use our own homedir for gpg in testcases

[apt.git] / test / integration / framework

diff --git a/test/integration/framework b/test/integration/framework
index 28ccb4d9f7553503c953bb49bc36d1423b3f54f1..1db1946db81b6ddc26a58762561c4ec4f6af829a 100644 (file)
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -102,6 +102,9 @@ aptget() { runapt apt-get $*; }
 aptftparchive() { runapt apt-ftparchive $*; }
 aptkey() { runapt apt-key $*; }
 aptmark() { runapt apt-mark $*; }
+aptwebserver() {
+  LD_LIBRARY_PATH=${APTWEBSERVERBINDIR} ${APTWEBSERVERBINDIR}/aptwebserver $*;
+}
 dpkg() {
        $(which dpkg) --root=${TMPWORKINGDIRECTORY}/rootdir --force-not-root --force-bad-path --log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log $*
 }
@@ -116,11 +119,18 @@ aptitude() {
 }
 gdb() {
        echo "gdb: run »$*«"
-       APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${BUILDDIRECTORY} $(which gdb) ${BUILDDIRECTORY}/$1
+       APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${BUILDDIRECTORY} $(which gdb) ${BUILDDIRECTORY}/$1 --args $*
 }
 http() {
        LD_LIBRARY_PATH=${BUILDDIRECTORY} ${BUILDDIRECTORY}/methods/http
 }
+gpg() {
+       # see apt-key for the whole trickery. Setup is done in setupenvironment
+       command gpg --ignore-time-conflict --no-options --no-default-keyring \
+               --homedir "${TMPWORKINGDIRECTORY}/gnupghome" \
+               --no-auto-check-trustdb --trust-model always \
+               "$@"
+}
 
 exitwithstatus() {
         # error if we about to overflow, but ...
@@ -154,8 +164,14 @@ setupenvironment() {
        TMPWORKINGDIRECTORY=$(mktemp -d)
        TESTDIRECTORY=$(readlink -f $(dirname $0))
        msgninfo "Preparing environment for ${CCMD}$(basename $0)${CINFO} in ${TMPWORKINGDIRECTORY}… "
-       BUILDDIRECTORY="${TESTDIRECTORY}/../../build/bin"
+
+        # allow overriding the default BUILDDIR location
+       BUILDDIRECTORY=${APT_INTEGRATION_TESTS_BUILD_DIR:-"${TESTDIRECTORY}/../../build/bin"}
+        METHODSDIR=${APT_INTEGRATION_TESTS_METHODS_DIR:-"${BUILDDIRECTORY}/methods"}
+        APTWEBSERVERBINDIR=${APT_INTEGRATION_TESTS_WEBSERVER_BIN_DIR:-"${BUILDDIRECTORY}"}
        test -x "${BUILDDIRECTORY}/apt-get" || msgdie "You need to build tree first"
+        # -----
+
        addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;"
        cd $TMPWORKINGDIRECTORY
        mkdir rootdir aptarchive keys
@@ -181,7 +197,7 @@ setupenvironment() {
        echo "Dir::state::status \"${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status\";" >> aptconfig.conf
        echo "Debug::NoLocking \"true\";" >> aptconfig.conf
        echo "APT::Get::Show-User-Simulation-Note \"false\";" >> aptconfig.conf
-       echo "Dir::Bin::Methods \"${BUILDDIRECTORY}/methods\";" >> aptconfig.conf
+       echo "Dir::Bin::Methods \"${METHODSDIR}\";" >> aptconfig.conf
        echo "Dir::Bin::dpkg \"fakeroot\";" >> aptconfig.conf
        echo "DPKG::options:: \"dpkg\";" >> aptconfig.conf
        echo "DPKG::options:: \"--root=${TMPWORKINGDIRECTORY}/rootdir\";" >> aptconfig.conf
@@ -192,9 +208,24 @@ setupenvironment() {
        fi
        echo "DPKG::options:: \"--log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log\";" >> aptconfig.conf
        echo 'quiet::NoUpdate "true";' >> aptconfig.conf
-       export LC_ALL=C
+       echo "Acquire::https::CaInfo \"${TESTDIR}/apt.pem\";" > rootdir/etc/apt/apt.conf.d/99https
+       export LC_ALL=C.UTF-8
        export PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
        configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
+
+       # gpg needs a trustdb to function, but it can't be invalid (not even empty)
+       # see also apt-key where this trickery comes from:
+       local TRUSTDBDIR="${TMPWORKINGDIRECTORY}/gnupghome"
+       mkdir "$TRUSTDBDIR"
+       chmod 700 "$TRUSTDBDIR"
+       # We also don't use a secret keyring, of course, but gpg panics and
+       # implodes if there isn't one available - and writeable for imports
+       local SECRETKEYRING="${TRUSTDBDIR}/secring.gpg"
+       touch $SECRETKEYRING
+       # now create the trustdb with an (empty) dummy keyring
+       # newer gpg versions are fine without it, but play it safe for now
+       gpg --quiet --check-trustdb --secret-keyring $SECRETKEYRING --keyring $SECRETKEYRING >/dev/null 2>&1
+
        msgdone "info"
 }
 
