summaryrefslogtreecommitdiff
path: root/test/libapt
AgeCommit message (Collapse)Author
2015-09-01use unusable-for-security hashes for integrity checksDavid Kalnischkies
We want to declare some hashes as not enough for security, so that a user will need --allow-unauthenticated or similar to get data secured only by those hashes, but we can still us these hashes for integrity checks if we got them.
2015-08-27Add test for using ExtractTar on compressed filesJulian Andres Klode
Git-Dch: ignore
2015-08-20Add basic (non weight adjusted) shuffling for SrvRecords selectionMichael Vogt
Also add "Debug::Acquire::SrvRecs" debug option and the option "Acquire::EnableSrvRecods" to allow disabling this lookup.
2015-08-10add c++11 override marker to overridden methodsDavid Kalnischkies
C++11 adds the 'override' specifier to mark that a method is overriding a base class method and error out if not. We hide it in the APT_OVERRIDE macro to ensure that we keep compiling in pre-c++11 standards. Reported-By: clang-modernize -add-override -override-macros Git-Dch: Ignore
2015-08-10bring back deb822 sources.list entries as .sourcesDavid Kalnischkies
Having two different formats in the same file is very dirty and causes external tools to fail hard trying to parse them. It is probably not a good idea for them to parse them in the first place, but they do and we shouldn't break them if there is a better way. So we solve this issue for now by giving our deb822 format a new filename extension ".sources" which unsupporting applications are likely to ignore an can begin gradually moving forward rather than waiting for the unknown applications to catch up. Currently and for the forseeable future apt is going to support both with the same feature set as documented in the manpage, with the longtime plan of adopting the 'new' format as default, but that is a long way to go and might get going more from having an easier time setting options than from us pushing it explicitely.
2015-08-10fix memory leaks reported by -fsanitizeDavid Kalnischkies
Various small leaks here and there. Nothing particularily big, but still good to fix. Found by the sanitizers while running our testcases. Reported-By: gcc -fsanitize Git-Dch: Ignore
2015-08-10some CXXFLAGS housekeepingDavid Kalnischkies
More warnings are always better. Git-Dch: Ignore
2015-08-10fileutl_test.cc: Check for /etc/passwd instead of /bin/shJulian Andres Klode
This fixes the tests on systems where usrmerge is installed. Gbp-dch: ignore
2015-06-16add d-pointer, virtual destructors and de-inline de/constructorsDavid Kalnischkies
To have a chance to keep the ABI for a while we need all three to team up. One of them missing and we might loose, so ensuring that they are available is a very tedious but needed task once in a while. Git-Dch: Ignore
2015-06-11show URI.Path in all acquire item descriptionsDavid Kalnischkies
It is a rather strange sight that index items use SiteOnly which strips the Path, while e.g. deb files are downloaded with NoUserPassword which does not. Important to note here is that for the file transport Path is pretty important as there is no Host which would be displayed by Site, which always resulted in "interesting" unspecific errors for "file:". Adding a 'middle' ground between the two which does show the Path but potentially modifies it (it strips a pending / at the end if existing) solves this "file:" issue, syncs the output and in the end helps to identify which file is meant exactly in progress output and co as a single site can have multiple repositories in different paths.
2015-06-09rework hashsum verification in the acquire systemDavid Kalnischkies
Having every item having its own code to verify the file(s) it handles is an errorprune process and easy to break, especially if items move through various stages (download, uncompress, patching, …). With a giant rework we centralize (most of) the verification to have a better enforcement rate and (hopefully) less chance for bugs, but it breaks the ABI bigtime in exchange – and as we break it anyway, it is broken even harder. It shouldn't effect most frontends as they don't deal with the acquire system at all or implement their own items, but some do and will need to be patched (might be an opportunity to use apt on-board material). The theory is simple: Items implement methods to decide if hashes need to be checked (in this stage) and to return the expected hashes for this item (in this stage). The verification itself is done in worker message passing which has the benefit that a hashsum error is now a proper error for the acquire system rather than a Done() which is later revised to a Failed().
2015-05-11rewrite all TFRewrite instances to use the new pkgTagSection::WriteDavid Kalnischkies
While it is mostly busywork to rewrite all instances it actually fixes bugs as the data storage used by the new method is std::string rather than a char*, the later mostly created by c_str() from a std::string which the caller has to ensure keeps in scope – something apt-ftparchive actually didn't ensure and relied on copy-on-write behavior instead which c++11 forbids and hence the new default gcc abi doesn't use it.
