From f42f6ef0e20d4ebd4653ccbad210b00a3ebbc269 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 28 Nov 2013 21:24:38 +0100 Subject: add missing test/integration/test-bug-720597-build-dep-purge --- test/integration/test-bug-720597-build-dep-purge | 36 ++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100755 test/integration/test-bug-720597-build-dep-purge (limited to 'test/integration') diff --git a/test/integration/test-bug-720597-build-dep-purge b/test/integration/test-bug-720597-build-dep-purge new file mode 100755 index 000000000..1e24ed5f1 --- /dev/null +++ b/test/integration/test-bug-720597-build-dep-purge @@ -0,0 +1,36 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'amd64' + +insertinstalledpackage 'build-essential' 'all' '11.5' 'Multi-Arch: foreign' +insertinstalledpackage 'pkga' 'all' '1' +buildsimplenativepackage 'pkgb' 'amd64' '1' 'stable' 'Conflicts: pkga' +buildsimplenativepackage 'pkgc' 'amd64' '1' 'stable' 'Build-Depends: pkgb' + +setupaptarchive + +testequal 'Reading package lists... +Building dependency tree... +The following packages will be REMOVED: + pkga +The following NEW packages will be installed: + pkgb +0 upgraded, 1 newly installed, 1 to remove and 0 not upgraded. +Remv pkga [1] +Inst pkgb (1 stable [amd64]) +Conf pkgb (1 stable [amd64])' aptget build-dep pkgc -s + +testequal 'Reading package lists... +Building dependency tree... +The following packages will be REMOVED: + pkga* +The following NEW packages will be installed: + pkgb +0 upgraded, 1 newly installed, 1 to remove and 0 not upgraded. +Purg pkga [1] +Inst pkgb (1 stable [amd64]) +Conf pkgb (1 stable [amd64])' aptget build-dep pkgc -s --purge -- cgit v1.2.3 From 2f5ed336109d11e06d08bedef6b37d6597c4c09c Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 29 Nov 2013 17:10:35 +0100 Subject: fix crash when SetCandidateRelease is used --- .../test-bug-709560-set-candidate-release | 36 ++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100755 test/integration/test-bug-709560-set-candidate-release (limited to 'test/integration') diff --git a/test/integration/test-bug-709560-set-candidate-release b/test/integration/test-bug-709560-set-candidate-release new file mode 100755 index 000000000..48dc5c382 --- /dev/null +++ b/test/integration/test-bug-709560-set-candidate-release @@ -0,0 +1,36 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'amd64' + +insertpackage 'experimental' 'foo' 'all' '2.0' 'Depends: foo-dep (= 2.1)' +insertpackage 'experimental' 'foo-dep' 'all' '2.1' + + +( +cat < rootdir/etc/apt/preferences + + +setupaptarchive + +testequal "Reading package lists... +Building dependency tree... +Selected version '2.0' (experimental [all]) for 'foo' +Selected version '2.1' (experimental [all]) for 'foo-dep' because of 'foo' +The following extra packages will be installed: + foo-dep +The following NEW packages will be installed: + foo foo-dep +0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. +Inst foo-dep (2.1 experimental [all]) +Inst foo (2.0 experimental [all]) +Conf foo-dep (2.1 experimental [all]) +Conf foo (2.0 experimental [all])" aptget install -q0 -s foo/experimental -- cgit v1.2.3 From 23af9f40ecc41eb05d82d953cca9ec11eaff657c Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Sun, 13 Oct 2013 19:23:30 +0200 Subject: tests: enhance https support in the testcases Git-Dch: Ignore --- test/integration/framework | 10 +++++++--- test/integration/test-partial-file-support | 12 +++++++----- 2 files changed, 14 insertions(+), 8 deletions(-) (limited to 'test/integration') diff --git a/test/integration/framework b/test/integration/framework index 20f3487cc..6a2a78c83 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -192,6 +192,7 @@ setupenvironment() { fi echo "DPKG::options:: \"--log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log\";" >> aptconfig.conf echo 'quiet::NoUpdate "true";' >> aptconfig.conf + echo "Acquire::https::CaInfo \"${TESTDIR}/apt.pem\";" > rootdir/etc/apt/apt.conf.d/99https export LC_ALL=C export PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin" configcompression '.' 'gz' #'bz2' 'lzma' 'xz' @@ -799,6 +800,11 @@ rewritesourceslist() { } changetowebserver() { + if [ "$1" != '--no-rewrite' ]; then + rewritesourceslist 'http://localhost:8080/' + else + shift + fi local LOG='/dev/null' if test -x ${BUILDDIRECTORY}/aptwebserver; then cd aptarchive @@ -812,9 +818,6 @@ changetowebserver() { else msgdie 'You have to build aptwerbserver or install a webserver' fi - if [ "$1" != '--no-rewrite' ]; then - rewritesourceslist 'http://localhost:8080/' - fi } changetohttpswebserver() { @@ -826,6 +829,7 @@ changetohttpswebserver() { fi echo "pid = ${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid cert = ${TESTDIRECTORY}/apt.pem +output = /dev/null [https] accept = 4433 diff --git a/test/integration/test-partial-file-support b/test/integration/test-partial-file-support index 8d1c51ae0..b176cc15e 100755 --- a/test/integration/test-partial-file-support +++ b/test/integration/test-partial-file-support @@ -18,7 +18,7 @@ testdownloadfile() { rm -f "$DOWNLOG" msgtest "Testing download of file $2 with" "$1" if ! downloadfile "$2" "$3" > "$DOWNLOG"; then - cat "$DOWNLOG" + cat >&2 "$DOWNLOG" msgfail else msgpass @@ -40,21 +40,23 @@ testdownloadfile() { if [ "$EXPECTED" "$4" "$hash" ]; then msgpass else - cat "$DOWNLOG" + cat >&2 "$DOWNLOG" msgfail "expected: $EXPECTED ; got: $hash" fi done } testwebserverlaststatuscode() { - STATUS="$(mktemp)" + local DOWNLOG='download-testfile.log' + rm -f "$DOWNLOG" + local STATUS="$(mktemp)" addtrap "rm $STATUS;" msgtest 'Test last status code from the webserver was' "$1" - downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" >/dev/null + downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG" if [ "$(cat "$STATUS")" = "$1" ]; then msgpass else - cat download-testfile.log + cat >&2 "$DOWNLOG" msgfail "Status was $(cat "$STATUS")" fi } -- cgit v1.2.3 From 8523b22fbcc6ca2ad004a9133559212908b768ed Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 23 Oct 2013 12:26:44 +0200 Subject: tests: rm pkgcache.bin in 719263 test As