summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/integration/framework25
-rwxr-xr-xtest/integration/run-tests3
-rwxr-xr-xtest/integration/test-apt-cdrom2
-rwxr-xr-xtest/integration/test-apt-get-download2
-rwxr-xr-xtest/integration/test-bug-1078697-missing-source-hashes35
-rwxr-xr-xtest/integration/test-bug-595691-empty-and-broken-archive-files30
-rwxr-xr-xtest/integration/test-cve-2013-1051-InRelease-parsing61
-rwxr-xr-xtest/integration/test-releasefile-verification4
-rwxr-xr-xtest/integration/test-ubuntu-bug-784473-InRelease-one-message-only14
-rw-r--r--test/libapt/assert.h2
-rw-r--r--test/libapt/makefile9
-rwxr-xr-xtest/libapt/run-tests9
-rw-r--r--test/libapt/tagfile_test.cc58
13 files changed, 222 insertions, 32 deletions
diff --git a/test/integration/framework b/test/integration/framework
index 1c4872c8e..31b12e8bf 100644
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -1,5 +1,7 @@
#!/bin/sh -- # no runable script, just for vi
+EXIT_CODE=0
+
# we all like colorful messages
if expr match "$(readlink -f /proc/$$/fd/1)" '/dev/pts/[0-9]\+' > /dev/null && \
expr match "$(readlink -f /proc/$$/fd/2)" '/dev/pts/[0-9]\+' > /dev/null; then
@@ -36,7 +38,7 @@ msgtest() {
}
msgpass() { echo "${CPASS}PASS${CNORMAL}" >&2; }
msgskip() { echo "${CWARNING}SKIP${CNORMAL}" >&2; }
-msgfail() { echo "${CFAIL}FAIL${CNORMAL}" >&2; }
+msgfail() { echo "${CFAIL}FAIL${CNORMAL}" >&2; EXIT_CODE=$((EXIT_CODE+1)); }
# enable / disable Debugging
MSGLEVEL=${MSGLEVEL:-3}
@@ -113,9 +115,18 @@ gdb() {
APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${BUILDDIRECTORY} $(which gdb) ${BUILDDIRECTORY}/$1
}
+exitwithstatus() {
+ # error if we about to overflow, but ...
+ # "255 failures ought to be enough for everybody"
+ if [ $EXIT_CODE -gt 255 ]; then
+ msgdie "Total failure count $EXIT_CODE too big"
+ fi
+ exit $((EXIT_CODE <= 255 ? EXIT_CODE : 255));
+}
+
addtrap() {
CURRENTTRAP="$CURRENTTRAP $1"
- trap "$CURRENTTRAP exit;" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
+ trap "$CURRENTTRAP exitwithstatus;" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
}
setupenvironment() {
@@ -328,9 +339,15 @@ Package: $NAME" >> ${BUILDDIR}/debian/control
fi
echo '3.0 (native)' > ${BUILDDIR}/debian/source/format
- local SRCS="$( (cd ${BUILDDIR}/..; dpkg-source -b ${NAME}-${VERSION} 2>&1) | grep '^dpkg-source: info: building' | grep -o '[a-z0-9._+~-]*$')"
- for SRC in $SRCS; do
+ (cd ${BUILDDIR}/..; dpkg-source -b ${NAME}-${VERSION} 2>&1) | sed -n 's#^dpkg-source: info: building [^ ]\+ in ##p' \
+ | while read SRC; do
echo "pool/${SRC}" >> ${BUILDDIR}/../${RELEASE}.${DISTSECTION}.srclist
+# if expr match "${SRC}" '.*\.dsc' >/dev/null 2>&1; then
+# gpg --yes --no-default-keyring --secret-keyring ./keys/joesixpack.sec \
+# --keyring ./keys/joesixpack.pub --default-key 'Joe Sixpack' \
+# --clearsign -o "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
+# mv "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
+# fi
done
for arch in $(echo "$ARCH" | sed -e 's#,#\n#g' | sed -e "s#^native\$#$(getarchitecture 'native')#"); do
diff --git a/test/integration/run-tests b/test/integration/run-tests
