esac
MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH="${LIBRARYPATH}:${LD_LIBRARY_PATH}" "$CMD" "$@"
}
+runpython3() { runapt command python3 "$@"; }
aptconfig() { runapt apt-config "$@"; }
aptcache() { runapt apt-cache "$@"; }
aptcdrom() { runapt apt-cdrom "$@"; }
echo "Acquire::https::CaInfo \"${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem\";" > rootdir/etc/apt/apt.conf.d/99https
echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
echo 'Acquire::Connect::AddrConfig "false";' > rootdir/etc/apt/apt.conf.d/connect-addrconfig
+
configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
- confighashes 'SHA1' # these are tests, not security best-practices
+ confighashes 'SHA256' # these are tests, not security best-practices
# create some files in /tmp and look at user/group to get what this means
TEST_DEFAULT_USER="$(id -un)"
unset LANGUAGE APT_CONFIG
unset GREP_OPTIONS DEB_BUILD_PROFILES
unset http_proxy HTTP_PROXY https_proxy HTTPS_PROXY no_proxy
+
+ # If gpgv supports --weak-digest, pass it to make sure we can disable SHA1
+ if aptkey verify --weak-digest SHA1 --help 2>/dev/null >/dev/null; then
+ echo 'Acquire::gpgv::Options { "--weak-digest"; "sha1"; };' > rootdir/etc/apt/apt.conf.d/no-sha1
+ fi
+
msgdone "info"
}
return func_execvp(newfile, argv);
}
EOF
- testsuccess --nomsg gcc -Wall -fPIC -shared -o noopchroot.so noopchroot.c -ldl
+ testempty --nomsg gcc -Wall -Wextra -fPIC -shared -o noopchroot.so noopchroot.c -ldl
}
configcompression() {
local CMD='apthelper cat-file -C'
}
insertsource() {
- local RELEASE="$1"
+ local RELEASES="$1"
local NAME="$2"
local ARCH="$3"
local VERSION="$4"
local DEPENDENCIES="$5"
- local BINARY="${6:-$NAME}"
+ local BINARY="${6:-$NAME}"
local ARCHS=""
- local SPATH="aptarchive/dists/${RELEASE}/main/source"
- mkdir -p $SPATH
- local FILE="${SPATH}/Sources"
- local DSCFILE="${NAME}_${VERSION}.dsc"
- local TARFILE="${NAME}_${VERSION}.tar.gz"
- echo "Package: $NAME
+ for RELEASE in $(printf '%s' "$RELEASES" | tr ',' '\n'); do
+ local SPATH="aptarchive/dists/${RELEASE}/main/source"
+ mkdir -p $SPATH
+ local FILE="${SPATH}/Sources"
+ local DSCFILE="${NAME}_${VERSION}.dsc"
+ local TARFILE="${NAME}_${VERSION}.tar.gz"
+ echo "Package: $NAME
Binary: $BINARY
Version: $VERSION
Maintainer: Joe Sixpack <joe@example.org>
Architecture: $ARCH" >> $FILE
- test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> "$FILE"
- echo "Files:
+ test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> "$FILE"
+ echo "Files:
$(echo -n "$DSCFILE" | md5sum | cut -d' ' -f 1) $(echo -n "$DSCFILE" | wc -c) "$DSCFILE"
$(echo -n "$TARFILE" | md5sum | cut -d' ' -f 1) $(echo -n "$TARFILE" | wc -c) "$TARFILE"
Checksums-Sha256:
$(echo -n "$DSCFILE" | sha256sum | cut -d' ' -f 1) $(echo -n "$DSCFILE" | wc -c) "$DSCFILE"
$(echo -n "$TARFILE" | sha256sum | cut -d' ' -f 1) $(echo -n "$TARFILE" | wc -c) "$TARFILE"
" >> "$FILE"
+ done
}
insertinstalledpackage() {
local SIGNER="${1:-Joe Sixpack}"
local REPODIR="${2:-aptarchive}"
local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')"
- local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes"
+ local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo ${APT_TESTS_DIGEST_ALGO:-SHA512}"
msgninfo "\tSign archive with $SIGNER key $KEY… "
local REXKEY='keys/rexexpired'
local SECEXPIREBAK="${REXKEY}.sec.bak"
local APTARCHIVE2="copy://$(readlink -f "${TMPWORKINGDIRECTORY}/aptarchive" | sed 's# #%20#g')"
for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do
sed -i $LIST -e "s#$APTARCHIVE#${1}#" -e "s#$APTARCHIVE2#${1}#" \
- -e "s#http://localhost:${APTHTTPPORT}/#${1}#" \
- -e "s#https://localhost:${APTHTTPSPORT}/#${1}#"
+ -e "s#http://[^@]*@\?localhost:${APTHTTPPORT}/\?#${1}#" \
+ -e "s#https://[^@]*@\?localhost:${APTHTTPSPORT}/\?#${1}#"
done
}
msgdie 'Could not fork stunnel4 successfully'
fi
addtrap 'prefix' "kill ${PID};"
- APTHTTPSPORT="$(lsof -i | awk "/^stunnel4 / && \$2 == \"${PID}\" {print \$9; exit; }" | cut -d':' -f 2)"
+ APTHTTPSPORT="$(lsof -i -n | awk "/^stunnel4 / && \$2 == \"${PID}\" {print \$9; exit; }" | cut -d':' -f 2)"
webserverconfig 'aptwebserver::port::https' "$APTHTTPSPORT" "https://localhost:${APTHTTPSPORT}"
rewritesourceslist "https://localhost:${APTHTTPSPORT}/"
}
testempty() {
msggroup 'testempty'
- msgtest "Test for no output of" "$*"
+ if [ "$1" = '--nomsg' ]; then
+ shift
+ else
+ msgtest "Test for no output of" "$*"
+ fi
local COMPAREFILE="${TMPWORKINGDIRECTORY}/rootdir/tmp/testempty.comparefile"
- if ("$@" >"$COMPAREFILE" 2>&1 || true) && test ! -s "$COMPAREFILE"; then
+ if "$@" >"$COMPAREFILE" 2>&1 && test ! -s "$COMPAREFILE"; then
msgpass
else
msgfailoutput '' "$COMPAREFILE" "$@"
msgfailoutputstatfile "$2" "$3"
done
echo '#### test output ####'
+ elif [ "$1" = 'cmp' ]; then
+ echo >&2
+ while [ -n "$2" ]; do
+ echo "#### Complete file: $2 ####"
+ cat >&2 "$2" || true
+ shift
+ done
+ echo '#### cmp output ####'
fi
cat >&2 "$OUTPUT"
msgfail "$MSG"
local OUTPUT="$1"
shift
while [ -n "$1" ]; do
+ # gpg 2.1.something starts printing [SC] at some point
+ if grep -q ' rsa2048/' "$OUTPUT" && grep -qF '[SC]' "$OUTPUT"; then
+ case "$1" in
+ *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18 [SC]';;
+ *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [SC] [expired: 2013-07-13]';;
+ *Marvin*|*Paranoid*) echo 'pub rsa2048/528144E2 2011-01-16 [SC]';;
+ oldarchive) echo 'pub rsa1024/F68C85A3 2013-12-19 [SC]';;
+ newarchive) echo 'pub rsa2048/DBAC8DAE 2010-08-18 [SC]';;
+ *) echo 'UNKNOWN KEY';;
+ esac
# gpg 2.1 has a slightly different output format
- if grep -q ' rsa2048/' "$OUTPUT"; then
+ elif grep -q ' rsa2048/' "$OUTPUT"; then
case "$1" in
*Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18';;
*Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
projects / apt.git / blobdiff