]>
Commit | Line | Data |
---|---|---|
9082a1fc DK |
1 | #!/bin/sh |
2 | set -e | |
3 | ||
4 | TESTDIR=$(readlink -f $(dirname $0)) | |
5 | . $TESTDIR/framework | |
6 | ||
7 | setupenvironment | |
8 | configarchitecture "i386" | |
9 | ||
10 | buildsimplenativepackage 'apt' 'all' '1.0' 'stable' | |
11 | ||
12 | # setup http redirecting to https | |
13 | setupaptarchive --no-update | |
14 | changetowebserver -o 'aptwebserver::redirect::replace::/redirectme/=https://localhost:4433/' \ | |
889b0072 | 15 | -o 'aptwebserver::redirect::replace::/downgrademe/=http://localhost:8080/' \ |
9082a1fc DK |
16 | -o 'aptwebserver::support::http=false' |
17 | changetohttpswebserver | |
18 | sed -i -e 's#:4433/#:8080/redirectme#' -e 's# https:# http:#' rootdir/etc/apt/sources.list.d/* | |
19 | ||
20 | testsuccess aptget update -o Debug::Acquire::http=1 -o Debug::Acquire::https=1 -o Debug::pkgAcquire::Worker=1 | |
21 | ||
22 | msgtest 'Test that the webserver does not answer' 'http requests' | |
dc95fee1 | 23 | downloadfile 'http://localhost:8080/pool/apt_1.0/changelog' changelog >/dev/null 2>&1 && msgfail || msgpass |
9082a1fc DK |
24 | |
25 | echo 'Apt::Changelogs::Server "http://localhost:8080/redirectme";' > rootdir/etc/apt/apt.conf.d/changelog.conf | |
26 | testequal "'http://localhost:8080/redirectme/pool/apt_1.0/changelog'" aptget changelog apt --print-uris | |
27 | ||
03aa0847 | 28 | cd downloaded |
9082a1fc DK |
29 | testsuccess aptget changelog apt -d |
30 | testsuccess test -s apt.changelog | |
31 | rm -f apt.changelog | |
32 | ||
33 | testsuccess aptget download apt | |
34 | testsuccess test -s apt_1.0_all.deb | |
35 | rm apt_1.0_all.deb | |
03aa0847 | 36 | cd - >/dev/null |
9082a1fc DK |
37 | |
38 | testsuccess aptget install apt -y | |
39 | testdpkginstalled 'apt' | |
40 | ||
41 | # create a copy of all methods, expect https | |
42 | eval `aptconfig shell METHODS Dir::Bin::Methods/d` | |
43 | COPYMETHODS='usr/lib/apt/methods' | |
889b0072 | 44 | mv rootdir/${COPYMETHODS} rootdir/${COPYMETHODS}.bak |
9082a1fc DK |
45 | mkdir -p rootdir/$COPYMETHODS |
46 | cd rootdir/$COPYMETHODS | |
47 | find $METHODS \! -type d | while read meth; do | |
48 | ln -s $meth | |
49 | done | |
50 | rm https | |
51 | cd - >/dev/null | |
52 | echo "Dir::Bin::Methods \"${COPYMETHODS}\";" >> aptconfig.conf | |
53 | ||
03aa0847 DK |
54 | cd downloaded |
55 | testequal "E: The method driver $(readlink -f './../')/rootdir/usr/lib/apt/methods/https could not be found. | |
68ba0b7f | 56 | N: Is the package apt-transport-https installed?" aptget download apt -q=0 |
e52aad52 | 57 | testfailure test -e apt_1.0_all.deb |
03aa0847 | 58 | cd - >/dev/null |
889b0072 DK |
59 | |
60 | # revert to all methods | |
61 | rm -rf rootdir/$COPYMETHODS | |
62 | mv rootdir/${COPYMETHODS}.bak rootdir/${COPYMETHODS} | |
63 | ||
64 | # check that downgrades from https to http are not allowed | |
65 | webserverconfig 'aptwebserver::support::http' 'true' | |
66 | sed -i -e 's#:8080/redirectme#:4433/downgrademe#' -e 's# http:# https:#' rootdir/etc/apt/sources.list.d/* | |
c99fe2e1 | 67 | testfailure aptget update --allow-insecure-repositories |