X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/eab57e0807c08fe8d3a5dcf02809c830f99fd972..58608941e6b58a46109b7cd875716b3d8054c4bf:/test/integration/framework

diff --git a/test/integration/framework b/test/integration/framework
index 292a7b958..0222f2bc9 100644
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -5,6 +5,8 @@ EXIT_CODE=0
 while [ -n "$1" ]; do
 	if [ "$1" = "-q" ]; then
 		export MSGLEVEL=2
+	elif [ "$1" = "-qq" ]; then
+		export MSGLEVEL=1
 	elif [ "$1" = "-v" ]; then
 		export MSGLEVEL=4
 	elif [ "$1" = '--color=no' ]; then
@@ -31,7 +33,6 @@ if [ "${MSGCOLOR:-YES}" = 'YES' ]; then
 	fi
 fi
 
-
 if [ "$MSGCOLOR" != 'NO' ]; then
 	CERROR="\033[1;31m" # red
 	CWARNING="\033[1;33m" # yellow
@@ -54,7 +55,7 @@ msgprintf() {
 		printf "$START " "$1"
 		shift
 		while [ -n "$1" ]; do
-			printf "$MIDDLE " "$(echo "$1" | sed -e 's#^apt\([cfghs]\)#apt-\1#')"
+			printf "$MIDDLE " "$(echo "$1" | sed -e 's#^apt\([cfghks]\)#apt-\1#')"
 			shift
 		done
 	fi
@@ -95,7 +96,7 @@ msgfail() {
 	if [ $# -gt 0 ] && [ -n "$1" ]; then printf "${CFAIL}FAIL: $*${CNORMAL}\n" >&2;
 	else printf "${CFAIL}FAIL${CNORMAL}\n" >&2; fi
 	if [ -n "$APT_DEBUG_TESTS" ]; then
-		$SHELL
+		runapt $SHELL
 	fi
 	EXIT_CODE=$((EXIT_CODE+1));
 }
@@ -143,6 +144,9 @@ if [ $MSGLEVEL -le 4 ]; then
 	msgdebug() { true; }
 	msgndebug() { true; }
 fi
+if [ $MSGLEVEL -le 1 ]; then
+	msgpass() { true; }
+fi
 msgdone() {
 	if [ "$1" = "debug" -a $MSGLEVEL -le 4 ] ||
 	   [ "$1" = "info" -a $MSGLEVEL -le 3 ] ||
@@ -169,31 +173,36 @@ runapt() {
 	msgdebug "Executing: ${CCMD}$*${CDEBUG} "
 	local CMD="$1"
 	shift
-	case $CMD in
+	case "$CMD" in
 	sh|aptitude|*/*|command) ;;
 	*) CMD="${BUILDDIRECTORY}/$CMD";;
 	esac
-	MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH=${LIBRARYPATH} $CMD "$@"
+	MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH="${LIBRARYPATH}:${LD_LIBRARY_PATH}" "$CMD" "$@"
 }
+runpython3() { runapt command python3 "$@"; }
 aptconfig() { runapt apt-config "$@"; }
 aptcache() { runapt apt-cache "$@"; }
 aptcdrom() { runapt apt-cdrom "$@"; }
 aptget() { runapt apt-get "$@"; }
-aptftparchive() { runapt apt-ftparchive "$@"; }
+aptftparchive() { runapt "${APTFTPARCHIVEBINDIR}/apt-ftparchive" "$@"; }
 aptkey() { runapt apt-key "$@"; }
 aptmark() { runapt apt-mark "$@"; }
 aptsortpkgs() { runapt apt-sortpkgs "$@"; }
 apt() { runapt apt "$@"; }
 apthelper() { runapt "${APTHELPERBINDIR}/apt-helper" "$@"; }
-aptwebserver() { runapt "${APTWEBSERVERBINDIR}/aptwebserver" "$@"; }
+aptwebserver() { runapt "${APTTESTHELPERSBINDIR}/aptwebserver" "$@"; }
 aptitude() { runapt aptitude "$@"; }
 aptextracttemplates() { runapt apt-extracttemplates "$@"; }
 aptinternalsolver() { runapt "${APTINTERNALSOLVER}" "$@"; }
 aptdumpsolver() { runapt "${APTDUMPSOLVER}" "$@"; }
+aptinternalplanner() { runapt "${APTINTERNALPLANNER}" "$@"; }
 
 dpkg() {
 	"${TMPWORKINGDIRECTORY}/rootdir/usr/bin/dpkg" "$@"
 }
+dpkg_version() {
+	command perl -MDpkg -E 'say $Dpkg::PROGVERSION'
+}
 dpkgcheckbuilddeps() {
 	command dpkg-checkbuilddeps --admindir="${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg" "$@"
 }
@@ -214,7 +223,13 @@ gdb() {
 	if [ "${CMD##*/}" = "$CMD" ]; then
 		CMD="${BUILDDIRECTORY}/${CMD}"
 	fi
-	runapt command gdb --quiet -ex run "$CMD" --args "$CMD" "$@"
+	runapt command gdb --quiet -ex "directory '$SOURCEDIRECTORY'" -ex run "$CMD" --args "$CMD" "$@"
+}
+lastmodification() {
+	date -u -d "@$(stat -c '%Y' "${TMPWORKINGDIRECTORY}/$1")" -R
+}
+releasefiledate() {
+	grep "^${2:-Date}:" "$1" | cut -d' ' -f 2-
 }
 
 exitwithstatus() {
@@ -245,33 +260,82 @@ addtrap() {
 	trap "shellsetedetector; $CURRENTTRAP exitwithstatus;" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
 }
 
+escape_shell() {
+    echo "$@" | sed -e "s#'#'\"'\"'#g"
+}
+
+find_project_binary_dir() {
+	local TESTDIRECTORY="$(readlink -f "$(dirname $0)")"
+	if [ -z "$PROJECT_BINARY_DIR" ]; then
+		PROJECT_BINARY_DIR=
+		for dir in ${TESTDIRECTORY}/../../ ${TESTDIRECTORY}/../../*; do
+			test -e "$dir/CMakeCache.txt"  || continue
+			if [ -z "$PROJECT_BINARY_DIR" ] ||
+			   [ "$dir/CMakeCache.txt" -nt "$PROJECT_BINARY_DIR/CMakeCache.txt" ]; then
+				PROJECT_BINARY_DIR="$dir"
+			fi
+		done
+		if [ -z "$PROJECT_BINARY_DIR" ]; then
+			echo "Cannot find build directory, you might want to set PROJECT_BINARY_DIR" >&2
+			exit 1
+		fi
+		export PROJECT_BINARY_DIR
+	fi
+}
 setupenvironment() {
+	# Next check needs a gnu stat, let's figure that out early.
+	stat=stat
+	if command -v gnustat >/dev/null 2>&1; then
+		stat=gnustat
+	fi
 	# privilege dropping and testing doesn't work if /tmp isn't world-writeable (as e.g. with libpam-tmpdir)
-	if [ -n "$TMPDIR" ] && [ "$(id -u)" = '0' ] && [ "$(stat --format '%a' "$TMPDIR")" != '1777' ]; then
+	if [ -n "$TMPDIR" ] && [ "$(id -u)" = '0' ] && [ "$($stat --format '%a' "$TMPDIR")" != '1777' ]; then
 		unset TMPDIR
 	fi
 	TMPWORKINGDIRECTORY="$(mktemp -d)"
-	addtrap "cd /; rm -rf \"$TMPWORKINGDIRECTORY\";"
+	addtrap "cd /; rm -rf '$(escape_shell "$TMPWORKINGDIRECTORY")';"
+	if [ -n "$TMPDIR_ADD" ]; then
+		TMPWORKINGDIRECTORY="${TMPWORKINGDIRECTORY}/${TMPDIR_ADD}"
+		mkdir -p "$TMPWORKINGDIRECTORY"
+		unset TMPDIR_ADD
+		export TMPDIR="$TMPWORKINGDIRECTORY"
+	fi
 	msgninfo "Preparing environment for ${0##*/} in ${TMPWORKINGDIRECTORY}…"
 
+	# Setup coreutils on BSD systems
+	mkdir "${TMPWORKINGDIRECTORY}/bin"
+	for prefix in gnu g; do
+			for command in stat touch sed cp tr sha1sum sha256sum md5sum sha512sum grep date wc chmod head readlink tar expr base64; do
+					if command -v $prefix$command 2>/dev/null >/dev/null; then
+							[ -e "${TMPWORKINGDIRECTORY}/bin/$command" ] || ln -sf $(command -v $prefix$command)  "${TMPWORKINGDIRECTORY}/bin/$command"
+					fi
+			done
+	done
+	export PATH="${TMPWORKINGDIRECTORY}/bin/:$PATH"
+
+
 	mkdir -m 700 "${TMPWORKINGDIRECTORY}/downloaded"
 	if [ "$(id -u)" = '0' ]; then
 		# relax permissions so that running as root with user switching works
 		umask 022
 		chmod 711 "$TMPWORKINGDIRECTORY"
-		chown _apt:root "${TMPWORKINGDIRECTORY}/downloaded"
+		chown _apt:$(id -gn) "${TMPWORKINGDIRECTORY}/downloaded"
 	fi
 
