X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/48f3f1b24b48066cfc23342a5c6470ddf5e0fa6a..eb5113c486955d9cd66126aa59d3a27e52c52e58:/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum
diff --git a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum
index 8c9c9c767..015a803bc 100755
--- a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum
+++ b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum
@@ -1,8 +1,8 @@
#!/bin/sh
set -e
-TESTDIR=$(readlink -f $(dirname $0))
-. $TESTDIR/framework
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
setupenvironment
configarchitecture 'native'
@@ -47,6 +47,15 @@ Checksums-Sha256:
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz
+Package: pkg-md5-bad
+Binary: pkg-md5-bad
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Files:
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-bad_1.0.dsc
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-bad_1.0.tar.gz
+
Package: pkg-no-md5
Binary: pkg-no-md5
Version: 1.0
@@ -132,22 +141,24 @@ EOF
# create fetchable files
for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
- 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree'; do
+ 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \
+ 'pkg-md5-bad'; do
echo -n 'dsc' > aptarchive/${x}_1.0.dsc
echo -n 'tar' > aptarchive/${x}_1.0.tar.gz
done
-setupaptarchive
+setupaptarchive --no-update
changetowebserver
testsuccess aptget update
+cd downloaded
+
testok() {
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
- testequal "Reading package lists...
-Building dependency tree...
+ testsuccessequal "Reading package lists...
Need to get 6 B of source archives.
-Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B]
-Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B]
+Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B]
+Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B]
Download complete and in download only mode" aptget source -d "$@"
msgtest 'Files were successfully downloaded for' "$1"
testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
@@ -157,8 +168,7 @@ Download complete and in download only mode" aptget source -d "$@"
testkeep() {
echo -n 'dsc' > ${1}_1.0.dsc
echo -n 'tar' > ${1}_1.0.tar.gz
- testequal "Reading package lists...
-Building dependency tree...
+ testsuccessequal "Reading package lists...
Skipping already downloaded file '${1}_1.0.dsc'
Skipping already downloaded file '${1}_1.0.tar.gz'
Need to get 0 B of source archives.
@@ -168,44 +178,58 @@ Download complete and in download only mode" aptget source -d "$@"
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
}
+testnohash() {
+ #FIXME: Maybe we should fail in this case instead of skipping
+ rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+ testsuccessequal "Reading package lists...
+Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
+Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
+Need to get 0 B of source archives.
+Download complete and in download only mode" aptget source -d "$@"
+ msgtest 'Files are not downloaded for' "$1"
+ testfailure --nomsg test -e ${1}_1.0.dsc -o -e ${1}_1.0.tar.gz
+}
+
testmismatch() {
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
- testequal "Reading package lists...
-Building dependency tree...
+ testfailureequal "Reading package lists...
Need to get 6 B of source archives.
-Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B]
-Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B]
-E: Failed to fetch http://localhost:8080/${1}_1.0.dsc Hash Sum mismatch
+Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B]
+Err:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc)
+ Hash Sum mismatch
+Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B]
+Err:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar)
+ Hash Sum mismatch
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc Hash Sum mismatch
-E: Failed to fetch http://localhost:8080/${1}_1.0.tar.gz Hash Sum mismatch
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz Hash Sum mismatch
E: Failed to fetch some archives." aptget source -d "$@"
msgtest 'Files were not download as they have hashsum mismatches for' "$1"
testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
- rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
- testequal "Reading package lists...
-Building dependency tree...
-Skipping download of file 'pkg-sha256-bad_1.0.dsc' as requested hashsum is not available for authentication
-Skipping download of file 'pkg-sha256-bad_1.0.tar.gz' as requested hashsum is not available for authentication
+ if [ "$2" != '--allow-unauthenticated' ]; then
+ rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+ testsuccessequal "Reading package lists...
+Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
+Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
- msgtest 'Files were not download as hash is unavailable for' "$1"
- testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+ msgtest 'Files were not download as hash is unavailable for' "$1"
+ testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+ fi
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
- testequal "Reading package lists...
-Building dependency tree...
+ testsuccessequal "Reading package lists...
Need to get 6 B of source archives.
-Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B]
-Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B]
+Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B]
+Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B]
Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
}
-testok pkg-md5-ok
-testkeep pkg-md5-ok
+testnohash pkg-md5-ok
testok pkg-sha256-ok
testkeep pkg-sha256-ok
@@ -213,14 +237,15 @@ testkeep pkg-sha256-ok
# checking the best available hash (as it should), this will trigger
# a hash mismatch.
testmismatch pkg-sha256-bad
-testmismatch pkg-sha256-bad
testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum
+testnohash pkg-md5-bad
+testmismatch pkg-md5-bad --allow-unauthenticated
+
# not having MD5 sum doesn't mean the file doesn't exist at all â¦
testok pkg-no-md5
testok pkg-no-md5 -o Acquire::ForceHash=SHA256
-testequal "Reading package lists...
-Building dependency tree...
+testsuccessequal "Reading package lists...
Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
@@ -231,32 +256,32 @@ testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz
# deal with cases in which we haven't for all files the same checksum type
# mostly pathologic as this shouldn't happen, but just to be sure
testok pkg-mixed-ok
-testequal 'Reading package lists...
-Building dependency tree...
+testfailureequal "Reading package lists...
Need to get 6 B of source archives.
-Get:1 http://localhost:8080/ pkg-mixed-sha1-bad 1.0 (tar) [3 B]
-Get:2 http://localhost:8080/ pkg-mixed-sha1-bad 1.0 (dsc) [3 B]
-E: Failed to fetch http://localhost:8080/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch
+Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (tar) [3 B]
+Get:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (dsc) [3 B]
+Err:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (dsc)
+ Hash Sum mismatch
+E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch
-E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha1-bad
+E: Failed to fetch some archives." aptget source -d pkg-mixed-sha1-bad
msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
-testequal 'Reading package lists...
-Building dependency tree...
+testfailureequal "Reading package lists...
Need to get 6 B of source archives.
-Get:1 http://localhost:8080/ pkg-mixed-sha2-bad 1.0 (tar) [3 B]
-Get:2 http://localhost:8080/ pkg-mixed-sha2-bad 1.0 (dsc) [3 B]
-E: Failed to fetch http://localhost:8080/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch
+Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar) [3 B]
+Err:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar)
+ Hash Sum mismatch
+Get:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (dsc) [3 B]
+E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch
-E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha2-bad
+E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad
msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad'
testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz
# it gets even more pathologic: multiple entries for one file, some even disagreeing!
-testok pkg-md5-agree
-testequal 'Reading package lists...
-Building dependency tree...
+testnohash pkg-md5-agree
+testfailureequal 'Reading package lists...
E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
-testequal 'Reading package lists...
-Building dependency tree...
+testfailureequal 'Reading package lists...
E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree