From 0cbb7e29c5dad2178896d8eaf41ad616bb0111da Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Mon, 14 Mar 2016 13:49:25 +0100 Subject: test: Move --weak-digest initialization to the right place This was wrong and caused some issues because apt-key invoked host apt-config with our library. Gbp-Dch: ignore --- test/integration/framework | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/test/integration/framework b/test/integration/framework index 2b7f3f967..b65b0b86f 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -389,9 +389,6 @@ EOF echo "Acquire::https::CaInfo \"${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem\";" > rootdir/etc/apt/apt.conf.d/99https echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary echo 'Acquire::Connect::AddrConfig "false";' > rootdir/etc/apt/apt.conf.d/connect-addrconfig - if aptkey verify --weak-digest SHA1 --help 2>/dev/null >/dev/null; then - echo 'Acquire::gpgv::Options { "--weak-digest"; "sha1"; };' > rootdir/etc/apt/apt.conf.d/no-sha1 - fi configcompression '.' 'gz' #'bz2' 'lzma' 'xz' confighashes 'SHA256' # these are tests, not security best-practices @@ -411,6 +408,12 @@ EOF unset LANGUAGE APT_CONFIG unset GREP_OPTIONS DEB_BUILD_PROFILES unset http_proxy HTTP_PROXY https_proxy HTTPS_PROXY no_proxy + + # If gpgv supports --weak-digest, pass it to make sure we can disable SHA1 + if aptkey verify --weak-digest SHA1 --help 2>/dev/null >/dev/null; then + echo 'Acquire::gpgv::Options { "--weak-digest"; "sha1"; };' > rootdir/etc/apt/apt.conf.d/no-sha1 + fi + msgdone "info" } -- cgit v1.2.3