printf "$START " "$1"
shift
while [ -n "$1" ]; do
- printf "$MIDDLE " "$(echo "$1" | sed -e 's#^apt\([cfghs]\)#apt-\1#')"
+ printf "$MIDDLE " "$(echo "$1" | sed -e 's#^apt\([cfghks]\)#apt-\1#')"
shift
done
fi
if [ $# -gt 0 ] && [ -n "$1" ]; then printf "${CFAIL}FAIL: $*${CNORMAL}\n" >&2;
else printf "${CFAIL}FAIL${CNORMAL}\n" >&2; fi
if [ -n "$APT_DEBUG_TESTS" ]; then
- $SHELL
+ runapt $SHELL
fi
EXIT_CODE=$((EXIT_CODE+1));
}
msgdebug "Executing: ${CCMD}$*${CDEBUG} "
local CMD="$1"
shift
- case $CMD in
+ case "$CMD" in
sh|aptitude|*/*|command) ;;
*) CMD="${BUILDDIRECTORY}/$CMD";;
esac
- MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH=${LIBRARYPATH} $CMD "$@"
+ MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH="${LIBRARYPATH}:${LD_LIBRARY_PATH}" "$CMD" "$@"
}
+runpython3() { runapt command python3 "$@"; }
aptconfig() { runapt apt-config "$@"; }
aptcache() { runapt apt-cache "$@"; }
aptcdrom() { runapt apt-cdrom "$@"; }
fi
runapt command gdb --quiet -ex run "$CMD" --args "$CMD" "$@"
}
+lastmodification() {
+ date -u -d "@$(stat -c '%Y' "${TMPWORKINGDIRECTORY}/$1")" '+%a, %d %b %Y %H:%M:%S GMT'
+}
+releasefiledate() {
+ grep "^${2:-Date}:" "$1" | cut -d' ' -f 2- | sed -e 's#UTC#GMT#'
+}
exitwithstatus() {
# error if we about to overflow, but ...
trap "shellsetedetector; $CURRENTTRAP exitwithstatus;" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
}
+escape_shell() {
+ echo "$@" | sed -e "s#'#'\"'\"'#g"
+}
+
setupenvironment() {
# privilege dropping and testing doesn't work if /tmp isn't world-writeable (as e.g. with libpam-tmpdir)
if [ -n "$TMPDIR" ] && [ "$(id -u)" = '0' ] && [ "$(stat --format '%a' "$TMPDIR")" != '1777' ]; then
unset TMPDIR
fi
TMPWORKINGDIRECTORY="$(mktemp -d)"
- addtrap "cd /; rm -rf \"$TMPWORKINGDIRECTORY\";"
+ addtrap "cd /; rm -rf '$(escape_shell "$TMPWORKINGDIRECTORY")';"
+ if [ -n "$TMPDIR_ADD" ]; then
+ TMPWORKINGDIRECTORY="${TMPWORKINGDIRECTORY}/${TMPDIR_ADD}"
+ mkdir -p "$TMPWORKINGDIRECTORY"
+ unset TMPDIR_ADD
+ export TMPDIR="$TMPWORKINGDIRECTORY"
+ fi
msgninfo "Preparing environment for ${0##*/} in ${TMPWORKINGDIRECTORY}…"
mkdir -m 700 "${TMPWORKINGDIRECTORY}/downloaded"
if [ -f "${TESTDIRECTORY}/${SOURCESSFILE}" ]; then
cp "${TESTDIRECTORY}/${SOURCESSFILE}" aptarchive/Sources
fi
- for key in $(find "$TESTDIRECTORY" -name '*.pub' -o -name '*.sec'); do
- cp "$key" keys/
- chmod 644 "$key"
- done
+ find "$TESTDIRECTORY" \( -name '*.pub' -o -name '*.sec' \) -exec cp '{}' keys/ \;
+ chmod 644 keys/*
ln -s "${TMPWORKINGDIRECTORY}/keys/joesixpack.pub" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
echo "Dir \"${TMPWORKINGDIRECTORY}/rootdir\";" > aptconfig.conf
echo "Dir::state::status \"${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status\";" >> aptconfig.conf
echo "APT::Get::Show-User-Simulation-Note \"false\";" >> aptconfig.conf
echo "Dir::Bin::Methods \"${TMPWORKINGDIRECTORY}/rootdir/usr/lib/apt/methods\";" >> aptconfig.conf
- # store apt-key were we can access it, even if we run it as a different user
- # destroys coverage reporting though, so just do it for root for now
+ # either store apt-key were we can access it, even if we run it as a different user
+ #cp "${BUILDDIRECTORY}/apt-key" "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/"
+ #chmod o+rx "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/apt-key"
+ #echo "Dir::Bin::apt-key \"${TMPWORKINGDIRECTORY}/rootdir/usr/bin/apt-key\";" >> aptconfig.conf
+ # destroys coverage reporting though, so we disable changing user for the calling gpgv
+ echo "Dir::Bin::apt-key \"${BUILDDIRECTORY}/apt-key\";" >> aptconfig.conf
if [ "$(id -u)" = '0' ]; then
- cp "${BUILDDIRECTORY}/apt-key" "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/"
- chmod o+rx "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/apt-key"
- echo "Dir::Bin::apt-key \"${TMPWORKINGDIRECTORY}/rootdir/usr/bin/apt-key\";" >> aptconfig.conf
- else