testcases are running really fast it can happen that files which are changed in reality are considered unchanged as the modify time isn't changed. What we could do is disable those caches by default, but some tests actually depend on those and deriving too much from the default by default (pun intended) is not a good idea for tests after all. Git-Dch: Ignore --- test/integration/test-bug-719263-print-uris-removes-authentication | 1 + 1 file changed, 1 insertion(+) (limited to 'test/integration') diff --git a/test/integration/test-bug-719263-print-uris-removes-authentication b/test/integration/test-bug-719263-print-uris-removes-authentication index 1c1a27ceb..5e674db0b 100755 --- a/test/integration/test-bug-719263-print-uris-removes-authentication +++ b/test/integration/test-bug-719263-print-uris-removes-authentication @@ -25,6 +25,7 @@ Inst unrelated [1] (2 unstable [all]) Conf unrelated (2 unstable [all])' aptget install unrelated -s testsuccess aptget install unrelated -y testdpkginstalled unrelated + rm -rf rootdir/var/cache/apt/*.bin cp -a rootdir/var/lib/dpkg/status-backup-noact rootdir/var/lib/dpkg/status } -- cgit v1.2.3 From f2c0ec8bdb00b44de240190dae39fa255b6c85de Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 23 Oct 2013 16:32:48 +0200 Subject: tests: add a webserverconfig method to abstract config The URI to use to set a config option is a bit arcane to write/remember and checking if the setting was successful doubly so. Git-Dch: Ignore --- test/integration/framework | 16 ++++++++++++++++ test/integration/test-partial-file-support | 6 ++---- test/integration/test-releasefile-verification | 2 +- 3 files changed, 19 insertions(+), 5 deletions(-) (limited to 'test/integration') diff --git a/test/integration/framework b/test/integration/framework index 6a2a78c83..89b5bb0e4 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -792,6 +792,22 @@ signreleasefiles() { msgdone "info" } +webserverconfig() { + msgtest "Set webserver config option '${1}' to" "$2" + downloadfile "http://localhost:8080/_config/set/${1}/${2}" '/dev/null' >/dev/null + local DOWNLOG='download-testfile.log' + rm -f "$DOWNLOG" + local STATUS="$(mktemp)" + addtrap "rm $STATUS;" + downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG" + if [ "$(cat "$STATUS")" = '200' ]; then + msgpass + else + cat >&2 "$DOWNLOG" + msgfail "Statuscode was $(cat "$STATUS")" + fi +} + rewritesourceslist() { local APTARCHIVE="file://$(readlink -f "${TMPWORKINGDIRECTORY}/aptarchive")" for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do diff --git a/test/integration/test-partial-file-support b/test/integration/test-partial-file-support index b176cc15e..382789e68 100755 --- a/test/integration/test-partial-file-support +++ b/test/integration/test-partial-file-support @@ -66,8 +66,7 @@ TESTFILE='aptarchive/testfile' cp -a ${TESTDIR}/framework $TESTFILE testrun() { - downloadfile "$1/_config/set/aptwebserver::support::range/true" '/dev/null' >/dev/null - testwebserverlaststatuscode '200' + webserverconfig 'aptwebserver::support::range' 'true' copysource $TESTFILE 0 ./testfile testdownloadfile 'no data' "${1}/testfile" './testfile' '=' @@ -94,8 +93,7 @@ testrun() { testdownloadfile 'old data' "${1}/testfile" './testfile' '=' testwebserverlaststatuscode '200' - downloadfile "$1/_config/set/aptwebserver::support::range/false" '/dev/null' >/dev/null - testwebserverlaststatuscode '200' + webserverconfig 'aptwebserver::support::range' 'false' copysource $TESTFILE 20 ./testfile testdownloadfile 'no server support' "${1}/testfile" './testfile' '=' diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index 9d34a521a..e558b83e8 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -11,7 +11,7 @@ buildaptarchive setupflataptarchive changetowebserver -downloadfile "http://localhost:8080/_config/set/aptwebserver::support::range/false" '/dev/null' >/dev/null +webserverconfig 'aptwebserver::support::range' 'false' prepare() { local DATE="${2:-now}" -- cgit v1.2.3 From f87338d2da95ba7d55a1a67b4506717e94d49bca Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Sat, 30 Nov 2013 23:07:20 +0100 Subject: cherry-pick ubuntus (disabled) net-update fixes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit With the net-update command a special keyring can be downloaded and imported into apt, which must be signed by a master key. Its is currently disabled because of security problems with it – and the only known user before that was Ubuntu. --- .../integration/exploid-keyring-with-dupe-keys.pub | Bin 0 -> 3986 bytes .../exploid-keyring-with-dupe-subkeys.pub | Bin 0 -> 2016 bytes test/integration/test-apt-key-net-update | 95 +++++++++++++++++++++ 3 files changed, 95 insertions(+) create mode 100644 test/integration/exploid-keyring-with-dupe-keys.pub create mode 100644 test/integration/exploid-keyring-with-dupe-subkeys.pub create mode 100755 test/integration/test-apt-key-net-update (limited to 'test/integration') diff --git a/test/integration/exploid-keyring-with-dupe-keys.pub b/test/integration/exploid-keyring-with-dupe-keys.pub new file mode 100644 index 000000000..642952a40 Binary files /dev/null and b/test/integration/exploid-keyring-with-dupe-keys.pub differ diff --git a/test/integration/exploid-keyring-with-dupe-subkeys.pub b/test/integration/exploid-keyring-with-dupe-subkeys.pub new file mode 100644 index 000000000..02d4e6ee8 Binary files /dev/null and b/test/integration/exploid-keyring-with-dupe-subkeys.pub differ diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update new file mode 100755 index 000000000..d5205836f --- /dev/null +++ b/test/integration/test-apt-key-net-update @@ -0,0 +1,95 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# mock +requires_root() { + return 0 +} + +# extract net_update() and import it +func=$( sed -n -e '/^add_keys_with_verify_against_master_keyring/,/^}/p' ${BUILDDIRECTORY}/apt-key ) +eval "$func" + +mkdir -p ./etc/apt +TRUSTEDFILE=./etc/apt/trusted.gpg +mkdir -p ./var/lib/apt/keyrings +TMP_KEYRING=./var/lib/apt/keyrings/maybe-import-keyring.gpg +GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring" +GPG="$GPG_CMD --keyring $TRUSTEDFILE" +MASTER_KEYRING=/usr/share/keyrings/ubuntu-master-keyring.gpg + + +msgtest "add_keys_with_verify_against_master_keyring" +if [ ! -e $MASTER_KEYRING ]; then + echo -n "No $MASTER_KEYRING found" + msgskip + exit 0 +fi + +# test bad keyring and ensure its not added (LP: #857472) +ADD_KEYRING=./keys/exploid-keyring-with-dupe-keys.pub +if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then + msgfail +else + msgpass +fi + +# ensure the keyring is still empty +gpg_out=$($GPG --list-keys) +msgtest "Test if keyring is empty" +if [ -n "" ]; then + msgfail +else + msgpass +fi + + +# test another possible attack vector using subkeys (LP: #1013128) +msgtest "add_keys_with_verify_against_master_keyring with subkey attack" +ADD_KEYRING=./keys/exploid-keyring-with-dupe-subkeys.pub +if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then + msgfail +else + msgpass +fi + +# ensure the keyring is still empty +gpg_out=$($GPG --list-keys) +msgtest "Test if keyring is empty" +if [ -n "" ]; then + msgfail +else + msgpass +fi + + +# test good keyring and ensure we get no errors +ADD_KEYRING=/usr/share/keyrings/ubuntu-archive-keyring.gpg +if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then + msgpass +else + msgfail +fi + +testequal './etc/apt/trusted.gpg +--------------------- +pub 1024D/437D05B5 2004-09-12 +uid Ubuntu Archive Automatic Signing Key +sub 2048g/79164387 2004-09-12 + +pub 1024D/FBB75451 2004-12-30 +uid Ubuntu CD Image Automatic Signing Key + +pub 4096R/C0B21F32 2012-05-11 +uid Ubuntu Archive Automatic Signing Key (2012) + +pub 4096R/EFE21092 2012-05-11 +uid Ubuntu CD Image Automatic Signing Key (2012) +' $GPG --list-keys + -- cgit v1.2.3 From 019dfaedcc169837f88cc0b971fd8897828d93bf Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 4 Dec 2013 07:58:37 +0100 Subject: add test, deal with InRelease --- test/integration/test-apt-get-source | 45 ++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100755 test/integration/test-apt-get-source (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source new file mode 100755 index 000000000..d2b8deafd --- /dev/null +++ b/test/integration/test-apt-get-source @@ -0,0 +1,45 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# we need to insert a package into "unstable" so that a Release file is +# create for the test +insertpackage 'wheezy' 'unreleated-package' 'all' '1.0' + +# a "normal" package with source and binary +insertpackage 'unstable' 'foo' 'all' '2.0' +insertsource 'unstable' 'foo' 'all' '2.0' + +insertpackage 'stable' 'foo' 'all' '1.0' +insertsource 'stable' 'foo' 'all' '1.0' + +# this package exists only as source +insertsource 'wheezy' 'foo' 'all' '0.1' + +setupaptarchive + +APTARCHIVE=$(readlink -f ./aptarchive) + +# normal operation gets highest version number +testequal "'file://${APTARCHIVE}/foo_2.0.dsc' foo_2.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_2.0.tar.gz' foo_2.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -qq --print-uris foo + +# select by release +testequal "Selectied version '1.0' (stable) for foo +'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -qq --print-uris foo/stable + +# select by version +testequal "'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -qq --print-uris foo=1.0 + +# select by release with no binary package (Bug#731102) +testequal "Selectied version '0.1' (wheezy) for foo +'file://${APTARCHIVE}/foo_0.1.dsc' foo_0.1.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_0.1.tar.gz' foo_0.1.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -qq --print-uris foo/wheezy + -- cgit v1.2.3 From 4652a9eee39df1cefa49ab177c0cfc50b9aad567 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 4 Dec 2013 08:41:23 +0100 Subject: further refactor, extract GetReleaseForSourceRecord() out of FindSrc(), write out the selection notice to c1out to be consistent with the rest of the source --- test/integration/test-apt-get-source | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source index d2b8deafd..0f9e29c80 100755 --- a/test/integration/test-apt-get-source +++ b/test/integration/test-apt-get-source @@ -26,20 +26,30 @@ setupaptarchive APTARCHIVE=$(readlink -f ./aptarchive) # normal operation gets highest version number -testequal "'file://${APTARCHIVE}/foo_2.0.dsc' foo_2.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e -'file://${APTARCHIVE}/foo_2.0.tar.gz' foo_2.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -qq --print-uris foo +HEADER="Reading package lists... +Building dependency tree..." +testequal "$HEADER +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_2.0.dsc' foo_2.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_2.0.tar.gz' foo_2.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo # select by release -testequal "Selectied version '1.0' (stable) for foo +testequal "$HEADER +Selectied version '1.0' (stable) for foo +Need to get 0 B of source archives. 'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e -'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -qq --print-uris foo/stable +'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo/stable # select by version -testequal "'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e -'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -qq --print-uris foo=1.0 +testequal "$HEADER +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo=1.0 # select by release with no binary package (Bug#731102) -testequal "Selectied version '0.1' (wheezy) for foo +testequal "$HEADER +Selectied version '0.1' (wheezy) for foo +Need to get 0 B of source archives. 'file://${APTARCHIVE}/foo_0.1.dsc' foo_0.1.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e -'file://${APTARCHIVE}/foo_0.1.tar.gz' foo_0.1.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -qq --print-uris foo/wheezy +'file://${APTARCHIVE}/foo_0.1.tar.gz' foo_0.1.