 	TESTDIRECTORY="$(readlink -f "$(dirname $0)")"
+	# Find the newest build directory (sets PROJECT_BINARY_DIR)
+	find_project_binary_dir
         # allow overriding the default BUILDDIR location
 	SOURCEDIRECTORY="${APT_INTEGRATION_TESTS_SOURCE_DIR:-"${TESTDIRECTORY}/../../"}"
-	BUILDDIRECTORY="${APT_INTEGRATION_TESTS_BUILD_DIR:-"${TESTDIRECTORY}/../../build/bin"}"
-	LIBRARYPATH="${APT_INTEGRATION_TESTS_LIBRARY_PATH:-"${BUILDDIRECTORY}"}"
-        METHODSDIR="${APT_INTEGRATION_TESTS_METHODS_DIR:-"${BUILDDIRECTORY}/methods"}"
+	BUILDDIRECTORY="${APT_INTEGRATION_TESTS_BUILD_DIR:-"${PROJECT_BINARY_DIR}/cmdline"}"
+	LIBRARYPATH="${APT_INTEGRATION_TESTS_LIBRARY_PATH:-"${BUILDDIRECTORY}/../apt-pkg"}"
+        METHODSDIR="${APT_INTEGRATION_TESTS_METHODS_DIR:-"${BUILDDIRECTORY}/../methods"}"
         APTHELPERBINDIR="${APT_INTEGRATION_TESTS_LIBEXEC_DIR:-"${BUILDDIRECTORY}"}"
-        APTWEBSERVERBINDIR="${APT_INTEGRATION_TESTS_WEBSERVER_BIN_DIR:-"${BUILDDIRECTORY}"}"
-        APTINTERNALSOLVER="${APT_INTEGRATION_TESTS_INTERNAL_SOLVER:-"${BUILDDIRECTORY}/apt-internal-solver"}"
-	APTDUMPSOLVER="${APT_INTEGRATION_TESTS_DUMP_SOLVER:-"${BUILDDIRECTORY}/apt-dump-solver"}"
+        APTTESTHELPERSBINDIR="${APT_INTEGRATION_TESTS_HELPERS_BIN_DIR:-"${BUILDDIRECTORY}/../test/interactive-helper"}"
+        APTFTPARCHIVEBINDIR="${APT_INTEGRATION_TESTS_FTPARCHIVE_BIN_DIR:-"${BUILDDIRECTORY}/../ftparchive"}"
+        APTINTERNALSOLVER="${APT_INTEGRATION_TESTS_INTERNAL_SOLVER:-"${BUILDDIRECTORY}/solvers/apt"}"
+	APTDUMPSOLVER="${APT_INTEGRATION_TESTS_DUMP_SOLVER:-"${BUILDDIRECTORY}/solvers/dump"}"
+	APTINTERNALPLANNER="${APT_INTEGRATION_TESTS_INTERNAL_PLANNER:-"${BUILDDIRECTORY}/planners/apt"}"
 	test -x "${BUILDDIRECTORY}/apt-get" || msgdie "You need to build tree first"
         # -----
 
@@ -279,21 +343,21 @@ setupenvironment() {
 	mkdir rootdir aptarchive keys
 	cd rootdir
 	mkdir -p etc/apt/apt.conf.d etc/apt/sources.list.d etc/apt/trusted.gpg.d etc/apt/preferences.d
-	mkdir -p usr/bin var/cache var/lib var/log tmp
+	mkdir -p usr/bin var/cache var/lib var/log var/crash tmp
 	mkdir -p var/lib/dpkg/info var/lib/dpkg/updates var/lib/dpkg/triggers
+	mkdir -p usr/lib/apt/solvers usr/lib/apt/planners
 	touch var/lib/dpkg/available
-	mkdir -p usr/lib/apt
 	ln -s "${METHODSDIR}" usr/lib/apt/methods
-	if [ "$BUILDDIRECTORY" = "$LIBRARYPATH" ]; then
-		mkdir -p usr/lib/apt/solvers
-		ln -s "${BUILDDIRECTORY}/apt-dump-solver" usr/lib/apt/solvers/dump
-		ln -s "${BUILDDIRECTORY}/apt-internal-solver" usr/lib/apt/solvers/apt
-		echo "Dir::Bin::Solvers \"${TMPWORKINGDIRECTORY}/rootdir/usr/lib/apt/solvers\";" > etc/apt/apt.conf.d/externalsolver.conf
-	fi
+	ln -s "${APTDUMPSOLVER}" usr/lib/apt/solvers/dump
+	ln -s "${APTDUMPSOLVER}" usr/lib/apt/planners/dump
+	ln -s "${APTINTERNALSOLVER}" usr/lib/apt/solvers/apt
+	ln -s "${APTINTERNALPLANNER}" usr/lib/apt/planners/apt
+	echo "Dir::Bin::Solvers \"${TMPWORKINGDIRECTORY}/rootdir/usr/lib/apt/solvers\";" >> ../aptconfig.conf
+	echo "Dir::Bin::Planners \"${TMPWORKINGDIRECTORY}/rootdir/usr/lib/apt/planners\";" >> ../aptconfig.conf
         # use the autoremove from the BUILDDIRECTORY if its there, otherwise
         # system
-        if [ -e "${BUILDDIRECTORY}/../../debian/apt.conf.autoremove" ]; then
-	    ln -s "${BUILDDIRECTORY}/../../debian/apt.conf.autoremove" etc/apt/apt.conf.d/01autoremove
+        if [ -z "${APT_INTEGRATION_TESTS_SOURCE_DIR}" ]; then
+	    ln -s "${SOURCEDIRECTORY}/debian/apt.conf.autoremove" etc/apt/apt.conf.d/01autoremove
         else
 	    ln -s /etc/apt/apt.conf.d/01autoremove etc/apt/apt.conf.d/01autoremove
         fi
@@ -307,14 +371,16 @@ setupenvironment() {
 	if [ -f "${TESTDIRECTORY}/${SOURCESSFILE}" ]; then
 		cp "${TESTDIRECTORY}/${SOURCESSFILE}" aptarchive/Sources
 	fi
-	for key in $(find "$TESTDIRECTORY" -name '*.pub' -o -name '*.sec'); do
-		cp "$key" keys/
-		chmod 644 "$key"
-	done
+	find "$TESTDIRECTORY" \( -name '*.pub' -o -name '*.sec' \) -exec cp '{}' keys/ \;
+	chmod 644 keys/*
 	ln -s "${TMPWORKINGDIRECTORY}/keys/joesixpack.pub" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
 
-	echo "Dir \"${TMPWORKINGDIRECTORY}/rootdir\";" > aptconfig.conf
-	echo "Dir::state::status \"${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status\";" >> aptconfig.conf
+	echo "Dir \"${TMPWORKINGDIRECTORY}/rootdir\";" >> aptconfig.conf
+	echo "Dir::Etc \"etc\";" >> aptconfig.conf
+	echo "Dir::State \"var/lib/apt\";" >> aptconfig.conf
+	echo "Dir::Cache \"var/cache/apt\";" >> aptconfig.conf
+	echo "Dir::Etc \"etc/apt\";" >> aptconfig.conf
+	echo "Dir::Log \"var/log/apt\";" >> aptconfig.conf
 	echo "APT::Get::Show-User-Simulation-Note \"false\";" >> aptconfig.conf
 	echo "Dir::Bin::Methods \"${TMPWORKINGDIRECTORY}/rootdir/usr/lib/apt/methods\";" >> aptconfig.conf
 	# either store apt-key were we can access it, even if we run it as a different user
@@ -324,17 +390,20 @@ setupenvironment() {
 	# destroys coverage reporting though, so we disable changing user for the calling gpgv
 	echo "Dir::Bin::apt-key \"${BUILDDIRECTORY}/apt-key\";" >> aptconfig.conf
 	if [ "$(id -u)" = '0' ]; then
-		echo 'Binary::gpgv::Debug::NoDropPrivs "true";' >>aptconfig.conf
+		echo 'Binary::gpgv::APT::Sandbox::User "root";' >> aptconfig.conf
+		# same for the solver executables
+		echo 'APT::Solver::RunAsUser "root";' >> aptconfig.conf
+		echo 'APT::Planner::RunAsUser "root";' >> aptconfig.conf
 	fi
 
