X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/0cbb7e29c5dad2178896d8eaf41ad616bb0111da..57f7fb6511fcc7c55ee7a88475d15385093c048e:/test/integration/framework

diff --git a/test/integration/framework b/test/integration/framework
index b65b0b86f..3f7101170 100644
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -175,6 +175,7 @@ runapt() {
 	esac
 	MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH="${LIBRARYPATH}:${LD_LIBRARY_PATH}" "$CMD" "$@"
 }
+runpython3() { runapt command python3 "$@"; }
 aptconfig() { runapt apt-config "$@"; }
 aptcache() { runapt apt-cache "$@"; }
 aptcdrom() { runapt apt-cdrom "$@"; }
@@ -216,6 +217,12 @@ gdb() {
 	fi
 	runapt command gdb --quiet -ex run "$CMD" --args "$CMD" "$@"
 }
+lastmodification() {
+	date -u -d "@$(stat -c '%Y' "${TMPWORKINGDIRECTORY}/$1")" '+%a, %d %b %Y %H:%M:%S GMT'
+}
+releasefiledate() {
+	grep "^${2:-Date}:" "$1" | cut -d' ' -f 2- | sed -e 's#UTC#GMT#'
+}
 
 exitwithstatus() {
         # error if we about to overflow, but ...
@@ -332,7 +339,9 @@ setupenvironment() {
 	# destroys coverage reporting though, so we disable changing user for the calling gpgv
 	echo "Dir::Bin::apt-key \"${BUILDDIRECTORY}/apt-key\";" >> aptconfig.conf
 	if [ "$(id -u)" = '0' ]; then
-		echo 'Binary::gpgv::Debug::NoDropPrivs "true";' >>aptconfig.conf
+		echo 'Binary::gpgv::APT::Sandbox::User "root";' >> aptconfig.conf
+		# same for the solver executables
+		echo 'APT::Solver::RunAsUser "root";' >> aptconfig.conf
 	fi
 
 	cat > "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/dpkg" <<EOF
@@ -414,6 +423,9 @@ EOF
 		echo 'Acquire::gpgv::Options { "--weak-digest"; "sha1"; };' > rootdir/etc/apt/apt.conf.d/no-sha1
 	fi
 
+	# most tests just need one signed Release file, not both
+	export APT_DONT_SIGN='Release.gpg'
+
 	msgdone "info"
 }
 
@@ -527,6 +539,10 @@ EOF
 	testempty --nomsg gcc -Wall -Wextra -fPIC -shared -o noopchroot.so noopchroot.c -ldl
 }
 configcompression() {
+	if [ "$1" = 'ALL' ]; then
+		configcompression '.' $(aptconfig dump APT::Compressor --format '%t %v%n' | sed -n 's#^Extension \.\(.*\)$#\1#p')
+		return
+	fi
 	local CMD='apthelper cat-file -C'
 	while [ -n "$1" ]; do
 		case "$1" in
@@ -565,6 +581,11 @@ forcecompressor() {
 	local CONFFILE="${TMPWORKINGDIRECTORY}/rootdir/etc/apt/apt.conf.d/00force-compressor"
 	echo "Acquire::CompressionTypes::Order { \"${COMPRESS}\"; };
 Dir::Bin::uncompressed \"/does/not/exist\";" > "$CONFFILE"
+	for COMP in $(aptconfig dump 'APT::Compressor' --format '%f%n' | cut -d':' -f 5 | uniq); do
+		if [ -z "$COMP" -o "$COMP" = '.' -o "$COMP" = "$COMPRESSOR" ]; then continue; fi
+		echo "Dir::Bin::${COMP} \"/does/not/exist\";" >> "$CONFFILE"
+		echo "APT::Compressor::${COMP}::Name \"${COMP}-disabled\";" >> "$CONFFILE"
+	done
 }
 
 setupsimplenativepackage() {
@@ -589,12 +610,12 @@ setupsimplenativepackage() {
 	mkdir -p ${BUILDDIR}/debian/source
 	cd ${BUILDDIR}
 	echo "* most suckless software product ever" > FEATURES
-	test -e debian/copyright || echo "Copyleft by Joe Sixpack $(date +%Y)" > debian/copyright
+	test -e debian/copyright || echo "Copyleft by Joe Sixpack $(date -u +%Y)" > debian/copyright
 	test -e debian/changelog || echo "$NAME ($VERSION) $RELEASE; urgency=low
 
