| | 1 | #!/bin/sh |
| | 2 | set -e |
| | 3 | |
| | 4 | TESTDIR=$(readlink -f $(dirname $0)) |
| | 5 | . $TESTDIR/framework |
| | 6 | |
| | 7 | setupenvironment |
| | 8 | configarchitecture 'i386' |
| | 9 | |
| | 10 | insertpackage 'unstable' 'foo' 'all' '1' |
| | 11 | setupaptarchive --no-update |
| | 12 | |
| | 13 | changetohttpswebserver --authorization="$(printf '%s' 'star:hunter2' | base64 )" |
| | 14 | |
| | 15 | echo 'See, when YOU type hunter2, it shows to us as *******' > aptarchive/bash |
| | 16 | |
| | 17 | testauthfailure() { |
| | 18 | testfailure apthelper download-file "${1}/bash" ./downloaded/bash |
| | 19 | # crappy test, but http and https output are wastely different… |
| | 20 | testsuccess grep 401 rootdir/tmp/testfailure.output |
| | 21 | testfailure test -s ./downloaded/bash |
| | 22 | } |
| | 23 | |
| | 24 | testauthsuccess() { |
| | 25 | testsuccess apthelper download-file "${1}/bash" ./downloaded/bash |
| | 26 | testfileequal ./downloaded/bash "$(cat aptarchive/bash)" |
| | 27 | testfilestats ./downloaded/bash '%U:%G:%a' '=' "${TEST_DEFAULT_USER}:${TEST_DEFAULT_GROUP}:644" |
| | 28 | rm -f ./downloaded/bash |
| | 29 | |
| | 30 | # lets see if got/retains acceptable permissions |
| | 31 | if [ -n "$AUTHCONF" ]; then |
| | 32 | if [ "$(id -u)" = '0' ]; then |
| | 33 | testfilestats "$AUTHCONF" '%U:%G:%a' '=' "_apt:root:600" |
| | 34 | else |
| | 35 | testfilestats "$AUTHCONF" '%U:%G:%a' '=' "${TEST_DEFAULT_USER}:${TEST_DEFAULT_GROUP}:600" |
| | 36 | fi |
| | 37 | fi |
| | 38 | |
| | 39 | rm -rf rootdir/var/lib/apt/lists |
| | 40 | testsuccess aptget update |
| | 41 | testsuccessequal 'Reading package lists... |
| | 42 | Building dependency tree... |
| | 43 | The following NEW packages will be installed: |
| | 44 | foo |
| | 45 | 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. |
| | 46 | Inst foo (1 unstable [all]) |
| | 47 | Conf foo (1 unstable [all])' aptget install foo -s |
| | 48 | } |
| | 49 | |
| | 50 | authfile() { |
| | 51 | local AUTHCONF='rootdir/etc/apt/auth.conf' |
| | 52 | rm -f "$AUTHCONF" |
| | 53 | printf '%s' "$1" > "$AUTHCONF" |
| | 54 | chmod 600 "$AUTHCONF" |
| | 55 | } |
| | 56 | |
| | 57 | runtest() { |
| | 58 | # unauthorized fails |
| | 59 | authfile '' |
| | 60 | testauthfailure "$1" |
| | 61 | |
| | 62 | # good auth |
| | 63 | authfile 'machine localhost |
| | 64 | login star |
| | 65 | password hunter2' |
| | 66 | testauthsuccess "$1" |
| | 67 | |
| | 68 | # bad auth |
| | 69 | authfile 'machine localhost |
| | 70 | login anonymous |
| | 71 | password hunter2' |
| | 72 | testauthfailure "$1" |
| | 73 | |
| | 74 | # 2 stanzas: unmatching + good auth |
| | 75 | authfile 'machine debian.org |
| | 76 | login debian |
| | 77 | password jessie |
| | 78 | |
| | 79 | machine localhost |
| | 80 | login star |
| | 81 | password hunter2' |
| | 82 | testauthsuccess "$1" |
| | 83 | } |
| | 84 | |
| | 85 | msgmsg 'server basic auth' |
| | 86 | rewritesourceslist "http://localhost:${APTHTTPPORT}" |
| | 87 | runtest "http://localhost:${APTHTTPPORT}" |
| | 88 | rewritesourceslist "https://localhost:${APTHTTPSPORT}" |
| | 89 | runtest "https://localhost:${APTHTTPSPORT}" |
| | 90 | rewritesourceslist "http://localhost:${APTHTTPPORT}" |
| | 91 | |
| | 92 | msgmsg 'proxy to server basic auth' |
| | 93 | webserverconfig 'aptwebserver::request::absolute' 'uri' |
| | 94 | export http_proxy="http://localhost:${APTHTTPPORT}" |
| | 95 | runtest "http://localhost:${APTHTTPPORT}" |
| | 96 | unset http_proxy |
| | 97 | |
| | 98 | msgmsg 'proxy basic auth to server basic auth' |
| | 99 | webserverconfig 'aptwebserver::proxy-authorization' "$(printf 'moon:deer2' | base64)" |
| | 100 | export http_proxy="http://moon:deer2@localhost:${APTHTTPPORT}" |
| | 101 | runtest "http://localhost:${APTHTTPPORT}" |
| | 102 | |
| | 103 | msgmsg 'proxy basic auth to server' |
| | 104 | authfile '' |
| | 105 | webserverconfig 'aptwebserver::authorization' '' |
| | 106 | testauthsuccess "http://localhost:${APTHTTPPORT}" |
projects / apt.git / blame_incremental