acquire: Use priority queues and a 3 stage pipeline design

[apt.git] / test / integration / test-releasefile-verification

diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification
index 217319cab91357d0c8adc1c077ee22ccdc92f298..e043fa8b5f41a8153c38ad7a12d281e08fe74681 100755 (executable)
--- a/test/integration/test-releasefile-verification
+++ b/test/integration/test-releasefile-verification
@@ -12,8 +12,6 @@ buildaptarchive
 setupflataptarchive
 changetowebserver
 
-webserverconfig 'aptwebserver::support::range' 'false'
-
 prepare() {
        local DATE="${2:-now}"
        if [ "$DATE" = 'now' ]; then
@@ -109,6 +107,19 @@ runtest() {
 " aptcache show apt
        installaptold
 
+       if [ "$(id -u)" != '0' ]; then
+               msgmsg 'Cold archive signed by' 'Joe Sixpack + unreadable key'
+               rm -rf rootdir/var/lib/apt/lists
+               echo 'foobar' > rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg
+               chmod 000 rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg
+               updatewithwarnings '^W: .* is not readable by user'
+               chmod 644 rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg
+               rm -f rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg
+               testsuccessequal "$(cat "${PKGFILE}")
+" aptcache show apt
+               installaptold
+       fi
+
        msgmsg 'Good warm archive signed by' 'Joe Sixpack'
        prepare "${PKGFILE}-new"
        signreleasefiles 'Joe Sixpack'
@@ -239,7 +250,7 @@ runtest() {
        updatewithwarnings '^W: .* NO_PUBKEY'
        sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 #" rootdir/etc/apt/sources.list.d/*
 
-       local MARVIN="$(aptkey --keyring $MARVIN finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')"
+       local MARVIN="$(aptkey --keyring $MARVIN finger --with-colons | grep '^fpr' | cut -d':' -f 10)"
        msgmsg 'Cold archive signed by bad keyid' 'Joe Sixpack'
        rm -rf rootdir/var/lib/apt/lists
        signreleasefiles 'Joe Sixpack'
@@ -263,7 +274,7 @@ runtest() {
 " aptcache show apt
        installaptold
 
-       local SIXPACK="$(aptkey --keyring keys/joesixpack.pub finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')"
+       local SIXPACK="$(aptkey --keyring keys/joesixpack.pub finger --with-colons | grep '^fpr' | cut -d':' -f 10)"
        msgmsg 'Cold archive signed by good keyids' 'Joe Sixpack'
        rm -rf rootdir/var/lib/apt/lists
        signreleasefiles 'Joe Sixpack'
@@ -273,7 +284,6 @@ runtest() {
 " aptcache show apt
        installaptold
 
-       local SIXPACK="$(aptkey --keyring keys/joesixpack.pub finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')"
        msgmsg 'Cold archive signed by good keyids' 'Joe Sixpack'
        rm -rf rootdir/var/lib/apt/lists
        sed -i "s#^\(deb\(-src\)\?\) \[signed-by=${SIXPACK},${MARVIN}\] #\1 [signed-by=${MARVIN},${SIXPACK}] #" rootdir/etc/apt/sources.list.d/*
@@ -379,7 +389,7 @@ cat > rootdir/etc/apt/apt.conf.d/weaken-security <<EOF
 Acquire::AllowInsecureRepositories "1";
 Acquire::AllowDowngradeToInsecureRepositories "1";
 EOF
-# the hash marked as configureable in our gpgv method
+# the hash marked as configurable in our gpgv method
 export APT_TESTS_DIGEST_ALGO='SHA224'
 
 successfulaptgetupdate() {
@@ -414,6 +424,11 @@ runfailure() {
                testnopackage 'apt'
                testwarning aptget update --allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
                failaptold
+               rm -rf rootdir/var/lib/apt/lists
+               sed -i 's#^deb\(-src\)\? #deb\1 [allow-insecure=yes] #' rootdir/etc/apt/sources.list.d/*
+               testwarning aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+               failaptold
+               sed -i 's#^deb\(-src\)\? \[allow-insecure=yes\] #deb\1 #' rootdir/etc/apt/sources.list.d/*
 
                msgmsg 'Cold archive signed by' 'Marvin Paranoid'
                prepare "${PKGFILE}"