run update post-invokes even on (partial) failures

[apt.git] / test / integration / test-apt-update-nofallback

diff --git a/test/integration/test-apt-update-nofallback b/test/integration/test-apt-update-nofallback
index 1b23d4f11cc09420817273f64dca1aec03e7ba0a..c8a008214c9c41b3430c3bc6d35457f426b671a8 100755 (executable)
--- a/test/integration/test-apt-update-nofallback
+++ b/test/integration/test-apt-update-nofallback
@@ -9,8 +9,7 @@ set -e
 simulate_mitm_and_inject_evil_package()
 {
     redatereleasefiles '+1 hour'
-    rm -f "$APTARCHIVE/dists/unstable/InRelease"
-    rm -f "$APTARCHIVE/dists/unstable/Release.gpg"
+    rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg"
     inject_evil_package
 }
 
@@ -34,15 +33,15 @@ EOF
 assert_update_is_refused_and_last_good_state_used()
 {
     testfailuremsg "E: The repository 'file:${APTARCHIVE} unstable Release' is no longer signed.
-N: Updating such a repository securily is impossible and therefore disabled by default.
-N: See apt-secure(8) manpage for repository creation and user configuration details." aptget update -q=0
+N: Updating from such a repository can't be done securely, and is therefore disabled by default.
+N: See apt-secure(8) manpage for repository creation and user configuration details." aptget update
 
     assert_repo_is_intact
 }
 
 assert_repo_is_intact()
 {
-    testsuccessequal "foo/unstable 2.0 all" apt list -q
+    testsuccessequal "foo/unstable 2.0 all" apt list -qq
     testsuccess aptget install -y -s foo
     testfailure aptget install -y evil
     testsuccess aptget source foo --print-uris
@@ -59,7 +58,7 @@ setupaptarchive_with_lists_clean()
 
 test_from_inrelease_to_unsigned()
 {
-    # setup archive with InRelease file
+    export APT_DONT_SIGN='Release.gpg'
     setupaptarchive_with_lists_clean
     testsuccess aptget update
     listcurrentlistsdirectory > lists.before
@@ -71,9 +70,8 @@ test_from_inrelease_to_unsigned()
 
 test_from_release_gpg_to_unsigned()
 {
-    # setup archive with Release/Release.gpg (but no InRelease)
+    export APT_DONT_SIGN='InRelease'
     setupaptarchive_with_lists_clean
-    rm "$APTARCHIVE/dists/unstable/InRelease"
     testsuccess aptget update
     listcurrentlistsdirectory > lists.before
 
@@ -84,6 +82,7 @@ test_from_release_gpg_to_unsigned()
 
 test_from_inrelease_to_unsigned_with_override()
 {
+    export APT_DONT_SIGN='Release.gpg'
     # setup archive with InRelease file
     setupaptarchive_with_lists_clean
     testsuccess aptget update
@@ -120,17 +119,16 @@ test_cve_2012_0214()
     #
     # Still worth having a regression test the simulates the condition
 
-    # setup archive with InRelease
+    export APT_DONT_SIGN='Release.gpg'
     setupaptarchive_with_lists_clean
     testsuccess aptget update
     listcurrentlistsdirectory > lists.before
 
     # do what CVE-2012-0214 did
-    rm "$APTARCHIVE/dists/unstable/InRelease"
-    rm "$APTARCHIVE/dists/unstable/Release.gpg"
+    rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg"
     inject_evil_package
     # build valid Release file
-    aptftparchive -qq release ./aptarchive > aptarchive/dists/unstable/Release 
+    aptftparchive -qq release ./aptarchive > aptarchive/dists/unstable/Release
 
     assert_update_is_refused_and_last_good_state_used
     testfileequal lists.before "$(listcurrentlistsdirectory)"
@@ -141,7 +139,7 @@ test_cve_2012_0214()
 
 test_subvert_inrelease()
 {
-    # setup archive with InRelease
+    export APT_DONT_SIGN='Release.gpg'
     setupaptarchive_with_lists_clean
     testsuccess aptget update
     listcurrentlistsdirectory > lists.before
@@ -149,7 +147,7 @@ test_subvert_inrelease()
     # replace InRelease with something else
     mv "$APTARCHIVE/dists/unstable/Release" "$APTARCHIVE/dists/unstable/InRelease"
 
-    testfailuremsg "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease  Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)
+    testfailuremsg "E: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease  Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)
 E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update
 
     # ensure we keep the repo
@@ -159,7 +157,7 @@ E: Some index files failed to download. They have been ignored, or old ones used
 
 test_inrelease_to_invalid_inrelease()
 {
-    # setup archive with InRelease
+    export APT_DONT_SIGN='Release.gpg'
     setupaptarchive_with_lists_clean
     testsuccess aptget update
     listcurrentlistsdirectory > lists.before
@@ -180,9 +178,8 @@ W: Some index files failed to download. They have been ignored, or old ones used
 
 test_release_gpg_to_invalid_release_release_gpg()
 {
-    # setup archive with InRelease
+    export APT_DONT_SIGN='InRelease'
     setupaptarchive_with_lists_clean
-    rm "$APTARCHIVE/dists/unstable/InRelease"
     testsuccess aptget update
     listcurrentlistsdirectory > lists.before
 
@@ -200,8 +197,8 @@ W: Some index files failed to download. They have been ignored, or old ones used
 }
 
 
-TESTDIR=$(readlink -f $(dirname $0))
-. $TESTDIR/framework
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
 
 setupenvironment
 configarchitecture "i386"
@@ -225,7 +222,7 @@ test_from_release_gpg_to_unsigned
 msgmsg "test_cve_2012_0214"
 test_cve_2012_0214
 
-# ensure InRelase can not be subverted
+# ensure InRelease can not be subverted
 msgmsg "test_subvert_inrelease"
 test_subvert_inrelease