ensure apt-key del handles 16-byte key ids

[apt.git] / test / integration / framework

diff --git a/test/integration/framework b/test/integration/framework
index 8f1e7cca5a93b346852436c174e3b63fd8f75ae7..fcdca34ce3c3988b956e700429f427eed262df8f 100644 (file)
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -4,7 +4,7 @@ EXIT_CODE=0
 
 # we all like colorful messages
 if [ "$MSGCOLOR" != 'NO' ]; then
-       if ! expr match "$(readlink -f /proc/$$/fd/1)" '/dev/pts/[0-9]\+' > /dev/null; then
+       if [ ! -t 1 ]; then # but check that we output to a terminal
                export MSGCOLOR='NO'
        fi
 fi
@@ -133,13 +133,6 @@ gdb() {
        shift
        runapt command gdb --quiet -ex run "${BUILDDIRECTORY}/$CMD" --args "${BUILDDIRECTORY}/$CMD" "$@"
 }
-gpg() {
-       # see apt-key for the whole trickery. Setup is done in setupenvironment
-       command gpg --ignore-time-conflict --no-options --no-default-keyring \
-               --homedir "${TMPWORKINGDIRECTORY}/gnupghome" \
-               --no-auto-check-trustdb --trust-model always \
-               "$@"
-}
 
 exitwithstatus() {
         # error if we about to overflow, but ...
@@ -223,6 +216,7 @@ setupenvironment() {
        echo "Debug::NoLocking \"true\";" >> aptconfig.conf
        echo "APT::Get::Show-User-Simulation-Note \"false\";" >> aptconfig.conf
        echo "Dir::Bin::Methods \"${METHODSDIR}\";" >> aptconfig.conf
+       echo "Dir::Bin::apt-key \"${BUILDDIRECTORY}/apt-key\";" >> aptconfig.conf
        echo "Dir::Bin::dpkg \"fakeroot\";" >> aptconfig.conf
        echo "DPKG::options:: \"dpkg\";" >> aptconfig.conf
        echo "DPKG::options:: \"--root=${TMPWORKINGDIRECTORY}/rootdir\";" >> aptconfig.conf
@@ -238,19 +232,6 @@ setupenvironment() {
         echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
        configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
 
-       # gpg needs a trustdb to function, but it can't be invalid (not even empty)
-       # see also apt-key where this trickery comes from:
-       local TRUSTDBDIR="${TMPWORKINGDIRECTORY}/gnupghome"
-       mkdir "$TRUSTDBDIR"
-       chmod 700 "$TRUSTDBDIR"
-       # We also don't use a secret keyring, of course, but gpg panics and
-       # implodes if there isn't one available - and writeable for imports
-       local SECRETKEYRING="${TRUSTDBDIR}/secring.gpg"
-       touch $SECRETKEYRING
-       # now create the trustdb with an (empty) dummy keyring
-       # newer gpg versions are fine without it, but play it safe for now
-       gpg --quiet --check-trustdb --secret-keyring $SECRETKEYRING --keyring $SECRETKEYRING >/dev/null 2>&1
-
        # cleanup the environment a bit
         # prefer our apt binaries over the system apt binaries
        export PATH="${BUILDDIRECTORY}:${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
@@ -448,8 +429,8 @@ Package: $NAME" >> ${BUILDDIR}/debian/control
                | while read SRC; do
                echo "pool/${SRC}" >> ${BUILDDIR}/../${RELEASE}.${DISTSECTION}.srclist
 #              if expr match "${SRC}" '.*\.dsc' >/dev/null 2>&1; then
-#                      gpg --yes --secret-keyring ./keys/joesixpack.sec \
-#                              --keyring ./keys/joesixpack.pub --default-key 'Joe Sixpack' \
+#                      aptkey --keyring ./keys/joesixpack.pub --secret-keyring ./keys/joesixpack.sec --quiet --readonly \
+#                              adv --yes --default-key 'Joe Sixpack' \
 #                              --clearsign -o "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
 #                      mv "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
 #              fi
@@ -834,8 +815,9 @@ setupaptarchive() {
 
 signreleasefiles() {
        local SIGNER="${1:-Joe Sixpack}"
-       local GPG="gpg --batch --yes"
-       msgninfo "\tSign archive with $SIGNER key… "
+       local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')"
+       local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes"
+       msgninfo "\tSign archive with $SIGNER key $KEY… "
        local REXKEY='keys/rexexpired'
        local SECEXPIREBAK="${REXKEY}.sec.bak"
        local PUBEXPIREBAK="${REXKEY}.pub.bak"
@@ -851,17 +833,14 @@ signreleasefiles() {
                        cp $SECUNEXPIRED ${REXKEY}.sec
                        cp $PUBUNEXPIRED ${REXKEY}.pub
                else
-                       printf "expire\n1w\nsave\n" | $GPG --keyring ${REXKEY}.pub --secret-keyring ${REXKEY}.sec --command-fd 0 --edit-key "${SIGNER}" >/dev/null 2>&1 || true
+                       if ! printf "expire\n1w\nsave\n" | $GPG --default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then
+                               cat setexpire.gpg
+                               exit 1
+                       fi
                        cp ${REXKEY}.sec $SECUNEXPIRED
                        cp ${REXKEY}.pub $PUBUNEXPIRED
                fi
        fi
-       for KEY in $(find keys/ -name '*.sec'); do
-               GPG="$GPG --secret-keyring $KEY"
-       done
-       for KEY in $(find keys/ -name '*.pub'); do
-               GPG="$GPG --keyring $KEY"
-       done
        for RELEASE in $(find aptarchive/ -name Release); do
                $GPG --default-key "$SIGNER" --armor --detach-sign --sign --output ${RELEASE}.gpg ${RELEASE}
                local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')"
@@ -1019,7 +998,13 @@ testfileequal() {
 
 testempty() {
        msgtest "Test for no output of" "$*"
-       test -z "$($* 2>&1)" && msgpass || msgfail
+       local COMPAREFILE="${TMPWORKINGDIRECTORY}/rootdir/tmp/testempty.comparefile"
+       if $* >$COMPAREFILE 2>&1 && test ! -s $COMPAREFILE; then
+               msgpass
+       else
+               cat $COMPAREFILE
+               msgfail
+       fi
 }
 
 testequal() {