From fce726023f703c369ae030684e75ed03c7544d6b Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 21 Dec 2007 13:56:19 +0100 Subject: implement AptAuthenticationReliabtlity spec --- ..._apt_auth-test-suit_gpg-package-broken_Packages | 25 ++++++ ...o_apt_auth-test-suit_gpg-package-broken_Release | 13 +++ ...t_auth-test-suit_gpg-package-broken_Release.gpg | 7 ++ ...emvo_apt_auth-test-suit_gpg-package-ok_Packages | 25 ++++++ ...7emvo_apt_auth-test-suit_gpg-package-ok_Release | 13 +++ ...o_apt_auth-test-suit_gpg-package-ok_Release.gpg | 7 ++ test/authReliability/sources.list.failure | 2 + test/pre-upload-check.py | 94 +++++++++++++++++++++- 8 files changed, 183 insertions(+), 3 deletions(-) create mode 100644 test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages create mode 100644 test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release create mode 100644 test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg create mode 100644 test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages create mode 100644 test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release create mode 100644 test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg create mode 100644 test/authReliability/sources.list.failure (limited to 'test') diff --git a/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages new file mode 100644 index 000000000..3e7265438 --- /dev/null +++ b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages @@ -0,0 +1,25 @@ +Package: libglib2.0-data +Priority: optional +Section: misc +Installed-Size: 2288 +Maintainer: Ubuntu Desktop Team +Original-Maintainer: Loic Minier +Architecture: all +Source: glib2.0 +Version: 2.13.6-1ubuntu1 +Replaces: libglib1.3, libglib1.3-data +Depends: libglib2.0-0 (>= 2.13.6-1ubuntu1) +Conflicts: libglib1.3-data +Filename: ./libglib2.0-data_2.13.6-1ubuntu1_all.deb +Size: 958 +MD5sum: 803fc5e2e31a4345b3e9c771e1eae49f +SHA1: 75b2c62b21bae60c58e694dd40ed6d4df946e304 +SHA256: 142d8466eac252f06bc957d76fe1bb87f86f2d3512b99c8d4b08c1ad79fbe59e +Description: Common files for GLib library + GLib is a library containing many useful C routines for things such + as trees, hashes, lists, and strings. It is a useful general-purpose + C library used by projects such as GTK+, GIMP, and GNOME. + . + This package is needed for the runtime libraries to display messages in + languages other than English. + diff --git a/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release new file mode 100644 index 000000000..7ecd4cd19 --- /dev/null +++ b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release @@ -0,0 +1,13 @@ +Date: Fri, 27 Jul 2007 14:39:41 UTC +MD5Sum: + 4672dadea6a144839f823c9f3d5fd44b 934 Packages + 82ebcf09a8d78a2b9cf7759349da4936 603 Packages.gz + d41d8cd98f00b204e9800998ecf8427e 0 Release +SHA1: + fa0f294aa30789529371066b10e9497be1284d26 934 Packages + f4032808663b2810d87b4a4dab6f5ae4a1e8fa8e 603 Packages.gz + da39a3ee5e6b4b0d3255bfef95601890afd80709 0 Release +SHA256: + 92c9b605480dc74e6be79c0ddc24738bfcbd6dd3148af531acd68717de528049 934 Packages + 659ccc0d07ff21f0247f9fa5abe149221c90d5e17da52c7afddb035b93c23d39 603 Packages.gz + e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 Release diff --git a/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg new file mode 100644 index 000000000..85c356e6f --- /dev/null +++ b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.6 (GNU/Linux) + +iD8DBQBGqgOwliSD4VZixzQRAs6jAJ9p7Aiob9gzkUNCtoW8UPrBo0E/YwCdEaz0 +CQJszU6fRYX5jGWXSWzfc5c= +=ugH0 +-----END PGP SIGNATURE----- diff --git a/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages new file mode 100644 index 000000000..3e7265438 --- /dev/null +++ b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages @@ -0,0 +1,25 @@ +Package: libglib2.0-data +Priority: optional +Section: misc +Installed-Size: 2288 +Maintainer: Ubuntu Desktop Team +Original-Maintainer: Loic Minier +Architecture: all +Source: glib2.0 +Version: 2.13.6-1ubuntu1 +Replaces: libglib1.3, libglib1.3-data +Depends: libglib2.0-0 (>= 2.13.6-1ubuntu1) +Conflicts: libglib1.3-data +Filename: ./libglib2.0-data_2.13.6-1ubuntu1_all.deb +Size: 958 +MD5sum: 803fc5e2e31a4345b3e9c771e1eae49f +SHA1: 75b2c62b21bae60c58e694dd40ed6d4df946e304 +SHA256: 142d8466eac252f06bc957d76fe1bb87f86f2d3512b99c8d4b08c1ad79fbe59e +Description: Common files for GLib library + GLib is a library containing many useful C routines for things such + as trees, hashes, lists, and