summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/integration/framework6
-rwxr-xr-xtest/integration/test-apt-get-changelog10
-rwxr-xr-xtest/integration/test-apt-https-no-redirect24
-rwxr-xr-xtest/integration/test-bug-602412-dequote-redirect33
-rwxr-xr-xtest/integration/test-bug-723705-tagfile-truncates-fields2
-rwxr-xr-xtest/integration/test-bug-738785-switch-protocol63
-rwxr-xr-xtest/integration/test-kernel-helper-autoremove12
-rw-r--r--test/interactive-helper/aptwebserver.cc20
8 files changed, 139 insertions, 31 deletions
diff --git a/test/integration/framework b/test/integration/framework
index 5b9a58568..08d796a10 100644
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -190,7 +190,7 @@ setupenvironment() {
mkdir -p var/lib/dpkg/info var/lib/dpkg/updates var/lib/dpkg/triggers
touch var/lib/dpkg/available
mkdir -p usr/lib/apt
- ln -s ${BUILDDIRECTORY}/methods usr/lib/apt/methods
+ ln -s ${METHODSDIR} usr/lib/apt/methods
cd ..
local PACKAGESFILE=$(echo "$(basename $0)" | sed -e 's/^test-/Packages-/' -e 's/^skip-/Packages-/')
if [ -f "${TESTDIRECTORY}/${PACKAGESFILE}" ]; then
@@ -901,7 +901,7 @@ changetohttpswebserver() {
msgdie 'You need to install stunnel4 for https testcases'
fi
if [ ! -e "${TMPWORKINGDIRECTORY}/aptarchive/aptwebserver.pid" ]; then
- changetowebserver --no-rewrite
+ changetowebserver --no-rewrite "$@"
fi
echo "pid = ${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid
cert = ${TESTDIRECTORY}/apt.pem
@@ -1119,7 +1119,7 @@ testfailure() {
if [ "$1" = '--nomsg' ]; then
shift
else
- msgtest 'Test for failure in execution of' "$*"
+ msgtest 'Test for failure in execution of' "$*"
fi
local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testfailure.output"
if $@ >${OUTPUT} 2>&1; then
diff --git a/test/integration/test-apt-get-changelog b/test/integration/test-apt-get-changelog
index 53210ea06..d64a09bd6 100755
--- a/test/integration/test-apt-get-changelog
+++ b/test/integration/test-apt-get-changelog
@@ -9,11 +9,11 @@ configarchitecture "i386"
buildsimplenativepackage 'apt' 'all' '1.0' 'stable'
-setupaptarchive
+setupaptarchive --no-update
changetowebserver
-aptget update -qq
+testsuccess aptget update
-echo 'Apt::Changelogs::Server "http://localhost:8080/";' >> ./aptconfig.conf
+echo 'Apt::Changelogs::Server "http://localhost:8080/";' > rootdir/etc/apt/apt.conf.d/changelog.conf
testequal "'http://localhost:8080//pool/apt_1.0/changelog'" aptget changelog apt --print-uris
@@ -24,7 +24,7 @@ aptget changelog apt -qq > apt.changelog
testfileequal 'apt.changelog' "$(cat aptarchive/pool/apt_1.0/changelog)"
rm apt.changelog
-aptget changelog apt -d -qq
+testsuccess aptget changelog apt -d
testfileequal 'apt.changelog' "$(cat aptarchive/pool/apt_1.0/changelog)"
rm apt.changelog aptarchive/pool/apt_1.0/changelog
@@ -32,7 +32,7 @@ aptget changelog apt -qq -o APT::Changelogs::Server='http://not-on-the-main-serv
testfileequal 'apt.changelog' "$(cat aptarchive/pool/apt_1.0.changelog)"
rm apt.changelog
-aptget changelog apt -d -qq
+testsuccess aptget changelog apt -d
testfileequal 'apt.changelog' "$(cat aptarchive/pool/apt_1.0.changelog)"
rm apt.changelog aptarchive/pool/apt_1.0.changelog
diff --git a/test/integration/test-apt-https-no-redirect b/test/integration/test-apt-https-no-redirect
new file mode 100755
index 000000000..c405d1167
--- /dev/null
+++ b/test/integration/test-apt-https-no-redirect
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+buildsimplenativepackage 'apt' 'all' '1.0' 'stable'
+setupaptarchive --no-update
+
+changetohttpswebserver -o 'aptwebserver::redirect::replace::/redirectme/=http://localhost:8080/'
+
+msgtest 'normal http download works'
+downloadfile 'http://localhost:8080/pool/apt_1.0/changelog' changelog2 >/dev/null 2>/dev/null && msgpass || msgfail
+
+msgtest 'normal https download works'
+downloadfile 'https://localhost:4433/pool/apt_1.0/changelog' changelog >/dev/null 2>/dev/null && msgpass || msgfail
+
+msgtest 'redirecting https to http does not work'
+downloadfile 'https://localhost:4433/redirectme/pool/apt_1.0/changelog' changelog3 2>&1 | grep "Protocol http not supported or disabled in libcurl" > /dev/null && msgpass
+
+
diff --git a/test/integration/test-bug-602412-dequote-redirect b/test/integration/test-bug-602412-dequote-redirect