@@ -278,7 +309,7 @@ setupsimplenativepackage() {
        local VERSION="$3"
        local RELEASE="${4:-unstable}"
        local DEPENDENCIES="$5"
-       local DESCRIPTION="${6:-"Description: an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
+       local DESCRIPTION="${6:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
  If you find such a package installed on your system,
  something went horribly wrong! They are autogenerated
  und used only by testcases and surf no other propose…"}"
@@ -328,7 +359,7 @@ buildsimplenativepackage() {
        local VERSION="$3"
        local RELEASE="${4:-unstable}"
        local DEPENDENCIES="$5"
-       local DESCRIPTION="${6:-"Description: an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
+       local DESCRIPTION="${6:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
  If you find such a package installed on your system,
  something went horribly wrong! They are autogenerated
  und used only by testcases and surf no other propose…"}"
@@ -380,7 +411,7 @@ Package: $NAME" >> ${BUILDDIR}/debian/control
                | while read SRC; do
                echo "pool/${SRC}" >> ${BUILDDIR}/../${RELEASE}.${DISTSECTION}.srclist
 #              if expr match "${SRC}" '.*\.dsc' >/dev/null 2>&1; then
-#                      gpg --yes --no-default-keyring --secret-keyring ./keys/joesixpack.sec \
+#                      gpg --yes --secret-keyring ./keys/joesixpack.sec \
 #                              --keyring ./keys/joesixpack.pub --default-key 'Joe Sixpack' \
 #                              --clearsign -o "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
 #                      mv "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
@@ -525,7 +556,7 @@ insertpackage() {
        local VERSION="$4"
        local DEPENDENCIES="$5"
        local PRIORITY="${6:-optional}"
-       local DESCRIPTION="${7:-"Description: an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
+       local DESCRIPTION="${7:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
  If you find such a package installed on your system,
  something went horribly wrong! They are autogenerated
  und used only by testcases and surf no other propose…"}"
@@ -585,7 +616,7 @@ insertinstalledpackage() {
        local DEPENDENCIES="$4"
        local PRIORITY="${5:-optional}"
        local STATUS="${6:-install ok installed}"
-       local DESCRIPTION="${7:-"Description: an autogenerated dummy ${NAME}=${VERSION}/installed
+       local DESCRIPTION="${7:-"an autogenerated dummy ${NAME}=${VERSION}/installed
  If you find such a package installed on your system,
  something went horribly wrong! They are autogenerated
  und used only by testcases and surf no other propose…"}"
@@ -652,7 +683,12 @@ compressfile() {
 }
 
 # can be overridden by testcases for their pleasure
-getcodenamefromsuite() { echo -n "$1"; }
+getcodenamefromsuite() {
+       case "$1" in
+       unstable) echo 'sid';;
+       *) echo -n "$1";;
+       esac
+}
 getreleaseversionfromsuite() { true; }
 getlabelfromsuite() { true; }
 
@@ -749,7 +785,7 @@ setupaptarchive() {
 
 signreleasefiles() {
        local SIGNER="${1:-Joe Sixpack}"
-       local GPG="gpg --batch --yes --no-default-keyring --trustdb-name rootdir/etc/apt/trustdb.gpg"
+       local GPG="gpg --batch --yes"
        msgninfo "\tSign archive with $SIGNER key… "
        local REXKEY='keys/rexexpired'
        local SECEXPIREBAK="${REXKEY}.sec.bak"
@@ -791,6 +827,22 @@ signreleasefiles() {
        msgdone "info"
 }
 
+webserverconfig() {
+       msgtest "Set webserver config option '${1}' to" "$2"
+       downloadfile "http://localhost:8080/_config/set/${1}/${2}" '/dev/null' >/dev/null
+       local DOWNLOG='download-testfile.log'
+       rm -f "$DOWNLOG"
+       local STATUS="$(mktemp)"
+       addtrap "rm $STATUS;"
+       downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG"
+       if [ "$(cat "$STATUS")" = '200' ]; then
+               msgpass
+       else
+               cat >&2 "$DOWNLOG"
+               msgfail "Statuscode was $(cat "$STATUS")"
+       fi
+}
+
 rewritesourceslist() {
        local APTARCHIVE="file://$(readlink -f "${TMPWORKINGDIRECTORY}/aptarchive")"
        for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do
@@ -799,10 +851,19 @@ rewritesourceslist() {
 }
 
 changetowebserver() {
-       local LOG='/dev/null'
-       if test -x ${BUILDDIRECTORY}/aptwebserver; then
+       if [ "$1" != '--no-rewrite' ]; then
+               rewritesourceslist 'http://localhost:8080/'
+       else
+               shift
+       fi
+       if test -x ${APTWEBSERVERBINDIR}/aptwebserver; then
                cd aptarchive
-               LD_LIBRARY_PATH=${BUILDDIRECTORY} ${BUILDDIRECTORY}/aptwebserver -o aptwebserver::fork=1 "$@" >$LOG 2>&1
+               local LOG="$(mktemp)"
+               addtrap "rm $LOG;"
+               if ! aptwebserver -o aptwebserver::fork=1 "$@" >$LOG 2>&1 ; then
+                       cat $LOG
+                       false
+               fi
                local PID="$(cat aptwebserver.pid)"
                if [ -z "$PID" ]; then
                        msgdie 'Could not fork aptwebserver successfully'
@@ -812,9 +873,6 @@ changetowebserver() {
        else
                msgdie 'You have to build aptwerbserver or install a webserver'
        fi
-       if [ "$1" != '--no-rewrite' ]; then
-               rewritesourceslist 'http://localhost:8080/'
-       fi
 }
 
 changetohttpswebserver() {
@@ -826,6 +884,7 @@ changetohttpswebserver() {
        fi
        echo "pid = ${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid
 cert = ${TESTDIRECTORY}/apt.pem
+output = /dev/null
 
 [https]
 accept = 4433