echo "Acquire::https::CaInfo \"${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem\";" > rootdir/etc/apt/apt.conf.d/99https
echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
echo 'Acquire::Connect::AddrConfig "false";' > rootdir/etc/apt/apt.conf.d/connect-addrconfig
+ if aptkey verify --weak-digest SHA1 --help 2>/dev/null >/dev/null; then
+ echo 'Acquire::gpgv::Options { "--weak-digest"; "sha1"; };' > rootdir/etc/apt/apt.conf.d/no-sha1
+ fi
+
configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
- confighashes 'SHA1' # these are tests, not security best-practices
+ confighashes 'SHA256' # these are tests, not security best-practices
# create some files in /tmp and look at user/group to get what this means
TEST_DEFAULT_USER="$(id -un)"
return func_execvp(newfile, argv);
}
EOF
- testsuccess --nomsg gcc -Wall -fPIC -shared -o noopchroot.so noopchroot.c -ldl
+ testempty --nomsg gcc -Wall -Wextra -fPIC -shared -o noopchroot.so noopchroot.c -ldl
}
configcompression() {
local CMD='apthelper cat-file -C'
local SIGNER="${1:-Joe Sixpack}"
local REPODIR="${2:-aptarchive}"
local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')"
- local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes"
+ local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo SHA512"
msgninfo "\tSign archive with $SIGNER key $KEY… "
local REXKEY='keys/rexexpired'
local SECEXPIREBAK="${REXKEY}.sec.bak"
testempty() {
msggroup 'testempty'
- msgtest "Test for no output of" "$*"
+ if [ "$1" = '--nomsg' ]; then
+ shift
+ else
+ msgtest "Test for no output of" "$*"
+ fi
local COMPAREFILE="${TMPWORKINGDIRECTORY}/rootdir/tmp/testempty.comparefile"
- if ("$@" >"$COMPAREFILE" 2>&1 || true) && test ! -s "$COMPAREFILE"; then
+ if "$@" >"$COMPAREFILE" 2>&1 && test ! -s "$COMPAREFILE"; then
msgpass
else
msgfailoutput '' "$COMPAREFILE" "$@"
projects / apt.git / blobdiff