index 75f2ad662..18474b20f 100755
--- a/test/integration/run-tests
+++ b/test/integration/run-tests
@@ -37,4 +37,5 @@ for testcase in $(run-parts --list $DIR | grep '/test-'); do
done
echo "failures: $FAIL"
-exit $FAIL
+# ensure we don't overflow
+exit $((FAIL <= 255 ? FAIL : 255))
diff --git a/test/integration/test-apt-cdrom b/test/integration/test-apt-cdrom
index f24c99b36..f1c4fd9d3 100755
--- a/test/integration/test-apt-cdrom
+++ b/test/integration/test-apt-cdrom
@@ -24,6 +24,8 @@ cat Translation-de | xz --format=lzma > Translation-de.lzma
cat Translation-de | xz > Translation-de.xz
rm Translation-en Translation-de
cd - > /dev/null
+addtrap "chmod -R +w $PWD/rootdir/media/cdrom/dists/;"
+chmod -R -w rootdir/media/cdrom/dists
aptcdrom add -m -o quiet=1 > apt-cdrom.log 2>&1
sed -i -e '/^Using CD-ROM/ d' -e '/gpgv/ d' -e '/^Identifying/ d' -e '/Reading / d' apt-cdrom.log
diff --git a/test/integration/test-apt-get-download b/test/integration/test-apt-get-download
index b164f7dba..420b2e380 100755
--- a/test/integration/test-apt-get-download
+++ b/test/integration/test-apt-get-download
@@ -26,7 +26,7 @@ testdownload apt_1.0_all.deb apt stable
testdownload apt_2.0_all.deb apt
DEBFILE="$(readlink -f aptarchive)/pool/apt_2.0_all.deb"
-testequal "'file://${DEBFILE}' apt_2.0_all.deb $(stat -c%s $DEBFILE) sha256:$(sha256sum $DEBFILE | cut -d' ' -f 1)" aptget download apt --print-uris
+testequal "'file://${DEBFILE}' apt_2.0_all.deb $(stat -c%s $DEBFILE) sha512:$(sha512sum $DEBFILE | cut -d' ' -f 1)" aptget download apt --print-uris
# deb:677887
testequal "E: Can't find a source to download version '1.0' of 'vrms:i386'" aptget download vrms
diff --git a/test/integration/test-bug-1078697-missing-source-hashes b/test/integration/test-bug-1078697-missing-source-hashes
new file mode 100755
index 000000000..6fcb856b5
--- /dev/null
+++ b/test/integration/test-bug-1078697-missing-source-hashes
@@ -0,0 +1,35 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture "i386"
+
+msgtest 'Test apt-ftparchive source with missing hashes in .dsc'
+
+touch aptarchive/foo_1.0.tar.gz
+cat > aptarchive/foo_1.0.dsc << EOF
+Format: 3.0 (native)
+Source: foo
+Binary: foo
+Architecture: all
+Version: 1.0
+Package-List:
+ foo deb admin extra
+Files:
+ d41d8cd98f00b204e9800998ecf8427e 0 foo_1.0.tar.gz
+EOF
+
+# check for the SHA hashes
+aptftparchive sources aptarchive/ > aptarchive/Sources 2>/dev/null || msgfail
+test -n "$(grep Checksums-Sha512 aptarchive/Sources)" && msgpass || msgfail
+
+for hash in sha512sum sha256sum sha1sum; do
+ for f in foo_1.0.tar.gz foo_1.0.dsc; do
+ SUM=$($hash aptarchive/$f | cut -d' ' -f1)
+ msgtest "Test $hash hash matches for $f"
+ NEEDLE="$SUM $(stat -c%s aptarchive/$f) $f"
+ test -n "$SUM" && test -n "$(grep "$NEEDLE" aptarchive/Sources)" && msgpass || msgfail
+ done
+done
diff --git a/test/integration/test-bug-595691-empty-and-broken-archive-files b/test/integration/test-bug-595691-empty-and-broken-archive-files
index 63883b380..4611b8b8e 100755
--- a/test/integration/test-bug-595691-empty-and-broken-archive-files
+++ b/test/integration/test-bug-595691-empty-and-broken-archive-files