 	cat > "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/dpkg" <<EOF
 #!/bin/sh
 set -e
-if [ -r "${TMPWORKINGDIRECTORY}/noopchroot.so" ]; then
+if [ -r '${TMPWORKINGDIRECTORY}/noopchroot.so' ]; then
 	if [ -n "\$LD_LIBRARY_PATH" ]; then
-		export LD_LIBRARY_PATH="${TMPWORKINGDIRECTORY}:${LD_LIBRARY_PATH}"
+		export LD_LIBRARY_PATH='${TMPWORKINGDIRECTORY}:'"\${LD_LIBRARY_PATH}"
 	else
-		export LD_LIBRARY_PATH="${TMPWORKINGDIRECTORY}"
+		export LD_LIBRARY_PATH='${TMPWORKINGDIRECTORY}'
 	fi
 	if [ -n "\$LD_PRELOAD" ]; then
 		export LD_PRELOAD="noopchroot.so \${LD_PRELOAD}"
@@ -345,13 +414,15 @@ fi
 EOF
 	cp "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/dpkg" "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/gdb-dpkg"
 	cat >> "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/dpkg" <<EOF
-exec fakeroot "${DPKG:-dpkg}" --root="${TMPWORKINGDIRECTORY}/rootdir" \\
-	--log="${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log" \\
+exec fakeroot '${DPKG:-dpkg}' --root='${TMPWORKINGDIRECTORY}/rootdir' \\
+	--admindir="${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg" \\
+	--log='${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log' \\
 	--force-not-root --force-bad-path "\$@"
 EOF
 	cat >> "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/gdb-dpkg" <<EOF
-exec fakeroot gdb --quiet -ex run "${DPKG:-dpkg}" --args "${DPKG:-dpkg}" --root="${TMPWORKINGDIRECTORY}/rootdir" \\
-	--log="${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log" \\
+exec fakeroot gdb --quiet -ex run '${DPKG:-dpkg}' --args '${DPKG:-dpkg}' --root='${TMPWORKINGDIRECTORY}/rootdir' \\
+	--admindir="${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg" \\
+	--log='${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log' \\
 	--force-not-root --force-bad-path "\$@"
 EOF
 	chmod +x "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/dpkg" "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/gdb-dpkg"
@@ -370,32 +441,49 @@ EOF
 		# in testcases, it can appear as if localhost has a rotation setup,
 		# hide this as we can't really deal with it properly
 		echo 'Acquire::Failure::ShowIP "false";'
+		# randomess and tests don't play well together
+		echo 'Acquire::IndexTargets::Randomized "false";'
+		# fakeroot can't fake everything, so disabled in production but good for tests
+		echo 'APT::Sandbox::Verify "true";'
 	} >> aptconfig.conf
 
 	cp "${TESTDIRECTORY}/apt.pem" "${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem"
 	if [ "$(id -u)" = '0' ]; then
-		chown _apt:root "${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem"
+		chown _apt:$(id -gn) "${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem"
 	fi
 	echo "Acquire::https::CaInfo \"${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem\";" > rootdir/etc/apt/apt.conf.d/99https
 	echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
+	export APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=no
 	echo 'Acquire::Connect::AddrConfig "false";' > rootdir/etc/apt/apt.conf.d/connect-addrconfig
+
 	configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
-	confighashes 'SHA1' # these are tests, not security best-practices
+	confighashes 'SHA256' # these are tests, not security best-practices
 
 	# create some files in /tmp and look at user/group to get what this means
 	TEST_DEFAULT_USER="$(id -un)"
-	if [ "$(uname)" = 'GNU/kFreeBSD' ]; then
-		TEST_DEFAULT_GROUP='root'
-	else
-		TEST_DEFAULT_GROUP="$(id -gn)"
-	fi
+	touch "${TMPWORKINGDIRECTORY}/test-file"
+	TEST_DEFAULT_GROUP=$(stat --format '%G'  "${TMPWORKINGDIRECTORY}/test-file")
 
 	# cleanup the environment a bit
 	# prefer our apt binaries over the system apt binaries
 	export PATH="${BUILDDIRECTORY}:${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
-	export LC_ALL=C.UTF-8
+	export LC_ALL=C
 	unset LANGUAGE APT_CONFIG
 	unset GREP_OPTIONS DEB_BUILD_PROFILES
+	unset http_proxy HTTP_PROXY https_proxy HTTPS_PROXY no_proxy
+
+	# If gpgv supports --weak-digest, pass it to make sure we can disable SHA1
+	if aptkey verify --weak-digest SHA1 --help 2>/dev/null >/dev/null; then
+		echo 'Acquire::gpgv::Options { "--weak-digest"; "sha1"; };' > rootdir/etc/apt/apt.conf.d/no-sha1
+	fi
+
+	# most tests just need one signed Release file, not both
+	export APT_DONT_SIGN='Release.gpg'
+
+	if [ -r "${TESTDIRECTORY}/extra-environment" ]; then
+		. "${TESTDIRECTORY}/extra-environment"
+	fi
+
 	msgdone "info"
 }
 
@@ -437,30 +525,36 @@ configdpkg() {
 		local STATUSFILE="status-${BASENAME#*-}"
 		if [ -f "${TESTDIRECTORY}/${STATUSFILE}" ]; then
 			cp "${TESTDIRECTORY}/${STATUSFILE}" rootdir/var/lib/dpkg/status
+			# Add an empty line to the end if there is none
+			if tail -1 rootdir/var/lib/dpkg/status | grep -q .; then
+				echo >> rootdir/var/lib/dpkg/status
+			fi
 		else
 			echo -n > rootdir/var/lib/dpkg/status
 		fi
 	fi
 	rm -f rootdir/etc/apt/apt.conf.d/00foreigndpkg
-	if command dpkg --assert-multi-arch >/dev/null 2>&1 ; then
+	# make sure dpkg can detect itself as capable of it
+	if [ "0" = "$(dpkg -l dpkg 2> /dev/null | grep '^i' | wc -l)" ]; then
+		# dpkg doesn't really check the version as long as it is fully installed,
+		# but just to be sure we choose one above the required version
+		insertinstalledpackage 'dpkg' "all" '1.16.2+fake'
+	fi
+	if dpkg --assert-multi-arch >/dev/null 2>&1 ; then
 		local ARCHS="$(getarchitectures)"
-		if echo "$ARCHS" | grep -E -q '[^ ]+ [^ ]+'; then
-			DPKGARCH="$(dpkg --print-architecture)"
-			for ARCH in ${ARCHS}; do
-				if [ "${ARCH}" != "${DPKGARCH}" ]; then
-					if ! dpkg --add-architecture ${ARCH} >/dev/null 2>&1; then
-						# old-style used e.g. in Ubuntu-P – and as it seems travis
-						echo "DPKG::options:: \"--foreign-architecture\";" >> rootdir/etc/apt/apt.conf.d/00foreigndpkg
-						echo "DPKG::options:: \"${ARCH}\";"  >> rootdir/etc/apt/apt.conf.d/00foreigndpkg
-					fi
+		local DPKGARCH="$(dpkg --print-architecture)"
+		# this ensures that even if multi-arch isn't active in the view
+		# of apt, given that dpkg can't be told which arch is native
+		# the arch apt treats as native might be foreign for dpkg
+		for ARCH in ${ARCHS}; do
+			if [ "${ARCH}" != "${DPKGARCH}" ]; then
+				if ! dpkg --add-architecture ${ARCH} >/dev/null 2>&1; then
+					# old-style used e.g. in Ubuntu-P – and as it seems travis
+					echo "DPKG::options:: \"--foreign-architecture\";" >> rootdir/etc/apt/apt.conf.d/00foreigndpkg
+					echo "DPKG::options:: \"${ARCH}\";"  >> rootdir/etc/apt/apt.conf.d/00foreigndpkg
 				fi
-			done
-			if [ "0" = "$(dpkg -l dpkg 2> /dev/null | grep '^i' | wc -l)" ]; then
-				# dpkg doesn't really check the version as long as it is fully installed,
-				# but just to be sure we choose one above the required version
-				insertinstalledpackage 'dpkg' "all" '1.16.2+fake'
 			fi
-		fi
+		done
 	fi
 }
 