strings. It is a useful general-purpose + C library used by projects such as GTK+, GIMP, and GNOME. + . + This package is needed for the runtime libraries to display messages in + languages other than English. + diff --git a/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release new file mode 100644 index 000000000..7ecd4cd19 --- /dev/null +++ b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release @@ -0,0 +1,13 @@ +Date: Fri, 27 Jul 2007 14:39:41 UTC +MD5Sum: + 4672dadea6a144839f823c9f3d5fd44b 934 Packages + 82ebcf09a8d78a2b9cf7759349da4936 603 Packages.gz + d41d8cd98f00b204e9800998ecf8427e 0 Release +SHA1: + fa0f294aa30789529371066b10e9497be1284d26 934 Packages + f4032808663b2810d87b4a4dab6f5ae4a1e8fa8e 603 Packages.gz + da39a3ee5e6b4b0d3255bfef95601890afd80709 0 Release +SHA256: + 92c9b605480dc74e6be79c0ddc24738bfcbd6dd3148af531acd68717de528049 934 Packages + 659ccc0d07ff21f0247f9fa5abe149221c90d5e17da52c7afddb035b93c23d39 603 Packages.gz + e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 Release diff --git a/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg new file mode 100644 index 000000000..85c356e6f --- /dev/null +++ b/test/authReliability/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.6 (GNU/Linux) + +iD8DBQBGqgOwliSD4VZixzQRAs6jAJ9p7Aiob9gzkUNCtoW8UPrBo0E/YwCdEaz0 +CQJszU6fRYX5jGWXSWzfc5c= +=ugH0 +-----END PGP SIGNATURE----- diff --git a/test/authReliability/sources.list.failure b/test/authReliability/sources.list.failure new file mode 100644 index 000000000..110f31884 --- /dev/null +++ b/test/authReliability/sources.list.failure @@ -0,0 +1,2 @@ +deb http://people.ubuntu.com/~mvo/apt/auth-test-suit/gpg-package-broken/ / + diff --git a/test/pre-upload-check.py b/test/pre-upload-check.py index 268b3d672..75a726808 100755 --- a/test/pre-upload-check.py +++ b/test/pre-upload-check.py @@ -4,6 +4,8 @@ import sys import os import glob import os.path +import shutil +import time from subprocess import call, PIPE import unittest @@ -11,7 +13,92 @@ import unittest stdout = os.open("/dev/null",0) #sys.stdout stderr = os.open("/dev/null",0) # sys.stderr -apt_args = [] # ["-o","Debug::pkgAcquire::Auth=true"] +apt_args = [] +#apt_args = ["-o","Debug::pkgAcquire::Auth=true"] + +class testAptAuthenticationReliability(unittest.TestCase): + """ + test if the spec https://wiki.ubuntu.com/AptAuthenticationReliability + is properly implemented + """ + apt = "../bin/apt-get" + + def setUp(self): + pass + def testRepositorySigFailure(self): + """ + test if a repository that used to be authenticated and fails on + apt-get update refuses to update and uses the old state + """ + # copy valid signatures into lists (those are ok, even + # if the name is "-broken-" ... + for f in glob.glob("./authReliability/lists/*"): + shutil.copy(f,"/var/lib/apt/lists") + # ensure we do *not* get a I-M-S hit + os.utime("/var/lib/apt/lists/%s" % os.path.basename(f), (0,0)) + res = call([self.apt, + "update", + "-o","Dir::Etc::sourcelist=./authReliability/sources.list.failure" + ] + apt_args, + stdout=stdout, stderr=stderr) + self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg"), + "The gpg file disappeared, this should not happen") + self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages"), + "The Packages file disappeared, this should not happen") + # the same with i-m-s hit this time + for f in glob.glob("./authReliability/lists/*"): + shutil.copy(f,"/var/lib/apt/lists") + os.utime("/var/lib/apt/lists/%s" % os.path.basename(f), (time.time(),time.time())) + res = call([self.apt, + "update", + "-o","Dir::Etc::sourcelist=./authReliability/sources.list.failure" + ] + apt_args, + stdout=stdout, stderr=stderr) + self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg"), + "The gpg file disappeared, this should not happen") + self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages"), + "The Packages file disappeared, this should not happen") + def testRepositorySigGood(self): + """ + test that a regular repository with good data stays good + """ + res = call([self.apt, + "update", + "-o","Dir::Etc::sourcelist=./authReliability/sources.list.good" + ] + apt_args, + stdout=stdout, stderr=stderr) + self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg"), + "The gpg file disappeared, this should not happen") + self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages"), + "The Packages file disappeared, this should not