@@ -13,7 +13,7 @@ setupflataptarchive
testaptgetupdate() {
rm -rf rootdir/var/lib/apt
aptget update 2>> testaptgetupdate.diff >> testaptgetupdate.diff || true
- sed -i -e '/^Fetched / d' -e '/Ign / d' -e 's#\[[0-9]* [kMGTPY]*B\]#\[\]#' testaptgetupdate.diff
+ sed -i -e '/^Fetched / d' -e '/Ign / d' -e '/Release/ d' -e 's#Get:[0-9]\+ #Get: #' -e 's#\[[0-9]* [kMGTPY]*B\]#\[\]#' testaptgetupdate.diff
GIVEN="$1"
shift
msgtest "Test for correctness of" "apt-get update with $*"
@@ -81,22 +81,18 @@ testoverfile() {
setupcompressor "$1"
createemptyfile 'en'
- testaptgetupdate "Get:1 file: InRelease []
-Reading package lists..." "empty file en.$COMPRESS over file"
+ testaptgetupdate 'Reading package lists...' "empty file en.$COMPRESS over file"
createemptyarchive 'en'
- testaptgetupdate "Get:1 file: InRelease []
-Reading package lists..." "empty archive en.$COMPRESS over file"
+ testaptgetupdate 'Reading package lists...' "empty archive en.$COMPRESS over file"
createemptyarchive 'Packages'
# FIXME: Why omits the file transport the Packages Get line?
#Get:3 file: Packages []
- testaptgetupdate "Get:1 file: InRelease []
-Reading package lists..." "empty archive Packages.$COMPRESS over file"
+ testaptgetupdate 'Reading package lists...' "empty archive Packages.$COMPRESS over file"
createemptyfile 'Packages'
- testaptgetupdate "Get:1 file: InRelease []
-Err file: Packages
+ testaptgetupdate "Err file: Packages
Empty files can't be valid archives
W: Failed to fetch ${COMPRESSOR}:$(readlink -f aptarchive/Packages.$COMPRESS) Empty files can't be valid archives
@@ -107,26 +103,22 @@ testoverhttp() {
setupcompressor "$1"
createemptyfile 'en'
- testaptgetupdate "Get:1 http://localhost InRelease []
-Get:2 http://localhost Packages []
-Get:3 http://localhost Translation-en
+ testaptgetupdate "Get: http://localhost Packages []
+Get: http://localhost Translation-en
Reading package lists..." "empty file en.$COMPRESS over http"
createemptyarchive 'en'
- testaptgetupdate "Get:1 http://localhost InRelease []
-Get:2 http://localhost Packages []
-Get:3 http://localhost Translation-en []
+ testaptgetupdate "Get: http://localhost Packages []
+Get: http://localhost Translation-en []
Reading package lists..." "empty archive en.$COMPRESS over http"
createemptyarchive 'Packages'
- testaptgetupdate "Get:1 http://localhost InRelease []
-Get:2 http://localhost Packages []
+ testaptgetupdate "Get: http://localhost Packages []
Reading package lists..." "empty archive Packages.$COMPRESS over http"
createemptyfile 'Packages'
#FIXME: we should response with a good error message instead
- testaptgetupdate "Get:1 http://localhost InRelease []
-Get:2 http://localhost Packages
+ testaptgetupdate "Get: http://localhost Packages
Err http://localhost Packages
Empty files can't be valid archives
W: Failed to fetch ${COMPRESSOR}:$(readlink -f rootdir/var/lib/apt/lists/partial/localhost:8080_Packages) Empty files can't be valid archives
diff --git a/test/integration/test-cve-2013-1051-InRelease-parsing b/test/integration/test-cve-2013-1051-InRelease-parsing
new file mode 100755
index 000000000..bd68fccf6
--- /dev/null