- echo "Dir::Bin::apt-key \"${BUILDDIRECTORY}/apt-key\";" >> aptconfig.conf
+ echo 'Binary::gpgv::Debug::NoDropPrivs "true";' >>aptconfig.conf
fi
cat > "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/dpkg" <<EOF
#!/bin/sh
set -e
-if [ -r "${TMPWORKINGDIRECTORY}/noopchroot.so" ]; then
+if [ -r '${TMPWORKINGDIRECTORY}/noopchroot.so' ]; then
if [ -n "\$LD_LIBRARY_PATH" ]; then
- export LD_LIBRARY_PATH="${TMPWORKINGDIRECTORY}:${LD_LIBRARY_PATH}"
+ export LD_LIBRARY_PATH='${TMPWORKINGDIRECTORY}:'"\${LD_LIBRARY_PATH}"
else
- export LD_LIBRARY_PATH="${TMPWORKINGDIRECTORY}"
+ export LD_LIBRARY_PATH='${TMPWORKINGDIRECTORY}'
fi
if [ -n "\$LD_PRELOAD" ]; then
export LD_PRELOAD="noopchroot.so \${LD_PRELOAD}"
EOF
cp "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/dpkg" "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/gdb-dpkg"
cat >> "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/dpkg" <<EOF
-exec fakeroot "${DPKG:-dpkg}" --root="${TMPWORKINGDIRECTORY}/rootdir" \\
- --log="${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log" \\
+exec fakeroot '${DPKG:-dpkg}' --root='${TMPWORKINGDIRECTORY}/rootdir' \\
+ --log='${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log' \\
--force-not-root --force-bad-path "\$@"
EOF
cat >> "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/gdb-dpkg" <<EOF
-exec fakeroot gdb --quiet -ex run "${DPKG:-dpkg}" --args "${DPKG:-dpkg}" --root="${TMPWORKINGDIRECTORY}/rootdir" \\
- --log="${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log" \\
+exec fakeroot gdb --quiet -ex run '${DPKG:-dpkg}' --args '${DPKG:-dpkg}' --root='${TMPWORKINGDIRECTORY}/rootdir' \\
+ --log='${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log' \\
--force-not-root --force-bad-path "\$@"
EOF
chmod +x "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/dpkg" "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/gdb-dpkg"
if ! command dpkg --assert-multi-arch >/dev/null 2>&1; then
echo "DPKG::options:: \"--force-architecture\";" # Added to test multiarch before dpkg is ready for it…
fi
+ echo 'quiet "0";'
echo 'quiet::NoUpdate "true";'
echo 'quiet::NoStatistic "true";'
# too distracting for users, but helpful to detect changes
# in testcases, it can appear as if localhost has a rotation setup,
# hide this as we can't really deal with it properly
echo 'Acquire::Failure::ShowIP "false";'
+ # fakeroot can't fake everything, so disabled in production but good for tests
+ echo 'APT::Sandbox::Verify "true";'
} >> aptconfig.conf
cp "${TESTDIRECTORY}/apt.pem" "${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem"
fi
echo "Acquire::https::CaInfo \"${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem\";" > rootdir/etc/apt/apt.conf.d/99https
echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
+ echo 'Acquire::Connect::AddrConfig "false";' > rootdir/etc/apt/apt.conf.d/connect-addrconfig
+
configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
- confighashes 'SHA1' # these are tests, not security best-practices
+ confighashes 'SHA256' # these are tests, not security best-practices
# create some files in /tmp and look at user/group to get what this means
- TEST_DEFAULT_USER="$USER"
+ TEST_DEFAULT_USER="$(id -un)"
if [ "$(uname)" = 'GNU/kFreeBSD' ]; then
TEST_DEFAULT_GROUP='root'
else
- TEST_DEFAULT_GROUP="$USER"
+ TEST_DEFAULT_GROUP="$(id -gn)"
fi
# cleanup the environment a bit
export LC_ALL=C.UTF-8
unset LANGUAGE APT_CONFIG
unset GREP_OPTIONS DEB_BUILD_PROFILES
+ unset http_proxy HTTP_PROXY https_proxy HTTPS_PROXY no_proxy
+
+ # If gpgv supports --weak-digest, pass it to make sure we can disable SHA1
+ if aptkey verify --weak-digest SHA1 --help 2>/dev/null >/dev/null; then
+ echo 'Acquire::gpgv::Options { "--weak-digest"; "sha1"; };' > rootdir/etc/apt/apt.conf.d/no-sha1
+ fi
+
+ # most tests just need one signed Release file, not both
+ export APT_DONT_SIGN='Release.gpg'
+
msgdone "info"
}
if (chrootdir == NULL || strncmp(file, "/var/lib/dpkg/", strlen("/var/lib/dpkg/")) != 0)