   * Initial release
 
- -- Joe Sixpack <joe@example.org>  $(date -R)" > debian/changelog
+ -- Joe Sixpack <joe@example.org>  $(date -u -R)" > debian/changelog
 	test -e debian/control || echo "Source: $NAME
 Section: $SECTION
 Priority: optional
@@ -652,12 +673,12 @@ buildsimplenativepackage() {
 	echo "#!/bin/sh
 echo '$NAME says \"Hello!\"'" > "${BUILDDIR}/${NAME}"
 
-	echo "Copyleft by Joe Sixpack $(date +%Y)" > "${BUILDDIR}/debian/copyright"
+	echo "Copyleft by Joe Sixpack $(date -u +%Y)" > "${BUILDDIR}/debian/copyright"
 	echo "$NAME ($VERSION) $RELEASE; urgency=low
 
   * Initial release
 
- -- Joe Sixpack <joe@example.org>  $(date -R)" > "${BUILDDIR}/debian/changelog"
+ -- Joe Sixpack <joe@example.org>  $(date -u -R)" > "${BUILDDIR}/debian/changelog"
 	{
 		echo "Source: $NAME
 Priority: $PRIORITY
@@ -946,7 +967,7 @@ buildaptarchivefromfiles() {
 }
 
 compressfile() {
-	cat "${TMPWORKINGDIRECTORY}/rootdir/etc/testcase-compressor.conf" | while read compressor extension command; do
+	while read compressor extension command; do
 		if [ "$compressor" = '.' ]; then
 			if [ -n "$2" ]; then
 				touch -d "$2" "$1"
@@ -957,7 +978,7 @@ compressfile() {
 		if [ -n "$2" ]; then
 			touch -d "$2" "${1}.${extension}"
 		fi
-	done
+	done < "${TMPWORKINGDIRECTORY}/rootdir/etc/testcase-compressor.conf"
 }
 
 # can be overridden by testcases for their pleasure
@@ -1008,13 +1029,13 @@ NotAutomatic: yes' "$dir/Release"
 	fi
 	if [ -n "$DATE" -a "$DATE" != "now" ]; then
 		for release in $(find ./aptarchive -name 'Release'); do
-			sed -i "s/^Date: .*$/Date: $(date -d "$DATE" '+%a, %d %b %Y %H:%M:%S %Z')/" "$release"
+			sed -i "s/^Date: .*$/Date: $(date -u -d "$DATE" '+%a, %d %b %Y %H:%M:%S %Z')/" "$release"
 			touch -d "$DATE" "$release"
 		done
 	fi
 	if [ -n "$VALIDUNTIL" ]; then
 		sed -i "/^Date: / a\
-Valid-Until: $(date -d "$VALIDUNTIL" '+%a, %d %b %Y %H:%M:%S %Z')" $(find ./aptarchive -name 'Release')
+Valid-Until: $(date -u -d "$VALIDUNTIL" '+%a, %d %b %Y %H:%M:%S %Z')" $(find ./aptarchive -name 'Release')
 	fi
 	msgdone "info"
 }
@@ -1070,40 +1091,73 @@ setupaptarchive() {
 }
 