+++ b/test/integration/test-cve-2013-1051-InRelease-parsing
@@ -0,0 +1,61 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture 'i386'
+
+insertpackage 'stable' 'good-pkg' 'all' '1.0'
+
+setupaptarchive
+
+changetowebserver
+ARCHIVE='http://localhost/'
+msgtest 'Initial apt-get update should work with' 'InRelease'
+aptget update -qq && msgpass || msgfail
+
+# check that the setup is correct
+testequal "good-pkg:
+ Installed: (none)
+ Candidate: 1.0
+ Version table:
+ 1.0 0
+ 500 ${ARCHIVE} stable/main i386 Packages" aptcache policy good-pkg
+
+# now exchange to the Packages file, note that this could be
+# done via MITM too
+insertpackage 'stable' 'bad-mitm' 'all' '1.0'
+
+# this builds compressed files and a new (unsigned) Release
+buildaptarchivefromfiles '+1hour'
+
+# add a space into the BEGIN PGP SIGNATURE PART/END PGP SIGNATURE part
+# to trick apt - this is still legal to gpg(v)
+sed -i '/^-----BEGIN PGP SIGNATURE-----/,/^-----END PGP SIGNATURE-----/ s/^$/ /g' aptarchive/dists/stable/InRelease
+
+# we append the (evil unsigned) Release file to the (good signed) InRelease
+cat aptarchive/dists/stable/Release >> aptarchive/dists/stable/InRelease
+
+
+# ensure the update fails
+# useful for debugging to add "-o Debug::pkgAcquire::auth=true"
+msgtest 'apt-get update for should fail with the modified' 'InRelease'
+aptget update 2>&1 | grep -q 'Hash Sum mismatch' > /dev/null && msgpass || msgfail
+
+# ensure there is no package
+testequal 'Reading package lists...
+Building dependency tree...
+E: Unable to locate package bad-mitm' aptget install bad-mitm -s
+
+# and verify that its not picked up
+testequal 'N: Unable to locate package bad-mitm' aptcache policy bad-mitm -q=0
+
+# and that the right one is used
+testequal "good-pkg:
+ Installed: (none)
+ Candidate: 1.0
+ Version table:
+ 1.0 0
+ 500 ${ARCHIVE} stable/main i386 Packages" aptcache policy good-pkg
diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification
index d3ea91de5..01fb2e529 100755
--- a/test/integration/test-releasefile-verification
+++ b/test/integration/test-releasefile-verification
@@ -184,5 +184,5 @@ runtest2
DELETEFILE="InRelease"
runtest
-DELETEFILE="Release.gpg"
-runtest
+#DELETEFILE="Release.gpg"
+#runtest
diff --git a/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only b/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only
index d97011914..fad5488fb 100755
--- a/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only
+++ b/test/integration/test-ubuntu-bug-784473-InRelease-one-message-only
@@ -26,6 +26,14 @@ MD5Sum:
2182897e0a2a0c09e760beaae117a015 2023 Packages.diff/Index
1b895931853981ad8204d2439821b999 4144 Packages.gz'; echo; cat ${RELEASE}.old;) > ${RELEASE}
done
-aptget update -qq > /dev/null 2> starts-with-unsigned.msg
-sed -i 's#File .*InRelease#File InRelease#' starts-with-unsigned.msg
-testfileequal starts-with-unsigned.msg "W: GPG error: file: unstable InRelease: File InRelease doesn't start with a clearsigned message"
+
+msgtest 'The unsigned garbage before signed block is' 'ignored'
+aptget update -qq > /dev/null 2>&1 && msgpass || msgfail
+
+ROOTDIR="$(readlink -f .)"