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo/wheezy -- cgit v1.2.3 From c6b83f9c68aafa3f2bd1b695a6beb724d7520bc5 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 4 Dec 2013 16:26:57 +0100 Subject: add test for aptget source for unavailable package --- test/integration/test-apt-get-source | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source index 0f9e29c80..5bef781f1 100755 --- a/test/integration/test-apt-get-source +++ b/test/integration/test-apt-get-source @@ -53,3 +53,8 @@ Need to get 0 B of source archives. 'file://${APTARCHIVE}/foo_0.1.dsc' foo_0.1.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e 'file://${APTARCHIVE}/foo_0.1.tar.gz' foo_0.1.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo/wheezy +# unavailable one +testequal "$HEADER +E: Ignore unavailable version '9.9-not-there' of package 'foo' +E: Unable to find a source package for foo" aptget source -q --print-uris foo=9.9-not-there + -- cgit v1.2.3 From 651ae5ce5f376ae5274933c621a3b897ac5152a6 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 10 Dec 2013 16:35:44 +0100 Subject: if there is only deb-src pick higest version in deb-src release matching --- test/integration/test-apt-get-source | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source index 5bef781f1..6bca22145 100755 --- a/test/integration/test-apt-get-source +++ b/test/integration/test-apt-get-source @@ -15,10 +15,14 @@ insertpackage 'wheezy' 'unreleated-package' 'all' '1.0' insertpackage 'unstable' 'foo' 'all' '2.0' insertsource 'unstable' 'foo' 'all' '2.0' +# its possible to have multiple src versions in the sources file, do not break +# in this case (bts #731853) +insertsource 'stable' 'foo' 'all' '1.5' insertpackage 'stable' 'foo' 'all' '1.0' insertsource 'stable' 'foo' 'all' '1.0' -# this package exists only as source +# this packages exists only as source +insertsource 'wheezy' 'foo' 'all' '0.0.1' insertsource 'wheezy' 'foo' 'all' '0.1' setupaptarchive @@ -46,7 +50,8 @@ Need to get 0 B of source archives. 'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e 'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo=1.0 -# select by release with no binary package (Bug#731102) +# select by release with no binary package (Bug#731102) but ensure to get +# higest version testequal "$HEADER Selectied version '0.1' (wheezy) for foo Need to get 0 B of source archives. -- cgit v1.2.3 From 66f13784f0a05bbd60106d21447f10273c68b0d8 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 10 Dec 2013 16:43:25 +0100 Subject: improve test for #731853 and comments --- test/integration/test-apt-get-source | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source index 6bca22145..e2536ae7a 100755 --- a/test/integration/test-apt-get-source +++ b/test/integration/test-apt-get-source @@ -15,13 +15,15 @@ insertpackage 'wheezy' 'unreleated-package' 'all' '1.0' insertpackage 'unstable' 'foo' 'all' '2.0' insertsource 'unstable' 'foo' 'all' '2.0' -# its possible to have multiple src versions in the sources file, do not break -# in this case (bts #731853) +# its possible to have multiple src versions in the sources file, ensure +# to pick the correct one in this case (bts #731853) insertsource 'stable' 'foo' 'all' '1.5' +insertsource 'stable' 'foo' 'all' '0.5' insertpackage 'stable' 'foo' 'all' '1.0' insertsource 'stable' 'foo' 'all' '1.0' -# this packages exists only as source +# this packages exists only as sources, add two versions to ensure that +# apt will pick the higher version number (bts #731853) insertsource 'wheezy' 'foo' 'all' '0.0.1' insertsource 'wheezy' 'foo' 'all' '0.1' -- cgit v1.2.3 From bfa7bfc8e426f662ee5a5d0fcba3daeea23fe2ae Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 10 Dec 2013 17:02:30 +0100 Subject: fix typo --- test/integration/test-apt-get-source | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source index e2536ae7a..b98ebbada 100755 --- a/test/integration/test-apt-get-source +++ b/test/integration/test-apt-get-source @@ -41,7 +41,7 @@ Need to get 0 B of source archives. # select by release testequal "$HEADER -Selectied version '1.0' (stable) for foo +Selected version '1.0' (stable) for foo Need to get 0 B of source archives. 'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e 'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo/stable @@ -55,7 +55,7 @@ Need to get 0 B of source archives. # select by release with no binary package (Bug#731102) but ensure to get # higest version testequal "$HEADER -Selectied version '0.1' (wheezy) for foo +Selected version '0.1' (wheezy) for foo Need to get 0 B of source archives. 'file://${APTARCHIVE}/foo_0.1.dsc' foo_0.1.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e 'file://${APTARCHIVE}/foo_0.1.tar.gz' foo_0.1.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo/wheezy -- cgit v1.2.3 From 65dcff55dc5c9b47230d340a70c5067921eec4bf Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 10 Dec 2013 17:09:56 +0100 Subject: user-requested version tag gets precedence in apt-get source -t dist pkg=version requests --- test/integration/test-apt-get-source | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source index b98ebbada..c8db4edbe 100755 --- a/test/integration/test-apt-get-source +++ b/test/integration/test-apt-get-source @@ -65,3 +65,8 @@ testequal "$HEADER E: Ignore unavailable version '9.9-not-there' of package 'foo' E: Unable to find a source package for foo" aptget source -q --print-uris foo=9.9-not-there +# version and release +testequal "$HEADER +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_0.0.1.dsc' foo_0.0.1.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_0.0.1.tar.gz' foo_0.0.1.