 signreleasefiles() {
-	local SIGNER="${1:-Joe Sixpack}"
+	local SIGNERS="${1:-Joe Sixpack}"
 	local REPODIR="${2:-aptarchive}"
-	local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')"
-	local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo SHA512"
-	msgninfo "\tSign archive with $SIGNER key $KEY… "
+	if [ -n "$1" ]; then shift; fi
+	if [ -n "$1" ]; then shift; fi
+	local KEY="keys/$(echo "$SIGNERS" | tr 'A-Z' 'a-z' | tr -d ' ,')"
+	msgninfo "\tSign archive with $SIGNERS key $KEY… "
 	local REXKEY='keys/rexexpired'
 	local SECEXPIREBAK="${REXKEY}.sec.bak"
 	local PUBEXPIREBAK="${REXKEY}.pub.bak"
-	if [ "${SIGNER}" = 'Rex Expired' ]; then
-		# the key is expired, so gpg doesn't allow to sign with and the --faked-system-time
-		# option doesn't exist anymore (and using faketime would add a new obscure dependency)
-		# therefore we 'temporary' make the key not expired and restore a backup after signing
-		cp "${REXKEY}.sec" "$SECEXPIREBAK"
-		cp "${REXKEY}.pub" "$PUBEXPIREBAK"
-		local SECUNEXPIRED="${REXKEY}.sec.unexpired"
-		local PUBUNEXPIRED="${REXKEY}.pub.unexpired"
-		if [ -f "$SECUNEXPIRED" ] && [ -f "$PUBUNEXPIRED" ]; then
-			cp "$SECUNEXPIRED" "${REXKEY}.sec"
-			cp "$PUBUNEXPIRED" "${REXKEY}.pub"
-		else
-			if ! printf "expire\n1w\nsave\n" | $GPG --default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then
-				cat setexpire.gpg
-				exit 1
+	local SIGUSERS=""
+	while [ -n "${SIGNERS%%,*}" ]; do
+		local SIGNER="${SIGNERS%%,*}"
+		if [ "${SIGNERS}" = "${SIGNER}" ]; then
+			SIGNERS=""
+		fi
+		SIGNERS="${SIGNERS#*,}"
+		# FIXME: This should be the full name, but we can't encode the space properly currently
+		SIGUSERS="${SIGUSERS} -u ${SIGNER#* }"
+		if [ "${SIGNER}" = 'Rex Expired' ]; then
+			# the key is expired, so gpg doesn't allow to sign with and the --faked-system-time
+			# option doesn't exist anymore (and using faketime would add a new obscure dependency)
+			# therefore we 'temporary' make the key not expired and restore a backup after signing
+			cp "${REXKEY}.sec" "$SECEXPIREBAK"
+			cp "${REXKEY}.pub" "$PUBEXPIREBAK"
+			local SECUNEXPIRED="${REXKEY}.sec.unexpired"
+			local PUBUNEXPIRED="${REXKEY}.pub.unexpired"
+			if [ -f "$SECUNEXPIRED" ] && [ -f "$PUBUNEXPIRED" ]; then
+				cp "$SECUNEXPIRED" "${REXKEY}.sec"
+				cp "$PUBUNEXPIRED" "${REXKEY}.pub"
+			else
+				if ! printf "expire\n1w\nsave\n" | aptkey --quiet --keyring "${REXKEY}.pub" --secret-keyring "${REXKEY}.sec" \
+					--readonly adv --batch --yes --digest-algo "${APT_TESTS_DIGEST_ALGO:-SHA512}" \
+					--default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then
+					cat setexpire.gpg
+					exit 1
+				fi
+				cp "${REXKEY}.sec" "$SECUNEXPIRED"
+				cp "${REXKEY}.pub" "$PUBUNEXPIRED"
 			fi
-			cp "${REXKEY}.sec" "$SECUNEXPIRED"
-			cp "${REXKEY}.pub" "$PUBUNEXPIRED"
 		fi
+		if [ ! -e "${KEY}.pub" ]; then
+			local K="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | tr -d ' ,')"
+			cat "${K}.pub" >> "${KEY}.new.pub"
+			cat "${K}.sec" >> "${KEY}.new.sec"
+		fi
+	done
+	if [ ! -e "${KEY}.pub" ]; then
+		mv "${KEY}.new.pub" "${KEY}.pub"
+		mv "${KEY}.new.sec" "${KEY}.sec"
 	fi
+	local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo ${APT_TESTS_DIGEST_ALGO:-SHA512}"
 	for RELEASE in $(find "${REPODIR}/" -name Release); do
-		testsuccess $GPG --default-key "$SIGNER" --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
-		local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')"
-		testsuccess $GPG --default-key "$SIGNER" --clearsign --output "$INRELEASE" "$RELEASE"
 		# we might have set a specific date for the Release file, so copy it
-		touch -d "$(stat --format "%y" ${RELEASE})" "${RELEASE}.gpg" "${INRELEASE}"
+		local DATE="$(stat --format "%y" "${RELEASE}")"
+		if [ "$APT_DONT_SIGN" = 'Release.gpg' ]; then
+			rm -f "${RELEASE}.gpg"
+		else
+			testsuccess $GPG "$@" $SIGUSERS --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
+			touch -d "$DATE" "${RELEASE}.gpg"
+		fi
+		local INRELEASE="${RELEASE%/*}/InRelease"
+		if [ "$APT_DONT_SIGN" = 'InRelease' ]; then
+			rm -f "$INRELEASE"
+		else
+			testsuccess $GPG "$@" $SIGUSERS --clearsign --output "$INRELEASE" "$RELEASE"
+			touch -d "$DATE" "${INRELEASE}"
+		fi
 	done
 	if [ -f "$SECEXPIREBAK" ] && [ -f "$PUBEXPIREBAK" ]; then
 		mv -f "$SECEXPIREBAK" "${REXKEY}.sec"
@@ -1113,7 +1167,7 @@ signreleasefiles() {
 }
 
