blob: 3a6897b5927b1e63b349176b265d2e19d4615c2f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
#!/bin/sh
set -e
TESTDIR=$(readlink -f $(dirname $0))
. $TESTDIR/framework
setupenvironment
configarchitecture 'i386'
insertpackage 'unstable' 'foo' 'all' '1'
setupaptarchive --no-update
changetohttpswebserver --authorization="$(printf '%s' 'star:hunter2' | base64 )"
echo 'See, when YOU type hunter2, it shows to us as *******' > aptarchive/bash
testauthfailure() {
testfailure apthelper download-file "${1}/bash" ./downloaded/bash
# crappy test, but http and https output are wastely different…
testsuccess grep 401 rootdir/tmp/testfailure.output
testfailure test -s ./downloaded/bash
}
testauthsuccess() {
testsuccess apthelper download-file "${1}/bash" ./downloaded/bash
testfileequal ./downloaded/bash "$(cat aptarchive/bash)"
testfilestats ./downloaded/bash '%U:%G:%a' '=' "${TEST_DEFAULT_USER}:${TEST_DEFAULT_GROUP}:644"
rm -f ./downloaded/bash
# lets see if got/retains acceptable permissions
if [ -n "$AUTHCONF" ]; then
if [ "$(id -u)" = '0' ]; then
testfilestats "$AUTHCONF" '%U:%G:%a' '=' "_apt:root:600"
else
testfilestats "$AUTHCONF" '%U:%G:%a' '=' "${TEST_DEFAULT_USER}:${TEST_DEFAULT_GROUP}:600"
fi
fi
rm -rf rootdir/var/lib/apt/lists
testsuccess aptget update
testsuccessequal 'Reading package lists...
Building dependency tree...
The following NEW packages will be installed:
foo
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Inst foo (1 unstable [all])
Conf foo (1 unstable [all])' aptget install foo -s
}
authfile() {
local AUTHCONF='rootdir/etc/apt/auth.conf'
rm -f "$AUTHCONF"
printf '%s' "$1" > "$AUTHCONF"
chmod 600 "$AUTHCONF"
}
runtest() {
# unauthorized fails
authfile ''
testauthfailure "$1"
# good auth
authfile 'machine localhost
login star
password hunter2'
testauthsuccess "$1"
# bad auth
authfile 'machine localhost
login anonymous
password hunter2'
testauthfailure "$1"
# 2 stanzas: unmatching + good auth
authfile 'machine debian.org
login debian
password jessie
machine localhost
login star
password hunter2'
testauthsuccess "$1"
}
msgmsg 'server basic auth'
rewritesourceslist 'http://localhost:8080'
runtest 'http://localhost:8080'
rewritesourceslist 'https://localhost:4433'
runtest 'https://localhost:4433'
rewritesourceslist 'http://localhost:8080'
msgmsg 'proxy to server basic auth'
webserverconfig 'aptwebserver::request::absolute' 'uri'
export http_proxy='http://localhost:8080'
runtest 'http://localhost:8080'
unset http_proxy
msgmsg 'proxy basic auth to server basic auth'
webserverconfig 'aptwebserver::proxy-authorization' "$(printf 'moon:deer2' | base64)"
export http_proxy='http://moon:deer2@localhost:8080'
runtest 'http://localhost:8080'
msgmsg 'proxy basic auth to server'
authfile ''
webserverconfig 'aptwebserver::authorization' ''
testauthsuccess 'http://localhost:8080'
|