]> git.saurik.com Git - apt.git/blobdiff - test/integration/test-apt-update-ims
don't show NO_PUBKEY warning if repo is signed by another key
[apt.git] / test / integration / test-apt-update-ims
index c74058c5d537366624660520b5b78a5aedd6be99..241bf383bdc3b53108ab30c897a4c4021c430975 100755 (executable)
 #!/bin/sh
 set -e
 
-TESTDIR=$(readlink -f $(dirname $0))
-. $TESTDIR/framework
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
 setupenvironment
 configarchitecture 'amd64'
 
-buildsimplenativepackage 'unrelated' 'all' '0.5~squeeze1' 'unstable'
+insertpackage 'unstable' 'unrelated' 'all' '0.5~squeeze1'
+insertpackage 'unstable' 'unrelated2' 'amd64' '0.5~squeeze1'
+insertsource 'unstable' 'unrelated' 'all' '0.5~squeeze1'
 
-setupaptarchive
+setupaptarchive --no-update
 changetowebserver
 
 runtest() {
-    rm -f rootdir/var/lib/apt/lists/localhost*
-
-    testsuccess aptget update
+    local APTOPT=""
+    if [ -n "$1" ]; then
+       APTOPT='--allow-insecure-repositories'
+    else
+       APTOPT='--no-allow-insecure-repositories'
+    fi
+
+    rm -rf rootdir/var/lib/apt/lists/
+
+    local TEST="test${1:-success}"
+    $TEST aptget update $APTOPT -o Debug::pkgAcquire::Worker=1
+    if [ "$1" = 'failure' ]; then
+       # accept the outdated Release file so we can check Hit behaviour
+       "test${2:-success}" aptget update -o Acquire::Min-ValidTime=9999999 $APTOPT
+    fi
+    listcurrentlistsdirectory > listsdir.lst
+    testsuccess grep '_Packages\(\.[0-9a-z]\+\)\?$' listsdir.lst
+    testsuccess grep '_Sources\(\.[0-9a-z]\+\)\?$' listsdir.lst
+    testsuccess grep '_Translation-en\(\.[0-9a-z]\+\)\?$' listsdir.lst
 
     # ensure no leftovers in partial
-    testfailure ls "rootdir/var/lib/apt/lists/partial/*"
+    testfailure ls 'rootdir/var/lib/apt/lists/partial/*'
 
     # check that I-M-S header is kept in redirections
-    testequal "$EXPECT" aptget update  -o Debug::pkgAcquire::Worker=0 -o Debug::Acquire::http=0
-    
-    # ensure that we still do a hash check on ims hit
-    msgtest 'Test I-M-S reverify'
-    aptget update -o Debug::pkgAcquire::Auth=1 2>&1 | grep -A1 'RecivedHash:' | grep -q -- '- SHA' && msgpass || msgfail
+    echo "$EXPECT" | sed -e 's#(invalid since [^)]\+)#(invalid since)#' > expected.output
+    $TEST aptget update  -o Debug::pkgAcquire::Worker=0 -o Debug::Acquire::http=0 $APTOPT
+    sed -i -e 's#(invalid since [^)]\+)#(invalid since)#' rootdir/tmp/${TEST}.output
+    testequal "$(cat expected.output)" cat rootdir/tmp/${TEST}.output
+    testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
+
+    # ensure that we still do a hash check for other files on ims hit of Release
+    if grep -q '^Hit:[0-9]\+ .* InRelease$' expected.output || ! grep -q '^Ign:[0-9]\+ .* Release\(\.gpg\)\?$' expected.output; then
+           $TEST aptget update -o Debug::Acquire::gpgv=1 $APTOPT
+           cp rootdir/tmp/${TEST}.output goodsign.output
+           testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
+           testsuccess grep '^Got GOODSIG, key ID:' goodsign.output
+    fi
 
     # ensure no leftovers in partial
-    testfailure ls "rootdir/var/lib/apt/lists/partial/*"
+    testfailure ls 'rootdir/var/lib/apt/lists/partial/*'
 }
 
-msgmsg "InRelease"
-EXPECT="Hit http://localhost:8080 unstable InRelease
-Hit http://localhost:8080 unstable/main Sources
-Hit http://localhost:8080 unstable/main amd64 Packages
-Hit http://localhost:8080 unstable/main Translation-en
+msgmsg 'InRelease'
+EXPECT="Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease
 Reading package lists..."
-# with InRelease
+echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
 runtest
-
-# with gzip
-echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex
+echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
 runtest
 
-msgmsg "Release/Release.gpg"
-# with Release/Release.gpg
-EXPECT="Ign http://localhost:8080 unstable InRelease
+msgmsg 'Release/Release.gpg'
+EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
   404  Not Found
-Hit http://localhost:8080 unstable Release
-Hit http://localhost:8080 unstable Release.gpg
-Hit http://localhost:8080 unstable/main Sources
-Hit http://localhost:8080 unstable/main amd64 Packages
-Hit http://localhost:8080 unstable/main Translation-en
+Hit:2 http://localhost:${APTHTTPPORT} unstable Release
 Reading package lists..."
-
-find aptarchive -name "InRelease" | xargs rm -f
-
-echo "Acquire::GzipIndexes "0";" > rootdir/etc/apt/apt.conf.d/02compressindex
+find aptarchive -name 'InRelease' -delete
+echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
 runtest
-
-echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex
+echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
 runtest
 
