X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/9397ea947c23c0957a683152360909810340abce..f359b7e8c03884cd9f097d4b3ff8b8b8be8053ba:/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum diff --git a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum index 574183b0a..f32d74ad7 100755 --- a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum +++ b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum @@ -47,6 +47,15 @@ Checksums-Sha256: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz +Package: pkg-md5-bad +Binary: pkg-md5-bad +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Files: + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-bad_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-bad_1.0.tar.gz + Package: pkg-no-md5 Binary: pkg-no-md5 Version: 1.0 @@ -132,12 +141,13 @@ EOF # create fetchable files for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \ 'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \ - 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree'; do + 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \ + 'pkg-md5-bad'; do echo -n 'dsc' > aptarchive/${x}_1.0.dsc echo -n 'tar' > aptarchive/${x}_1.0.tar.gz done -setupaptarchive +setupaptarchive --no-update changetowebserver testsuccess aptget update @@ -145,11 +155,11 @@ cd downloaded testok() { rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz - testequal "Reading package lists... + testsuccessequal "Reading package lists... Building dependency tree... Need to get 6 B of source archives. -Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B] -Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B] +Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B] +Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B] Download complete and in download only mode" aptget source -d "$@" msgtest 'Files were successfully downloaded for' "$1" testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz @@ -159,7 +169,7 @@ Download complete and in download only mode" aptget source -d "$@" testkeep() { echo -n 'dsc' > ${1}_1.0.dsc echo -n 'tar' > ${1}_1.0.tar.gz - testequal "Reading package lists... + testsuccessequal "Reading package lists... Building dependency tree... Skipping already downloaded file '${1}_1.0.dsc' Skipping already downloaded file '${1}_1.0.tar.gz' @@ -170,44 +180,62 @@ Download complete and in download only mode" aptget source -d "$@" rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz } +testnohash() { + #FIXME: Maybe we should fail in this case instead of skipping + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testsuccessequal "Reading package lists... +Building dependency tree... +Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication +Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d "$@" + msgtest 'Files are not downloaded for' "$1" + testfailure --nomsg test -e ${1}_1.0.dsc -o -e ${1}_1.0.tar.gz +} + testmismatch() { rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz - testequal "Reading package lists... + testfailureequal "Reading package lists... Building dependency tree... Need to get 6 B of source archives. -Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B] -Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B] -E: Failed to fetch http://localhost:8080/${1}_1.0.dsc Hash Sum mismatch +Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B] +Err:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) + Hash Sum mismatch +Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B] +Err:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) + Hash Sum mismatch +E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc Hash Sum mismatch -E: Failed to fetch http://localhost:8080/${1}_1.0.tar.gz Hash Sum mismatch +E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz Hash Sum mismatch E: Failed to fetch some archives." aptget source -d "$@" msgtest 'Files were not download as they have hashsum mismatches for' "$1" testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz - rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz - testequal "Reading package lists... + if [ "$2" != '--allow-unauthenticated' ]; then + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testsuccessequal "Reading package lists... Building dependency tree... -Skipping download of file 'pkg-sha256-bad_1.0.dsc' as requested hashsum is not available for authentication -Skipping download of file 'pkg-sha256-bad_1.0.tar.gz' as requested hashsum is not available for authentication +Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication +Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication Need to get 0 B of source archives. Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26 - msgtest 'Files were not download as hash is unavailable for' "$1" - testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + msgtest 'Files were not download as hash is unavailable for' "$1" + testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + fi rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz - testequal "Reading package lists... + testsuccessequal "Reading package lists... Building dependency tree... Need to get 6 B of source archives. -Get:1 http://localhost:8080/ $1 1.0 (dsc) [3 B] -Get:2 http://localhost:8080/ $1 1.0 (tar) [3 B] +Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B] +Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B] Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26 msgtest 'Files were downloaded unauthenticated as user allowed it' "$1" testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz } -testok pkg-md5-ok -testkeep pkg-md5-ok +testnohash pkg-md5-ok testok pkg-sha256-ok testkeep pkg-sha256-ok @@ -215,13 +243,15 @@ testkeep pkg-sha256-ok # checking the best available hash (as it should), this will trigger # a hash mismatch. testmismatch pkg-sha256-bad -testmismatch pkg-sha256-bad testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum +testnohash pkg-md5-bad +testmismatch pkg-md5-bad --allow-unauthenticated + # not having MD5 sum doesn't mean the file doesn't exist at all … testok pkg-no-md5 testok pkg-no-md5 -o Acquire::ForceHash=SHA256 -testequal "Reading package lists... +testsuccessequal "Reading package lists... Building dependency tree... Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication @@ -233,32 +263,36 @@ testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz # deal with cases in which we haven't for all files the same checksum type # mostly pathologic as this shouldn't happen, but just to be sure testok pkg-mixed-ok -testequal 'Reading package lists... +testfailureequal "Reading package lists... Building dependency tree... Need to get 6 B of source archives. -Get:1 http://localhost:8080/ pkg-mixed-sha1-bad 1.0 (tar) [3 B] -Get:2 http://localhost:8080/ pkg-mixed-sha1-bad 1.0 (dsc) [3 B] -E: Failed to fetch http://localhost:8080/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch +Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (tar) [3 B] +Get:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (dsc) [3 B] +Err:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (dsc) + Hash Sum mismatch +E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch -E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha1-bad +E: Failed to fetch some archives." aptget source -d pkg-mixed-sha1-bad msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad' testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz -testequal 'Reading package lists... +testfailureequal "Reading package lists... Building dependency tree... Need to get 6 B of source archives. -Get:1 http://localhost:8080/ pkg-mixed-sha2-bad 1.0 (tar) [3 B] -Get:2 http://localhost:8080/ pkg-mixed-sha2-bad 1.0 (dsc) [3 B] -E: Failed to fetch http://localhost:8080/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch +Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar) [3 B] +Err:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar) + Hash Sum mismatch +Get:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (dsc) [3 B] +E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch -E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha2-bad +E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad' testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz # it gets even more pathologic: multiple entries for one file, some even disagreeing! -testok pkg-md5-agree -testequal 'Reading package lists... +testnohash pkg-md5-agree +testfailureequal 'Reading package lists... Building dependency tree... E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree -testequal 'Reading package lists... +testfailureequal 'Reading package lists... Building dependency tree... E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree