X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/761a5ad2ec07f097b05c32427bd0ebddfd587987..2a440328ea19e9646a93f847dd9eff21e03ad16d:/test/integration/test-releasefile-verification diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index a95c20fd4..e043fa8b5 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -7,12 +7,11 @@ TESTDIR="$(readlink -f "$(dirname "$0")")" setupenvironment configarchitecture "i386" +export APT_DONT_SIGN='Release.gpg' buildaptarchive setupflataptarchive changetowebserver -webserverconfig 'aptwebserver::support::range' 'false' - prepare() { local DATE="${2:-now}" if [ "$DATE" = 'now' ]; then @@ -108,6 +107,19 @@ runtest() { " aptcache show apt installaptold + if [ "$(id -u)" != '0' ]; then + msgmsg 'Cold archive signed by' 'Joe Sixpack + unreadable key' + rm -rf rootdir/var/lib/apt/lists + echo 'foobar' > rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg + chmod 000 rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg + updatewithwarnings '^W: .* is not readable by user' + chmod 644 rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg + rm -f rootdir/etc/apt/trusted.gpg.d/unreadablekey.gpg + testsuccessequal "$(cat "${PKGFILE}") +" aptcache show apt + installaptold + fi + msgmsg 'Good warm archive signed by' 'Joe Sixpack' prepare "${PKGFILE}-new" signreleasefiles 'Joe Sixpack' @@ -238,7 +250,7 @@ runtest() { updatewithwarnings '^W: .* NO_PUBKEY' sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 #" rootdir/etc/apt/sources.list.d/* - local MARVIN="$(aptkey --keyring $MARVIN finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')" + local MARVIN="$(aptkey --keyring $MARVIN finger --with-colons | grep '^fpr' | cut -d':' -f 10)" msgmsg 'Cold archive signed by bad keyid' 'Joe Sixpack' rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' @@ -262,7 +274,7 @@ runtest() { " aptcache show apt installaptold - local SIXPACK="$(aptkey --keyring keys/joesixpack.pub finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')" + local SIXPACK="$(aptkey --keyring keys/joesixpack.pub finger --with-colons | grep '^fpr' | cut -d':' -f 10)" msgmsg 'Cold archive signed by good keyids' 'Joe Sixpack' rm -rf rootdir/var/lib/apt/lists signreleasefiles 'Joe Sixpack' @@ -272,7 +284,6 @@ runtest() { " aptcache show apt installaptold - local SIXPACK="$(aptkey --keyring keys/joesixpack.pub finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')" msgmsg 'Cold archive signed by good keyids' 'Joe Sixpack' rm -rf rootdir/var/lib/apt/lists sed -i "s#^\(deb\(-src\)\?\) \[signed-by=${SIXPACK},${MARVIN}\] #\1 [signed-by=${MARVIN},${SIXPACK}] #" rootdir/etc/apt/sources.list.d/* @@ -368,7 +379,7 @@ runtest3() { export APT_DONT_SIGN="$DELETEFILE" msgmsg "Running test with deletion of $DELETEFILE and $1 digest" runtest - unset APT_DONT_SIGN + export APT_DONT_SIGN='Release.gpg' done } @@ -378,7 +389,7 @@ cat > rootdir/etc/apt/apt.conf.d/weaken-security <