-
-# no Release.gpg or InRelease
-configallowinsecurerepositories "true"
-
-msgmsg "Release only"
-EXPECT="Ign http://localhost:8080 unstable InRelease
+msgmsg 'Release only'
+EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
   404  Not Found
-Hit http://localhost:8080 unstable Release
-Ign http://localhost:8080 unstable Release.gpg
+Hit:2 http://localhost:${APTHTTPPORT} unstable Release
+Ign:3 http://localhost:${APTHTTPPORT} unstable Release.gpg
   404  Not Found
-Hit http://localhost:8080 unstable/main Sources
-Hit http://localhost:8080 unstable/main amd64 Packages
-Hit http://localhost:8080 unstable/main Translation-en
 Reading package lists...
-W: The data from 'http://localhost:8080 unstable Release.gpg' is not signed. Packages from that repository can not be authenticated."
-
-find aptarchive -name "Release.gpg" | xargs rm -f
-
-echo 'Acquire::AllowInsecureRepositories "1";' > rootdir/etc/apt/apt.conf.d/insecure.conf
-echo "Acquire::GzipIndexes "0";" > rootdir/etc/apt/apt.conf.d/02compressindex
-runtest
-
-echo "Acquire::GzipIndexes "1";" > rootdir/etc/apt/apt.conf.d/02compressindex
-runtest
+W: The repository 'http://localhost:${APTHTTPPORT} unstable Release' is not signed.
+N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
+N: See apt-secure(8) manpage for repository creation and user configuration details."
+find aptarchive -name 'Release.gpg' -delete
+echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest 'warning'
+echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest 'warning'
+
+
+# make the release file old
+find aptarchive -name '*Release' -exec sed -i \
+       -e "s#^Date: .*\$#Date: $(date -d '-2 weeks' '+%a, %d %b %Y %H:%M:%S %Z')#" \
+       -e '/^Valid-Until: / d' -e "/^Date: / a\
+Valid-Until: $(date -d '-1 weeks' '+%a, %d %b %Y %H:%M:%S %Z')" '{}' \;
+signreleasefiles
+
+msgmsg 'expired InRelease'
+EXPECT="Hit:1 http://localhost:${APTHTTPPORT} unstable InRelease
+Reading package lists...
+E: Release file for http://localhost:${APTHTTPPORT}/dists/unstable/InRelease is expired (invalid since). Updates for this repository will not be applied."
+echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest 'failure'
+echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest 'failure'
+
+msgmsg 'expired Release/Release.gpg'
+EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
+  404  Not Found
+Hit:2 http://localhost:${APTHTTPPORT} unstable Release
+Reading package lists...
+E: Release file for http://localhost:${APTHTTPPORT}/dists/unstable/Release is expired (invalid since). Updates for this repository will not be applied."
+find aptarchive -name 'InRelease' -delete
+echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest 'failure'
+echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest 'failure'
+
+msgmsg 'expired Release only'
+EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
+  404  Not Found
+Hit:2 http://localhost:${APTHTTPPORT} unstable Release
+Ign:3 http://localhost:${APTHTTPPORT} unstable Release.gpg
+  404  Not Found
+Reading package lists...
+W: The repository 'http://localhost:${APTHTTPPORT} unstable Release' is not signed.
+N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
+N: See apt-secure(8) manpage for repository creation and user configuration details.
+E: Release file for http://localhost:${APTHTTPPORT}/dists/unstable/Release is expired (invalid since). Updates for this repository will not be applied."
+find aptarchive -name 'Release.gpg' -delete
+echo 'Acquire::GzipIndexes "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest 'failure' 'warning'
+echo 'Acquire::GzipIndexes "1";' > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest 'failure' 'warning'
+
+
+msgmsg 'no Release at all'
+EXPECT="Ign:1 http://localhost:${APTHTTPPORT} unstable InRelease
+  404  Not Found
+Ign:2 http://localhost:${APTHTTPPORT} unstable Release
+  404  Not Found
+Ign:3 http://localhost:${APTHTTPPORT} unstable/main Sources
+  404  Not Found
+Ign:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
+  404  Not Found
+Ign:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
+  404  Not Found
+Ign:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
+  404  Not Found
+Ign:3 http://localhost:${APTHTTPPORT} unstable/main Sources
+  404  Not Found
+Ign:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
+  404  Not Found
+Ign:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
+  404  Not Found
+Ign:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
+  404  Not Found
+Ign:3 http://localhost:${APTHTTPPORT} unstable/main Sources
+  404  Not Found
+Ign:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
+  404  Not Found
+Ign:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
+  404  Not Found
+Ign:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
+  404  Not Found
+Hit:3 http://localhost:${APTHTTPPORT} unstable/main Sources
+Hit:4 http://localhost:${APTHTTPPORT} unstable/main amd64 Packages
+Hit:5 http://localhost:${APTHTTPPORT} unstable/main all Packages
+Hit:6 http://localhost:${APTHTTPPORT} unstable/main Translation-en
+Reading package lists...
+W: The repository 'http://localhost:${APTHTTPPORT} unstable Release' does not have a Release file.
+N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
+N: See apt-secure(8) manpage for repository creation and user configuration details."
+find aptarchive -name '*Release*' -delete
+echo 'Acquire::GzipIndexes "0";
+Acquire::PDiffs "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest 'warning'
+echo 'Acquire::GzipIndexes "1";
+Acquire::PDiffs "0";' > rootdir/etc/apt/apt.conf.d/02compressindex
+runtest 'warning'