]> git.saurik.com Git - apt.git/blob - test/integration/test-apt-update-stale
projects / apt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
test exitcode as well as string equality
[apt.git] / test / integration / test-apt-update-stale
1 #!/bin/sh
2 #
3 # Ensure that a MITM can not stale the Packages/Sources without
4 # raising a error message. Note that the Release file is protected
5 # via the "Valid-Until" header
6 #
7 set -e
8
9 TESTDIR=$(readlink -f $(dirname $0))
10 . $TESTDIR/framework
11
12 setupenvironment
13 configarchitecture "i386"
14
15 insertpackage 'unstable' 'foo' 'all' '1.0'
16
17 setupaptarchive --no-update
18 changetowebserver
19
20 echo "Acquire::Languages \"none\";" > rootdir/etc/apt/apt.conf.d/00nolanguages
21 testsuccess aptget update
22 listcurrentlistsdirectory > lists.before
23
24 # insert new version
25 mkdir aptarchive/dists/unstable/main/binary-i386/saved
26 cp -p aptarchive/dists/unstable/main/binary-i386/Packages* \
27 aptarchive/dists/unstable/main/binary-i386/saved
28 insertpackage 'unstable' 'foo' 'all' '2.0'
29
30 compressfile aptarchive/dists/unstable/main/binary-i386/Packages
31 # ensure that we do not get a I-M-S hit for the Release file
32
33 generatereleasefiles '+1hour'
34 signreleasefiles
35
36 # but now only deliver the previous Packages file instead of the new one
37 # (simulating a stale attack)
38 cp -p aptarchive/dists/unstable/main/binary-i386/saved/Packages* \
39 aptarchive/dists/unstable/main/binary-i386/
40
41 # ensure this raises an error
42 testfailureequal "W: Failed to fetch http://localhost:8080/dists/unstable/main/binary-i386/Packages Hash Sum mismatch
43
44 E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
45 testfileequal lists.before "$(listcurrentlistsdirectory)"
APT (for Cydia)