 redatereleasefiles() {
-	local DATE="$(date -d "$1" '+%a, %d %b %Y %H:%M:%S %Z')"
+	local DATE="$(date -u -d "$1" '+%a, %d %b %Y %H:%M:%S %Z')"
 	for release in $(find aptarchive/ -name 'Release'); do
 		sed -i "s/^Date: .*$/Date: ${DATE}/" "$release"
 		touch -d "$DATE" "$release"
@@ -1155,8 +1209,8 @@ rewritesourceslist() {
 	local APTARCHIVE2="copy://$(readlink -f "${TMPWORKINGDIRECTORY}/aptarchive" | sed 's# #%20#g')"
 	for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do
 		sed -i $LIST -e "s#$APTARCHIVE#${1}#" -e "s#$APTARCHIVE2#${1}#" \
-			-e "s#http://localhost:${APTHTTPPORT}/#${1}#" \
-			-e "s#https://localhost:${APTHTTPSPORT}/#${1}#"
+			-e "s#http://[^@]*@\?localhost:${APTHTTPPORT}/\?#${1}#" \
+			-e "s#https://[^@]*@\?localhost:${APTHTTPSPORT}/\?#${1}#"
 	done
 }
 
@@ -1230,7 +1284,7 @@ connect = $APTHTTPPORT
 		msgdie 'Could not fork stunnel4 successfully'
 	fi
 	addtrap 'prefix' "kill ${PID};"
-	APTHTTPSPORT="$(lsof -i | awk "/^stunnel4 / && \$2 == \"${PID}\" {print \$9; exit; }" | cut -d':' -f 2)"
+	APTHTTPSPORT="$(lsof -i -n | awk "/^stunnel4 / && \$2 == \"${PID}\" {print \$9; exit; }" | cut -d':' -f 2)"
 	webserverconfig 'aptwebserver::port::https' "$APTHTTPSPORT" "https://localhost:${APTHTTPSPORT}"
 	rewritesourceslist "https://localhost:${APTHTTPSPORT}/"
 }
@@ -1499,6 +1553,14 @@ testmarkedmanual() {
 	msggroup
 }
 
+catfile() {
+	if [ "${1##*.}" = 'deb' ]; then
+		stat >&2 "$1" || true
+		file >&2 "$1" || true
+	else
+		cat >&2 "$1" || true
+	fi
+}
 msgfailoutput() {
 	msgreportheader 'msgfailoutput'
 	local MSG="$1"
@@ -1508,7 +1570,7 @@ msgfailoutput() {
 		echo >&2
 		while [ -n "$2" ]; do shift; done
 		echo "#### Complete file: $1 ####"
-		cat >&2 "$1" || true
+		catfile "$1"
 		echo '#### grep output ####'
 	elif [ "$1" = 'test' ]; then
 		echo >&2
@@ -1523,7 +1585,7 @@ msgfailoutput() {
 					ls >&2 "$2" || true
 				elif test -e "$2"; then
 					echo "#### Complete file: $2 ####"
-					cat >&2 "$2" || true
+					catfile "$2"
 				fi
 			fi
 		}
@@ -1537,12 +1599,12 @@ msgfailoutput() {
 		echo >&2
 		while [ -n "$2" ]; do
 			echo "#### Complete file: $2 ####"
-			cat >&2 "$2" || true
+			catfile "$2"
 			shift
 		done
 		echo '#### cmp output ####'
 	fi
-	cat >&2 "$OUTPUT"
+	catfile "$OUTPUT"
 	msgfail "$MSG"
 }
 
@@ -1641,8 +1703,9 @@ testfailure() {
 		local EXITCODE=$?
 		if expr match "$1" '^apt.*' >/dev/null; then
 			if [ "$1" = 'aptkey' ]; then
-				if grep -q -E " Can't check signature: " "$OUTPUT" || \
-					grep -q -E " BAD signature from " "$OUTPUT"; then
+				if grep -q " Can't check signature: 
+ BAD signature from 
+ signature could not be verified" "$OUTPUT"; then
 					msgpass
 				else
 					msgfailoutput "run failed with exitcode ${EXITCODE}, but no signature error" "$OUTPUT" "$@"
@@ -1842,6 +1905,7 @@ listcurrentlistsdirectory() {
 	} | sort
 }
 forallsupportedcompressors() {
+	rm -f "${TMPWORKINGDIRECTORY}/rootdir/etc/apt/apt.conf.d/00force-compressor"
 	for COMP in $(aptconfig dump 'APT::Compressor' --format '%f%n' | cut -d':' -f 5 | uniq); do
 		if [ -z "$COMP" -o "$COMP" = '.' ]; then continue; fi
 		"$@" "$COMP"