2015-05-11implement a more c++-style TFRewrite alternativeDavid Kalnischkies
TFRewrite is okay, but it has obscure limitations (256 Tags), even more obscure bugs (order for renames is defined by the old name) and the interface is very c-style encouraging bad usage like we do it in apt-ftparchive passing massive amounts of c_str() from std::string in. The old-style is marked as deprecated accordingly. The next commit will fix all places in the apt code to not use the old-style anymore.
2015-05-11do not require installed libapt-pkg-dev for gtestDavid Kalnischkies
Git-Dch: Ignore
2015-04-19calculate only expected hashes in methodsDavid Kalnischkies
Methods get told which hashes are expected by the acquire system, which means we can use this list to restrict what we calculate in the methods as any extra we are calculating is wasted effort as we can't compare it with anything anyway. Adding support for a new hash algorithm is therefore 'free' now and if a algorithm is no longer provided in a repository for a file, we automatically stop calculating it. In practice this results in a speed-up in Debian as we don't have SHA512 here (so far), so we practically stop calculating it.
2015-04-19demote missing gtest to a buildtime warningDavid Kalnischkies
We just need it for unit tests and our debian/rules file actually skips calling them if nocheck is given… but this fails anyhow as we declared a hard-dependency on it. Demoting the error to a warning in configuration and adding a test in the 'make test' path with a friendly message allows nocheck to be useful again. (Running unit tests is fully encouraged of course, but bootstrappers and co do not need to be burdened with this stuff)
2015-04-10add a simple unit test for acquire progressDavid Kalnischkies
This isn't testing much of the 'complex' parts, but its better than nothing for now. Git-Dch: Ignore
2015-04-10reimplement the last uses of sprintfDavid Kalnischkies
Working with strings c-style is complicated and error-prune, so by converting to c++ style we gain some simplicity and avoid buffer overflows by later extensions. Git-Dch: Ignore
2014-11-08(style) Variable 'res' is assigned a value that is never usedDavid Kalnischkies
Checking the return value of this (and many other calls) in this testcase is a good idea, so we do it now. Reported-By: cppcheck Git-Dch: Ignore
2014-11-08Division by result of sizeof(). memset() expects a size in bytesDavid Kalnischkies
"did you intend to multiply instead?" is what cppcheck helpful says and it is absolutely right. Doesn't make a whole lot of a difference though as we are talking about 'char' in this testcase, but just to be sure. Reported-By: cppcheck Git-Dch: Ignore
2014-11-08tests: silence clang on uninitilized variablesDavid Kalnischkies
The testcases have far worse problems if these ever end up being NULL and/or are not given a value by the method called, but clang is right to warn about it, just that we don't want to fix it in testcases… Git-Dch: Ignore
2014-10-26rewrite ReadMessages()David Kalnischkies
Central methods of our infrastructure like this one responsible for communication with our methods shouldn't be more complicated then they have to and not claim to have (albeit unlikely) bugs. While I am not sure about having improved the first part, the bug is now gone and a few explicit tests check that it stays that way, so nobody will notice the difference (hopefully) – expect that this should a very tiny bit faster as well as we don't manually proceed through the string. Git-Dch: Ignore
2014-10-24promote filesize to a hashstringDavid Kalnischkies
It is a very simple hashstring, which is why it isn't contributing to the usability of a list of them, but it is also trivial to check and calculate, so it doesn't hurt checking it either as it can combined even with the simplest other hashes greatly complicate attacks on them as you suddenly need a same-size hash collision, which is usually a lot harder to achieve.
2014-10-23add test for Basic Authentication schemeDavid Kalnischkies
Git-Dch: Ignore
2014-10-20test if TMPDIR is accessible before usingDavid Kalnischkies
Private temporary directories as created by e.g. libpam-tmpdir are nice, but they are also very effective in preventing our priviledge dropping to work as TMPDIR will be set to a directory only root has access to, so working with it as _apt will fail. We circumvent this by extending our check for a usable TMPDIR setting by checking access rights. Closes: 765951
2014-10-14Merge branch 'debian/sid' into debian/experimentalMichael Vogt
2014-10-06implement the updated build profile specjosch
2014-09-28allow options between command and -- on commandlineDavid Kalnischkies
This used to work before we implemented a stricter commandline parser and e.g. the dd-schroot-cmd command constructs commandlines like this. Reported-By: Helmut Grohne
2014-09-23Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/cachefilter.h configure.ac debian/changelog
2014-09-07strip everything spacey in APT::String::StripDavid Kalnischkies
Git-Dch: Ignore
2014-09-05Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/acquire-item.cc configure.ac debian/changelog doc/apt-verbatim.ent doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pt.po po/ar.po po/ast.po po/bg.po po/bs.po po/ca.po po/cs.po po/cy.po po/da.po po/de.po po/dz.po po/el.po po/es.po po/eu.po po/fi.po po/fr.po po/gl.po po/hu.po po/it.po po/ja.po po/km.po po/ko.po po/ku.po po/lt.po po/mr.po po/nb.po po/ne.po po/nl.po po/nn.po po/pl.po po/pt.po po/pt_BR.po po/ro.po po/ru.po po/sk.po po/sl.po po/sv.po po/th.po po/tl.po po/tr.po po/uk.po po/vi.po po/zh_CN.po po/zh_TW.po test/integration/test-ubuntu-bug-346386-apt-get-update-paywall
2014-07-16StringToBool: only act if the entire string is consumed by strtol()Michael Vogt
StringToBool uses strtol() internally to check if the argument is a number. This function stops when it does not find any more numbers. So a string like "0ad" (which is a valid packagename) is interpreted as a "0". The code now checks that the entire string is consumed not just a part of it. Thanks to Johannes Schauer for raising this issue.
