summaryrefslogtreecommitdiff
path: root/test/integration/test-releasefile-verification
AgeCommit message (Collapse)Author
2013-11-30tests: add a webserverconfig method to abstract configDavid Kalnischkies
The URI to use to set a config option is a bit arcane to write/remember and checking if the setting was successful doubly so. Git-Dch: Ignore
2013-10-01retry without partial data after a 416 responseDavid Kalnischkies
If we get a 416 from the server it means the Range we asked for is above the real filesize of the file on the server. Mostly this happens if the server isn't supporting If-Range, but regardless of how we end up with the partial data, the data is invalid so we discard it and retry with a fresh plate and hope for the best. Old behavior was to consider 416 an error and retry with a different compression until we ran out of compression and requested the uncompressed file (which doesn't exist on most mirrors) with an accept line which server answered with "406 Not Acceptable". Closes: 710924
2013-08-28configurable compression for testcasesDavid Kalnischkies
Compressing files in 4 different styles eats test-time for no practical gain if we don't test them explicitly, so default to just building 'gz' compressed files as it is the simplest compression algorithm supported Git-Dch: Ignore
2013-08-12test Release file handling with expired keysDavid Kalnischkies
Signing files with expired keys is not as easy as it sounds, so the framework jumps a few loops to do it, but it might come in handy to have an expired key around for later tests even if it is not that different from having no key in regards to APT behaviour. Git-Dch: Ignore
2013-06-24simple fork and pidfile aptwebserverDavid Kalnischkies
Forking only after being ready to accept clients avoids running races with the tests which sometimes failed on the first 'apt-get update' (or similar) with the previous background-start and hope for the best… The commit fixes also some oversight output-order changes in regards to Description-md5 and (I-M-S) race conditions in various tests. Git-Dch: Ignore
2013-05-08merged patch from Daniel Hartwig to fix URI and proxy releated issuesMichael Vogt
2013-03-14* SECURITY UPDATE: InRelease verification bypass0.9.7.8Michael Vogt
- CVE-2013-1051 * apt-pkg/deb/debmetaindex.cc, test/integration/test-bug-595691-empty-and-broken-archive-files, test/integration/test-releasefile-verification: - disable InRelease downloading until the verification issue is fixed, thanks to Ansgar Burchardt for finding the flaw
2012-04-11fix the remaining lzma calls with xz --format=lzma in the testcasesDavid Kalnischkies
2012-03-03testcase for CVE-2012-0214Simon Ruderich
2011-08-22remove the caches in 'apt-get update', too, as they will beDavid Kalnischkies
invalid in most cases anyway
2011-01-20 - try downloading clearsigned InRelease before trying Release.gpgDavid Kalnischkies
* apt-pkg/deb/deblistparser.cc: - rewrite LoadReleaseInfo to cope with clearsigned Releasefiles