@@ -491,28 +585,39 @@ int execvp(const char *file, char *const argv[]) {
 	if (chrootdir == NULL || strncmp(file, "/var/lib/dpkg/", strlen("/var/lib/dpkg/")) != 0)
 		return func_execvp(file, argv);
 	printf("REWRITE execvp call %s into %s\n", file, chrootdir);
-	char newfile[strlen(chrootdir) + strlen(file)];
-	strcpy(newfile, chrootdir);
-	strcat(newfile, file);
+	char *newfile;
+	if (asprintf(&newfile, "%s%s", chrootdir, file) == -1) {
+		perror("asprintf");
+		return -1;
+	}
 	char const * const baseadmindir = "/var/lib/dpkg";
-	char admindir[strlen(chrootdir) + strlen(baseadmindir)];
-	strcpy(admindir, chrootdir);
-	strcat(admindir, baseadmindir);
+	char *admindir;
+	if (asprintf(&admindir, "%s%s", chrootdir, baseadmindir) == -1) {
+		perror("asprintf");
+		return -1;
+	}
 	setenv("DPKG_ADMINDIR", admindir, 1);
 	return func_execvp(newfile, argv);
 }
 EOF
-	testsuccess --nomsg gcc -fPIC -shared -o noopchroot.so noopchroot.c -ldl
+	if cc -ldl 2>&1 | grep -q dl; then
+		testempty --nomsg cc -Wall -Wextra -fPIC -shared -o noopchroot.so noopchroot.c
+	else
+		testempty --nomsg cc -Wall -Wextra -fPIC -shared -o noopchroot.so noopchroot.c -ldl
+	fi
 }
 configcompression() {
+	if [ "$1" = 'ALL' ]; then
+		configcompression '.' $(aptconfig dump APT::Compressor --format '%t %v%n' | sed -n 's#^Extension \.\(.*\)$#\1#p')
+		return
+	fi
+	local CMD='apthelper cat-file -C'
 	while [ -n "$1" ]; do
 		case "$1" in
 		'.') printf ".\t.\tcat\n";;
-		'gz') printf "gzip\tgz\tgzip\n";;
-		'bz2') printf "bzip2\tbz2\tbzip2\n";;
-		'lzma') printf "lzma\tlzma\txz --format=lzma\n";;
-		'xz') printf "xz\txz\txz\n";;
-		*) printf "$1\t$1\t$1\n";;
+		'gz') printf "gzip\tgz\t$CMD $1\n";;
+		'bz2') printf "bzip2\tbz2\t$CMD $1\n";;
+		*) printf "$1\t$1\t$CMD $1\n";;
 		esac
 		shift
 	done > "${TMPWORKINGDIRECTORY}/rootdir/etc/testcase-compressor.conf"
@@ -535,100 +640,32 @@ confighashes() {
 }
 forcecompressor() {
 	COMPRESSOR="$1"
-	COMPRESSOR_CMD="$1"
+	COMPRESS="$1"
+	COMPRESSOR_CMD="apthelper cat-file -C $1"
 	case $COMPRESSOR in
 	gzip) COMPRESS='gz';;
 	bzip2) COMPRESS='bz2';;
-	lzma) COMPRESS='lzma';;
-	xz) COMPRESS='xz';;
-	*) msgdie "Compressor $COMPRESSOR is unknown to framework, so can't be forced by forcecompressor!";;
 	esac
 	local CONFFILE="${TMPWORKINGDIRECTORY}/rootdir/etc/apt/apt.conf.d/00force-compressor"
 	echo "Acquire::CompressionTypes::Order { \"${COMPRESS}\"; };
-Dir::Bin::uncompressed \"/does/not/exist\";
-Dir::Bin::gzip \"/does/not/exist\";
-Dir::Bin::bzip2 \"/does/not/exist\";
-Dir::Bin::lzma \"/does/not/exist\";
-Dir::Bin::xz \"/does/not/exist\";" > "$CONFFILE"
-	if [ -e "/bin/${COMPRESSOR}" ]; then
-		echo "Dir::Bin::${COMPRESSOR} \"/bin/${COMPRESSOR}\";" >> "$CONFFILE"
-	elif [ -e "/usr/bin/${COMPRESSOR}" ]; then
-		echo "Dir::Bin::${COMPRESSOR} \"/usr/bin/${COMPRESSOR}\";" >> "$CONFFILE"
-	elif [ "${COMPRESSOR}" = 'lzma' ]; then
-		echo 'Dir::Bin::xz "/usr/bin/xz";' >> "$CONFFILE"
-		COMPRESSOR_CMD='xz --format=lzma'
-	else
-		msgtest 'Test for availability of compressor' "${COMPRESSOR}"
-		msgfail "${COMPRESSOR} not available"
-	fi
-}
-
-setupsimplenativepackage() {
-	local NAME="$1"
-	local ARCH="$2"
-	local VERSION="$3"
-	local RELEASE="${4:-unstable}"
-	local DEPENDENCIES="$5"
-	local DESCRIPTION="${6:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
- If you find such a package installed on your system,
- something went horribly wrong! They are autogenerated
- und used only by testcases and surf no other propose…"}"
-
-	local SECTION="${7:-others}"
-	local DISTSECTION
-	if [ "$SECTION" = "${SECTION#*/}" ]; then
-		DISTSECTION="main"
-	else
-		DISTSECTION="${SECTION%/*}"
-	fi
-	local BUILDDIR=incoming/${NAME}-${VERSION}
-	mkdir -p ${BUILDDIR}/debian/source
-	cd ${BUILDDIR}
-	echo "* most suckless software product ever" > FEATURES
-	test -e debian/copyright || echo "Copyleft by Joe Sixpack $(date +%Y)" > debian/copyright
-	test -e debian/changelog || echo "$NAME ($VERSION) $RELEASE; urgency=low
-
-  * Initial release
-
- -- Joe Sixpack <joe@example.org>  $(date -R)" > debian/changelog
-	test -e debian/control || echo "Source: $NAME
-Section: $SECTION
-Priority: optional
-Maintainer: Joe Sixpack <joe@example.org>
-Build-Depends: debhelper (>= 7)
-Standards-Version: 3.9.1
-
-Package: $NAME" > debian/control
-	if [ "$ARCH" = 'all' ]; then
-		echo "Architecture: all" >> debian/control
-	else
-		echo "Architecture: any" >> debian/control
-	fi
-	test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> debian/control
-	echo "Description: $DESCRIPTION" >> debian/control
-
-	test -e debian/compat || echo "7" > debian/compat
-	test -e debian/source/format || echo "3.0 (native)" > debian/source/format
-	test -e debian/rules || cp /usr/share/doc/debhelper/examples/rules.tiny debian/rules
-	cd - > /dev/null
+Dir::Bin::uncompressed \"/does/not/exist\";" > "$CONFFILE"
+	for COMP in $(aptconfig dump 'APT::Compressor' --format '%f%n' | cut -d':' -f 5 | uniq); do
+		if [ -z "$COMP" -o "$COMP" = '.' -o "$COMP" = "$COMPRESSOR" ]; then continue; fi
+		echo "Dir::Bin::${COMP} \"/does/not/exist\";" >> "$CONFFILE"
+		echo "APT::Compressor::${COMP}::Name \"${COMP}-disabled\";" >> "$CONFFILE"
+	done
 }
 
-buildsimplenativepackage() {
+_setupsimplenativepackage() {
 	local NAME="$1"
-	local NM
-	if [ "$(echo "$NAME" | cut -c 1-3)" = 'lib' ]; then
-		NM="$(echo "$NAME" | cut -c 1-4)"
-	else
-		NM="$(echo "$NAME" | cut -c 1)"
-	fi
 	local ARCH="$2"
 	local VERSION="$3"
 	local RELEASE="${4:-unstable}"
 	local DEPENDENCIES="$5"
-	local DESCRIPTION="${6:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
+	local DESCRIPTION="${6:-an autogenerated dummy ${NAME}=${VERSION}/${RELEASE}
  If you find such a package installed on your system,
  something went horribly wrong! They are autogenerated
- und used only by testcases and surf no other propose…"}"
+ und used only by testcases and serve no other purpose…}"
 
 	local SECTION="${7:-others}"
 	local PRIORITY="${8:-optional}"
@@ -642,18 +679,17 @@ buildsimplenativepackage() {
 	fi
 	local BUILDDIR="${TMPWORKINGDIRECTORY}/incoming/${NAME}-${VERSION}"
 
-	msgtest "Build source package in version ${VERSION} for ${RELEASE} in ${DISTSECTION}" "$NAME"
 	mkdir -p "$BUILDDIR/debian/source"
 	echo "* most suckless software product ever" > "${BUILDDIR}/FEATURES"
 	echo "#!/bin/sh
 echo '$NAME says \"Hello!\"'" > "${BUILDDIR}/${NAME}"
 
-	echo "Copyleft by Joe Sixpack $(date +%Y)" > "${BUILDDIR}/debian/copyright"
+	echo "Copyleft by Joe Sixpack $(date -u +%Y)" > "${BUILDDIR}/debian/copyright"
 	echo "$NAME ($VERSION) $RELEASE; urgency=low
 
