]> git.saurik.com Git - apt.git/blame - test/integration/test-apt-update-file
ignore Acquire::GzipIndexes for cdrom sources
[apt.git] / test / integration / test-apt-update-file
CommitLineData
daff4aa3
MV
1#!/bin/sh
2#
3# Ensure that we do not modify file:/// uris (regression test for
4# CVE-2014-0487
5#
6set -e
7
8TESTDIR=$(readlink -f $(dirname $0))
9. $TESTDIR/framework
10
11setupenvironment
12configarchitecture "amd64"
13configcompression 'bz2' 'gz'
14
15insertpackage 'unstable' 'foo' 'all' '1.0'
16
daff4aa3
MV
17setupaptarchive --no-update
18
19# ensure the archive is not writable
20chmod 550 aptarchive/dists/unstable/main/binary-amd64
21
22testsuccess aptget update -qq
23testsuccess aptget update -qq
23d0a6fb
MV
24aptget update -qq -o Debug::pkgAcquire::Auth=1 2> output.log
25
26# ensure that the hash of the uncompressed file was verified even on a local
27# ims hit
28canary="SHA512:$(bzcat aptarchive/dists/unstable/main/binary-amd64/Packages.bz2 | sha512sum |cut -f1 -d' ')"
a1380a5c 29grep -q -- "- $canary" output.log
23d0a6fb 30
8b451962
MV
31# foo is still available
32testsuccess aptget install -s foo
daff4aa3
MV
33
34# the cleanup should still work
35chmod 750 aptarchive/dists/unstable/main/binary-amd64
a1380a5c
MV
36
37