvin*|*Paranoid*) echo 'pub 2048R/528144E2 2011-01-16';; - oldarchive) echo 'pub 1024R/F68C85A3 2013-12-19';; - newarchive) echo 'pub 2048R/DBAC8DAE 2010-08-18';; - *) echo 'UNKNOWN KEY';; - esac - fi + case "$1" in + *Joe*|*Sixpack*|newarchive) echo '5A90D141DBAC8DAE';; + *Rex*|*Expired*) echo '4BC0A39C27CE74F9';; + *Marvin*|*Paranoid*) echo 'E8525D47528144E2';; + oldarchive) echo 'FDD2DB85F68C85A3';; + *) echo 'UNKNOWN KEY';; + esac shift done } testaptkeys() { local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/aptkeylist.output" - if ! aptkey list | grep '^pub' > "$OUTPUT"; then + if ! aptkey list --with-colon | grep '^pub' | cut -d':' -f 5 > "$OUTPUT"; then echo -n > "$OUTPUT" fi - testfileequal "$OUTPUT" "$(createlistofkeys "$OUTPUT" "$@")" + testfileequal "$OUTPUT" "$(mapkeynametokeyid "$@")" } pause() { diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key index e777de1a4..eb5f998cf 100755 --- a/test/integration/test-apt-key +++ b/test/integration/test-apt-key @@ -41,7 +41,9 @@ APT::Key::RemovedKeys \"${KEYDIR}/rexexpired.pub\";" > "${ROOTDIR}/etc/apt/apt.c msgtest 'Check that paths in finger output are not' 'double-slashed' testfailure --nomsg grep '//' "${ROOTDIR}/tmp/testsuccess.output" - testsuccessequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed + testequalor2 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed +gpg: Total number processed: 1 +gpg: unchanged: 1' 'gpg: key 5A90D141DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed gpg: Total number processed: 1 gpg: unchanged: 1' aptkey --fakeroot update @@ -185,8 +187,9 @@ gpg: unchanged: 1' aptkey --fakeroot update msgtest 'Test verify a file' 'with no sig' testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/testcase-multikey.pub" verify "${SIGNATURE}" "${SIGNATURE}2" - for GPGV in '' 'gpgv' 'gpgv2'; do + for GPGV in '' 'gpgv' 'gpgv1' 'gpgv2'; do echo "APT::Key::GPGVCommand \"$GPGV\";" > "${ROOTDIR}/etc/apt/apt.conf.d/00gpgvcmd" + if [ -n "$GPGV" ] && ! command dpkg -l gnupg1 2>&1 | grep -q '^ii'; then continue; fi msgtest 'Test verify a file' 'with all keys' testsuccess --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}" @@ -229,8 +232,9 @@ gpg: unchanged: 1' aptkey --fakeroot update adv --batch --yes -u 'Marvin' -u 'Joe' --armor --detach-sign --sign --output "${SIGNATURE}.gpg" "${SIGNATURE}" testsuccess test -s "${SIGNATURE}.gpg" -a -s "${SIGNATURE}" - for GPGV in '' 'gpgv' 'gpgv2'; do + for GPGV in '' 'gpgv' 'gpgv1' 'gpgv2'; do echo "APT::Key::GPGVCommand \"$GPGV\";" > "${ROOTDIR}/etc/apt/apt.conf.d/00gpgvcmd" + if [ -n "$GPGV" ] && ! command dpkg -l gnupg1 2>&1 | grep -q '^ii'; then continue; fi msgtest 'Test verify a doublesigned file' 'with all keys' testsuccess --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}" @@ -265,11 +269,25 @@ gpg: unchanged: 1' aptkey --fakeroot update } setupgpgcommand() { - echo "APT::Key::GPGCommand \"$1\";" > "${ROOTDIR}/etc/apt/apt.conf.d/00gpgcmd" - msgmsg 'Force tests to be run with' "$1" + local GPGEXE; + if command dpkg -l gnupg1 2>&1 | grep -q '^ii'; then + if [ "$1" = '1' ]; then + GPGEXE='gpg1' + else + GPGEXE='gpg' + fi + else + if [ "$1" = '1' ]; then + GPGEXE='gpg' + else + GPGEXE='gpg2' + fi + fi + msgmsg 'Force tests to be run with' "$GPGEXE" + echo "APT::Key::GPGCommand \"$GPGEXE\";" > "${ROOTDIR}/etc/apt/apt.conf.d/00gpgcmd" testsuccess aptkey --readonly adv --version cp "${ROOTDIR}/tmp/testsuccess.output" "${TMPWORKINGDIRECTORY}/aptkey.version" - testsuccess grep "^gpg (GnuPG) $2\." "${TMPWORKINGDIRECTORY}/aptkey.version" + testsuccess grep "^gpg (GnuPG) $1\." "${TMPWORKINGDIRECTORY}/aptkey.version" } # run with default (whatever this is) in current CWD with relative paths @@ -285,7 +303,7 @@ cd inaccessible chmod 600 ../inaccessible testfilestats "${TMPWORKINGDIRECTORY}/inaccessible" '%a' '=' '600' -setupgpgcommand 'gpg' '1' +setupgpgcommand '1' testrun -setupgpgcommand 'gpg2' '2' +setupgpgcommand '2' testrun diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update index 990fb5ad2..b9f716e10 100755 --- a/test/integration/test-apt-key-net-update +++ b/test/integration/test-apt-key-net-update @@ -24,14 +24,7 @@ echo 'APT::Key::Net-Update-Enabled "1";' >> ./aptconfig.conf # test against the "real" webserver testsuccess aptkey --fakeroot net-update -testequalor2 'Checking for new archive signing keys now -gpg: key F68C85A3: public key "Test Automatic Archive Signing Key <ftpmaster@example.com>" imported -gpg: Total number processed: 1 -gpg: imported: 1 (RSA: 1)' 'Checking for new archive signing keys now -gpg: key F68C85A3: public key "Test Automatic Archive Signing Key <ftpmaster@example.com>" imported -gpg: Total number processed: 1 -gpg: imported: 1' cat rootdir/tmp/testsuccess.output - +testfailure grep 'not added' rootdir/tmp/testsuccess.output testaptkeys 'oldarchive' 'newarchive' # now try a different one diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index fec7b1302..20ca613da 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -237,7 +237,7 @@ runtest() { updatewithwarnings '^W: .* NO_PUBKEY' sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 #" rootdir/etc/apt/sources.list.d/* - local MARVIN="$(aptkey --keyring $MARVIN finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')" + local MARVIN="$(aptkey --keyring $MARVIN finger --with-colons | grep '^fpr' | cut -d':' -f 10)" msgmsg 'Cold archive signed by bad keyid' 'Joe Sixpack' rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' @@ -261,7 +261,7 @@ runtest() { " aptcache show apt installaptold - local SIXPACK="$(aptkey --keyring keys/joesixpack.pub finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')" + local SIXPACK="$(aptkey --keyring keys/joesixpack.pub finger --with-colons | grep '^fpr' | cut -d':' -f 10)" msgmsg 'Cold archive signed by good keyids' 'Joe Sixpack' rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' @@ -271,7 +271,6 @@ runtest() { " aptcache show apt installaptold - local SIXPACK="$(aptkey --keyring keys/joesixpack.pub finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')" msgmsg 'Cold archive signed by good keyids' 'Joe Sixpack' rm -rf rootdir/var/lib/apt/lists sed -i "s#^\(deb\(-src\)\?\) \[signed-by=${SIXPACK},${MARVIN}\] #\1 [signed-by=${MARVIN},${SIXPACK}] #" rootdir/etc/apt/sources.list.d/* |