X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/4dbfe436c60880f2625e4d3a9d0127a83dd6276e..9e4464914bcc5c896d81f7ca1948f9bfbfb50886:/test/integration/test-apt-update-rollback diff --git a/test/integration/test-apt-update-rollback b/test/integration/test-apt-update-rollback index 5b9c200fe..503b81985 100755 --- a/test/integration/test-apt-update-rollback +++ b/test/integration/test-apt-update-rollback @@ -37,7 +37,8 @@ break_repository_sources_index() { start_with_good_inrelease() { create_fresh_archive testsuccess aptget update - testequal "old/unstable 1.0 all" apt list -q + listcurrentlistsdirectory > lists.before + testsuccessequal "old/unstable 1.0 all" apt list -q } test_inrelease_to_new_inrelease() { @@ -46,7 +47,7 @@ test_inrelease_to_new_inrelease() { add_new_package '+1hour' testsuccess aptget update -o Debug::Acquire::Transaction=1 - testequal "new/unstable 1.0 all + testsuccessequal "new/unstable 1.0 all old/unstable 1.0 all" apt list -q } @@ -59,11 +60,11 @@ test_inrelease_to_broken_hash_reverts_all() { break_repository_sources_index '+1hour' # test the error condition - testequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/main/source/Sources Hash Sum mismatch - + testfailureequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/main/source/Sources.gz Hash Sum mismatch E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq # ensure that the Packages file is also rolled back - testequal "E: Unable to locate package new" aptget install new -s -qq + testfileequal lists.before "$(listcurrentlistsdirectory)" + testfailureequal "E: Unable to locate package new" aptget install new -s -qq } test_inrelease_to_valid_release() { @@ -76,9 +77,10 @@ test_inrelease_to_valid_release() { rm $APTARCHIVE/dists/unstable/Release.gpg # update fails - testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq + testfailureequal "E: The repository 'file:${APTARCHIVE} unstable Release' is no longer signed." aptget update -qq - # test that we can install the new packages but do no longer have a sig + # test that security downgrade was not successful + testfileequal lists.before "$(listcurrentlistsdirectory)" testsuccess aptget install old -s testfailure aptget install new -s testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease @@ -98,9 +100,10 @@ test_inrelease_to_release_reverts_all() { break_repository_sources_index '+1hour' # ensure error - testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq # -o Debug::acquire::transaction=1 + testfailureequal "E: The repository 'file:${APTARCHIVE} unstable Release' is no longer signed." aptget update -qq # -o Debug::acquire::transaction=1 # ensure that the Packages file is also rolled back + testfileequal lists.before "$(listcurrentlistsdirectory)" testsuccess aptget install old -s testfailure aptget install new -s testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease @@ -113,37 +116,37 @@ test_unauthenticated_to_invalid_inrelease() { rm $APTARCHIVE/dists/unstable/InRelease rm $APTARCHIVE/dists/unstable/Release.gpg - testsuccess aptget update --allow-insecure-repositories - testequal "WARNING: The following packages cannot be authenticated! + testwarning aptget update --allow-insecure-repositories + listcurrentlistsdirectory > lists.before + testfailureequal "WARNING: The following packages cannot be authenticated! old -E: There are problems and -y was used without --force-yes" aptget install -qq -y old +E: There were unauthenticated packages and -y was used without --allow-unauthenticated" aptget install -qq -y old # go to authenticated but not correct add_new_package '+1hour' break_repository_sources_index '+1hour' - testequal "W: Failed to fetch file:$APTARCHIVE/dists/unstable/main/source/Sources Hash Sum mismatch - + testfailureequal "W: Failed to fetch file:$APTARCHIVE/dists/unstable/main/source/Sources.gz Hash Sum mismatch E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + testfileequal lists.before "$(listcurrentlistsdirectory)" testfailure ls rootdir/var/lib/apt/lists/*_InRelease - testequal "WARNING: The following packages cannot be authenticated! + testfailureequal "WARNING: The following packages cannot be authenticated! old -E: There are problems and -y was used without --force-yes" aptget install -qq -y old +E: There were unauthenticated packages and -y was used without --allow-unauthenticated" aptget install -qq -y old } test_inrelease_to_unauth_inrelease() { msgmsg 'Test InRelease to InRelease without good sig' start_with_good_inrelease - signreleasefiles 'Marvin Paranoid' '+1hour' - - testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2 + signreleasefiles 'Marvin Paranoid' + testwarningequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file:${APTARCHIVE} unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2 W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2 - W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq + testfileequal lists.before "$(listcurrentlistsdirectory)" testsuccess ls rootdir/var/lib/apt/lists/*_InRelease } @@ -151,6 +154,10 @@ test_inrelease_to_broken_gzip() { msgmsg "Test InRelease to broken gzip" start_with_good_inrelease + break_repository_sources_index '+1hour' + generatereleasefiles '+2hours' + signreleasefiles + # append junk at the end of the compressed file echo "lala" >> $APTARCHIVE/dists/unstable/main/source/Sources.gz touch -d '+2min' $APTARCHIVE/dists/unstable/main/source/Sources.gz @@ -158,6 +165,8 @@ test_inrelease_to_broken_gzip() { rm $APTARCHIVE/dists/unstable/main/source/Sources testfailure aptget update + testsuccess grep 'Hash Sum mismatch' rootdir/tmp/testfailure.output + testfileequal lists.before "$(listcurrentlistsdirectory)" } TESTDIR=$(readlink -f $(dirname $0))