+testequal "Package files:
+ 100 ${ROOTDIR}/rootdir/var/lib/dpkg/status
+ release a=now
+ 500 file:${ROOTDIR}/aptarchive/ unstable/main i386 Packages
+ release a=unstable,n=unstable,c=main
+Pinned packages:" aptcache policy
diff --git a/test/libapt/assert.h b/test/libapt/assert.h
index fdf6740c6..113c057ed 100644
--- a/test/libapt/assert.h
+++ b/test/libapt/assert.h
@@ -1,4 +1,5 @@
#include <iostream>
+#include <cstdlib>
#define equals(x,y) assertEquals(y, x, __LINE__)
#define equalsNot(x,y) assertEqualsNot(y, x, __LINE__)
@@ -6,6 +7,7 @@
template < typename X, typename Y >
void OutputAssertEqual(X expect, char const* compare, Y get, unsigned long const &line) {
std::cerr << "Test FAILED: »" << expect << "« " << compare << " »" << get << "« at line " << line << std::endl;
+ std::exit(EXIT_FAILURE);
}
template < typename X, typename Y >
diff --git a/test/libapt/makefile b/test/libapt/makefile
index 5e225f240..953e455e0 100644
--- a/test/libapt/makefile
+++ b/test/libapt/makefile
@@ -93,8 +93,15 @@ SLIBS = -lapt-pkg
SOURCE = cdromreducesourcelist_test.cc
include $(PROGRAM_H)
-# text IndexCopy::ConvertToSourceList
+# test IndexCopy::ConvertToSourceList
PROGRAM = IndexCopyToSourceList${BASENAME}
SLIBS = -lapt-pkg
SOURCE = indexcopytosourcelist_test.cc
include $(PROGRAM_H)
+
+# test tagfile
+PROGRAM = PkgTagFile${BASENAME}
+SLIBS = -lapt-pkg
+SOURCE = tagfile_test.cc
+include $(PROGRAM_H)
+
diff --git a/test/libapt/run-tests b/test/libapt/run-tests
index 45a3157f7..f18be6d2b 100755
--- a/test/libapt/run-tests
+++ b/test/libapt/run-tests
@@ -7,6 +7,7 @@ echo "Compiling the tests …"
echo "Running all testcases …"
LDPATH="$DIR/../../build/bin"
EXT="_libapt_test"
+EXIT_CODE=0
# detect if output is on a terminal (colorful) or better not
if expr match "$(readlink -f /proc/$$/fd/1)" '/dev/pts/[0-9]\+' > /dev/null; then
@@ -106,9 +107,15 @@ do
fi
echo -n "Testing with ${NAME} "
- LD_LIBRARY_PATH=${LDPATH} ${testapp} ${tmppath} && echo "$TESTOKAY" || echo "$TESTFAIL"
+ if LD_LIBRARY_PATH=${LDPATH} ${testapp} ${tmppath} ; then
+ echo "$TESTOKAY"
+ else
+ echo "$TESTFAIL"
+ EXIT_CODE=1
+ fi
if [ -n "$tmppath" -a -d "$tmppath" ]; then
rm -rf "$tmppath"
fi
done
+exit $EXIT_CODE
diff --git a/test/libapt/tagfile_test.cc b/test/libapt/tagfile_test.cc
new file mode 100644
index 000000000..d12c74c95
--- /dev/null
+++ b/test/libapt/tagfile_test.cc
@@ -0,0 +1,58 @@
+#include <apt-pkg/fileutl.h>
+#include <apt-pkg/tagfile.h>
+
+#include "assert.h"
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+char *tempfile = NULL;
+int tempfile_fd = -1;
+
+void remove_tmpfile(void)
+{
+ if (tempfile_fd > 0)
+ close(tempfile_fd);
+ if (tempfile != NULL) {
+ unlink(tempfile);
+ free(tempfile);
+ }
+}
+
+int main(int argc, char *argv[])
+{
+ FileFd fd;
+ const char contents[] = "FieldA-12345678: the value of the field";
+ atexit(remove_tmpfile);
+ tempfile = strdup("apt-test.XXXXXXXX");
+ tempfile_fd = mkstemp(tempfile);
+
+ /* (Re-)Open (as FileFd), write and seek to start of the temp file */
+ equals(fd.OpenDescriptor(tempfile_fd, FileFd::ReadWrite), true);
+ equals(fd.Write(contents, strlen(contents)), true);
+ equals(fd.Seek(0), true);
+
+ pkgTagFile tfile(&fd);
+ pkgTagSection section;
+ equals(tfile.Step(section), true);
+
+ /* It has one field */
+ equals(section.Count(), 1);
+
+ /* ... and it is called FieldA-12345678 */
+ equals(section.Exists("FieldA-12345678"), true);
+
+ /* its value is correct */
+ equals(section.FindS("FieldA-12345678"), std::string("the value of the field"));
+ /* A non-existent field has an empty string as value */
+ equals(section.FindS("FieldB-12345678"), std::string());
+
+ /* ... and Exists does not lie about missing fields... */
+ equalsNot(section.Exists("FieldB-12345678"), true);
+
+ /* There is only one section in this tag file */
+ equals(tfile.Step(section), false);
+
+ /* clean up handled by atexit handler, so just return here */
+ return 0;
+}