summaryrefslogtreecommitdiffstats
path: root/test/integration/test-hashsum-verification
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 06:14:41 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 06:14:41 +0000
commit549a391d6438e828001eeeaf235b080c054a7bf3 (patch)
tree1bb6b1ea5987fa167a1d13abe82209cc882dd94b /test/integration/test-hashsum-verification
parentInitial commit. (diff)
downloadapt-upstream.tar.xz
apt-upstream.zip
Adding upstream version 2.2.4.upstream/2.2.4upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rwxr-xr-xtest/integration/test-hashsum-verification82
1 files changed, 82 insertions, 0 deletions
diff --git a/test/integration/test-hashsum-verification b/test/integration/test-hashsum-verification
new file mode 100755
index 0000000..4060dfb
--- /dev/null
+++ b/test/integration/test-hashsum-verification
@@ -0,0 +1,82 @@
+#!/bin/sh
+set -e
+
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
+
+setupenvironment
+configarchitecture "i386"
+
+buildaptarchive
+setupflataptarchive
+changetowebserver
+
+prepare() {
+ local DATE="${2:-now}"
+ if [ "$DATE" = 'now' -a "$1" = "${PKGFILE}-new" ]; then
+ DATE='now + 6 days'
+ fi
+ for release in $(find rootdir/var/lib/apt/lists 2> /dev/null); do
+ touch -d 'now - 6 hours' "$release"
+ done
+ cp "$1" aptarchive/Packages
+ find aptarchive -name 'Release' -delete
+ compressfile aptarchive/Packages
+ # create Release file with incorrect checksums
+ cat > aptarchive/Release <<EOF
+Date: Fri, 05 Aug 2011 09:22:08 UTC
+MD5Sum:
+ x15c483ac486f5dbe95095c7ec08626f 760 Packages
+ x0579797df4792164a17305fb0b317e9 546 Packages.bz2
+ xc532a82873d2206b4e4503e92d167bd 489 Packages.gz
+ x4d1d25661377dd4bb95a1736e2624d3 527 Packages.lzma
+ xf1cc221194edbaa943d2375d6f44a88 572 Packages.xz
+SHA1:
+ x0d3317839cf68cd40c28f0bddca8d2ce5a29cad 760 Packages
+ xffddf046ad8dfd8338a355d76fb08d143c8b636 546 Packages.bz2
+ xa27a3df51ca4474b880a6594c4811957079b613 489 Packages.gz
+ x9d7bba4e6fa927a34dcd797694c2893c21f1004 527 Packages.lzma
+ x7d988fe59cf67298828e5299a15d329c0f00f1b 572 Packages.xz
+SHA256:
+ x5a47d72f6b97bfa164b23326b6ad3cb019b5c6cc73769f8c0187616933d1b2b 760 Packages
+ x617252f5bfe3e9126352c7c2f8122d9c3b2c5e1a6c8a9616d62adc0ed164172 546 Packages.bz2
+ xc6abc6fe9a4fcf0758ec5366dfd19bcba90af026a7017c3f6198c59eccd8ef5 489 Packages.gz
+ xb306e66e5e6a7169c8d281a888539d1fdca9cecc99ae605717df579d5b9c166 527 Packages.lzma
+ x9585d0e66b74c9385727fbea11fea9ab33c716b18a32f3036f037a2b9b57120 572 Packages.xz
+EOF
+}
+
+PKGFILE="${TESTDIR}/$(echo "$(basename $0)" | sed 's#^test-#Packages-#')"
+
+runtest() {
+ prepare "${PKGFILE}"
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Joe Sixpack'
+
+ # test signed release file
+ msgtest 'apt-get update gets the expected hashsum mismatch'
+ testfailure aptget update
+ testsuccess grep "Hash Sum mismatch" rootdir/tmp/testfailure.output
+ msgtest 'No package from the source available'
+ testfailureequal --nomsg 'N: Unable to locate package apt
+E: No packages found' aptcache show apt
+ msgtest 'No Packages file in /var/lib/apt/lists'
+ testempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*Package*'
+
+ # now with the unsigned Release file
+ rm -rf rootdir/var/lib/apt/lists
+ rm -f aptarchive/InRelease aptarchive/Release.gpg
+ msgtest 'unsigned apt-get update gets the expected hashsum mismatch'
+ testfailure --nomsg aptget update --allow-insecure-repositories
+ testsuccess grep "Hash Sum mismatch" rootdir/tmp/testfailure.output
+}
+
+for COMPRESSEDINDEXES in 'false' 'true'; do
+ echo "Acquire::GzipIndexes \"$COMPRESSEDINDEXES\";" > rootdir/etc/apt/apt.conf.d/compressindexes
+ if $COMPRESSEDINDEXES; then
+ msgmsg 'Run tests with GzipIndexes enabled'
+ else
+ msgmsg 'Run tests with GzipIndexes disabled'
+ fi
+ runtest
+done