summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/integration/framework23
-rwxr-xr-xtest/integration/test-apt-key37
-rwxr-xr-xtest/integration/test-releasefile-verification47
3 files changed, 93 insertions, 14 deletions
diff --git a/test/integration/framework b/test/integration/framework
index 059cba9fb..6ae5003f7 100644
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -1414,14 +1414,23 @@ testfailure() {
else
local EXITCODE=$?
if expr match "$1" '^apt.*' >/dev/null; then
- if grep -q -E ' runtime error: ' "$OUTPUT"; then
- msgfailoutput 'compiler detected undefined behavior' "$OUTPUT" "$@"
- elif grep -q -E '==ERROR' "$OUTPUT"; then
- msgfailoutput 'compiler sanitizers reported errors' "$OUTPUT" "$@"
- elif ! grep -q -E '^E: ' "$OUTPUT"; then
- msgfailoutput "run failed with exitcode ${EXITCODE}, but with no errors" "$OUTPUT" "$@"
+ if [ "$1" = 'aptkey' ]; then
+ if grep -q -E " Can't check signature: " "$OUTPUT" || \
+ grep -q -E " BAD signature from " "$OUTPUT"; then
+ msgpass
+ else
+ msgfailoutput "run failed with exitcode ${EXITCODE}, but no signature error" "$OUTPUT" "$@"
+ fi
else
- msgpass
+ if grep -q -E ' runtime error: ' "$OUTPUT"; then
+ msgfailoutput 'compiler detected undefined behavior' "$OUTPUT" "$@"
+ elif grep -q -E '==ERROR' "$OUTPUT"; then
+ msgfailoutput 'compiler sanitizers reported errors' "$OUTPUT" "$@"
+ elif ! grep -q -E '^E: ' "$OUTPUT"; then
+ msgfailoutput "run failed with exitcode ${EXITCODE}, but with no errors" "$OUTPUT" "$@"
+ else
+ msgpass
+ fi
fi
else
msgpass
diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key
index 486acccc8..e1be08c65 100755
--- a/test/integration/test-apt-key
+++ b/test/integration/test-apt-key
@@ -73,7 +73,7 @@ pub 2048R/DBAC8DAE 2010-08-18'
testsuccess aptkey --fakeroot del DBAC8DAE
testempty aptkey list
- msgtest 'Test key removal with' 'lowercase key ID' #keylength somewher between 8byte and short
+ msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
cleanplate
cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
@@ -166,6 +166,40 @@ pub 2048R/528144E2 2011-01-16'
msgtest 'Test merge-back of' 'removed duplicate keys'
testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
testaptkeys 'pub 2048R/528144E2 2011-01-16'
+
+ cleanplate
+ cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+ cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
+ msgtest 'Test signing a file' 'with a key'
+ echo 'Verify me. This is my signature.' > signature
+ testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
+ adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
+
+ msgtest 'Test verify a file' 'with all keys'
+ testsuccess --nomsg aptkey --quiet --readonly verify signature.gpg signature
+
+ msgtest 'Test verify a file' 'with good keyring'
+ testsuccess --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature.gpg signature
+
+ msgtest 'Test fail verify a file' 'with bad keyring'
+ testfailure --nomsg aptkey --quiet --readonly --keyring keys/joesixpack.pub verify signature.gpg signature
+
+ msgtest 'Test fail verify a file' 'with non-existing keyring'
+ testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature
+ testfailure test -e keys/does-not-exist.pub
+
+ msgtest 'Test verify a file' 'with good keyid'
+ testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify signature.gpg signature
+
+ msgtest 'Test fail verify a file' 'with bad keyid'
+ testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify signature.gpg signature
+
+ msgtest 'Test fail verify a file' 'with non-existing keyid'
+ testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
+
+ msgtest 'Test verify fails on' 'bad file'
+ echo 'lalalalala' > signature
+ testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature
}
setupgpgcommand() {
@@ -187,4 +221,3 @@ setupgpgcommand 'gpg'
testrun
setupgpgcommand 'gpg2'
testrun
-
diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification
index e8419524c..1c3953c8b 100755
--- a/test/integration/test-releasefile-verification
+++ b/test/integration/test-releasefile-verification
@@ -139,11 +139,6 @@ runtest() {
failaptold
prepare ${PKGFILE}-new
- # weborf doesn't support If-Range
- for release in $(find rootdir/var/lib/apt/lists/partial/ -name '*Release'); do
- rm $release
- touch $release
- done
signreleasefiles 'Joe Sixpack'
find aptarchive/ -name "$DELETEFILE" -delete
msgmsg 'Bad warm archive signed by' 'Joe Sixpack'
@@ -191,6 +186,48 @@ runtest() {
testsuccessequal "$(cat ${PKGFILE}-new)
" aptcache show apt
installaptnew
+
+ prepare ${PKGFILE}
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Marvin Paranoid'
+ find aptarchive/ -name "$DELETEFILE" -delete
+ msgmsg 'Cold archive signed by good keyring' 'Marvin Paranoid'
+ local MARVIN="$(readlink -f keys/marvinparanoid.pub)"
+ sed -i "s#^\(deb\(-src\)\?\) #\1 [signed-by=$MARVIN] #" rootdir/etc/apt/sources.list.d/*
+ testsuccess aptget update -o Debug::pkgAcquire::Worker=1
+ testsuccessequal "$(cat ${PKGFILE})
+" aptcache show apt
+ installaptold
+
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Joe Sixpack'
+ find aptarchive/ -name "$DELETEFILE" -delete
+ msgmsg 'Cold archive signed by bad keyring' 'Joe Sixpack'
+ updatewithwarnings '^W: .* NO_PUBKEY'
+
+ sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 #" rootdir/etc/apt/sources.list.d/*
+ local MARVIN="$(aptkey --keyring $MARVIN finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')"
+
+ prepare ${PKGFILE}
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Marvin Paranoid'
+ find aptarchive/ -name "$DELETEFILE" -delete
+ msgmsg 'Cold archive signed by good keyid' 'Marvin Paranoid'
+ sed -i "s#^\(deb\(-src\)\?\) #\1 [signed-by=$MARVIN] #" rootdir/etc/apt/sources.list.d/*
+ cp keys/marvinparanoid.pub rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg
+ testsuccess aptget update -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+ testsuccessequal "$(cat ${PKGFILE})
+" aptcache show apt
+ installaptold
+ rm -f rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg
+
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Joe Sixpack'
+ find aptarchive/ -name "$DELETEFILE" -delete
+ msgmsg 'Cold archive signed by bad keyid' 'Joe Sixpack'
+ updatewithwarnings '^W: .* NO_PUBKEY'
+
+ sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 #" rootdir/etc/apt/sources.list.d/*
}
runtest2() {