index bcebb57b8..6393f0c27 100755
--- a/test/integration/test-bug-602412-dequote-redirect
+++ b/test/integration/test-bug-602412-dequote-redirect
@@ -15,15 +15,24 @@ changetowebserver -o aptwebserver::redirect::replace::/pool/=/newpool/ \
mv aptarchive/pool aptarchive/newpool
mv aptarchive/dists aptarchive/newdists
-msgtest 'Test redirection works in' 'apt-get update'
-testsuccess --nomsg aptget update
-
-# check that I-M-S header is kept in redirections
-testequal 'Hit http://localhost:8080 unstable InRelease
-Hit http://localhost:8080 unstable/main Sources
-Hit http://localhost:8080 unstable/main amd64 Packages
-Hit http://localhost:8080 unstable/main Translation-en
-Reading package lists...' aptget update #-o debug::pkgacquire=1 -o debug::pkgacquire::worker=1
-
-msgtest 'Test redirection works in' 'package download'
-testsuccess --nomsg aptget install unrelated --download-only -y
+testrun() {
+ msgtest 'Test redirection works in' 'apt-get update'
+ testsuccess --nomsg aptget update
+
+ # check that I-M-S header is kept in redirections
+ testequal "Hit $1 unstable InRelease
+Hit $1 unstable/main Sources
+Hit $1 unstable/main amd64 Packages
+Hit $1 unstable/main Translation-en
+Reading package lists..." aptget update
+
+ msgtest 'Test redirection works in' 'package download'
+ testsuccess --nomsg aptget install unrelated --download-only -y
+}
+
+testrun 'http://localhost:8080'
+
+rm -rf rootdir/var/lib/apt/lists rootdir/var/cache/apt/archives
+changetohttpswebserver
+
+testrun 'https://localhost:4433'
diff --git a/test/integration/test-bug-723705-tagfile-truncates-fields b/test/integration/test-bug-723705-tagfile-truncates-fields
index 3180e7fc9..29f98550c 100755
--- a/test/integration/test-bug-723705-tagfile-truncates-fields
+++ b/test/integration/test-bug-723705-tagfile-truncates-fields
@@ -8,7 +8,7 @@ configarchitecture 'amd64'
setupaptarchive
-aptget install --print-uris -y cdebconf-newt-terminal cdebconf-gtk-terminal 2>&1 | sed 's#file:///tmp/tmp.[^/]\+#file:///tmp#g' > filename.log
+aptget install --print-uris -y cdebconf-newt-terminal cdebconf-gtk-terminal 2>&1 | sed "s#file://${TMPWORKINGDIRECTORY}#file:///tmp#g" > filename.log
testfileequal filename.log "Reading package lists...
Building dependency tree...
diff --git a/test/integration/test-bug-738785-switch-protocol b/test/integration/test-bug-738785-switch-protocol
new file mode 100755
index 000000000..1e5748eae
--- /dev/null
+++ b/test/integration/test-bug-738785-switch-protocol
@@ -0,0 +1,63 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+buildsimplenativepackage 'apt' 'all' '1.0' 'stable'
+
+# setup http redirecting to https
+setupaptarchive --no-update
+changetowebserver -o 'aptwebserver::redirect::replace::/redirectme/=https://localhost:4433/' \
+ -o 'aptwebserver::redirect::replace::/downgrademe/=http://localhost:8080/' \
+ -o 'aptwebserver::support::http=false'
+changetohttpswebserver
+sed -i -e 's#:4433/#:8080/redirectme#' -e 's# https:# http:#' rootdir/etc/apt/sources.list.d/*
+
+testsuccess aptget update -o Debug::Acquire::http=1 -o Debug::Acquire::https=1 -o Debug::pkgAcquire::Worker=1
+
+msgtest 'Test that the webserver does not answer' 'http requests'
+downloadfile 'http://localhost:8080/pool/apt_1.0/changelog' changelog >/dev/null 2>&1 && msgfail || msgpass
+
+echo 'Apt::Changelogs::Server "http://localhost:8080/redirectme";' > rootdir/etc/apt/apt.conf.d/changelog.conf
+testequal "'http://localhost:8080/redirectme/pool/apt_1.0/changelog'" aptget changelog apt --print-uris
+
+testsuccess aptget changelog apt -d
+testsuccess test -s apt.changelog
+rm -f apt.changelog
+
+testsuccess aptget download apt
+testsuccess test -s apt_1.0_all.deb
+rm apt_1.0_all.deb
+
+testsuccess aptget install apt -y
+testdpkginstalled 'apt'
+
+# create a copy of all methods, expect https
+eval `aptconfig shell METHODS Dir::Bin::Methods/d`
+COPYMETHODS='usr/lib/apt/methods'
+mv rootdir/${COPYMETHODS} rootdir/${COPYMETHODS}.bak
+mkdir -p rootdir/$COPYMETHODS
+cd rootdir/$COPYMETHODS
+find $METHODS \! -type d | while read meth; do
+ ln -s $meth
+done
+rm https
+cd - >/dev/null
+echo "Dir::Bin::Methods \"${COPYMETHODS}\";" >> aptconfig.conf
+
+testequal "E: The method driver $(pwd)/rootdir/usr/lib/apt/methods/https could not be found.