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris -t unstable foo=0.0.1 -- cgit v1.2.3 From adf379e7ad1900db6d3942ac7dca5cec4737d9a1 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 11 Dec 2013 08:21:04 +0100 Subject: add support for "apt-get source pkg:arch" --- test/integration/test-apt-get-source-arch | 60 +++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100755 test/integration/test-apt-get-source-arch (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source-arch b/test/integration/test-apt-get-source-arch new file mode 100755 index 000000000..3ac6907a9 --- /dev/null +++ b/test/integration/test-apt-get-source-arch @@ -0,0 +1,60 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" "amd64" + + +# different version for the individual arches +insertpackage 'stable' 'foo' 'amd64' '1.0' +insertsource 'stable' 'foo' 'amd64' '1.0' + +insertpackage 'stable' 'foo' 'i386' '1.0' +insertsource 'stable' 'foo' 'i386' '1.0' +insertpackage 'stable' 'foo' 'i386' '2.0' +insertsource 'stable' 'foo' 'i386' '2.0' + +insertpackage 'oldstable' 'foo' 'i386' '0.1' +insertsource 'oldstable' 'foo' 'i386' '0.1' +# just needed so that there is a release file entry for the test +insertpackage 'oldstable' 'unreleated' 'amd64' '0.1' + +setupaptarchive + +APTARCHIVE=$(readlink -f ./aptarchive) + +HEADER="Reading package lists... +Building dependency tree..." + +# pick :amd64 +testequal "$HEADER +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo:amd64 + +# pick :i386 +testequal "$HEADER +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_2.0.dsc' foo_2.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_2.0.tar.gz' foo_2.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo:i386 + +# pick :i386 by release +testequal "$HEADER +Selected version '0.1' (oldstable) for foo +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_0.1.dsc' foo_0.1.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_0.1.tar.gz' foo_0.1.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo:i386/oldstable + +# pick :i386 by version +testequal "$HEADER +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo:i386=1.0 + +# error on unknown arch +testequal "$HEADER +E: Can not find a package for architecture 'not-a-available-arch' +E: Unable to find a source package for foo:not-a-available-arch" aptget source -q --print-uris foo:not-a-available-arch -- cgit v1.2.3 From 37f45a579d4344c3ef6a044b12b992353e238301 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 11 Dec 2013 09:21:26 +0100 Subject: improve error message for apt-get source pkg:arch{=ver,/release} --- test/integration/test-apt-get-source-arch | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source-arch b/test/integration/test-apt-get-source-arch index 3ac6907a9..97d0e096a 100755 --- a/test/integration/test-apt-get-source-arch +++ b/test/integration/test-apt-get-source-arch @@ -58,3 +58,13 @@ Need to get 0 B of source archives. testequal "$HEADER E: Can not find a package for architecture 'not-a-available-arch' E: Unable to find a source package for foo:not-a-available-arch" aptget source -q --print-uris foo:not-a-available-arch + +# error on unavailable version for arch +testequal "$HEADER +E: Can not find a package 'foo:amd64' with version '2.0' and release '' +E: Unable to find a source package for foo:amd64=2.0" aptget source -q --print-uris foo:amd64=2.0 + +# error on unavailable release for arch +testequal "$HEADER +E: Can not find a package 'foo:amd64' with version '' and release 'oldstable' +E: Unable to find a source package for foo:amd64/oldstable" aptget source -q --print-uris foo:amd64/oldstable -- cgit v1.2.3 From c9829e0744ca678e105aa0af26b87588023d7536 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 11 Dec 2013 14:03:53 +0100 Subject: improve error message --- test/integration/test-apt-get-source-arch | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source-arch b/test/integration/test-apt-get-source-arch index 97d0e096a..d7ed56dc9 100755 --- a/test/integration/test-apt-get-source-arch +++ b/test/integration/test-apt-get-source-arch @@ -61,10 +61,10 @@ E: Unable to find a source package for foo:not-a-available-arch" aptget source - # error on unavailable version for arch testequal "$HEADER -E: Can not find a package 'foo:amd64' with version '2.0' and release '' +E: Can not find a package 'foo:amd64' with version '2.0' E: Unable to find a source package for foo:amd64=2.0" aptget source -q --print-uris foo:amd64=2.0 # error on unavailable release for arch testequal "$HEADER -E: Can not find a package 'foo:amd64' with version '' and release 'oldstable' +E: Can not find a package 'foo:amd64' with release 'oldstable' E: Unable to find a source package for foo:amd64/oldstable" aptget source -q --print-uris foo:amd64/oldstable -- cgit v1.2.3 From fc85b0d8f3c2d63efcad2590e021d70c2ba700da Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 11 Dec 2013 15:08:30 +0100 Subject: fix test/integration/test-apt-key-net-update (code copy/DRY violation) --- test/integration/test-apt-key-net-update | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'test/integration') diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update index d5205836f..2e72d1d62 100755 --- a/test/integration/test-apt-key-net-update +++ b/test/integration/test-apt-key-net-update @@ -24,6 +24,21 @@ GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring" GPG="$GPG_CMD --keyring $TRUSTEDFILE" MASTER_KEYRING=/usr/share/keyrings/ubuntu-master-keyring.gpg +# COPYIED from apt-key.in -------------- + +# gpg needs a trustdb to function, but it can't be invalid (not even empty) +# so we create a temporary directory to store our fresh readable trustdb in +TRUSTDBDIR="$(mktemp -d)" +CURRENTTRAP="${CURRENTTRAP} rm -rf '${TRUSTDBDIR}';" +trap "${CURRENTTRAP}" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM +chmod 700 "$TRUSTDBDIR" +# We also don't use a secret keyring, of course, but gpg panics and +# implodes if there isn't one available - and writeable for imports +SECRETKEYRING="${TRUSTDBDIR}/secring.gpg" +touch $SECRETKEYRING +GPG_CMD="$GPG_CMD --secret-keyring $SECRETKEYRING" +GPG_CMD="$GPG_CMD --trustdb-name ${TRUSTDBDIR}/trustdb.gpg" +#----------------------------------------- END COPY msgtest "add_keys_with_verify_against_master_keyring" if [ ! -e $MASTER_KEYRING ]; then -- cgit v1.2.3 From 017d3f3b4b0da976b1d2ecfcd26251369c5aec88 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 12 Dec 2013 07:41:17 +0100 Subject: clarify error message when apt-get source=ver fails, print a real error message instead of "ignoring" --- test/integration/test-apt-get-source | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/integration') diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source index c8db4edbe..3ee7a9e23 100755 --- a/test/integration/test-apt-get-source +++ b/test/integration/test-apt-get-source @@ -62,7 +62,7 @@ Need to get 0 B of source archives. # unavailable one testequal "$HEADER -E: Ignore unavailable version '9.9-not-there' of package 'foo' +E: Can not find version '9.9-not-there' of package 'foo' E: Unable to find a source package for foo" aptget source -q --print-uris foo=9.9-not-there # version and release -- cgit v1.2.3 From 9b7c10509c534b7d413b5102231cb0ca387f1c65 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 12 Dec 2013 07:49:43 +0100 Subject: fix test/integration/test-apt-key-net-update --- test/integration/test-apt-key-net-update | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'test/integration') diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update index 2e72d1d62..73545aff7 100755 --- a/test/integration/test-apt-key-net-update +++ b/test/integration/test-apt-key-net-update @@ -21,8 +21,9 @@ TRUSTEDFILE=./etc/apt/trusted.gpg mkdir -p ./var/lib/apt/keyrings TMP_KEYRING=./var/lib/apt/keyrings/maybe-import-keyring.gpg GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring" -GPG="$GPG_CMD --keyring $TRUSTEDFILE" -MASTER_KEYRING=/usr/share/keyrings/ubuntu-master-keyring.gpg + +# FIXME: instead of copying this use apt-key and the buildin apt webserver +# to do a real test # COPYIED from apt-key.in -------------- @@ -40,6 +41,9 @@ GPG_CMD="$GPG_CMD --secret-keyring $SECRETKEYRING" GPG_CMD="$GPG_CMD --trustdb-name ${TRUSTDBDIR}/trustdb.gpg" #----------------------------------------- END COPY +GPG="$GPG_CMD --keyring $TRUSTEDFILE" +MASTER_KEYRING=/usr/share/keyrings/ubuntu-master-keyring.gpg + msgtest "add_keys_with_verify_against_master_keyring" if [ ! -e $MASTER_KEYRING ]; then echo -n "No $MASTER_KEYRING found" -- cgit v1.2.3 From c23e6cd58242470daad78ddad85285f9cd7aed0f Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 12 Dec 2013 15:11:01 +0100 Subject: Fix conffile prompt regression (LP: #1260297) This fixes a regression in the conffile prompt for the progress-fd and adds a testcase to ensure this does not regress again. --- test/integration/test-apt-progress-fd-conffile | 43 ++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100755 test/integration/test-apt-progress-fd-conffile (limited to 'test/integration') diff --git a/test/integration/test-apt-progress-fd-conffile b/test/integration/test-apt-progress-fd-conffile new file mode 100755 index 000000000..0b42b1b2f --- /dev/null +++ b/test/integration/test-apt-progress-fd-conffile @@ -0,0 +1,43 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'native' + +# old conffile +setupsimplenativepackage 'compiz-core' 'native' '1.0' 'unstable' +BUILDDIR='incoming/compiz-core-1.0' +mkdir -p ${BUILDDIR}/debian/compiz-core/etc +echo 'foo=bar;' > ${BUILDDIR}/compiz.conf +echo 'compiz.conf /etc/compiz.conf' >> ${BUILDDIR}/debian/install +buildpackage "$BUILDDIR" 'unstable' 'main' 'native' +rm -rf "$BUILDDIR" + +# new conffile +setupsimplenativepackage 'compiz-core' 'native' '2.0' 'unstable' +BUILDDIR='incoming/compiz-core-2.0' +mkdir -p ${BUILDDIR}/debian/compiz-core/etc +echo 'foo2=bar2;' > ${BUILDDIR}/compiz.conf +echo 'compiz.conf /etc/compiz.conf' >> ${BUILDDIR}/debian/install +buildpackage "$BUILDDIR" 'unstable' 'main' 'native' +rm -rf "$BUILDDIR" + +setupaptarchive + +testsuccess aptget install compiz-core=1.0 + +# fake conffile change +echo "meep" >> rootdir/etc/compiz.conf/compiz.conf + +# install +exec 3> apt-progress.log +echo n | aptget install compiz-core=2.0 -o APT::Status-Fd=3 -o Dpkg::Use-Pty=false + +# and ensure there is a conffile message in the file +msgtest "Conffile prompt in apt-progress.log" +grep -q "pmconffile:/etc/compiz.conf/compiz.conf" apt-progress.log && msgpass || (cat apt-progress.log && msgfail) + +cat apt-progress.log \ No newline at end of file -- cgit v1.2.3 From 5c0dd6fc637358094c9f0f9c98b9cd697090a529 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 13 Dec 2013 08:17:26 +0100 Subject: run autopkgtest against the installed apt --- test/integration/framework | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'test/integration') diff --git a/test/integration/framework b/test/integration/framework index 89b5bb0e4..c6422ca6f 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -102,6 +102,9 @@ aptget() { runapt apt-get $*; } aptftparchive() { runapt apt-ftparchive $*; } aptkey() { runapt apt-key $*; } aptmark() { runapt apt-mark $*; } +aptwebserver() { + LD_LIBRARY_PATH=${APTWEBSERVERBINDIR} ${APTWEBSERVERBINDIR}/aptwebserver $*; +} dpkg() { $(which dpkg) --root=${TMPWORKINGDIRECTORY}/rootdir --force-not-root --force-bad-path --log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log $* } @@ -154,8 +157,14 @@ setupenvironment() { TMPWORKINGDIRECTORY=$(mktemp -d) TESTDIRECTORY=$(readlink -f $(dirname $0)) msgninfo "Preparing environment for ${CCMD}$(basename $0)${CINFO} in ${TMPWORKINGDIRECTORY}… " - BUILDDIRECTORY="${TESTDIRECTORY}/../../build/bin" + + # allow overriding the default BUILDDIR location + BUILDDIRECTORY=${APT_INTEGRATION_TESTS_BUILD_DIR:-"${TESTDIRECTORY}/../../build/bin"} + METHODSDIR=${APT_INTEGRATION_TESTS_METHODS_DIR:-"${BUILDDIRECTORY}/methods"} + APTWEBSERVERBINDIR=${APT_INTEGRATION_TESTS_WEBSERVER_BIN_DIR:-BUILDDIRECTORY} test -x "${BUILDDIRECTORY}/apt-get" || msgdie "You need to build tree first" + # ----- + addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;" cd $TMPWORKINGDIRECTORY mkdir rootdir aptarchive keys @@ -181,7 +190,7 @@ setupenvironment() { echo "Dir::state::status \"${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status\";" >> aptconfig.conf echo "Debug::NoLocking \"true\";" >> aptconfig.conf echo "APT::Get::Show-User-Simulation-Note \"false\";" >> aptconfig.conf - echo "Dir::Bin::Methods \"${BUILDDIRECTORY}/methods\";" >> aptconfig.conf + echo "Dir::Bin::Methods \"${METHODSDIR}\";" >> aptconfig.conf echo "Dir::Bin::dpkg \"fakeroot\";" >> aptconfig.conf echo "DPKG::options:: \"dpkg\";" >> aptconfig.conf echo "DPKG::options:: \"--root=${TMPWORKINGDIRECTORY}/rootdir\";" >> aptconfig.conf @@ -822,9 +831,9 @@ changetowebserver() { shift fi local LOG='/dev/null' - if test -x ${BUILDDIRECTORY}/aptwebserver; then + if test -x ${APTWEBSERVERBINDIR}/aptwebserver; then cd aptarchive - LD_LIBRARY_PATH=${BUILDDIRECTORY} ${BUILDDIRECTORY}/aptwebserver -o aptwebserver::fork=1 "$@" >$LOG 2>&1 + aptwebserver -o aptwebserver::fork=1 "$@" >$LOG 2>&1 local PID="$(cat aptwebserver.pid)" if [ -z "$PID" ]; then msgdie 'Could not fork aptwebserver successfully' -- cgit v1.2.3 From 5acf154d810a0225cc7d14637d101205e43ceba8 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 13 Dec 2013 14:37:14 +0100 Subject: make apt-key net-update actually testable --- test/integration/test-apt-key-net-update | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'test/integration') diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update index 73545aff7..e0869402e 100755 --- a/test/integration/test-apt-key-net-update +++ b/test/integration/test-apt-key-net-update @@ -6,6 +6,20 @@ TESTDIR=$(readlink -f $(dirname $0)) setupenvironment configarchitecture "i386" +changetowebserver + +# setup env +mkdir -p aptarchive/ubuntu/project var/lib/apt/keyrings +echo 'APT::Key::ArchiveKeyringURI "http://localhost:8080/ubuntu/project/ubuntu-archive-keyring.gpg";' >> ./aptconfig.conf +echo 'APT::Key::Net-Update-Enabled "1";' >> ./aptconfig.conf + +# signed thing +echo "meep" > aptarchive/ubuntu/project/ubuntu-archive-keyring.gpg + +# test against the "real" webserver +aptkey --fakeroot net-update + +exit 1 # mock requires_root() { -- cgit v1.2.3 From e5543ea5a236426dd33e74e427e8485a030a2540 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 19 Dec 2013 16:43:50 +0100 Subject: fix apt-key net-update test to use the buildin webserver --- .../integration/exploid-keyring-with-dupe-keys.pub | Bin 3986 -> 0 bytes .../exploid-keyring-with-dupe-subkeys.pub | Bin 2016 -> 0 bytes test/integration/keyrings/test-archive-keyring.pub | Bin 0 -> 979 bytes test/integration/keyrings/test-archive-keyring.sec | Bin 0 -> 1355 bytes test/integration/keyrings/test-master-keyring.pub | Bin 0 -> 1199 bytes test/integration/keyrings/test-master-keyring.sec | Bin 0 -> 2501 bytes test/integration/test-apt-key-net-update | 133 ++++----------------- 7 files changed, 24 insertions(+), 109 deletions(-) delete mode 100644 test/integration/exploid-keyring-with-dupe-keys.pub delete mode 100644 test/integration/exploid-keyring-with-dupe-subkeys.pub create mode 100644 test/integration/keyrings/test-archive-keyring.pub create mode 100644 test/integration/keyrings/test-archive-keyring.sec create mode 100644 test/integration/keyrings/test-master-keyring.pub create mode 100644 test/integration/keyrings/test-master-keyring.sec (limited to 'test/integration') diff --git a/test/integration/exploid-keyring-with-dupe-keys.pub b/test/integration/exploid-keyring-with-dupe-keys.pub deleted file mode 100644 index 642952a40..000000000 Binary files a/test/integration/exploid-keyring-with-dupe-keys.pub and /dev/null differ diff --git a/test/integration/exploid-keyring-with-dupe-subkeys.pub b/test/integration/exploid-keyring-with-dupe-subkeys.pub deleted file mode 100644 index 02d4e6ee8..000000000 Binary files a/test/integration/exploid-keyring-with-dupe-subkeys.pub and /dev/null differ diff --git a/test/integration/keyrings/test-archive-keyring.pub b/test/integration/keyrings/test-archive-keyring.pub new file mode 100644 index 000000000..d8d9d472b Binary files /dev/null and b/test/integration/keyrings/test-archive-keyring.pub differ diff --git a/test/integration/keyrings/test-archive-keyring.sec b/test/integration/keyrings/test-archive-keyring.sec new file mode 100644 index 000000000..aece750e8 Binary files /dev/null and b/test/integration/keyrings/test-archive-keyring.sec differ diff --git a/test/integration/keyrings/test-master-keyring.pub b/test/integration/keyrings/test-master-keyring.pub new file mode 100644 index 000000000..33aa16796 Binary files /dev/null and b/test/integration/keyrings/test-master-keyring.pub differ diff --git a/test/integration/keyrings/test-master-keyring.sec b/test/integration/keyrings/test-master-keyring.sec new file mode 100644 index 000000000..9cb33176c Binary files /dev/null and b/test/integration/keyrings/test-master-keyring.sec differ diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update index e0869402e..4b38cd9b5 100755 --- a/test/integration/test-apt-key-net-update +++ b/test/integration/test-apt-key-net-update @@ -9,120 +9,35 @@ configarchitecture "i386" changetowebserver # setup env -mkdir -p aptarchive/ubuntu/project var/lib/apt/keyrings -echo 'APT::Key::ArchiveKeyringURI "http://localhost:8080/ubuntu/project/ubuntu-archive-keyring.gpg";' >> ./aptconfig.conf -echo 'APT::Key::Net-Update-Enabled "1";' >> ./aptconfig.conf - -# signed thing -echo "meep" > aptarchive/ubuntu/project/ubuntu-archive-keyring.gpg - -# test against the "real" webserver -aptkey --fakeroot net-update - -exit 1 - -# mock -requires_root() { - return 0 -} - -# extract net_update() and import it -func=$( sed -n -e '/^add_keys_with_verify_against_master_keyring/,/^}/p' ${BUILDDIRECTORY}/apt-key ) -eval "$func" - -mkdir -p ./etc/apt -TRUSTEDFILE=./etc/apt/trusted.gpg -mkdir -p ./var/lib/apt/keyrings -TMP_KEYRING=./var/lib/apt/keyrings/maybe-import-keyring.gpg -GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring" - -# FIXME: instead of copying this use apt-key and the buildin apt webserver -# to do a real test - -# COPYIED from apt-key.in -------------- - -# gpg needs a trustdb to function, but it can't be invalid (not even empty) -# so we create a temporary directory to store our fresh readable trustdb in -TRUSTDBDIR="$(mktemp -d)" -CURRENTTRAP="${CURRENTTRAP} rm -rf '${TRUSTDBDIR}';" -trap "${CURRENTTRAP}" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM -chmod 700 "$TRUSTDBDIR" -# We also don't use a secret keyring, of course, but gpg panics and -# implodes if there isn't one available - and writeable for imports -SECRETKEYRING="${TRUSTDBDIR}/secring.gpg" -touch $SECRETKEYRING -GPG_CMD="$GPG_CMD --secret-keyring $SECRETKEYRING" -GPG_CMD="$GPG_CMD --trustdb-name ${TRUSTDBDIR}/trustdb.gpg" -#----------------------------------------- END