return func_execvp(file, argv);
printf("REWRITE execvp call %s into %s\n", file, chrootdir);
- char newfile[strlen(chrootdir) + strlen(file)];
- strcpy(newfile, chrootdir);
- strcat(newfile, file);
+ char *newfile;
+ if (asprintf(&newfile, "%s%s", chrootdir, file) == -1) {
+ perror("asprintf");
+ return -1;
+ }
char const * const baseadmindir = "/var/lib/dpkg";
- char admindir[strlen(chrootdir) + strlen(baseadmindir)];
- strcpy(admindir, chrootdir);
- strcat(admindir, baseadmindir);
+ char *admindir;
+ if (asprintf(&admindir, "%s%s", chrootdir, baseadmindir) == -1) {
+ perror("asprintf");
+ return -1;
+ }
setenv("DPKG_ADMINDIR", admindir, 1);
return func_execvp(newfile, argv);
}
EOF
- testsuccess --nomsg gcc -fPIC -shared -o noopchroot.so noopchroot.c -ldl
+ testempty --nomsg gcc -Wall -Wextra -fPIC -shared -o noopchroot.so noopchroot.c -ldl
}
configcompression() {
+ local CMD='apthelper cat-file -C'
while [ -n "$1" ]; do
case "$1" in
'.') printf ".\t.\tcat\n";;
- 'gz') printf "gzip\tgz\tgzip\n";;
- 'bz2') printf "bzip2\tbz2\tbzip2\n";;
- 'lzma') printf "lzma\tlzma\txz --format=lzma\n";;
- 'xz') printf "xz\txz\txz\n";;
- *) printf "$1\t$1\t$1\n";;
+ 'gz') printf "gzip\tgz\t$CMD $1\n";;
+ 'bz2') printf "bzip2\tbz2\t$CMD $1\n";;
+ *) printf "$1\t$1\t$CMD $1\n";;
esac
shift
done > "${TMPWORKINGDIRECTORY}/rootdir/etc/testcase-compressor.conf"
}
forcecompressor() {
COMPRESSOR="$1"
- COMPRESSOR_CMD="$1"
+ COMPRESS="$1"
+ COMPRESSOR_CMD="apthelper cat-file -C $1"
case $COMPRESSOR in
gzip) COMPRESS='gz';;
bzip2) COMPRESS='bz2';;
- lzma) COMPRESS='lzma';;
- xz) COMPRESS='xz';;
- *) msgdie "Compressor $COMPRESSOR is unknown to framework, so can't be forced by forcecompressor!";;
esac
local CONFFILE="${TMPWORKINGDIRECTORY}/rootdir/etc/apt/apt.conf.d/00force-compressor"
echo "Acquire::CompressionTypes::Order { \"${COMPRESS}\"; };
-Dir::Bin::uncompressed \"/does/not/exist\";
-Dir::Bin::gzip \"/does/not/exist\";
-Dir::Bin::bzip2 \"/does/not/exist\";
-Dir::Bin::lzma \"/does/not/exist\";
-Dir::Bin::xz \"/does/not/exist\";" > "$CONFFILE"
- if [ -e "/bin/${COMPRESSOR}" ]; then
- echo "Dir::Bin::${COMPRESSOR} \"/bin/${COMPRESSOR}\";" >> "$CONFFILE"
- elif [ -e "/usr/bin/${COMPRESSOR}" ]; then
- echo "Dir::Bin::${COMPRESSOR} \"/usr/bin/${COMPRESSOR}\";" >> "$CONFFILE"
- elif [ "${COMPRESSOR}" = 'lzma' ]; then
- echo 'Dir::Bin::xz "/usr/bin/xz";' >> "$CONFFILE"
- COMPRESSOR_CMD='xz --format=lzma'
- else
- msgtest 'Test for availability of compressor' "${COMPRESSOR}"
- msgfail "${COMPRESSOR} not available"
- fi
+Dir::Bin::uncompressed \"/does/not/exist\";" > "$CONFFILE"
+ for COMP in $(aptconfig dump 'APT::Compressor' --format '%f%n' | cut -d':' -f 5 | uniq); do
+ if [ -z "$COMP" -o "$COMP" = '.' -o "$COMP" = "$COMPRESSOR" ]; then continue; fi
+ echo "Dir::Bin::${COMP} \"/does/not/exist\";" >> "$CONFFILE"
+ echo "APT::Compressor::${COMP}::Name \"${COMP}-disabled\";" >> "$CONFFILE"
+ done
}
setupsimplenativepackage() {
local DESCRIPTION="${6:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
If you find such a package installed on your system,
something went horribly wrong! They are autogenerated
- und used only by testcases and surf no other propose…"}"
+ und used only by testcases and serve no other purpose…"}"
local SECTION="${7:-others}"
local DISTSECTION
mkdir -p ${BUILDDIR}/debian/source
cd ${BUILDDIR}
echo "* most suckless software product ever" > FEATURES
- test -e debian/copyright || echo "Copyleft by Joe Sixpack $(date +%Y)" > debian/copyright
+ test -e debian/copyright || echo "Copyleft by Joe Sixpack $(date -u +%Y)" > debian/copyright
test -e debian/changelog || echo "$NAME ($VERSION) $RELEASE; urgency=low
* Initial release
- -- Joe Sixpack <joe@example.org> $(date -R)" > debian/changelog
+ -- Joe Sixpack <joe@example.org> $(date -u -R)" > debian/changelog
test -e debian/control || echo "Source: $NAME
Section: $SECTION
Priority: optional