+N: Is the package apt-transport-https installed?" aptget download apt -q=0
+testsuccess test ! -e apt_1.0_all.deb
+
+# revert to all methods
+rm -rf rootdir/$COPYMETHODS
+mv rootdir/${COPYMETHODS}.bak rootdir/${COPYMETHODS}
+
+# check that downgrades from https to http are not allowed
+webserverconfig 'aptwebserver::support::http' 'true'
+sed -i -e 's#:8080/redirectme#:4433/downgrademe#' -e 's# http:# https:#' rootdir/etc/apt/sources.list.d/*
+testfailure aptget update
diff --git a/test/integration/test-kernel-helper-autoremove b/test/integration/test-kernel-helper-autoremove
index ffcd3963a..2b165d100 100755
--- a/test/integration/test-kernel-helper-autoremove
+++ b/test/integration/test-kernel-helper-autoremove
@@ -30,22 +30,22 @@ msgtest 'Check that kernel autoremoval list is correctly created'
test -e $TMPDIR/apt.conf.d/01autoremove-kernels && msgpass || msgfail
msgtest 'Check that most recent kernel is saved from autoremoval'
-apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-10.0.0-1-generic\.\*" && msgpass || msgfail
+apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-10.0.0-1-generic" && msgpass || msgfail
# ... and also that the running kernel is excluded
msgtest 'Check that running kernel is saved from autoremoval'
-apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-$(uname -r)\.\*" && msgpass || msgfail
+apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-$(uname -r)" && msgpass || msgfail
# and that the old kernel is *not* excluded from autoremoval
msgtest 'Check that older kernels are not excluded from autoremoval'
-apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-1\.0\.01-2-generic\.\*" && msgfail || msgpass
+apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-1\.0\.01-2-generic" && msgfail || msgpass
msgtest "Check that the older kernel is retained when it's being installed"
sh ${TESTDIR}/../../debian/apt.auto-removal.sh 1.0.01-2-generic
test -e $TMPDIR/apt.conf.d/01autoremove-kernels
-if ! apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-10.0.0-1-generic\.\*" \
- || ! apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-$(uname -r)\.\*" \
- || ! apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-1\.0\.01-2-generic\.\*"
+if ! apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-10.0.0-1-generic" \
+ || ! apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-$(uname -r)" \
+ || ! apt-config -c ${APT_CONFIG} dump|grep -q "APT::NeverAutoRemove::.*\^linux-image-1\.0\.01-2-generic"
then
msgfail
else
diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc
index b7663a76a..992f802a6 100644
--- a/test/interactive-helper/aptwebserver.cc
+++ b/test/interactive-helper/aptwebserver.cc
@@ -197,9 +197,14 @@ void sendRedirect(int const client, int const httpcode, std::string const &uri,/
response.append(request).append("</pre></body></html>");
addDataHeaders(headers, response);
std::string location("Location: ");
- if (strncmp(uri.c_str(), "http://", 7) != 0)
+ if (strncmp(uri.c_str(), "http://", 7) != 0 && strncmp(uri.c_str(), "https://", 8) != 0)
{
- location.append("http://").append(LookupTag(request, "Host")).append("/");
+ std::string const host = LookupTag(request, "Host");
+ if (host.find(":4433") != std::string::npos)
+ location.append("https://");
+ else
+ location.append("http://");
+ location.append(host).append("/");
if (strncmp("/home/", uri.c_str(), strlen("/home/")) == 0 && uri.find("/public_html/") != std::string::npos)
{
std::string homeuri = SubstVar(uri, "/home/", "~");
@@ -507,7 +512,8 @@ void * handleClient(void * voidclient) /*{{{*/
std::string redirect = "/" + filename;
for (::Configuration::Item *I = Replaces->Child; I != NULL; I = I->Next)
redirect = SubstVar(redirect, I->Tag, I->Value);
- redirect.erase(0,1);
+ if (redirect.empty() == false && redirect[0] == '/')
+ redirect.erase(0,1);
if (redirect != filename)
{
sendRedirect(client, 301, redirect, *m, sendContent);
@@ -542,7 +548,13 @@ void * handleClient(void * voidclient) /*{{{*/
}
// deal with the request
- if (RealFileExists(filename) == true)
+ if (_config->FindB("aptwebserver::support::http", true) == false &&
+ LookupTag(*m, "Host").find(":4433") == std::string::npos)
+ {
+ sendError(client, 400, *m, sendContent, "HTTP disabled, all requests must be HTTPS");
+ continue;
+ }
+ else if (RealFileExists(filename) == true)
{
FileFd data(filename, FileFd::ReadOnly);
std::string condition = LookupTag(*m, "If-Modified-Since", "");
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-08 17:09:25 +0000