[apt.git] / test / integration / test-hashsum-verification

#!/bin/sh
set -e

TESTDIR=$(readlink -f $(dirname $0))
. $TESTDIR/framework

setupenvironment
configarchitecture "i386"

buildaptarchive
setupflataptarchive
changetowebserver

prepare() {
	local DATE="${2:-now}"
	if [ "$DATE" = 'now' -a "$1" = "${PKGFILE}-new" ]; then
		DATE='now + 6 days'
	fi
	for release in $(find rootdir/var/lib/apt/lists 2> /dev/null); do
		touch -d 'now - 6 hours' $release
	done
	cp $1 aptarchive/Packages
	find aptarchive -name 'Release' -delete
	compressfile aptarchive/Packages
        # create Release file with incorret checksums
	cat > aptarchive/Release <<EOF
Date: Fri, 05 Aug 2011 09:22:08 UTC
MD5Sum:
 x15c483ac486f5dbe95095c7ec08626f              760 Packages
 x0579797df4792164a17305fb0b317e9              546 Packages.bz2
 xc532a82873d2206b4e4503e92d167bd              489 Packages.gz
 x4d1d25661377dd4bb95a1736e2624d3              527 Packages.lzma
 xf1cc221194edbaa943d2375d6f44a88              572 Packages.xz
SHA1:
 x0d3317839cf68cd40c28f0bddca8d2ce5a29cad              760 Packages
 xffddf046ad8dfd8338a355d76fb08d143c8b636              546 Packages.bz2
 xa27a3df51ca4474b880a6594c4811957079b613              489 Packages.gz
 x9d7bba4e6fa927a34dcd797694c2893c21f1004              527 Packages.lzma
 x7d988fe59cf67298828e5299a15d329c0f00f1b              572 Packages.xz
SHA256:
 x5a47d72f6b97bfa164b23326b6ad3cb019b5c6cc73769f8c0187616933d1b2b              760 Packages
 x617252f5bfe3e9126352c7c2f8122d9c3b2c5e1a6c8a9616d62adc0ed164172              546 Packages.bz2
 xc6abc6fe9a4fcf0758ec5366dfd19bcba90af026a7017c3f6198c59eccd8ef5              489 Packages.gz
 xb306e66e5e6a7169c8d281a888539d1fdca9cecc99ae605717df579d5b9c166              527 Packages.lzma
 x9585d0e66b74c9385727fbea11fea9ab33c716b18a32f3036f037a2b9b57120              572 Packages.xz
EOF
        cp aptarchive/Release aptarchive/InRelease
}

# fake our downloadable file
touch aptarchive/apt.deb

PKGFILE="${TESTDIR}/$(echo "$(basename $0)" | sed 's#^test-#Packages-#')"

runtest() {
	prepare ${PKGFILE}
	rm -rf rootdir/var/lib/apt/lists
	signreleasefiles 'Joe Sixpack'
	find aptarchive/ -name "$DELETEFILE" -delete

        # test signed release file
        msgtest 'apt-get update gets the expected hashsum mismatch'
	aptget update 2>&1 | grep "Hash Sum mismatch" > /dev/null && msgpass || msgfail
        msgtest 'No package from the source available'
        [ "$(aptcache show apt 2>&1)" = "E: No packages found" ] && msgpass || msgfail
        msgtest 'No Packages file in /var/lib/apt/lists'
        [ "$(ls rootdir/var/lib/apt/lists/*Package* 2>/dev/null | grep -v FAILED 2>/dev/null)" = "" ] && msgpass || msgfail 
        
        # now with the unsigned Release file
        rm -rf rootdir/var/lib/apt/lists
        rm aptarchive/InRelease aptarchive/Release.gpg
        msgtest 'unsigned apt-get update gets the expected hashsum mismatch'
	aptget update --allow-insecure-repositories >output.log 2>&1 || true
        if grep -q "Hash Sum mismatch" output.log; then
            msgpass
        else
            cat output.log
            msgfail
        fi
}

for COMPRESSEDINDEXES in 'false' 'true'; do
	echo "Acquire::GzipIndexes \"$COMPRESSEDINDEXES\";" > rootdir/etc/apt/apt.conf.d/compressindexes
	if $COMPRESSEDINDEXES; then
		msgmsg 'Run tests with GzipIndexes enabled'
	else
		msgmsg 'Run tests with GzipIndexes disabled'
	fi
 