COPY +mkdir -p var/lib/apt/keyrings +mkdir -p usr/share/keyrings -GPG="$GPG_CMD --keyring $TRUSTEDFILE" -MASTER_KEYRING=/usr/share/keyrings/ubuntu-master-keyring.gpg - -msgtest "add_keys_with_verify_against_master_keyring" -if [ ! -e $MASTER_KEYRING ]; then - echo -n "No $MASTER_KEYRING found" - msgskip - exit 0 -fi - -# test bad keyring and ensure its not added (LP: #857472) -ADD_KEYRING=./keys/exploid-keyring-with-dupe-keys.pub -if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then - msgfail -else - msgpass -fi - -# ensure the keyring is still empty -gpg_out=$($GPG --list-keys) -msgtest "Test if keyring is empty" -if [ -n "" ]; then - msgfail -else - msgpass -fi - - -# test another possible attack vector using subkeys (LP: #1013128) -msgtest "add_keys_with_verify_against_master_keyring with subkey attack" -ADD_KEYRING=./keys/exploid-keyring-with-dupe-subkeys.pub -if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then - msgfail -else - msgpass -fi - -# ensure the keyring is still empty -gpg_out=$($GPG --list-keys) -msgtest "Test if keyring is empty" -if [ -n "" ]; then - msgfail -else - msgpass -fi +# install the fake master keyring +install -m0644 keys/test-master-keyring.pub usr/share/keyrings +echo "APT::Key::MasterKeyring \"${TMPWORKINGDIRECTORY}/usr/share/keyrings/test-master-keyring.pub\";" >> ./aptconfig.conf +# setup archive-keyring +mkdir -p aptarchive/ubuntu/project +install -m0644 keys/test-archive-keyring.pub aptarchive/ubuntu/project/ +echo 'APT::Key::ArchiveKeyringURI "http://localhost:8080/ubuntu/project/test-archive-keyring.pub";' >> ./aptconfig.conf +echo 'APT::Key::Net-Update-Enabled "1";' >> ./aptconfig.conf -# test good keyring and ensure we get no errors -ADD_KEYRING=/usr/share/keyrings/ubuntu-archive-keyring.gpg -if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then - msgpass -else - msgfail -fi +# test against the "real" webserver +testequal 'Checking for new archive signing keys now +gpg: key F68C85A3: public key "Test Automatic Archive Signing Key " imported +gpg: Total number processed: 1 +gpg: imported: 1 (RSA: 1)' aptkey --fakeroot net-update -testequal './etc/apt/trusted.gpg ---------------------- -pub 1024D/437D05B5 2004-09-12 -uid Ubuntu Archive Automatic Signing Key -sub 2048g/79164387 2004-09-12 -pub 1024D/FBB75451 2004-12-30 -uid Ubuntu CD Image Automatic Signing Key +# now try a different one +# setup archive-keyring +mkdir -p aptarchive/ubuntu/project +install -m0644 keys/marvinparanoid.pub aptarchive/ubuntu/project/ +echo 'APT::Key::ArchiveKeyringURI "http://localhost:8080/ubuntu/project/marvinparanoid.pub";' >> ./aptconfig.conf +echo 'APT::Key::Net-Update-Enabled "1";' >> ./aptconfig.conf -pub 4096R/C0B21F32 2012-05-11 -uid Ubuntu Archive Automatic Signing Key (2012) +# test against the "real" webserver +testequal "Checking for new archive signing keys now +Key 'E8525D47528144E2' not added. It is not signed with a master key" aptkey --fakeroot net-update -pub 4096R/EFE21092 2012-05-11 -uid Ubuntu CD Image Automatic Signing Key (2012) -' $GPG --list-keys -- cgit v1.2.3 From 75ab11ae3880530c5354cc90c8d1ff0998f8146b Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Sat, 21 Dec 2013 18:50:03 +0100 Subject: make /etc/apt/preferences parser deal with comment only sections --- test/integration/test-bug-732746-preferences | 32 ++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100755 test/integration/test-bug-732746-preferences (limited to 'test/integration') diff --git a/test/integration/test-bug-732746-preferences b/test/integration/test-bug-732746-preferences new file mode 100755 index 000000000..b31f98aa0 --- /dev/null +++ b/test/integration/test-bug-732746-preferences @@ -0,0 +1,32 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'i386' + +insertinstalledpackage 'bar' 'i386' '1.0' + +cat > rootdir/etc/apt/preferences << EOF +# random test comment header + +# commented out by puppy^Wpuppet +#Package: foo +#Pin: origin "ftp.debian.org" +#Pin: 800 + +Package: bar +Pin: version 1.0 +Pin-Priority: 700 + +#Package: bar +#Pin: version 1.0 +#Pin: 800 +EOF + +testequal "Reading package lists... +Building dependency tree..." aptget check + +msgtest "Ensure policy is applied" +aptcache policy bar|grep -q "*** 1.0 700" && msgpass || msgfail -- cgit v1.2.3 From 6bbd65ee4fddb59d771d3cd1f7cf7433cbbd0097 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 24 Dec 2013 23:21:23 +0100 Subject: add integration test --- test/integration/test-bug-728500-tempdir | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100755 test/integration/test-bug-728500-tempdir (limited to 'test/integration') diff --git a/test/integration/test-bug-728500-tempdir b/test/integration/test-bug-728500-tempdir new file mode 100755 index 000000000..0606538a1 --- /dev/null +++ b/test/integration/test-bug-728500-tempdir @@ -0,0 +1,18 @@ +#!/bin/sh + +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'i386' + +buildsimplenativepackage 'coolstuff' 'all' '1.0' 'unstable' + +setupaptarchive +changetowebserver + +msgtest 'Test with incorect TMPDIR' +export TMPDIR=/does-not-exists +aptget update && msgpass || msgfail +unset TMPDIR \ No newline at end of file -- cgit v1.2.3 From c035b6552ba4bd1c6fba5fd8f8d829c2efbefe3c Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 27 Dec 2013 23:17:26 +0100 Subject: fix APTWEBSERVERBINDIR default --- test/integration/framework | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/integration') diff --git a/test/integration/framework b/test/integration/framework index c6422ca6f..a28363768 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -161,7 +161,7 @@ setupenvironment() { # allow overriding the default BUILDDIR location BUILDDIRECTORY=${APT_INTEGRATION_TESTS_BUILD_DIR:-"${TESTDIRECTORY}/../../build/bin"} METHODSDIR=${APT_INTEGRATION_TESTS_METHODS_DIR:-"${BUILDDIRECTORY}/methods"} - APTWEBSERVERBINDIR=${APT_INTEGRATION_TESTS_WEBSERVER_BIN_DIR:-BUILDDIRECTORY} + APTWEBSERVERBINDIR=${APT_INTEGRATION_TESTS_WEBSERVER_BIN_DIR:-"${BUILDDIRECTORY}"} test -x "${BUILDDIRECTORY}/apt-get" || msgdie "You need to build tree first" # ----- -- cgit v1.2.3