2014-07-08Only allow "apt-get build-dep path" when path starts with ./ or /Michael Vogt
This avoid the subtle problem that someone might have a directory with the same package name as the build-depends he/she is trying to fetch. Also print a note that the specific file/dir is used.
2014-07-08Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/deb/deblistparser.cc doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pl.po doc/po/pt.po doc/po/pt_BR.po po/da.po po/mr.po po/vi.po
2014-07-08build: Convert from DebianDoc SGML to DocBook XMLGuillem Jover
2014-06-18Merge remote-tracking branch 'donkult/debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-private/private-install.cc
2014-06-18fix SubstVar to be usable as a replace_all methodDavid Kalnischkies
The name suggests that it is supposed to substitute a variable with a value, but we tend to use it in a more liberal replace_all() fashion, but this breaks if either of the parameters is empty or more importantly if two "variable" occurrences follow each other directly.
2014-06-18Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: debian/changelog
2014-05-28Fix uninitialized valueMichael Vogt
Reported-By: scan-build
2014-05-10improve pkgTagSection scanning and parsingDavid Kalnischkies
Removes the 256 fields limit, deals consistently with spaces littered all over the place and is even a tiny bit faster than before. Even comes with a bunch of new tests to validate these claims.
2014-05-09use HashStringList in the acquire systemDavid Kalnischkies
It is not very extensible to have the supported Hashes hardcoded everywhere and especially if it is part of virtual method names. It is also possible that a method does not support the 'best' hash (yet), so we might end up not being able to verify a file even though we have a common subset of supported hashes. And those are just two of the cases in which it is handy to have a more dynamic selection. The downside is that this is a MAJOR API break, but the HashStringList has a string constructor for compatibility, so with a bit of luck the few frontends playing with the acquire system directly are okay.
2014-05-09add a simple container for HashStringsDavid Kalnischkies
APT supports more than just one HashString and even allows to enforce the usage of a specific hash. This class is intended to help with storage and passing around of the HashStrings. Git-Dch: Ignore
2014-04-28Merge branch 'feature/abspath' into feature/apt-install-debMichael Vogt
2014-04-28fix testsMichael Vogt
2014-04-28Merge branch 'feature/abspath' into feature/apt-install-debMichael Vogt
Conflicts: test/libapt/fileutl_test.cc
2014-04-28add flAbsPath() as a wrapper to realpath()Michael Vogt
2014-04-28Implement Popen() execv helper to avoid popen()Michael Vogt
2014-04-16use Google C++ Testing Framework for libapt testsDavid Kalnischkies
My commit 45df0ad2 from 26. Nov 2009 had a little remark: "The commit also includes a very very simple testapp." This was never intended to be permanent, but as usually… The commit adds the needed make magic to compile gtest statically as it is required and links it against a small runner. All previous testcase binaries are reimplemented in gtest and combined in this runner. While most code is a 1:1 translation some had to be rewritten like compareversion_test.cc, but the coverage remains the same.
2014-04-16clear HitEof flag in FileFd::SeekDavid Kalnischkies
fseek and co do this to their eof-flags and it is more logic this way as we will usually seek away from the end (e.g. to re-read the file). The commit also improves the testcase further and adds a test for the binary compressor codepath (as gz, bzip2 and xz are handled by libraries) via the use of 'rev' as a 'compressor'.
2014-04-11extend FileFd test behond basic permission testsDavid Kalnischkies
We now do Open, Write and Read (the later multiple ways) for each permission and each compressor we have configured to cover more cases and especially ensure that compressors do not change our premissions. This test is also to be credited for discovering the skippos-fix. Git-Dch: Ignore