From 6c34cccad778bd8db0ce03b7596cbef03afa9688 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Thu, 26 Sep 2013 13:32:49 +0200 Subject: pkg from only trusted sources keeps being trusted --allow-unauthenticated switches the download to a pre-0.6 system in which a package can come from any source, rather than that trusted packages can only come from trusted sources. To allow this the flag used to set all packages as untrusted, which is a bit much, so we check now if the package can be acquired via an untrusted source and only if this is the case set it as untrusted. As APT nowadays supports setting sources as trusted via a flag in the sources.list this mode shouldn't be used that much anymore though. [Note that this is not the patch from the BTS] Closes: 617690 --- ...17690-allow-unauthenticated-makes-all-untrusted | 52 ++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100755 test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted (limited to 'test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted') diff --git a/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted new file mode 100755 index 000000000..1c2514938 --- /dev/null +++ b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted @@ -0,0 +1,52 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'i386' + +buildsimplenativepackage 'cool' 'i386' '1.0' 'unstable' + +setupaptarchive --no-update + +testfileexists() { + msgtest 'Test for existance of file' "$1" + test -e "$1" && msgpass || msgfail + rm -f "$1" +} + +testfilemissing() { + msgtest 'Test for non-existance of file' "$1" + test -e "$1" && msgfail || msgpass + rm -f "$1" +} + +testrun() { + rm -rf rootdir/var/lib/apt + testsuccess aptget update + + testsuccess aptget download cool + testfileexists 'cool_1.0_i386.deb' + + mv aptarchive/pool/cool_1.0_i386.deb aptarchive/pool/cool_1.0_i386.deb.bak + echo 'this is not a good package' > aptarchive/pool/cool_1.0_i386.deb + # FIXME: apt-get download should exit non-zero if download fails + aptget download cool + testfilemissing cool_1.0_i386.deb + + # FIXME: apt-get download should exit non-zero if download fails + aptget download cool --allow-unauthenticated # unauthenticated doesn't mean unchecked + testfilemissing cool_1.0_i386.deb + + rm -f aptarchive/pool/cool_1.0_i386.deb + mv aptarchive/pool/cool_1.0_i386.deb.bak aptarchive/pool/cool_1.0_i386.deb + testsuccess aptget download cool --allow-unauthenticated + testfileexists 'cool_1.0_i386.deb' +} + +testrun + +find aptarchive/ \( -name 'Release.gpg' -o -name 'InRelease' \) -delete +# FIXME: apt-get download should warn about untrusted downloads +testrun -- cgit v1.2.3 From d57f6084aaa3972073114973d149ea2291b36682 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Thu, 3 Oct 2013 15:11:21 +0200 Subject: use pkgAcqArchive in 'download' for proper errors With a bit of trickery we can reuse the usual infrastructure we have in place to acquire deb files for the 'download' operation as well, which gains us authentification check & display, error messages, correct filenames and "downloads" from the root-owned archives. --- ...17690-allow-unauthenticated-makes-all-untrusted | 29 +++++++++++++++------- 1 file changed, 20 insertions(+), 9 deletions(-) (limited to 'test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted') diff --git a/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted index 1c2514938..633c197c0 100755 --- a/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted +++ b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted @@ -26,17 +26,26 @@ testrun() { rm -rf rootdir/var/lib/apt testsuccess aptget update - testsuccess aptget download cool - testfileexists 'cool_1.0_i386.deb' + if [ "$1" = 'trusted' ]; then + testsuccess aptget download cool + testfileexists 'cool_1.0_i386.deb' + + testsuccess aptget download cool --allow-unauthenticated + testfileexists 'cool_1.0_i386.deb' + else + testfailure aptget download cool + testfilemissing 'cool_1.0_i386.deb' + + testsuccess aptget download cool --allow-unauthenticated + testfileexists 'cool_1.0_i386.deb' + fi mv aptarchive/pool/cool_1.0_i386.deb aptarchive/pool/cool_1.0_i386.deb.bak echo 'this is not a good package' > aptarchive/pool/cool_1.0_i386.deb - # FIXME: apt-get download should exit non-zero if download fails - aptget download cool + testfailure aptget download cool testfilemissing cool_1.0_i386.deb - # FIXME: apt-get download should exit non-zero if download fails - aptget download cool --allow-unauthenticated # unauthenticated doesn't mean unchecked + testfailure aptget download cool --allow-unauthenticated # unauthenticated doesn't mean unchecked testfilemissing cool_1.0_i386.deb rm -f aptarchive/pool/cool_1.0_i386.deb @@ -45,8 +54,10 @@ testrun() { testfileexists 'cool_1.0_i386.deb' } -testrun +testrun 'trusted' find aptarchive/ \( -name 'Release.gpg' -o -name 'InRelease' \) -delete -# FIXME: apt-get download should warn about untrusted downloads -testrun +testrun 'untrusted' + +changetowebserver +testrun 'untrusted' -- cgit v1.2.3