fi
fi
for RELEASE in $(find "${REPODIR}/" -name Release); do
- $GPG --default-key "$SIGNER" --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
+ testsuccess $GPG --default-key "$SIGNER" --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')"
- $GPG --default-key "$SIGNER" --clearsign --output "$INRELEASE" "$RELEASE"
+ testsuccess $GPG --default-key "$SIGNER" --clearsign --output "$INRELEASE" "$RELEASE"
# we might have set a specific date for the Release file, so copy it
touch -d "$(stat --format "%y" ${RELEASE})" "${RELEASE}.gpg" "${INRELEASE}"
done
msggroup
}
+createlistofkeys() {
+ local OUTPUT="$1"
+ shift
+ while [ -n "$1" ]; do
+ # gpg 2.1 has a slightly different output format
+ if grep -q ' rsa2048/' "$OUTPUT"; then
+ case "$1" in
+ *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18';;
+ *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
+ *Marvin*|*Paranoid*) echo 'pub rsa2048/528144E2 2011-01-16';;
+ oldarchive) echo 'pub rsa1024/F68C85A3 2013-12-19';;
+ newarchive) echo 'pub rsa2048/DBAC8DAE 2010-08-18';;
+ *) echo 'UNKNOWN KEY';;
+ esac
+ else
+ case "$1" in
+ *Joe*|*Sixpack*) echo 'pub 2048R/DBAC8DAE 2010-08-18';;
+ *Rex*|*Expired*) echo 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
+ *Marvin*|*Paranoid*) echo 'pub 2048R/528144E2 2011-01-16';;
+ oldarchive) echo 'pub 1024R/F68C85A3 2013-12-19';;
+ newarchive) echo 'pub 2048R/DBAC8DAE 2010-08-18';;
+ *) echo 'UNKNOWN KEY';;
+ esac
+ fi
+ shift
+ done
+}
+testaptkeys() {
+ local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/aptkeylist.output"
+ if ! aptkey list | grep '^pub' > "$OUTPUT"; then
+ echo -n > "$OUTPUT"
+ fi
+ testfileequal "$OUTPUT" "$(createlistofkeys "$OUTPUT" "$@")"
+}
+
pause() {
echo "STOPPED execution. Press enter to continue"
local IGNORE
mkdir rootdir/etc/apt/trusted.gpg.d/
}
-createlistofkeys() {
- while [ -n "$1" ]; do
- # gpg 2.1 has a slightly different output format
- if grep -q ' rsa2048/' aptkey.list; then
- case "$1" in
- *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18';;
- *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
- *Marvin*|*Paranoid*) echo 'pub rsa2048/528144E2 2011-01-16';;
- *) echo 'UNKNOWN KEY';;
- esac
- else
- case "$1" in
- *Joe*|*Sixpack*) echo 'pub 2048R/DBAC8DAE 2010-08-18';;
- *Rex*|*Expired*) echo 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
- *Marvin*|*Paranoid*) echo 'pub 2048R/528144E2 2011-01-16';;
- *) echo 'UNKNOWN KEY';;
- esac
- fi
- shift
- done
-}
-
-testaptkeys() {
- if ! aptkey list | grep '^pub' > aptkey.list; then
- echo -n > aptkey.list
- fi
- testfileequal './aptkey.list' "$(createlistofkeys "$@")"
-}
-
echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub";
APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf
install -m0644 keys/test-master-keyring.pub usr/share/keyrings
echo "APT::Key::MasterKeyring \"${TMPWORKINGDIRECTORY}/usr/share/keyrings/test-master-keyring.pub\";" >> ./aptconfig.conf
-# setup archive-keyring
+# setup archive-keyring
mkdir -p aptarchive/ubuntu/project
install -m0644 keys/test-archive-keyring.pub aptarchive/ubuntu/project/
echo "APT::Key::ArchiveKeyringURI \"http://localhost:${APTHTTPPORT}/ubuntu/project/test-archive-keyring.pub\";" >> ./aptconfig.conf
echo 'APT::Key::Net-Update-Enabled "1";' >> ./aptconfig.conf
# test against the "real" webserver
-testsuccessequal 'Checking for new archive signing keys now
+testsuccess aptkey --fakeroot net-update
+testequalor2 'Checking for new archive signing keys now
gpg: key F68C85A3: public key "Test Automatic Archive Signing Key <ftpmaster@example.com>" imported
gpg: Total number processed: 1
-gpg: imported: 1 (RSA: 1)' aptkey --fakeroot net-update
+gpg: imported: 1 (RSA: 1)' 'Checking for new archive signing keys now
+gpg: key F68C85A3: public key "Test Automatic Archive Signing Key <ftpmaster@example.com>" imported
+gpg: Total number processed: 1
+gpg: imported: 1' cat rootdir/tmp/testsuccess.output
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 1024R/F68C85A3 2013-12-19
-pub 2048R/DBAC8DAE 2010-08-18'
+testaptkeys 'oldarchive' 'newarchive'
# now try a different one
-# setup archive-keyring
+# setup archive-keyring
mkdir -p aptarchive/ubuntu/project
install -m0644 keys/marvinparanoid.pub aptarchive/ubuntu/project/
echo "APT::Key::ArchiveKeyringURI \"http://localhost:${APTHTTPPORT}/ubuntu/project/marvinparanoid.pub\";" >> ./aptconfig.conf
testsuccessequal "Checking for new archive signing keys now
Key 'DE66AECA9151AFA1877EC31DE8525D47528144E2' not added. It is not signed with a master key" aptkey --fakeroot net-update
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 1024R/F68C85A3 2013-12-19
-pub 2048R/DBAC8DAE 2010-08-18'
+testaptkeys 'oldarchive' 'newarchive'
for i in $(seq 1 50); do
touch rootdir/etc/apt/trusted.gpg.d/emptykey-${i}.gpg
done
-
-aptkey list | grep '^pub' > aptkey.list
-testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18'
+testaptkeys 'Joe Sixpack'
testsuccess aptget update
msgtest 'Test for no gpg errors/warnings in' 'apt-get update'
projects / apt.git / commitdiff