local DESCRIPTION="${6:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
If you find such a package installed on your system,
something went horribly wrong! They are autogenerated
- und used only by testcases and surf no other propose…"}"
+ und used only by testcases and serve no other purpose…"}"
local SECTION="${7:-others}"
local PRIORITY="${8:-optional}"
echo "#!/bin/sh
echo '$NAME says \"Hello!\"'" > "${BUILDDIR}/${NAME}"
- echo "Copyleft by Joe Sixpack $(date +%Y)" > "${BUILDDIR}/debian/copyright"
+ echo "Copyleft by Joe Sixpack $(date -u +%Y)" > "${BUILDDIR}/debian/copyright"
echo "$NAME ($VERSION) $RELEASE; urgency=low
* Initial release
- -- Joe Sixpack <joe@example.org> $(date -R)" > "${BUILDDIR}/debian/changelog"
+ -- Joe Sixpack <joe@example.org> $(date -u -R)" > "${BUILDDIR}/debian/changelog"
{
echo "Source: $NAME
Priority: $PRIORITY
local DESCRIPTION="${7:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASES}
If you find such a package installed on your system,
something went horribly wrong! They are autogenerated
- und used only by testcases and surf no other propose…"}"
+ und used only by testcases and serve no other purpose…"}"
local ARCHS=""
for RELEASE in $(printf '%s' "$RELEASES" | tr ',' '\n'); do
if [ "$RELEASE" = 'installed' ]; then
}
insertsource() {
- local RELEASE="$1"
+ local RELEASES="$1"
local NAME="$2"
local ARCH="$3"
local VERSION="$4"
local DEPENDENCIES="$5"
- local BINARY="${6:-$NAME}"
+ local BINARY="${6:-$NAME}"
local ARCHS=""
- local SPATH="aptarchive/dists/${RELEASE}/main/source"
- mkdir -p $SPATH
- local FILE="${SPATH}/Sources"
- local DSCFILE="${NAME}_${VERSION}.dsc"
- local TARFILE="${NAME}_${VERSION}.tar.gz"
- echo "Package: $NAME
+ for RELEASE in $(printf '%s' "$RELEASES" | tr ',' '\n'); do
+ local SPATH="aptarchive/dists/${RELEASE}/main/source"
+ mkdir -p $SPATH
+ local FILE="${SPATH}/Sources"
+ local DSCFILE="${NAME}_${VERSION}.dsc"
+ local TARFILE="${NAME}_${VERSION}.tar.gz"
+ echo "Package: $NAME
Binary: $BINARY
Version: $VERSION
Maintainer: Joe Sixpack <joe@example.org>
Architecture: $ARCH" >> $FILE
- test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> "$FILE"
- echo "Files:
+ test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> "$FILE"
+ echo "Files:
$(echo -n "$DSCFILE" | md5sum | cut -d' ' -f 1) $(echo -n "$DSCFILE" | wc -c) "$DSCFILE"
$(echo -n "$TARFILE" | md5sum | cut -d' ' -f 1) $(echo -n "$TARFILE" | wc -c) "$TARFILE"
Checksums-Sha256:
$(echo -n "$DSCFILE" | sha256sum | cut -d' ' -f 1) $(echo -n "$DSCFILE" | wc -c) "$DSCFILE"
$(echo -n "$TARFILE" | sha256sum | cut -d' ' -f 1) $(echo -n "$TARFILE" | wc -c) "$TARFILE"
" >> "$FILE"
+ done
}
insertinstalledpackage() {
local DESCRIPTION="${7:-"an autogenerated dummy ${NAME}=${VERSION}/installed
If you find such a package installed on your system,
something went horribly wrong! They are autogenerated
- und used only by testcases and surf no other propose…"}"
+ und used only by testcases and serve no other purpose…"}"
local FILE='rootdir/var/lib/dpkg/status'
local INFO='rootdir/var/lib/dpkg/info'
# both should be given in notation date/touch can understand
local DATE="$1"
local VALIDUNTIL="$2"
- msgninfo "\tGenerate Release files… "
if [ -e aptarchive/dists ]; then
+ msgninfo "\tGenerate Release files for dists… "
for dir in $(find ./aptarchive/dists -mindepth 1 -maxdepth 1 -type d); do
local ARCHITECTURES="$(getarchitecturesfromreleasefile "$dir")"
local SUITE="$(echo "$dir" | cut -d'/' -f 4)"
local VERSION="$(getreleaseversionfromsuite $SUITE)"
local LABEL="$(getlabelfromsuite $SUITE)"
local ORIGIN="$(getoriginfromsuite $SUITE)"
- if [ -n "$VERSION" ]; then
- VERSION="-o APT::FTPArchive::Release::Version=${VERSION}"
- fi
- if [ -n "$LABEL" ]; then
- LABEL="-o APT::FTPArchive::Release::Label=${LABEL}"
- fi
- if [ -n "$ORIGIN" ]; then
- ORIGIN="-o APT::FTPArchive::Release::Origin=${ORIGIN}"
- fi
- if [ -n "$ARCHITECTURES" ]; then