   * Initial release
 
- -- Joe Sixpack <joe@example.org>  $(date -R)" > "${BUILDDIR}/debian/changelog"
+ -- Joe Sixpack <joe@example.org>  $(date -u -R)" > "${BUILDDIR}/debian/changelog"
 	{
 		echo "Source: $NAME
 Priority: $PRIORITY
@@ -662,7 +698,7 @@ Standards-Version: 3.9.3"
 		if [ "$SECTION" != '<none>' ]; then
 			echo "Section: $SECTION"
 		fi
-		local BUILDDEPS="$(echo "$DEPENDENCIES" | grep '^Build-')"
+		local BUILDDEPS="$(printf "%b\n" "$DEPENDENCIES" | grep '^Build-')"
 		test -z "$BUILDDEPS" || echo "$BUILDDEPS"
 		echo "
 Package: $NAME"
@@ -672,12 +708,55 @@ Package: $NAME"
 		else
 			echo "Architecture: any"
 		fi
-		local DEPS="$(echo "$DEPENDENCIES" | grep -v '^Build-')"
+		local DEPS="$(printf "%b\n" "$DEPENDENCIES" | grep -v '^Build-')"
 		test -z "$DEPS" || echo "$DEPS"
-		echo "Description: $DESCRIPTION"
+		printf "%b\n" "Description: $DESCRIPTION"
 	} > "${BUILDDIR}/debian/control"
 
 	echo '3.0 (native)' > "${BUILDDIR}/debian/source/format"
+}
+
+make_tiny_rules() {
+	local OUT="$1"
+	if command -v gmake >/dev/null 2>&1; then
+		[ -e ${TMPWORKINGDIRECTORY}/bin/make ] || ln -s $(command -v gmake) ${TMPWORKINGDIRECTORY}/bin/make
+		echo "#!${TMPWORKINGDIRECTORY}/bin/make -f" > "$OUT"
+	else
+		echo '#!/usr/bin/make -f' > "$OUT"
+	fi
+	echo '%:' >> "$OUT"
+	echo '	dh $@' >> "$OUT"
+}
+
+setupsimplenativepackage() {
+	_setupsimplenativepackage "$@"
+	local NAME="$1"
+	local VERSION="$3"
+	local BUILDDIR="${TMPWORKINGDIRECTORY}/incoming/${NAME}-${VERSION}"
+	test -e "${BUILDDIR}/debian/compat" || echo '7' > "${BUILDDIR}/debian/compat"
+	test -e  "${BUILDDIR}/debian/rules" || make_tiny_rules "${BUILDDIR}/debian/rules"
+}
+
+buildsimplenativepackage() {
+	local NAME="$1"
+	local ARCH="$2"
+	local VERSION="$3"
+	local RELEASE="${4:-unstable}"
+	local DEPENDENCIES="$5"
+	local DESCRIPTION="$6"
+	local SECTION="${7:-others}"
+	local PRIORITY="${8:-optional}"
+	local FILE_TREE="$9"
+	local COMPRESS_TYPE="${10:-gzip}"
+	local DISTSECTION
+	if [ "$SECTION" = "${SECTION#*/}" ]; then
+		DISTSECTION="main"
+	else
+		DISTSECTION="${SECTION%/*}"
+	fi
+	local BUILDDIR="${TMPWORKINGDIRECTORY}/incoming/${NAME}-${VERSION}"
+	msgtest "Build source package in version ${VERSION} for ${RELEASE} in ${DISTSECTION}" "$NAME"
+	_setupsimplenativepackage "$@"
 	cd "${BUILDDIR}/.."
 	testsuccess --nomsg dpkg-source -b ${NAME}-${VERSION}
 	cd - >/dev/null
@@ -711,6 +790,12 @@ Package: $NAME"
 		echo "pool/${NAME}_${VERSION}_${arch}.deb" >> "${BUILDDIR}/../${RELEASE}.${DISTSECTION}.pkglist"
 	done
 
+	local NM
+	if [ "$(echo "$NAME" | cut -c 1-3)" = 'lib' ]; then
+		NM="$(echo "$NAME" | cut -c 1-4)"
+	else
+		NM="$(echo "$NAME" | cut -c 1)"
+	fi
 	local CHANGEPATH="${BUILDDIR}/../${DISTSECTION}/${NM}/${NAME}/${NAME}_${VERSION}"
 	mkdir -p "$CHANGEPATH"
 	cp "${BUILDDIR}/debian/changelog" "$CHANGEPATH"
@@ -730,7 +815,7 @@ buildpackage() {
 	if [ "$ARCH" = "all" ]; then
 		ARCH="$(dpkg-architecture -qDEB_HOST_ARCH 2> /dev/null)"
 	fi
-	testsuccess --nomsg dpkg-buildpackage -uc -us -a$ARCH
+	testsuccess --nomsg dpkg-buildpackage -uc -us -a$ARCH -d
 	cp "${TMPWORKINGDIRECTORY}/rootdir/tmp/testsuccess.output" "$BUILDLOG"
 	local PKGS="$(grep '^dpkg-deb: building package' "$BUILDLOG" | cut -d'/' -f 2 | sed -e "s#'\.##")"
 	local SRCS="$(grep '^dpkg-source: info: building' "$BUILDLOG" | grep -o '[a-z0-9._+~-]*$')"
@@ -807,10 +892,10 @@ insertpackage() {
 	local VERSION="$4"
 	local DEPENDENCIES="$5"
 	local PRIORITY="${6:-optional}"
-	local DESCRIPTION="${7:-"an autogenerated dummy ${NAME}=${VERSION}/${RELEASES}
+	local DESCRIPTION="${7:-an autogenerated dummy ${NAME}=${VERSION}/${RELEASES}
  If you find such a package installed on your system,
  something went horribly wrong! They are autogenerated
- und used only by testcases and surf no other propose…"}"
+ und used only by testcases and serve no other purpose…}"
 	local ARCHS=""
 	for RELEASE in $(printf '%s' "$RELEASES" | tr ',' '\n'); do
 		if [ "$RELEASE" = 'installed' ]; then
@@ -835,9 +920,10 @@ Maintainer: Joe Sixpack <joe@example.org>"
 					test "$arch" = 'none' || echo "Architecture: $arch"
 					echo "Version: $VERSION
 Filename: pool/main/${NAME}/${NAME}_${VERSION}_${arch}.deb"
-					test -z "$DEPENDENCIES" || echo "$DEPENDENCIES"
+					test -z "$DEPENDENCIES" || printf "%b\n" "$DEPENDENCIES"
 					echo "Description: $(printf '%s' "$DESCRIPTION" | head -n 1)"
 					echo "Description-md5: $(printf '%s' "$DESCRIPTION" | md5sum | cut -d' ' -f 1)"
+					echo "SHA256: 0000000000000000000000000000000000000000000000000000000000000000"
 					echo
 				} >> "${PPATH}/Packages"
 			done
@@ -852,31 +938,33 @@ Description-en: $DESCRIPTION
 }
 
 insertsource() {
-	local RELEASE="$1"
+	local RELEASES="$1"
 	local NAME="$2"
 	local ARCH="$3"
 	local VERSION="$4"
 	local DEPENDENCIES="$5"
-        local BINARY="${6:-$NAME}"
+	local BINARY="${6:-$NAME}"
 	local ARCHS=""
-	local SPATH="aptarchive/dists/${RELEASE}/main/source"
-	mkdir -p $SPATH
-	local FILE="${SPATH}/Sources"
-	local DSCFILE="${NAME}_${VERSION}.dsc"
-	local TARFILE="${NAME}_${VERSION}.tar.gz"
-	echo "Package: $NAME
+	for RELEASE in $(printf '%s' "$RELEASES" | tr ',' '\n'); do
+		local SPATH="aptarchive/dists/${RELEASE}/main/source"
+		mkdir -p $SPATH
+		local FILE="${SPATH}/Sources"
+		local DSCFILE="${NAME}_${VERSION}.dsc"
+		local TARFILE="${NAME}_${VERSION}.tar.gz"
+		echo "Package: $NAME
 Binary: $BINARY
 Version: $VERSION
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: $ARCH" >> $FILE
-	test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> "$FILE"
-	echo "Files:
+		test -z "$DEPENDENCIES" || printf "%b\n" "$DEPENDENCIES" >> "$FILE"
+		echo "Files:
  $(echo -n "$DSCFILE" | md5sum | cut -d' ' -f 1) $(echo -n "$DSCFILE" | wc -c) "$DSCFILE"
  $(echo -n "$TARFILE" | md5sum | cut -d' ' -f 1) $(echo -n "$TARFILE" | wc -c) "$TARFILE"
 Checksums-Sha256:
  $(echo -n "$DSCFILE" | sha256sum | cut -d' ' -f 1) $(echo -n "$DSCFILE" | wc -c) "$DSCFILE"
  $(echo -n "$TARFILE" | sha256sum | cut -d' ' -f 1) $(echo -n "$TARFILE" | wc -c) "$TARFILE"
 " >> "$FILE"
+	done
 }
 
