]> git.saurik.com Git - apt.git/blame - test/integration/test-bug-738785-switch-protocol
add a testcase to check for forbidden https→http downgrades
[apt.git] / test / integration / test-bug-738785-switch-protocol
CommitLineData
9082a1fc
DK
1#!/bin/sh
2set -e
3
4TESTDIR=$(readlink -f $(dirname $0))
5. $TESTDIR/framework
6
7setupenvironment
8configarchitecture "i386"
9
10buildsimplenativepackage 'apt' 'all' '1.0' 'stable'
11
12# setup http redirecting to https
13setupaptarchive --no-update
14changetowebserver -o 'aptwebserver::redirect::replace::/redirectme/=https://localhost:4433/' \
755d1e4f 15 -o 'aptwebserver::redirect::replace::/downgrademe/=http://localhost:8080/' \
9082a1fc
DK
16 -o 'aptwebserver::support::http=false'
17changetohttpswebserver
18sed -i -e 's#:4433/#:8080/redirectme#' -e 's# https:# http:#' rootdir/etc/apt/sources.list.d/*
19
20testsuccess aptget update -o Debug::Acquire::http=1 -o Debug::Acquire::https=1 -o Debug::pkgAcquire::Worker=1
21
22msgtest 'Test that the webserver does not answer' 'http requests'
dc95fee1 23downloadfile 'http://localhost:8080/pool/apt_1.0/changelog' changelog >/dev/null 2>&1 && msgfail || msgpass
9082a1fc
DK
24
25echo 'Apt::Changelogs::Server "http://localhost:8080/redirectme";' > rootdir/etc/apt/apt.conf.d/changelog.conf
26testequal "'http://localhost:8080/redirectme/pool/apt_1.0/changelog'" aptget changelog apt --print-uris
27
28testsuccess aptget changelog apt -d
29testsuccess test -s apt.changelog
30rm -f apt.changelog
31
32testsuccess aptget download apt
33testsuccess test -s apt_1.0_all.deb
34rm apt_1.0_all.deb
35
36testsuccess aptget install apt -y
37testdpkginstalled 'apt'
38
39# create a copy of all methods, expect https
40eval `aptconfig shell METHODS Dir::Bin::Methods/d`
41COPYMETHODS='usr/lib/apt/methods'
755d1e4f 42mv rootdir/${COPYMETHODS} rootdir/${COPYMETHODS}.bak
9082a1fc
DK
43mkdir -p rootdir/$COPYMETHODS
44cd rootdir/$COPYMETHODS
45find $METHODS \! -type d | while read meth; do
46 ln -s $meth
47done
48rm https
49cd - >/dev/null
50echo "Dir::Bin::Methods \"${COPYMETHODS}\";" >> aptconfig.conf
51
18cce398
DK
52testequal "E: The method driver $(pwd)/rootdir/usr/lib/apt/methods/https could not be found.
53N: Is the package apt-transport-https installed?" aptget download apt -q=0
9082a1fc 54testsuccess test ! -e apt_1.0_all.deb
755d1e4f
DK
55
56# revert to all methods
57rm -rf rootdir/$COPYMETHODS
58mv rootdir/${COPYMETHODS}.bak rootdir/${COPYMETHODS}
59
60# check that downgrades from https to http are not allowed
61webserverconfig 'aptwebserver::support::http' 'true'
62sed -i -e 's#:8080/redirectme#:4433/downgrademe#' -e 's# http:# https:#' rootdir/etc/apt/sources.list.d/*
63testfailure aptget update