diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/integration/framework | 13 | ||||
| -rwxr-xr-x | test/integration/test-apt-update-weak-hashes | 40 |
2 files changed, 53 insertions, 0 deletions
diff --git a/test/integration/framework b/test/integration/framework index 8760f3db8..2cc6be3dd 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -1420,6 +1420,19 @@ testnopackage() { fi msggroup } +testnosrcpackage() { + msggroup 'testnosrcpackage' + msgtest "Test for non-existent source packages" "apt-cache showsrc $*" + local SHOWPKG="$(aptcache showsrc "$@" 2>&1 | grep '^Package: ')" + if [ -n "$SHOWPKG" ]; then + local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testnosrcpackage.output" + echo "$SHOWPKG" >"$OUTPUT" + msgfailoutput '' "$OUTPUT" + else + msgpass + fi + msggroup +} testdpkgstatus() { msggroup 'testdpkgstatus' diff --git a/test/integration/test-apt-update-weak-hashes b/test/integration/test-apt-update-weak-hashes new file mode 100755 index 000000000..38c739099 --- /dev/null +++ b/test/integration/test-apt-update-weak-hashes @@ -0,0 +1,40 @@ +#!/bin/sh +set -e + +TESTDIR="$(readlink -f "$(dirname "$0")")" +. "$TESTDIR/framework" + +setupenvironment +configarchitecture 'i386' +confighashes 'MD5' + +insertpackage 'unstable' 'foo' 'i386' '1.0' +insertsource 'unstable' 'foo' 'any' '1.0' + +setupaptarchive --no-update +APTARCHIVE="$(readlink -f ./aptarchive)" + +msgmsg 'Release contains only weak hashes' +FILENAME="${APTARCHIVE}/dists/unstable/InRelease" +MANGLED="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "$FILENAME" | sed 's#/#_#g')" +testfailuremsg "W: Failed to fetch file:${FILENAME} No Hash entry in Release file ${MANGLED}, which is considered strong enough for security purposes +E: Some index files failed to download. They have been ignored, or old ones used instead." apt update +testnopackage foo +testnosrcpackage foo + +msgmsg 'Release contains no hashes' +sed -i -e '/^ / d' -e '/^MD5Sum:/ d' "$APTARCHIVE/dists/unstable/Release" +signreleasefiles +testfailuremsg "W: Failed to fetch file:${FILENAME} No Hash entry in Release file ${MANGLED} +E: Some index files failed to download. They have been ignored, or old ones used instead." apt update +testnopackage foo +testnosrcpackage foo + +msgmsg 'Release contains only weak hashes for some files' +confighashes 'MD5' 'SHA256' +generatereleasefiles +sed -i '/^ [0-9a-fA-Z]\{64\} .*Sources$/d' "$APTARCHIVE/dists/unstable/Release" +signreleasefiles +testwarningmsg "W: Skipping acquire of configured file 'main/source/Sources' as repository 'file:${APTARCHIVE} unstable InRelease' provides only weak security information for it" apt update +testsuccess apt show foo +testnosrcpackage foo |