 insertinstalledpackage() {
@@ -886,10 +974,10 @@ insertinstalledpackage() {
 	local DEPENDENCIES="$4"
 	local PRIORITY="${5:-optional}"
 	local STATUS="${6:-install ok installed}"
-	local DESCRIPTION="${7:-"an autogenerated dummy ${NAME}=${VERSION}/installed
+	local DESCRIPTION="${7:-an autogenerated dummy ${NAME}=${VERSION}/installed
  If you find such a package installed on your system,
  something went horribly wrong! They are autogenerated
- und used only by testcases and surf no other propose…"}"
+ und used only by testcases and serve no other purpose…}"
 
 	local FILE='rootdir/var/lib/dpkg/status'
 	local INFO='rootdir/var/lib/dpkg/info'
@@ -902,8 +990,8 @@ Installed-Size: 42
 Maintainer: Joe Sixpack <joe@example.org>
 Version: $VERSION" >> "$FILE"
 		test "$arch" = 'none' || echo "Architecture: $arch" >> "$FILE"
-		test -z "$DEPENDENCIES" || echo "$DEPENDENCIES" >> "$FILE"
-		echo "Description: $DESCRIPTION" >> "$FILE"
+		test -z "$DEPENDENCIES" || printf "%b\n" "$DEPENDENCIES" >> "$FILE"
+		printf "%b\n" "Description: $DESCRIPTION" >> "$FILE"
 		echo >> "$FILE"
 		if [ "$(dpkg-query -W --showformat='${Multi-Arch}')" = 'same' ]; then
 			echo -n > "${INFO}/${NAME}:${arch}.list"
@@ -940,7 +1028,7 @@ buildaptarchivefromfiles() {
 }
 
 compressfile() {
-	cat "${TMPWORKINGDIRECTORY}/rootdir/etc/testcase-compressor.conf" | while read compressor extension command; do
+	while read compressor extension command; do
 		if [ "$compressor" = '.' ]; then
 			if [ -n "$2" ]; then
 				touch -d "$2" "$1"
@@ -951,7 +1039,7 @@ compressfile() {
 		if [ -n "$2" ]; then
 			touch -d "$2" "${1}.${extension}"
 		fi
-	done
+	done < "${TMPWORKINGDIRECTORY}/rootdir/etc/testcase-compressor.conf"
 }
 
 # can be overridden by testcases for their pleasure
@@ -1002,13 +1090,13 @@ NotAutomatic: yes' "$dir/Release"
 	fi
 	if [ -n "$DATE" -a "$DATE" != "now" ]; then
 		for release in $(find ./aptarchive -name 'Release'); do
-			sed -i "s/^Date: .*$/Date: $(date -d "$DATE" '+%a, %d %b %Y %H:%M:%S %Z')/" "$release"
+			sed -i "s/^Date: .*$/Date: $(date -u -d "$DATE" -R)/" "$release"
 			touch -d "$DATE" "$release"
 		done
 	fi
 	if [ -n "$VALIDUNTIL" ]; then
 		sed -i "/^Date: / a\
-Valid-Until: $(date -d "$VALIDUNTIL" '+%a, %d %b %Y %H:%M:%S %Z')" $(find ./aptarchive -name 'Release')
+Valid-Until: $(date -u -d "$VALIDUNTIL" -R)" $(find ./aptarchive -name 'Release')
 	fi
 	msgdone "info"
 }
@@ -1064,40 +1152,73 @@ setupaptarchive() {
 }
 
 signreleasefiles() {
-	local SIGNER="${1:-Joe Sixpack}"
+	local SIGNERS="${1:-Joe Sixpack}"
 	local REPODIR="${2:-aptarchive}"
-	local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')"
-	local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes"
-	msgninfo "\tSign archive with $SIGNER key $KEY… "
+	if [ -n "$1" ]; then shift; fi
+	if [ -n "$1" ]; then shift; fi
+	local KEY="keys/$(echo "$SIGNERS" | tr 'A-Z' 'a-z' | tr -d ' ,')"
+	msgninfo "\tSign archive with $SIGNERS key $KEY… "
 	local REXKEY='keys/rexexpired'
 	local SECEXPIREBAK="${REXKEY}.sec.bak"
 	local PUBEXPIREBAK="${REXKEY}.pub.bak"
-	if [ "${SIGNER}" = 'Rex Expired' ]; then
-		# the key is expired, so gpg doesn't allow to sign with and the --faked-system-time
-		# option doesn't exist anymore (and using faketime would add a new obscure dependency)
-		# therefore we 'temporary' make the key not expired and restore a backup after signing
-		cp "${REXKEY}.sec" "$SECEXPIREBAK"
-		cp "${REXKEY}.pub" "$PUBEXPIREBAK"
-		local SECUNEXPIRED="${REXKEY}.sec.unexpired"
-		local PUBUNEXPIRED="${REXKEY}.pub.unexpired"
-		if [ -f "$SECUNEXPIRED" ] && [ -f "$PUBUNEXPIRED" ]; then
-			cp "$SECUNEXPIRED" "${REXKEY}.sec"
-			cp "$PUBUNEXPIRED" "${REXKEY}.pub"
-		else
-			if ! printf "expire\n1w\nsave\n" | $GPG --default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then
-				cat setexpire.gpg
-				exit 1
+	local SIGUSERS=""
+	while [ -n "${SIGNERS%%,*}" ]; do
+		local SIGNER="${SIGNERS%%,*}"
+		if [ "${SIGNERS}" = "${SIGNER}" ]; then
+			SIGNERS=""
+		fi
+		SIGNERS="${SIGNERS#*,}"
+		# FIXME: This should be the full name, but we can't encode the space properly currently
+		SIGUSERS="${SIGUSERS} -u ${SIGNER#* }"
+		if [ "${SIGNER}" = 'Rex Expired' ]; then
+			# the key is expired, so gpg doesn't allow to sign with and the --faked-system-time
+			# option doesn't exist anymore (and using faketime would add a new obscure dependency)
+			# therefore we 'temporary' make the key not expired and restore a backup after signing
+			cp "${REXKEY}.sec" "$SECEXPIREBAK"
+			cp "${REXKEY}.pub" "$PUBEXPIREBAK"
+			local SECUNEXPIRED="${REXKEY}.sec.unexpired"
+			local PUBUNEXPIRED="${REXKEY}.pub.unexpired"
+			if [ -f "$SECUNEXPIRED" ] && [ -f "$PUBUNEXPIRED" ]; then
+				cp "$SECUNEXPIRED" "${REXKEY}.sec"
+				cp "$PUBUNEXPIRED" "${REXKEY}.pub"
+			else
+				if ! printf "expire\n1w\nsave\n" | aptkey --quiet --keyring "${REXKEY}.pub" --secret-keyring "${REXKEY}.sec" \
+					--readonly adv --batch --yes --digest-algo "${APT_TESTS_DIGEST_ALGO:-SHA512}" \
+					--default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then
+					cat setexpire.gpg
+					exit 1
+				fi
+				cp "${REXKEY}.sec" "$SECUNEXPIRED"
+				cp "${REXKEY}.pub" "$PUBUNEXPIRED"
 			fi
-			cp "${REXKEY}.sec" "$SECUNEXPIRED"
-			cp "${REXKEY}.pub" "$PUBUNEXPIRED"
 		fi
+		if [ ! -e "${KEY}.pub" ]; then
+			local K="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | tr -d ' ,')"
+			cat "${K}.pub" >> "${KEY}.new.pub"
+			cat "${K}.sec" >> "${KEY}.new.sec"
+		fi
+	done
+	if [ ! -e "${KEY}.pub" ]; then
+		mv "${KEY}.new.pub" "${KEY}.pub"
+		mv "${KEY}.new.sec" "${KEY}.sec"
 	fi
+	local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo ${APT_TESTS_DIGEST_ALGO:-SHA512}"
 	for RELEASE in $(find "${REPODIR}/" -name Release); do
-		$GPG --default-key "$SIGNER" --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
-		local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')"
-		$GPG --default-key "$SIGNER" --clearsign --output "$INRELEASE" "$RELEASE"
 		# we might have set a specific date for the Release file, so copy it
-		touch -d "$(stat --format "%y" ${RELEASE})" "${RELEASE}.gpg" "${INRELEASE}"
+		local DATE="$(stat --format "%y" "${RELEASE}")"
+		if [ "$APT_DONT_SIGN" = 'Release.gpg' ]; then
+			rm -f "${RELEASE}.gpg"
+		else
+			testsuccess $GPG "$@" $SIGUSERS --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
+			touch -d "$DATE" "${RELEASE}.gpg"
+		fi
+		local INRELEASE="${RELEASE%/*}/InRelease"
+		if [ "$APT_DONT_SIGN" = 'InRelease' ]; then
+			rm -f "$INRELEASE"
+		else
+			testsuccess $GPG "$@" $SIGUSERS --clearsign --output "$INRELEASE" "$RELEASE"
+			touch -d "$DATE" "${INRELEASE}"
+		fi
 	done
 	if [ -f "$SECEXPIREBAK" ] && [ -f "$PUBEXPIREBAK" ]; then
 		mv -f "$SECEXPIREBAK" "${REXKEY}.sec"
@@ -1107,7 +1228,7 @@ signreleasefiles() {
 }
 
