X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/896f0ae857b693782658145e16e21a3054dd5280..0390edd5452b081f8efcf412f96d535a1d959457:/test/integration/framework diff --git a/test/integration/framework b/test/integration/framework index c547032c2..a1db232e9 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -175,6 +175,7 @@ runapt() { esac MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH="${LIBRARYPATH}:${LD_LIBRARY_PATH}" "$CMD" "$@" } +runpython3() { runapt command python3 "$@"; } aptconfig() { runapt apt-config "$@"; } aptcache() { runapt apt-cache "$@"; } aptcdrom() { runapt apt-cdrom "$@"; } @@ -389,8 +390,9 @@ EOF echo "Acquire::https::CaInfo \"${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem\";" > rootdir/etc/apt/apt.conf.d/99https echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary echo 'Acquire::Connect::AddrConfig "false";' > rootdir/etc/apt/apt.conf.d/connect-addrconfig + configcompression '.' 'gz' #'bz2' 'lzma' 'xz' - confighashes 'SHA1' # these are tests, not security best-practices + confighashes 'SHA256' # these are tests, not security best-practices # create some files in /tmp and look at user/group to get what this means TEST_DEFAULT_USER="$(id -un)" @@ -407,6 +409,12 @@ EOF unset LANGUAGE APT_CONFIG unset GREP_OPTIONS DEB_BUILD_PROFILES unset http_proxy HTTP_PROXY https_proxy HTTPS_PROXY no_proxy + + # If gpgv supports --weak-digest, pass it to make sure we can disable SHA1 + if aptkey verify --weak-digest SHA1 --help 2>/dev/null >/dev/null; then + echo 'Acquire::gpgv::Options { "--weak-digest"; "sha1"; };' > rootdir/etc/apt/apt.conf.d/no-sha1 + fi + msgdone "info" } @@ -517,7 +525,7 @@ int execvp(const char *file, char *const argv[]) { return func_execvp(newfile, argv); } EOF - testsuccess --nomsg gcc -Wall -fPIC -shared -o noopchroot.so noopchroot.c -ldl + testempty --nomsg gcc -Wall -Wextra -fPIC -shared -o noopchroot.so noopchroot.c -ldl } configcompression() { local CMD='apthelper cat-file -C' @@ -849,31 +857,33 @@ Description-en: $DESCRIPTION } insertsource() { - local RELEASE="$1" + local RELEASES="$1" local NAME="$2" local ARCH="$3" local VERSION="$4" local DEPENDENCIES="$5" - local BINARY="${6:-$NAME}" + local BINARY="${6:-$NAME}" local ARCHS="" - local SPATH="aptarchive/dists/${RELEASE}/main/source" - mkdir -p $SPATH - local FILE="${SPATH}/Sources" - local DSCFILE="${NAME}_${VERSION}.dsc" - local TARFILE="${NAME}_${VERSION}.tar.gz" - echo "Package: $NAME + for RELEASE in $(printf '%s' "$RELEASES" | tr ',' '\n'); do + local SPATH="aptarchive/dists/${RELEASE}/main/source" + mkdir -p $SPATH + local FILE="${SPATH}/Sources" + local DSCFILE="${NAME}_${VERSION}.dsc" + local TARFILE="${NAME}_${VERSION}.tar.gz" + echo "Package: $NAME Binary: $BINARY Version: $VERSION Maintainer: Joe Sixpack Architecture: $ARCH" >> $FILE - test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> "$FILE" - echo "Files: + test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> "$FILE" + echo "Files: $(echo -n "$DSCFILE" | md5sum | cut -d' ' -f 1) $(echo -n "$DSCFILE" | wc -c) "$DSCFILE" $(echo -n "$TARFILE" | md5sum | cut -d' ' -f 1) $(echo -n "$TARFILE" | wc -c) "$TARFILE" Checksums-Sha256: $(echo -n "$DSCFILE" | sha256sum | cut -d' ' -f 1) $(echo -n "$DSCFILE" | wc -c) "$DSCFILE" $(echo -n "$TARFILE" | sha256sum | cut -d' ' -f 1) $(echo -n "$TARFILE" | wc -c) "$TARFILE" " >> "$FILE" + done } insertinstalledpackage() { @@ -1064,7 +1074,7 @@ signreleasefiles() { local SIGNER="${1:-Joe Sixpack}" local REPODIR="${2:-aptarchive}" local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')" - local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes" + local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo SHA512" msgninfo "\tSign archive with $SIGNER key $KEY… " local REXKEY='keys/rexexpired' local SECEXPIREBAK="${REXKEY}.sec.bak" @@ -1311,9 +1321,13 @@ testfileequal() { testempty() { msggroup 'testempty' - msgtest "Test for no output of" "$*" + if [ "$1" = '--nomsg' ]; then + shift + else + msgtest "Test for no output of" "$*" + fi local COMPAREFILE="${TMPWORKINGDIRECTORY}/rootdir/tmp/testempty.comparefile" - if ("$@" >"$COMPAREFILE" 2>&1 || true) && test ! -s "$COMPAREFILE"; then + if "$@" >"$COMPAREFILE" 2>&1 && test ! -s "$COMPAREFILE"; then msgpass else msgfailoutput '' "$COMPAREFILE" "$@" @@ -1520,6 +1534,14 @@ msgfailoutput() { msgfailoutputstatfile "$2" "$3" done echo '#### test output ####' + elif [ "$1" = 'cmp' ]; then + echo >&2 + while [ -n "$2" ]; do + echo "#### Complete file: $2 ####" + cat >&2 "$2" || true + shift + done + echo '#### cmp output ####' fi cat >&2 "$OUTPUT" msgfail "$MSG" @@ -1763,8 +1785,18 @@ createlistofkeys() { local OUTPUT="$1" shift while [ -n "$1" ]; do + # gpg 2.1.something starts printing [SC] at some point + if grep -q ' rsa2048/' "$OUTPUT" && grep -qF '[SC]' "$OUTPUT"; then + case "$1" in + *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18 [SC]';; + *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [SC] [expired: 2013-07-13]';; + *Marvin*|*Paranoid*) echo 'pub rsa2048/528144E2 2011-01-16 [SC]';; + oldarchive) echo 'pub rsa1024/F68C85A3 2013-12-19 [SC]';; + newarchive) echo 'pub rsa2048/DBAC8DAE 2010-08-18 [SC]';; + *) echo 'UNKNOWN KEY';; + esac # gpg 2.1 has a slightly different output format - if grep -q ' rsa2048/' "$OUTPUT"; then + elif grep -q ' rsa2048/' "$OUTPUT"; then case "$1" in *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18';; *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [expired: 2013-07-13]';;