- ARCHITECTURES="-o APT::FTPArchive::Release::Architectures=${ARCHITECTURES}"
- fi
aptftparchiverelease "$dir" \
-o APT::FTPArchive::Release::Suite="${SUITE}" \
-o APT::FTPArchive::Release::Codename="${CODENAME}" \
- ${ARCHITECTURES} \
- ${LABEL} \
- ${ORIGIN} \
- ${VERSION} \
+ -o APT::FTPArchive::Release::Architectures="${ARCHITECTURES}" \
+ -o APT::FTPArchive::Release::Label="${LABEL}" \
+ -o APT::FTPArchive::Release::Origin="${ORIGIN}" \
+ -o APT::FTPArchive::Release::Version="${VERSION}" \
> "$dir/Release"
if [ "$SUITE" = "experimental" -o "$SUITE" = "experimental2" ]; then
sed -i '/^Date: / a\
fi
done
else
+ msgninfo "\tGenerate Release files for flat… "
aptftparchiverelease ./aptarchive > aptarchive/Release
fi
if [ -n "$DATE" -a "$DATE" != "now" ]; then
for release in $(find ./aptarchive -name 'Release'); do
- sed -i "s/^Date: .*$/Date: $(date -d "$DATE" '+%a, %d %b %Y %H:%M:%S %Z')/" "$release"
+ sed -i "s/^Date: .*$/Date: $(date -u -d "$DATE" '+%a, %d %b %Y %H:%M:%S %Z')/" "$release"
touch -d "$DATE" "$release"
done
fi
if [ -n "$VALIDUNTIL" ]; then
sed -i "/^Date: / a\
-Valid-Until: $(date -d "$VALIDUNTIL" '+%a, %d %b %Y %H:%M:%S %Z')" $(find ./aptarchive -name 'Release')
+Valid-Until: $(date -u -d "$VALIDUNTIL" '+%a, %d %b %Y %H:%M:%S %Z')" $(find ./aptarchive -name 'Release')
fi
msgdone "info"
}
}
signreleasefiles() {
- local SIGNER="${1:-Joe Sixpack}"
+ local SIGNERS="${1:-Joe Sixpack}"
local REPODIR="${2:-aptarchive}"
- local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')"
- local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes"
- msgninfo "\tSign archive with $SIGNER key $KEY… "
+ if [ -n "$1" ]; then shift; fi
+ if [ -n "$1" ]; then shift; fi
+ local KEY="keys/$(echo "$SIGNERS" | tr 'A-Z' 'a-z' | tr -d ' ,')"
+ msgninfo "\tSign archive with $SIGNERS key $KEY… "
local REXKEY='keys/rexexpired'
local SECEXPIREBAK="${REXKEY}.sec.bak"
local PUBEXPIREBAK="${REXKEY}.pub.bak"
- if [ "${SIGNER}" = 'Rex Expired' ]; then
- # the key is expired, so gpg doesn't allow to sign with and the --faked-system-time
- # option doesn't exist anymore (and using faketime would add a new obscure dependency)
- # therefore we 'temporary' make the key not expired and restore a backup after signing
- cp "${REXKEY}.sec" "$SECEXPIREBAK"
- cp "${REXKEY}.pub" "$PUBEXPIREBAK"
- local SECUNEXPIRED="${REXKEY}.sec.unexpired"
- local PUBUNEXPIRED="${REXKEY}.pub.unexpired"
- if [ -f "$SECUNEXPIRED" ] && [ -f "$PUBUNEXPIRED" ]; then
- cp "$SECUNEXPIRED" "${REXKEY}.sec"
- cp "$PUBUNEXPIRED" "${REXKEY}.pub"
- else
- if ! printf "expire\n1w\nsave\n" | $GPG --default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then
- cat setexpire.gpg
- exit 1
+ local SIGUSERS=""
+ while [ -n "${SIGNERS%%,*}" ]; do
+ local SIGNER="${SIGNERS%%,*}"
+ if [ "${SIGNERS}" = "${SIGNER}" ]; then
+ SIGNERS=""
+ fi
+ SIGNERS="${SIGNERS#*,}"
+ # FIXME: This should be the full name, but we can't encode the space properly currently
+ SIGUSERS="${SIGUSERS} -u ${SIGNER#* }"
+ if [ "${SIGNER}" = 'Rex Expired' ]; then
+ # the key is expired, so gpg doesn't allow to sign with and the --faked-system-time
+ # option doesn't exist anymore (and using faketime would add a new obscure dependency)
+ # therefore we 'temporary' make the key not expired and restore a backup after signing
+ cp "${REXKEY}.sec" "$SECEXPIREBAK"
+ cp "${REXKEY}.pub" "$PUBEXPIREBAK"
+ local SECUNEXPIRED="${REXKEY}.sec.unexpired"
+ local PUBUNEXPIRED="${REXKEY}.pub.unexpired"
+ if [ -f "$SECUNEXPIRED" ] && [ -f "$PUBUNEXPIRED" ]; then
+ cp "$SECUNEXPIRED" "${REXKEY}.sec"
+ cp "$PUBUNEXPIRED" "${REXKEY}.pub"
+ else
+ if ! printf "expire\n1w\nsave\n" | aptkey --quiet --keyring "${REXKEY}.pub" --secret-keyring "${REXKEY}.sec" \
+ --readonly adv --batch --yes --digest-algo "${APT_TESTS_DIGEST_ALGO:-SHA512}" \
+ --default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then
+ cat setexpire.gpg
+ exit 1
+ fi
+ cp "${REXKEY}.sec" "$SECUNEXPIRED"
+ cp "${REXKEY}.pub" "$PUBUNEXPIRED"