 redatereleasefiles() {
-	local DATE="$(date -d "$1" '+%a, %d %b %Y %H:%M:%S %Z')"
+	local DATE="$(date -u -d "$1" -R)"
 	for release in $(find aptarchive/ -name 'Release'); do
 		sed -i "s/^Date: .*$/Date: ${DATE}/" "$release"
 		touch -d "$DATE" "$release"
@@ -1149,8 +1270,8 @@ rewritesourceslist() {
 	local APTARCHIVE2="copy://$(readlink -f "${TMPWORKINGDIRECTORY}/aptarchive" | sed 's# #%20#g')"
 	for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do
 		sed -i $LIST -e "s#$APTARCHIVE#${1}#" -e "s#$APTARCHIVE2#${1}#" \
-			-e "s#http://localhost:${APTHTTPPORT}/#${1}#" \
-			-e "s#https://localhost:${APTHTTPSPORT}/#${1}#"
+			-e "s#http://[^@]*@\?localhost:${APTHTTPPORT}/\?#${1}#" \
+			-e "s#https://[^@]*@\?localhost:${APTHTTPSPORT}/\?#${1}#"
 	done
 }
 
@@ -1175,11 +1296,11 @@ changetowebserver() {
 	else
 		shift
 	fi
-	if test -x "${APTWEBSERVERBINDIR}/aptwebserver"; then
+	if test -x "${APTTESTHELPERSBINDIR}/aptwebserver"; then
 		cd aptarchive
 		local LOG="webserver.log"
 		if ! aptwebserver --port 0 -o aptwebserver::fork=1 -o aptwebserver::portfile='aptwebserver.port' "$@" >$LOG 2>&1 ; then
-			cat $LOG
+			cat "$LOG"
 			false
 		fi
 		waitforpidfile aptwebserver.pid
@@ -1195,7 +1316,7 @@ changetowebserver() {
 		fi
 		cd - > /dev/null
 	else
-		msgdie 'You have to build aptwerbserver or install a webserver'
+		msgdie 'You have to build apt from source to have test/interactive-helper/aptwebserver available for tests requiring a webserver'
 	fi
 	if [ "$REWRTE" != 'yes' ]; then
 		rewritesourceslist "http://localhost:${APTHTTPPORT}/"
@@ -1203,7 +1324,12 @@ changetowebserver() {
 }
 
 changetohttpswebserver() {
-	if ! which stunnel4 >/dev/null; then
+	local stunnel4
+	if command -v stunnel4 >/dev/null 2>&1; then
+		stunnel4=stunnel4
+	elif command -v stunnel >/dev/null 2>&1; then
+		stunnel4=stunnel
+	else
 		msgdie 'You need to install stunnel4 for https testcases'
 	fi
 	if [ ! -e "${TMPWORKINGDIRECTORY}/aptarchive/aptwebserver.pid" ]; then
@@ -1217,14 +1343,14 @@ output = /dev/null
 accept = 0
 connect = $APTHTTPPORT
 " > "${TMPWORKINGDIRECTORY}/stunnel.conf"
-	stunnel4 "${TMPWORKINGDIRECTORY}/stunnel.conf"
+	$stunnel4 "${TMPWORKINGDIRECTORY}/stunnel.conf"
         waitforpidfile "${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid"
 	local PID="$(cat "${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid")"
         if [ -z "$PID" ]; then
-		msgdie 'Could not fork stunnel4 successfully'
+		msgdie 'Could not fork $stunnel4 successfully'
 	fi
 	addtrap 'prefix' "kill ${PID};"
-	APTHTTPSPORT="$(lsof -i | awk "/^stunnel4 / && \$2 == \"${PID}\" {print \$9; exit; }" | cut -d':' -f 2)"
+	APTHTTPSPORT="$(lsof -i -n | awk "/^$stunnel4 / && \$2 == \"${PID}\" {print \$9; exit; }" | cut -d':' -f 2)"
 	webserverconfig 'aptwebserver::port::https' "$APTHTTPSPORT" "https://localhost:${APTHTTPSPORT}"
 	rewritesourceslist "https://localhost:${APTHTTPSPORT}/"
 }
@@ -1249,7 +1375,7 @@ EOF
 	# start with an unmounted disk
 	mv "${CD}" "${CD}-unmounted"
 	# we don't want the disk to be modifiable
-	addtrap 'prefix' "chmod -f -R +w \"$PWD/rootdir/media/cdrom/dists/\" \"$PWD/rootdir/media/cdrom-unmounted/dists/\" || true;"
+	addtrap 'prefix' "chmod -f -R +w '$(escape_shell "$PWD/rootdir/media/cdrom/dists/")' '$(escape_shell "$PWD/rootdir/media/cdrom-unmounted/dists/")' || true;"
 	chmod -R 555 rootdir/media/cdrom-unmounted/dists
 }
 
@@ -1268,7 +1394,20 @@ downloadfile() {
 }
 
 checkdiff() {
-	local DIFFTEXT="$(command diff -u "$@" 2>&1 | sed -e '/^---/ d' -e '/^+++/ d' -e '/^@@/ d')"
+	local TMPFILE1="${TMPWORKINGDIRECTORY}/rootdir/tmp/checkdiff.1.tmp"
+	local TMPFILE2="${TMPWORKINGDIRECTORY}/rootdir/tmp/checkdiff.2.tmp"
+	touch "$TMPFILE1" "$TMPFILE2"
+	if [ "$1" != '-' ]; then
+		sed -e '/^profiling:/ d' < "$1" >"$TMPFILE1"
+	else
+		TMPFILE1='-'
+	fi
+	if [ "$2" != '-' ]; then
+		sed -e '/^profiling:/ d' < "$2" >"$TMPFILE2"
+	else
+		TMPFILE2='-'
+	fi
+	local DIFFTEXT="$(command diff -u "$TMPFILE1" "$TMPFILE2" 2>&1 | sed -e '/^---/ d' -e '/^+++/ d' -e '/^@@/ d')"
 	if [ -n "$DIFFTEXT" ]; then
 		echo >&2
 		echo >&2 "$DIFFTEXT"
@@ -1314,9 +1453,13 @@ testfileequal() {
 
 testempty() {
 	msggroup 'testempty'
-	msgtest "Test for no output of" "$*"
+	if [ "$1" = '--nomsg' ]; then
+		shift
+	else
+		msgtest "Test for no output of" "$*"
+	fi
 	local COMPAREFILE="${TMPWORKINGDIRECTORY}/rootdir/tmp/testempty.comparefile"
-	if ("$@" >"$COMPAREFILE" 2>&1 || true) && test ! -s "$COMPAREFILE"; then
+	if "$@" >"$COMPAREFILE" 2>&1 && test ! -s "$COMPAREFILE"; then
 		msgpass
 	else
 		msgfailoutput '' "$COMPAREFILE" "$@"
@@ -1418,6 +1561,19 @@ testnopackage() {
 	fi
 	msggroup
 }
+testnosrcpackage() {
+	msggroup 'testnosrcpackage'
+	msgtest "Test for non-existent source packages" "apt-cache showsrc $*"
+	local SHOWPKG="$(aptcache showsrc "$@" 2>&1 | grep '^Package: ')"
+	if [ -n "$SHOWPKG" ]; then
+		local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testnosrcpackage.output"
+		echo "$SHOWPKG" >"$OUTPUT"
+		msgfailoutput '' "$OUTPUT"
+	else
+		msgpass
+	fi
+	msggroup
+}
 
 testdpkgstatus() {
 	msggroup 'testdpkgstatus'
@@ -1476,17 +1632,26 @@ testmarkedmanual() {
 	msggroup
 }
 