happen") + # test good is still good after non I-M-S hit and a previous files in lists/ + for f in glob.glob("./authReliability/lists/*"): + shutil.copy(f,"/var/lib/apt/lists") + # ensure we do *not* get a I-M-S hit + os.utime("/var/lib/apt/lists/%s" % os.path.basename(f), (0,0)) + res = call([self.apt, + "update", + "-o","Dir::Etc::sourcelist=./authReliability/sources.list.good" + ] + apt_args, + stdout=stdout, stderr=stderr) + self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg"), + "The gpg file disappeared, this should not happen") + self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages"), + "The Packages file disappeared, this should not happen") + # test good is still good after I-M-S hit + for f in glob.glob("./authReliability/lists/*"): + shutil.copy(f,"/var/lib/apt/lists") + # ensure we do get a I-M-S hit + os.utime("/var/lib/apt/lists/%s" % os.path.basename(f), (time.time(),time.time())) + res = call([self.apt, + "update", + "-o","Dir::Etc::sourcelist=./authReliability/sources.list.good" + ] + apt_args, + stdout=stdout, stderr=stderr) + self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg"), + "The gpg file disappeared, this should not happen") + self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages"), + "The Packages file disappeared, this should not happen") class testAuthentication(unittest.TestCase): @@ -149,6 +236,7 @@ if __name__ == "__main__": if len(sys.argv) > 1 and sys.argv[1] == "-v": stdout = sys.stdout stderr = sys.stderr + + # run only one for now + #unittest.main(defaultTest="testAptAuthenticationReliability") unittest.main() - - -- cgit v1.2.3 From f3224a73ec718a5f4e4404cd716e4b7c2702bb8b Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 2 Jan 2008 13:50:56 +0100 Subject: test/authReliability/sources.list.good: - add missing file to make the test/pre-upload-check.py work again apt-pkg/acquire-item.cc: - fix auth-reliable code when file:// uris are used test/pre-upload-check.py: - use the standard apt, not "../bin/apt-get" by default - make the error messages more useful on test-failure --- test/authReliability/sources.list.good | 2 ++ test/pre-upload-check.py | 7 ++++--- 2 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 test/authReliability/sources.list.good (limited to 'test') diff --git a/test/authReliability/sources.list.good b/test/authReliability/sources.list.good new file mode 100644 index 000000000..2e9a4458a --- /dev/null +++ b/test/authReliability/sources.list.good @@ -0,0 +1,2 @@ +deb http://people.ubuntu.com/~mvo/apt/auth-test-suit/gpg-package-ok/ / + diff --git a/test/pre-upload-check.py b/test/pre-upload-check.py index 75a726808..ca44ec726 100755 --- a/test/pre-upload-check.py +++ b/test/pre-upload-check.py @@ -21,7 +21,8 @@ class testAptAuthenticationReliability(unittest.TestCase): test if the spec https://wiki.ubuntu.com/AptAuthenticationReliability is properly implemented """ - apt = "../bin/apt-get" + #apt = "../bin/apt-get" + apt = "apt-get" def setUp(self): pass @@ -68,7 +69,7 @@ class testAptAuthenticationReliability(unittest.TestCase): ] + apt_args, stdout=stdout, stderr=stderr) self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg"), - "The gpg file disappeared, this should not happen") + "The gpg file disappeared after a regular download, this should not happen") self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages"), "The Packages file disappeared, this should not happen") # test good is still good after non I-M-S hit and a previous files in lists/ @@ -82,7 +83,7 @@ class testAptAuthenticationReliability(unittest.TestCase): ] + apt_args, stdout=stdout, stderr=stderr) self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg"), - "The gpg file disappeared, this should not happen") + "The gpg file disappeared after a I-M-S hit, this should not happen") self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages"), "The Packages file disappeared, this should not happen") # test good is still good after I-M-S hit -- cgit v1.2.3 From 5d149bfc7f34bc39e0edf8d9d98786cadefeeedf Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Mon, 4 Feb 2008 14:15:17 +0100 Subject: add APT::Update::Auth-Failure script --- test/pre-upload-check.py | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'test') diff --git a/test/pre-upload-check.py b/test/pre-upload-check.py index ca44ec726..de43122ce 100755 --- a/test/pre-upload-check.py +++ b/test/pre-upload-check.py @@ -25,7 +25,8 @@ class testAptAuthenticationReliability(unittest.TestCase): apt = "apt-get" def setUp(self): - pass + if os.path.exists("/tmp/autFailure"): + os.unlink("/tmp/authFailure"); def testRepositorySigFailure(self): """ test if a repository that used to be authenticated and fails on @@ -39,26 +40,33 @@ class testAptAuthenticationReliability(unittest.TestCase): os.utime("/var/lib/apt/lists/%s" % os.path.basename(f), (0,0)) res = call([self.apt, "update", - "-o","Dir::Etc::sourcelist=./authReliability/sources.list.failure" + "-o","Dir::Etc::sourcelist=./authReliability/sources.list.failure", + "-o",'APT::Update::Auth-Failure::=touch /tmp/authFailure', ] + apt_args, stdout=stdout, stderr=stderr) self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg"), "The gpg file disappeared, this should not happen") self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages"), "The Packages file disappeared, this should not happen") + self.assert_(os.path.exists("/tmp/authFailure"), + "The APT::Update::Auth-Failure script did not run") + os.unlink("/tmp/authFailure"); # the same with i-m-s hit this time for f in glob.glob("./authReliability/lists/*"): shutil.copy(f,"/var/lib/apt/lists") os.utime("/var/lib/apt/lists/%s" % os.path.basename(f), (time.time(),time.time())) res = call([self.apt, "update", - "-o","Dir::Etc::sourcelist=./authReliability/sources.list.failure" + "-o","Dir::Etc::sourcelist=./authReliability/sources.list.failure", + "-o",'APT::Update::Auth-Failure::=touch /tmp/authFailure', ] + apt_args, stdout=stdout, stderr=stderr) self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg"), "The gpg file disappeared, this should not happen") self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages"), "The Packages file disappeared, this should not happen") + self.assert_(os.path.exists("/tmp/authFailure"), + "The APT::Update::Auth-Failure script did not run") def testRepositorySigGood(self): """ test that a regular repository with good data stays good @@ -239,5 +247,5 @@ if __name__ == "__main__": stderr = sys.stderr # run only one for now - #unittest.main(defaultTest="testAptAuthenticationReliability") - unittest.main() + unittest.main(defaultTest="testAptAuthenticationReliability") + #unittest.main() -- cgit v1.2.3 From d54385388a0773fada9e44c5d1cf020488047884 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 8 Feb 2008 14:30:39 +0100 Subject: make the test-suit more reliable --- test/pre-upload-check.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'test') diff --git a/test/pre-upload-check.py b/test/pre-upload-check.py index de43122ce..9c2e1916c 100755 --- a/test/pre-upload-check.py +++ b/test/pre-upload-check.py @@ -27,6 +27,8 @@ class testAptAuthenticationReliability(unittest.TestCase): def setUp(self): if os.path.exists("/tmp/autFailure"): os.unlink("/tmp/authFailure"); + if os.path.exists("/tmp/autFailure2"): + os.unlink("/tmp/authFailure2"); def testRepositorySigFailure(self): """ test if a repository that used to be authenticated and fails on @@ -49,8 +51,7 @@ class testAptAuthenticationReliability(unittest.TestCase): self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages"), "The Packages file disappeared, this should not happen") self.assert_(os.path.exists("/tmp/authFailure"), - "The APT::Update::Auth-Failure script did not run") - os.unlink("/tmp/authFailure"); + "The APT::Update::Auth-Failure script did not run (1)") # the same with i-m-s hit this time for f in glob.glob("./authReliability/lists/*"): shutil.copy(f,"/var/lib/apt/lists") @@ -58,15 +59,15 @@ class testAptAuthenticationReliability(unittest.TestCase): res = call([self.apt, "update", "-o","Dir::Etc::sourcelist=./authReliability/sources.list.failure", - "-o",'APT::Update::Auth-Failure::=touch /tmp/authFailure', + "-o",'APT::Update::Auth-Failure::=touch /tmp/authFailure2', ] + apt_args, stdout=stdout, stderr=stderr) self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg"), "The gpg file disappeared, this should not happen") self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages"), "The Packages file disappeared, this should not happen") - self.assert_(os.path.exists("/tmp/authFailure"), - "The APT::Update::Auth-Failure script did not run") + self.assert_(os.path.exists("/tmp/authFailure2"), + "The APT::Update::Auth-Failure script did not run (2)") def testRepositorySigGood(self): """ test that a regular repository with good data stays good -- cgit v1.2.3