fi
- cp "${REXKEY}.sec" "$SECUNEXPIRED"
- cp "${REXKEY}.pub" "$PUBUNEXPIRED"
fi
+ if [ ! -e "${KEY}.pub" ]; then
+ local K="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | tr -d ' ,')"
+ cat "${K}.pub" >> "${KEY}.new.pub"
+ cat "${K}.sec" >> "${KEY}.new.sec"
+ fi
+ done
+ if [ ! -e "${KEY}.pub" ]; then
+ mv "${KEY}.new.pub" "${KEY}.pub"
+ mv "${KEY}.new.sec" "${KEY}.sec"
fi
+ local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo ${APT_TESTS_DIGEST_ALGO:-SHA512}"
for RELEASE in $(find "${REPODIR}/" -name Release); do
- $GPG --default-key "$SIGNER" --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
- local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')"
- $GPG --default-key "$SIGNER" --clearsign --output "$INRELEASE" "$RELEASE"
# we might have set a specific date for the Release file, so copy it
- touch -d "$(stat --format "%y" ${RELEASE})" "${RELEASE}.gpg" "${INRELEASE}"
+ local DATE="$(stat --format "%y" "${RELEASE}")"
+ if [ "$APT_DONT_SIGN" = 'Release.gpg' ]; then
+ rm -f "${RELEASE}.gpg"
+ else
+ testsuccess $GPG "$@" $SIGUSERS --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
+ touch -d "$DATE" "${RELEASE}.gpg"
+ fi
+ local INRELEASE="${RELEASE%/*}/InRelease"
+ if [ "$APT_DONT_SIGN" = 'InRelease' ]; then
+ rm -f "$INRELEASE"
+ else
+ testsuccess $GPG "$@" $SIGUSERS --clearsign --output "$INRELEASE" "$RELEASE"
+ touch -d "$DATE" "${INRELEASE}"
+ fi
done
if [ -f "$SECEXPIREBAK" ] && [ -f "$PUBEXPIREBAK" ]; then
mv -f "$SECEXPIREBAK" "${REXKEY}.sec"
}
redatereleasefiles() {
- local DATE="$(date -d "$1" '+%a, %d %b %Y %H:%M:%S %Z')"
+ local DATE="$(date -u -d "$1" '+%a, %d %b %Y %H:%M:%S %Z')"
for release in $(find aptarchive/ -name 'Release'); do
sed -i "s/^Date: .*$/Date: ${DATE}/" "$release"
touch -d "$DATE" "$release"
local APTARCHIVE2="copy://$(readlink -f "${TMPWORKINGDIRECTORY}/aptarchive" | sed 's# #%20#g')"
for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do
sed -i $LIST -e "s#$APTARCHIVE#${1}#" -e "s#$APTARCHIVE2#${1}#" \
- -e "s#http://localhost:${APTHTTPPORT}/#${1}#" \
- -e "s#https://localhost:${APTHTTPSPORT}/#${1}#"
+ -e "s#http://[^@]*@\?localhost:${APTHTTPPORT}/\?#${1}#" \
+ -e "s#https://[^@]*@\?localhost:${APTHTTPSPORT}/\?#${1}#"
done
}
cd aptarchive
local LOG="webserver.log"
if ! aptwebserver --port 0 -o aptwebserver::fork=1 -o aptwebserver::portfile='aptwebserver.port' "$@" >$LOG 2>&1 ; then
- cat $LOG
+ cat "$LOG"
false
fi
waitforpidfile aptwebserver.pid
fi
cd - > /dev/null
else
- msgdie 'You have to build aptwerbserver or install a webserver'
+ msgdie 'You have to build apt from source to have test/interactive-helper/aptwebserver available for tests requiring a webserver'
fi
if [ "$REWRTE" != 'yes' ]; then
rewritesourceslist "http://localhost:${APTHTTPPORT}/"
}
changetohttpswebserver() {
- if ! which stunnel4 >/dev/null; then
+ if ! command -v stunnel4 >/dev/null 2>&1; then
msgdie 'You need to install stunnel4 for https testcases'
fi
if [ ! -e "${TMPWORKINGDIRECTORY}/aptarchive/aptwebserver.pid" ]; then
msgdie 'Could not fork stunnel4 successfully'
fi
addtrap 'prefix' "kill ${PID};"
- APTHTTPSPORT="$(lsof -i | awk "/^stunnel4 / && \$2 == \"${PID}\" {print \$9; exit; }" | cut -d':' -f 2)"
+ APTHTTPSPORT="$(lsof -i -n | awk "/^stunnel4 / && \$2 == \"${PID}\" {print \$9; exit; }" | cut -d':' -f 2)"
webserverconfig 'aptwebserver::port::https' "$APTHTTPSPORT" "https://localhost:${APTHTTPSPORT}"
rewritesourceslist "https://localhost:${APTHTTPSPORT}/"
}
# start with an unmounted disk
mv "${CD}" "${CD}-unmounted"
# we don't want the disk to be modifiable
- addtrap 'prefix' "chmod -f -R +w \"$PWD/rootdir/media/cdrom/dists/\" \"$PWD/rootdir/media/cdrom-unmounted/dists/\" || true;"
+ addtrap 'prefix' "chmod -f -R +w '$(escape_shell "$PWD/rootdir/media/cdrom/dists/")' '$(escape_shell "$PWD/rootdir/media/cdrom-unmounted/dists/")' || true;"
chmod -R 555 rootdir/media/cdrom-unmounted/dists
}
testempty() {