+catfile() {
+	if [ "${1##*.}" = 'deb' ]; then
+		stat >&2 "$1" || true
+		file >&2 "$1" || true
+	else
+		cat >&2 "$1" || true
+	fi
+}
 msgfailoutput() {
 	msgreportheader 'msgfailoutput'
 	local MSG="$1"
 	local OUTPUT="$2"
 	shift 2
-	if [ "$1" = 'grep' ]; then
+	local CMD="$1"
+	if [ "$1" = 'grep' -o "$1" = 'tail' -o "$1" = 'head' ]; then
 		echo >&2
 		while [ -n "$2" ]; do shift; done
 		echo "#### Complete file: $1 ####"
-		cat >&2 "$1" || true
-		echo '#### grep output ####'
+		catfile "$1"
+		echo "#### $CMD output ####"
 	elif [ "$1" = 'test' ]; then
 		echo >&2
 		# doesn't support ! or non-file flags
@@ -1495,9 +1660,12 @@ msgfailoutput() {
 			if expr match "$1" "$FILEFLAGS" >/dev/null; then
 				echo "#### stat(2) of file: $2 ####"
 				stat "$2" || true
-				if test -e "$2"; then
+				if test -d "$2"; then
+					echo "#### The directory contains: $2 ####"
+					ls >&2 "$2" || true
+				elif test -e "$2"; then
 					echo "#### Complete file: $2 ####"
-					cat >&2 "$2" || true
+					catfile "$2"
 				fi
 			fi
 		}
@@ -1507,8 +1675,16 @@ msgfailoutput() {
 			msgfailoutputstatfile "$2" "$3"
 		done
 		echo '#### test output ####'
+	elif [ "$1" = 'cmp' ]; then
+		echo >&2
+		while [ -n "$2" ]; do
+			echo "#### Complete file: $2 ####"
+			catfile "$2"
+			shift
+		done
+		echo '#### cmp output ####'
 	fi
-	cat >&2 "$OUTPUT"
+	catfile "$OUTPUT"
 	msgfail "$MSG"
 }
 
@@ -1607,8 +1783,9 @@ testfailure() {
 		local EXITCODE=$?
 		if expr match "$1" '^apt.*' >/dev/null; then
 			if [ "$1" = 'aptkey' ]; then
-				if grep -q -E " Can't check signature: " "$OUTPUT" || \
-					grep -q -E " BAD signature from " "$OUTPUT"; then
+				if grep -q " Can't check signature: 
+ BAD signature from 
+ signature could not be verified" "$OUTPUT"; then
 					msgpass
 				else
 					msgfailoutput "run failed with exitcode ${EXITCODE}, but no signature error" "$OUTPUT" "$@"
@@ -1746,12 +1923,37 @@ testwebserverlaststatuscode() {
 	msggroup
 }
 
+mapkeynametokeyid() {
+	while [ -n "$1" ]; do
+		case "$1" in
+			*Joe*|*Sixpack*|newarchive) echo '5A90D141DBAC8DAE';;
+			*Rex*|*Expired*) echo '4BC0A39C27CE74F9';;
+			*Marvin*|*Paranoid*) echo 'E8525D47528144E2';;
+			oldarchive) echo 'FDD2DB85F68C85A3';;
+			*) echo 'UNKNOWN KEY';;
+		esac
+		shift
+	done
+}
+testaptkeys() {
+	local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/aptkeylist.output"
+	if ! aptkey list --with-colon | grep '^pub' | cut -d':' -f 5 > "$OUTPUT"; then
+		echo -n > "$OUTPUT"
+	fi
+	testfileequal "$OUTPUT" "$(mapkeynametokeyid "$@")"
+}
+
 pause() {
 	echo "STOPPED execution. Press enter to continue"
 	local IGNORE
 	read IGNORE
 }
 
+logcurrentarchivedirectory() {
+	find "${TMPWORKINGDIRECTORY}/aptarchive/dists" -type f | while read line; do
+		stat --format '%U:%G:%a:%n' "$line"
+	done | sort > "${TMPWORKINGDIRECTORY}/rootdir/var/log/aptgetupdate.before.lst"
+}
 listcurrentlistsdirectory() {
 	{
 		find rootdir/var/lib/apt/lists -maxdepth 1 -type d | while read line; do
@@ -1762,6 +1964,13 @@ listcurrentlistsdirectory() {
 		done
 	} | sort
 }
+forallsupportedcompressors() {
+	rm -f "${TMPWORKINGDIRECTORY}/rootdir/etc/apt/apt.conf.d/00force-compressor"
+	for COMP in $(aptconfig dump 'APT::Compressor' --format '%f%n' | cut -d':' -f 5 | uniq); do
+		if [ -z "$COMP" -o "$COMP" = '.' ]; then continue; fi
+		"$@" "$COMP"
+	done
+}
 
 ### convenience hacks ###
 mkdir() {
@@ -1774,7 +1983,7 @@ mkdir() {
 		command mkdir -m 700 -p "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists/partial"
 		touch "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists/lock"
 		if [ "$(id -u)" = '0' ]; then
-			chown _apt:root "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists/partial"
+			chown _apt:$(id -gn) "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists/partial"
 		fi
 	else
 		command mkdir "$@"
@@ -1785,12 +1994,20 @@ mkdir() {
 ### general things about commands executed without writing the test every time.
 
 aptautotest() {
+	if [ $# -lt 3 ]; then return; fi
 	local TESTCALL="$1"
 	local CMD="$2"
 	local FIRSTOPT="$3"
-	local AUTOTEST="aptautotest_$(echo "${CMD##*/}_${FIRSTOPT}" | tr -d '-')"
+	shift 2
+	for i in "$@"; do
+		if ! expr match "$i" '^-' >/dev/null 2>&1; then
+			FIRSTOPT="$i"
+			break
+		fi
+	done
+	shift
+	local AUTOTEST="aptautotest_$(echo "${CMD##*/}_${FIRSTOPT}" | tr -d -c 'A-za-z0-9')"
 	if command -v $AUTOTEST >/dev/null; then
-		shift 3
 		# save and restore the *.output files from other tests
 		# as we might otherwise override them in these automatic tests
 		rm -rf "${TMPWORKINGDIRECTORY}/rootdir/tmp-before"
@@ -1823,6 +2040,10 @@ aptautotest_aptget_update() {
 		# failure cases can retain partial files and such
 		testempty find "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists/partial" -mindepth 1 ! \( -name 'lock' -o -name '*.FAILED' \)
 	fi
+	if [ -s "${TMPWORKINGDIRECTORY}/rootdir/var/log/aptgetupdate.before.lst" ]; then
+		testfileequal "${TMPWORKINGDIRECTORY}/rootdir/var/log/aptgetupdate.before.lst" \
+			"$(find "${TMPWORKINGDIRECTORY}/aptarchive/dists" -type f | while read line; do stat --format '%U:%G:%a:%n' "$line"; done | sort)"
+	fi
 }
 aptautotest_apt_update() { aptautotest_aptget_update "$@"; }
 aptautotest_aptcdrom_add() { aptautotest_aptget_update "$@"; }
@@ -1834,7 +2055,7 @@ testaptautotestnodpkgwarning() {
 		if expr match "$2" '^-dy\?' >/dev/null 2>&1; then return; fi # download-only mode
 		shift
 	done
-	testfailure grep '^dpkg: warning:.*ignor.*' "${TMPWORKINGDIRECTORY}/rootdir/tmp-before/${TESTCALL}.output"
+	testfailure grep '^dpkg: warning:.*\(ignor\|unknown\).*' "${TMPWORKINGDIRECTORY}/rootdir/tmp-before/${TESTCALL}.output"
 }
 
 aptautotest_aptget_install() { testaptautotestnodpkgwarning "$@"; }
@@ -1843,3 +2064,11 @@ aptautotest_aptget_purge() { testaptautotestnodpkgwarning "$@"; }
 aptautotest_apt_install() { testaptautotestnodpkgwarning "$@"; }
 aptautotest_apt_remove() { testaptautotestnodpkgwarning "$@"; }
 aptautotest_apt_purge() { testaptautotestnodpkgwarning "$@"; }
+
+testaptmarknodefaultsections() {
+	testfailure grep '^Auto-Installed: 0$' "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/extended_states"
+}
+aptautotest_aptmark_auto() { testaptmarknodefaultsections "$@"; }
+aptautotest_aptmark_manual() { testaptmarknodefaultsections "$@"; }
+aptautotest_aptget_markauto() { testaptmarknodefaultsections "$@"; }
+aptautotest_aptget_markmanual() { testaptmarknodefaultsections "$@"; }