        runtest
done
Commit	Line	Data
515d18c9 MV	1	#!/bin/sh
	2	set -e
	3
	4	TESTDIR=$(readlink -f $(dirname $0))
	5	. $TESTDIR/framework
	6
	7	setupenvironment
	8	configarchitecture "i386"
	9
	10	buildaptarchive
	11	setupflataptarchive
	12	changetowebserver
	13
	14	prepare() {
	15	local DATE="${2:-now}"
	16	if [ "$DATE" = 'now' -a "$1" = "${PKGFILE}-new" ]; then
	17	DATE='now + 6 days'
	18	fi
	19	for release in $(find rootdir/var/lib/apt/lists 2> /dev/null); do
	20	touch -d 'now - 6 hours' $release
	21	done
515d18c9 MV	22	cp $1 aptarchive/Packages
515d18c9 MV	23	find aptarchive -name 'Release' -delete
276e51dd	24	compressfile aptarchive/Packages
515d18c9 MV	25	# create Release file with incorret checksums
	26	cat > aptarchive/Release <<EOF
	27	Date: Fri, 05 Aug 2011 09:22:08 UTC
	28	MD5Sum:
	29	x15c483ac486f5dbe95095c7ec08626f 760 Packages
	30	x0579797df4792164a17305fb0b317e9 546 Packages.bz2
	31	xc532a82873d2206b4e4503e92d167bd 489 Packages.gz
	32	x4d1d25661377dd4bb95a1736e2624d3 527 Packages.lzma
	33	xf1cc221194edbaa943d2375d6f44a88 572 Packages.xz
	34	SHA1:
	35	x0d3317839cf68cd40c28f0bddca8d2ce5a29cad 760 Packages
	36	xffddf046ad8dfd8338a355d76fb08d143c8b636 546 Packages.bz2
	37	xa27a3df51ca4474b880a6594c4811957079b613 489 Packages.gz
	38	x9d7bba4e6fa927a34dcd797694c2893c21f1004 527 Packages.lzma
	39	x7d988fe59cf67298828e5299a15d329c0f00f1b 572 Packages.xz
	40	SHA256:
	41	x5a47d72f6b97bfa164b23326b6ad3cb019b5c6cc73769f8c0187616933d1b2b 760 Packages
	42	x617252f5bfe3e9126352c7c2f8122d9c3b2c5e1a6c8a9616d62adc0ed164172 546 Packages.bz2
	43	xc6abc6fe9a4fcf0758ec5366dfd19bcba90af026a7017c3f6198c59eccd8ef5 489 Packages.gz
	44	xb306e66e5e6a7169c8d281a888539d1fdca9cecc99ae605717df579d5b9c166 527 Packages.lzma
	45	x9585d0e66b74c9385727fbea11fea9ab33c716b18a32f3036f037a2b9b57120 572 Packages.xz
	46	EOF
	47	cp aptarchive/Release aptarchive/InRelease
	48	}
	49
	50	# fake our downloadable file
	51	touch aptarchive/apt.deb
	52
	53	PKGFILE="${TESTDIR}/$(echo "$(basename $0)" \| sed 's#^test-#Packages-#')"
	54
	55	runtest() {
	56	prepare ${PKGFILE}
	57	rm -rf rootdir/var/lib/apt/lists
	58	signreleasefiles 'Joe Sixpack'
	59	find aptarchive/ -name "$DELETEFILE" -delete
	60
	61	# test signed release file
	62	msgtest 'apt-get update gets the expected hashsum mismatch'
	63	aptget update 2>&1 \| grep "Hash Sum mismatch" > /dev/null && msgpass \|\| msgfail
	64	msgtest 'No package from the source available'
	65	[ "$(aptcache show apt 2>&1)" = "E: No packages found" ] && msgpass \|\| msgfail
	66	msgtest 'No Packages file in /var/lib/apt/lists'
ca7fd76c	67	[ "$(ls rootdir/var/lib/apt/lists/Package 2>/dev/null \| grep -v FAILED 2>/dev/null)" = "" ] && msgpass \|\| msgfail
515d18c9	68
3568a640 MV	69	# now with the unsigned Release file
	70	rm -rf rootdir/var/lib/apt/lists
	71	rm aptarchive/InRelease aptarchive/Release.gpg
	72	msgtest 'unsigned apt-get update gets the expected hashsum mismatch'
c99fe2e1	73	aptget update --allow-insecure-repositories >output.log 2>&1 \|\| true
c292cc32 MV	74	if grep -q "Hash Sum mismatch" output.log; then
	75	msgpass
	76	else
	77	cat output.log
	78	msgfail
	79	fi
515d18c9 MV	80	}
515d18c9 MV	81
ca7fd76c MV	82	for COMPRESSEDINDEXES in 'false' 'true'; do
	83	echo "Acquire::GzipIndexes \"$COMPRESSEDINDEXES\";" > rootdir/etc/apt/apt.conf.d/compressindexes
	84	if $COMPRESSEDINDEXES; then
	85	msgmsg 'Run tests with GzipIndexes enabled'
	86	else
	87	msgmsg 'Run tests with GzipIndexes disabled'
	88	fi
	89
	90	runtest
	91	done