start_with_good_inrelease() {
create_fresh_archive
testsuccess aptget update
- testequal "old/unstable 1.0 all" apt list -q
+ listcurrentlistsdirectory > lists.before
+ testsuccessequal "old/unstable 1.0 all" apt list -q
}
test_inrelease_to_new_inrelease() {
add_new_package '+1hour'
testsuccess aptget update -o Debug::Acquire::Transaction=1
- testequal "new/unstable 1.0 all
+ testsuccessequal "new/unstable 1.0 all
old/unstable 1.0 all" apt list -q
}
break_repository_sources_index '+1hour'
# test the error condition
- testequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/main/source/Sources Hash Sum mismatch
-
+ testfailureequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/main/source/Sources.gz Hash Sum mismatch
E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
# ensure that the Packages file is also rolled back
- testequal "E: Unable to locate package new" aptget install new -s -qq
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
+ testfailureequal "E: Unable to locate package new" aptget install new -s -qq
}
test_inrelease_to_valid_release() {
rm $APTARCHIVE/dists/unstable/Release.gpg
# update fails
- testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq
+ testfailureequal "E: The repository 'file:${APTARCHIVE} unstable Release' is no longer signed." aptget update -qq
- # test that we can install the new packages but do no longer have a sig
+ # test that security downgrade was not successful
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
testsuccess aptget install old -s
testfailure aptget install new -s
testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease
break_repository_sources_index '+1hour'
# ensure error
- testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq # -o Debug::acquire::transaction=1
+ testfailureequal "E: The repository 'file:${APTARCHIVE} unstable Release' is no longer signed." aptget update -qq # -o Debug::acquire::transaction=1
# ensure that the Packages file is also rolled back
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
testsuccess aptget install old -s
testfailure aptget install new -s
testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease
rm $APTARCHIVE/dists/unstable/InRelease
rm $APTARCHIVE/dists/unstable/Release.gpg
- testsuccess aptget update --allow-insecure-repositories
- testequal "WARNING: The following packages cannot be authenticated!
+ testwarning aptget update --allow-insecure-repositories
+ listcurrentlistsdirectory > lists.before
+ testfailureequal "WARNING: The following packages cannot be authenticated!
old
E: There are problems and -y was used without --force-yes" aptget install -qq -y old
add_new_package '+1hour'
break_repository_sources_index '+1hour'
- testequal "W: Failed to fetch file:$APTARCHIVE/dists/unstable/main/source/Sources Hash Sum mismatch
-
+ testfailureequal "W: Failed to fetch file:$APTARCHIVE/dists/unstable/main/source/Sources.gz Hash Sum mismatch
E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
testfailure ls rootdir/var/lib/apt/lists/*_InRelease
- testequal "WARNING: The following packages cannot be authenticated!
+ testfailureequal "WARNING: The following packages cannot be authenticated!
old
E: There are problems and -y was used without --force-yes" aptget install -qq -y old
}
msgmsg 'Test InRelease to InRelease without good sig'
start_with_good_inrelease
- signreleasefiles 'Marvin Paranoid' '+1hour'
-
- testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
+ signreleasefiles 'Marvin Paranoid'
+ testwarningequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file:${APTARCHIVE} unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
-
W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
testsuccess ls rootdir/var/lib/apt/lists/*_InRelease
}
msgmsg "Test InRelease to broken gzip"
start_with_good_inrelease
+ break_repository_sources_index '+1hour'
+ generatereleasefiles '+2hours'
+ signreleasefiles
+
# append junk at the end of the compressed file
echo "lala" >> $APTARCHIVE/dists/unstable/main/source/Sources.gz
touch -d '+2min' $APTARCHIVE/dists/unstable/main/source/Sources.gz
rm $APTARCHIVE/dists/unstable/main/source/Sources
testfailure aptget update
+ testsuccess grep 'Hash Sum mismatch' rootdir/tmp/testfailure.output
+ testfileequal lists.before "$(listcurrentlistsdirectory)"
}
TESTDIR=$(readlink -f $(dirname $0))