msggroup 'testempty'
- msgtest "Test for no output of" "$*"
+ if [ "$1" = '--nomsg' ]; then
+ shift
+ else
+ msgtest "Test for no output of" "$*"
+ fi
local COMPAREFILE="${TMPWORKINGDIRECTORY}/rootdir/tmp/testempty.comparefile"
- if ("$@" >"$COMPAREFILE" 2>&1 || true) && test ! -s "$COMPAREFILE"; then
+ if "$@" >"$COMPAREFILE" 2>&1 && test ! -s "$COMPAREFILE"; then
msgpass
else
msgfailoutput '' "$COMPAREFILE" "$@"
local ARCH="$(getarchitecture 'native')"
echo "$VIRTUAL" | sed -e "s/:$ARCH//" -e 's/:all//' >"$COMPAREFILE"
local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testshowvirtual.output"
- testoutputequal "$COMPAREFILE" aptcache show -q=0 "$PACKAGE"
+ testoutputequal "$COMPAREFILE" aptcache show "$PACKAGE"
msggroup
}
fi
msggroup
}
+testnosrcpackage() {
+ msggroup 'testnosrcpackage'
+ msgtest "Test for non-existent source packages" "apt-cache showsrc $*"
+ local SHOWPKG="$(aptcache showsrc "$@" 2>&1 | grep '^Package: ')"
+ if [ -n "$SHOWPKG" ]; then
+ local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testnosrcpackage.output"
+ echo "$SHOWPKG" >"$OUTPUT"
+ msgfailoutput '' "$OUTPUT"
+ else
+ msgpass
+ fi
+ msggroup
+}
testdpkgstatus() {
msggroup 'testdpkgstatus'
msggroup
}
+catfile() {
+ if [ "${1##*.}" = 'deb' ]; then
+ stat >&2 "$1" || true
+ file >&2 "$1" || true
+ else
+ cat >&2 "$1" || true
+ fi
+}
msgfailoutput() {
msgreportheader 'msgfailoutput'
local MSG="$1"
echo >&2
while [ -n "$2" ]; do shift; done
echo "#### Complete file: $1 ####"
- cat >&2 "$1" || true
+ catfile "$1"
echo '#### grep output ####'
elif [ "$1" = 'test' ]; then
echo >&2
if expr match "$1" "$FILEFLAGS" >/dev/null; then
echo "#### stat(2) of file: $2 ####"
stat "$2" || true
- if test -e "$2"; then
+ if test -d "$2"; then
+ echo "#### The directory contains: $2 ####"
+ ls >&2 "$2" || true
+ elif test -e "$2"; then
echo "#### Complete file: $2 ####"
- cat >&2 "$2" || true
+ catfile "$2"
fi
fi
}
msgfailoutputstatfile "$2" "$3"
done
echo '#### test output ####'
+ elif [ "$1" = 'cmp' ]; then
+ echo >&2
+ while [ -n "$2" ]; do
+ echo "#### Complete file: $2 ####"
+ catfile "$2"
+ shift
+ done
+ echo '#### cmp output ####'
fi
- cat >&2 "$OUTPUT"
+ catfile "$OUTPUT"
msgfail "$MSG"
}
-testsuccess() {
- msggroup 'testsuccess'
+testsuccesswithglobalerror() {
+ local TYPE="$1"
+ local ERRORS="$2"
+ shift 2
+ msggroup "$TYPE"
if [ "$1" = '--nomsg' ]; then
shift
else
msgtest 'Test for successful execution of' "$*"
fi
- local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testsuccess.output"
+ local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/${TYPE}.output"
if "$@" >"${OUTPUT}" 2>&1; then
if expr match "$1" '^apt.*' >/dev/null; then
if grep -q -E ' runtime error: ' "$OUTPUT"; then
msgfailoutput 'compiler detected undefined behavior' "$OUTPUT" "$@"
- elif grep -E '^[WE]: ' "$OUTPUT" > "${TMPWORKINGDIRECTORY}/rootdir/tmp/checkforwarnings.output" 2>&1; then
+ elif grep -E "^[${ERRORS}]: " "$OUTPUT" > "${TMPWORKINGDIRECTORY}/rootdir/tmp/checkforwarnings.output" 2>&1; then
if [ "$IGNORE_PTY_NOT_MOUNTED" = '1' ]; then
if echo 'E: Can not write log (Is /dev/pts mounted?) - posix_openpt (2: No such file or directory)' \
| cmp - "${TMPWORKINGDIRECTORY}/rootdir/tmp/checkforwarnings.output" >/dev/null 2>&1; then
else
msgfailoutput 'successful run, but output contains warnings/errors' "$OUTPUT" "$@"
fi
+ elif [ "$TYPE" = 'testsuccesswithnotice' ]; then
+ if grep -q -E "^N: " "$OUTPUT"; then
+ msgpass
+ else
+ msgfailoutput 'successful run, but output had no notices' "$OUTPUT" "$@"
+ fi
else
msgpass
fi
local EXITCODE=$?
msgfailoutput "exitcode $EXITCODE" "$OUTPUT" "$@"
fi
- aptautotest 'testsuccess' "$@"
+ aptautotest "$TYPE" "$@"
msggroup
}
+testsuccesswithnotice() {
+ testsuccesswithglobalerror 'testsuccesswithnotice' 'WE' "$@"
+}
+testsuccess() {
+ testsuccesswithglobalerror 'testsuccess' 'NWE' "$@"
+}
testwarning() {
msggroup 'testwarning'
if [ "$1" = '--nomsg' ]; then
local EXITCODE=$?
