#!/bin/sh
set -e

TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"
setupenvironment
configarchitecture 'amd64'

insertpackage 'unstable' 'unrelated' 'all' '0.5~squeeze1'
insertpackage 'unstable' 'unrelated2' 'amd64' '0.5~squeeze1'
insertsource 'unstable' 'unrelated' 'all' '0.5~squeeze1'

export APT_DONT_SIGN=""
setupaptarchive --no-update
logcurrentarchivedirectory
changetowebserver

runtest() {
    local APTOPT=""
    if [ -n "$1" ]; then
	APTOPT='--allow-insecure-repositories'
    else
	APTOPT='--no-allow-insecure-repositories'
    fi

    rm -rf rootdir/var/lib/apt/lists/

    local TEST="test${1:-success}"
    $TEST aptget update $APTOPT -o Debug::pkgAcquire::Worker=1
    if [ "$1" = 'failure' ]; then
	# accept the outdated Release file so we can check Hit behaviour
	"test${2:-success}" aptget update -o Acquire::Min-ValidTime=9999999 $APTOPT
    fi
    listcurrentlistsdirectory > listsdir.lst
    testsuccess grep '_Packages\(\.[0-9a-z]\+\)\?$' listsdir.lst
    testsuccess grep '_Sources\(\.[0-9a-z]\+\)\?$' listsdir.lst
    testsuccess grep '_Translation-en\(\.[0-9a-z]\+\)\?$' listsdir.lst

    # ensure no leftovers in partial
    testfailure ls 'rootdir/var/lib/apt/lists/partial/*'

    # check that I-M-S header is kept in redirections
    echo "$EXPECT" | sed -e 's#(invalid since [^)]\+)#(invalid since)#' > expected.output
    $TEST aptget update  -o Debug::pkgAcquire::Worker=0 -o Debug::Acquire::http=0 $APTOPT
    sed -i -e 's#(invalid since [^)]\+)#(invalid since)#' rootdir/tmp/${TEST}.output
    testequal "$(cat expected.output)" cat rootdir/tmp/${TEST}.output
    testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"

    # ensure that we still do a hash check for other files on ims hit of Release
    if grep -q '^Hit:[0-9]\+ .* InRelease$' expected.output || ! grep -q '^Ign:[0-9]\+ .* Release\(\.gpg\)\?$' expected.output; then
	    $TEST aptget update -o Debug::Acquire::gpgv=1 $APTOPT
	    cp rootdir/tmp/${TEST}.output goodsign.output
	    testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
	    testsuccess grep '^Got GOODSIG ' goodsign.output
    fi

    # ensure no leftovers in partial
    testfailure ls 'rootdir/var/lib/apt/lists/partial/*'
}

msgmsg 'InRelease'
EXPECT="Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease
Reading package lists..."
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest

msgmsg 'Release/Release.gpg'
EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
  404  Not Found
Hit:2 http://localhost:${APTHTTPPORT} unstable Release
Reading package lists..."
find aptarchive -name 'InRelease' -delete
logcurrentarchivedirectory
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest

msgmsg 'Release only'
EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
  404  Not Found
Hit:2 http://localhost:${APTHTTPPORT} unstable Release
Ign:3 http://localhost:${APTHTTPPORT} unstable Release.gpg
  404  Not Found
Reading package lists...
W: The repository 'http://localhost:${APTHTTPPORT} unstable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details."
find aptarchive -name 'Release.gpg' -delete
logcurrentarchivedirectory
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'warning'
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'warning'


# make the release file old
find aptarchive -name '*Release' -exec sed -i \
	-e "s#^Date: .*\$#Date: $(date -ud '-2 weeks' '+%a, %d %b %Y %H:%M:%S %Z')#" \
	-e '/^Valid-Until: / d' -e "/^Date: / a\
Valid-Until: $(date -ud '-1 weeks' '+%a, %d %b %Y %H:%M:%S %Z')" '{}' \;
signreleasefiles
logcurrentarchivedirectory

msgmsg 'expired InRelease'
EXPECT="Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease
Reading package lists...
E: Release file for http://localhost:${APTHTTPPORT}/dists/unstable/InRelease is expired (invalid since). Updates for this repository will not be applied."
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure'
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure'

msgmsg 'expired Release/Release.gpg'
EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
  404  Not Found
Hit:2 http://localhost:${APTHTTPPORT} unstable Release
Reading package lists...
E: Release file for http://localhost:${APTHTTPPORT}/dists/unstable/Release is expired (invalid since). Updates for this repository will not be applied."
find aptarchive -name 'InRelease' -delete
logcurrentarchivedirectory
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure'
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure'

msgmsg 'expired Release only'
EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
  404  Not Found
Hit:2 http://localhost:${APTHTTPPORT} unstable Release
Ign:3 http://localhost:${APTHTTPPORT} unstable Release.gpg
  404  Not Found
Reading package lists...
W: The repository 'http://localhost:${APTHTTPPORT} unstable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Release file for http://localhost:${APTHTTPPORT}/dists/unstable/Release is expired (invalid since). Updates for this repository will not be applied."
find aptarchive -name 'Release.gpg' -delete
logcurrentarchivedirectory
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure' 'warning'
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure' 'warning'


msgmsg 'no Release at all'
EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
  404  Not Found
Ign:2 http://localhost:${APTHTTPPORT} unstable Release
  404  Not Found
Ign:3 http://localhost:${APTHTTPPORT} unstable/main Sources
  404  Not Found
Ign:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
  404  Not Found
Ign:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
  404  Not Found
Ign:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
  404  Not Found
Ign:3 http://localhost:${APTHTTPPORT} unstable/main Sources
  404  Not Found
Ign:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
  404  Not Found
Ign:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
  404  Not Found
Ign:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
  404  Not Found
Ign:3 http://localhost:${APTHTTPPORT} unstable/main Sources
  404  Not Found
Ign:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
  404  Not Found
Ign:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
  404  Not Found
Ign:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
  404  Not Found
Hit:3 http://localhost:${APTHTTPPORT} unstable/main Sources
Hit:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
Hit:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
Hit:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
Reading package lists...
W: The repository 'http://localhost:${APTHTTPPORT} unstable Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details."
find aptarchive -name '*Release*' -delete
logcurrentarchivedirectory
echo 'Acquire::GzipIndexes "0";
Acquire::PDiffs "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'warning'
echo 'Acquire::GzipIndexes "1";
Acquire::PDiffs "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'warning'