blob: 1894c3adfeafb8c15c0e27c1a859f658943de115 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
|
#!/bin/sh
set -e
TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"
setupenvironment
configarchitecture 'amd64'
insertpackage 'unstable' 'unrelated' 'all' '0.5~squeeze1'
insertpackage 'unstable' 'unrelated2' 'amd64' '0.5~squeeze1'
insertsource 'unstable' 'unrelated' 'all' '0.5~squeeze1'
export APT_DONT_SIGN=""
setupaptarchive --no-update
logcurrentarchivedirectory
changetowebserver
runtest() {
local APTOPT=""
if [ -n "$1" ]; then
APTOPT='--allow-insecure-repositories'
else
APTOPT='--no-allow-insecure-repositories'
fi
rm -rf rootdir/var/lib/apt/lists/
local TEST="test${1:-success}"
$TEST aptget update $APTOPT -o Debug::pkgAcquire::Worker=1
if [ "$1" = 'failure' ]; then
# accept the outdated Release file so we can check Hit behaviour
"test${2:-success}" aptget update -o Acquire::Min-ValidTime=9999999 $APTOPT
fi
listcurrentlistsdirectory > listsdir.lst
testsuccess grep '_Packages\(\.[0-9a-z]\+\)\?$' listsdir.lst
testsuccess grep '_Sources\(\.[0-9a-z]\+\)\?$' listsdir.lst
testsuccess grep '_Translation-en\(\.[0-9a-z]\+\)\?$' listsdir.lst
# ensure no leftovers in partial
testfailure ls 'rootdir/var/lib/apt/lists/partial/*'
# check that I-M-S header is kept in redirections
echo "$EXPECT" | sed -e 's#(invalid since [^)]\+)#(invalid since)#' > expected.output
$TEST aptget update -o Debug::pkgAcquire::Worker=0 -o Debug::Acquire::http=0 $APTOPT
sed -i -e 's#(invalid since [^)]\+)#(invalid since)#' rootdir/tmp/${TEST}.output
testequal "$(cat expected.output)" cat rootdir/tmp/${TEST}.output
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
# ensure that we still do a hash check for other files on ims hit of Release
if grep -q '^Hit:[0-9]\+ .* InRelease$' expected.output || ! grep -q '^Ign:[0-9]\+ .* Release\(\.gpg\)\?$' expected.output; then
$TEST aptget update -o Debug::Acquire::gpgv=1 $APTOPT
cp rootdir/tmp/${TEST}.output goodsign.output
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
testsuccess grep '^Got GOODSIG ' goodsign.output
fi
# ensure no leftovers in partial
testfailure ls 'rootdir/var/lib/apt/lists/partial/*'
}
msgmsg 'InRelease'
EXPECT="Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease
Reading package lists..."
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest
msgmsg 'Release/Release.gpg'
EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
404 Not Found
Hit:2 http://localhost:${APTHTTPPORT} unstable Release
Reading package lists..."
find aptarchive -name 'InRelease' -delete
logcurrentarchivedirectory
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest
msgmsg 'Release only'
EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
404 Not Found
Hit:2 http://localhost:${APTHTTPPORT} unstable Release
Ign:3 http://localhost:${APTHTTPPORT} unstable Release.gpg
404 Not Found
Reading package lists...
W: The repository 'http://localhost:${APTHTTPPORT} unstable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details."
find aptarchive -name 'Release.gpg' -delete
logcurrentarchivedirectory
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'warning'
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'warning'
# make the release file old
find aptarchive -name '*Release' -exec sed -i \
-e "s#^Date: .*\$#Date: $(date -ud '-2 weeks' '+%a, %d %b %Y %H:%M:%S %Z')#" \
-e '/^Valid-Until: / d' -e "/^Date: / a\
Valid-Until: $(date -ud '-1 weeks' '+%a, %d %b %Y %H:%M:%S %Z')" '{}' \;
signreleasefiles
logcurrentarchivedirectory
msgmsg 'expired InRelease'
EXPECT="Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease
Reading package lists...
E: Release file for http://localhost:${APTHTTPPORT}/dists/unstable/InRelease is expired (invalid since). Updates for this repository will not be applied."
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure'
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure'
msgmsg 'expired Release/Release.gpg'
EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
404 Not Found
Hit:2 http://localhost:${APTHTTPPORT} unstable Release
Reading package lists...
E: Release file for http://localhost:${APTHTTPPORT}/dists/unstable/Release is expired (invalid since). Updates for this repository will not be applied."
find aptarchive -name 'InRelease' -delete
logcurrentarchivedirectory
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure'
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure'
msgmsg 'expired Release only'
EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
404 Not Found
Hit:2 http://localhost:${APTHTTPPORT} unstable Release
Ign:3 http://localhost:${APTHTTPPORT} unstable Release.gpg
404 Not Found
Reading package lists...
W: The repository 'http://localhost:${APTHTTPPORT} unstable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Release file for http://localhost:${APTHTTPPORT}/dists/unstable/Release is expired (invalid since). Updates for this repository will not be applied."
find aptarchive -name 'Release.gpg' -delete
logcurrentarchivedirectory
echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure' 'warning'
echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'failure' 'warning'
msgmsg 'no Release at all'
EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
404 Not Found
Ign:2 http://localhost:${APTHTTPPORT} unstable Release
404 Not Found
Ign:3 http://localhost:${APTHTTPPORT} unstable/main Sources
404 Not Found
Ign:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
404 Not Found
Ign:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
404 Not Found
Ign:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
404 Not Found
Ign:3 http://localhost:${APTHTTPPORT} unstable/main Sources
404 Not Found
Ign:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
404 Not Found
Ign:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
404 Not Found
Ign:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
404 Not Found
Ign:3 http://localhost:${APTHTTPPORT} unstable/main Sources
404 Not Found
Ign:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
404 Not Found
Ign:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
404 Not Found
Ign:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
404 Not Found
Hit:3 http://localhost:${APTHTTPPORT} unstable/main Sources
Hit:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
Hit:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
Hit:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
Reading package lists...
W: The repository 'http://localhost:${APTHTTPPORT} unstable Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details."
find aptarchive -name '*Release*' -delete
logcurrentarchivedirectory
echo 'Acquire::GzipIndexes "0";
Acquire::PDiffs "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'warning'
echo 'Acquire::GzipIndexes "1";
Acquire::PDiffs "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
runtest 'warning'
|