if expr match "$1" '^apt.*' >/dev/null; then
if [ "$1" = 'aptkey' ]; then
- if grep -q -E " Can't check signature: " "$OUTPUT" || \
- grep -q -E " BAD signature from " "$OUTPUT"; then
+ if grep -q " Can't check signature:
+ BAD signature from
+ signature could not be verified" "$OUTPUT"; then
msgpass
else
msgfailoutput "run failed with exitcode ${EXITCODE}, but no signature error" "$OUTPUT" "$@"
testreturnstateequal() {
local STATE="$1"
- msggroup "${STATE}equal"
- if [ "$2" != '--nomsg' ]; then
- local CMP="$2"
- shift 2
- "$STATE" "$@"
- testfileequal "${TMPWORKINGDIRECTORY}/rootdir/tmp/${STATE}.output" "$CMP"
- else
- local CMP="$3"
+ if [ "$STATE" = 'testsuccesswithglobalerror' ]; then
+ local STATE="$2"
+ local TYPE="$3"
shift 3
- "$STATE" --nomsg "$@"
- testfileequal "${TMPWORKINGDIRECTORY}/rootdir/tmp/${STATE}.output" "$CMP"
+ msggroup "${STATE}equal"
+ if [ "$1" != '--nomsg' ]; then
+ local CMP="$1"
+ shift
+ testsuccesswithglobalerror "$STATE" "$TYPE" "$@"
+ testfileequal "${TMPWORKINGDIRECTORY}/rootdir/tmp/${STATE}.output" "$CMP"
+ else
+ local CMP="$2"
+ shift 2
+ testsuccesswithglobalerror "$STATE" "$TYPE" "$@"
+ testfileequal "${TMPWORKINGDIRECTORY}/rootdir/tmp/${STATE}.output" "$CMP"
+ fi
+ else
+ msggroup "${STATE}equal"
+ if [ "$2" != '--nomsg' ]; then
+ local CMP="$2"
+ shift 2
+ "$STATE" "$@"
+ testfileequal "${TMPWORKINGDIRECTORY}/rootdir/tmp/${STATE}.output" "$CMP"
+ else
+ local CMP="$3"
+ shift 3
+ "$STATE" --nomsg "$@"
+ testfileequal "${TMPWORKINGDIRECTORY}/rootdir/tmp/${STATE}.output" "$CMP"
+ fi
fi
msggroup
}
testsuccessequal() {
- testreturnstateequal 'testsuccess' "$@"
+ # we compare output, so we know perfectly well about N:
+ testreturnstateequal 'testsuccesswithglobalerror' 'testsuccess' 'WE' "$@"
}
testwarningequal() {
testreturnstateequal 'testwarning' "$@"
msggroup
}
+createlistofkeys() {
+ local OUTPUT="$1"
+ shift
+ while [ -n "$1" ]; do
+ # gpg 2.1.something starts printing [SC] at some point
+ if grep -q ' rsa2048/' "$OUTPUT" && grep -qF '[SC]' "$OUTPUT"; then
+ case "$1" in
+ *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18 [SC]';;
+ *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [SC] [expired: 2013-07-13]';;
+ *Marvin*|*Paranoid*) echo 'pub rsa2048/528144E2 2011-01-16 [SC]';;
+ oldarchive) echo 'pub rsa1024/F68C85A3 2013-12-19 [SC]';;
+ newarchive) echo 'pub rsa2048/DBAC8DAE 2010-08-18 [SC]';;
+ *) echo 'UNKNOWN KEY';;
+ esac
+ # gpg 2.1 has a slightly different output format
+ elif grep -q ' rsa2048/' "$OUTPUT"; then
+ case "$1" in
+ *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18';;
+ *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
+ *Marvin*|*Paranoid*) echo 'pub rsa2048/528144E2 2011-01-16';;
+ oldarchive) echo 'pub rsa1024/F68C85A3 2013-12-19';;
+ newarchive) echo 'pub rsa2048/DBAC8DAE 2010-08-18';;
+ *) echo 'UNKNOWN KEY';;
+ esac
+ else
+ case "$1" in
+ *Joe*|*Sixpack*) echo 'pub 2048R/DBAC8DAE 2010-08-18';;
+ *Rex*|*Expired*) echo 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
+ *Marvin*|*Paranoid*) echo 'pub 2048R/528144E2 2011-01-16';;
+ oldarchive) echo 'pub 1024R/F68C85A3 2013-12-19';;
+ newarchive) echo 'pub 2048R/DBAC8DAE 2010-08-18';;
+ *) echo 'UNKNOWN KEY';;
+ esac
+ fi
+ shift
+ done
+}
+testaptkeys() {
+ local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/aptkeylist.output"
+ if ! aptkey list | grep '^pub' > "$OUTPUT"; then
+ echo -n > "$OUTPUT"
+ fi
+ testfileequal "$OUTPUT" "$(createlistofkeys "$OUTPUT" "$@")"
+}
+
pause() {
echo "STOPPED execution. Press enter to continue"
local IGNORE
done
} | sort
}
+forallsupportedcompressors() {
+ rm -f "${TMPWORKINGDIRECTORY}/rootdir/etc/apt/apt.conf.d/00force-compressor"
+ for COMP in $(aptconfig dump 'APT::Compressor' --format '%f%n' | cut -d':' -f 5 | uniq); do
+ if [ -z "$COMP" -o "$COMP" = '.' ]; then continue; fi
+ "$@" "$COMP"
+ done
+}
### convenience hacks ###
mkdir() {
# creating some directories by hand is a tedious task, so make it look simple
- if [ "$*" = '-p rootdir/var/lib/apt/lists' ] || [ "$*" = "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists" ] ||
- [ "$*" = '-p rootdir/var/lib/apt/lists/partial' ] || [ "$*" = "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists/partial" ]; then
+ local PARAMS="$*"
+ if [ "$PARAMS" != "${PARAMS#*rootdir/var/lib/apt/lists}" ]; then
# only the last directory created by mkdir is effected by the -m !
command mkdir -m 755 -p "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt"
command mkdir -m 755 -p "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists"
local TESTCALL="$1"
local CMD="$2"
local FIRSTOPT="$3"
- local AUTOTEST="aptautotest_$(echo "${CMD##*/}_${FIRSTOPT}" | tr -d '-')"
+ local AUTOTEST="aptautotest_$(echo "${CMD##*/}_${FIRSTOPT}" | tr -d -c 'A-za-z0-9')"
if command -v $AUTOTEST >/dev/null; then
shift 3
# save and restore the *.output files from other tests