diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 06:14:41 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 06:14:41 +0000 |
commit | 549a391d6438e828001eeeaf235b080c054a7bf3 (patch) | |
tree | 1bb6b1ea5987fa167a1d13abe82209cc882dd94b /test/integration/test-sourceslist-trusted-options | |
parent | Initial commit. (diff) | |
download | apt-549a391d6438e828001eeeaf235b080c054a7bf3.tar.xz apt-549a391d6438e828001eeeaf235b080c054a7bf3.zip |
Adding upstream version 2.2.4.upstream/2.2.4upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'test/integration/test-sourceslist-trusted-options')
-rwxr-xr-x | test/integration/test-sourceslist-trusted-options | 218 |
1 files changed, 218 insertions, 0 deletions
diff --git a/test/integration/test-sourceslist-trusted-options b/test/integration/test-sourceslist-trusted-options new file mode 100755 index 0000000..1eee3b0 --- /dev/null +++ b/test/integration/test-sourceslist-trusted-options @@ -0,0 +1,218 @@ +#!/bin/sh +set -e + +TESTDIR="$(readlink -f "$(dirname "$0")")" +. "$TESTDIR/framework" + +setupenvironment +configarchitecture 'amd64' + +buildsimplenativepackage 'foo' 'amd64' '1' 'stable' +buildsimplenativepackage 'foo' 'amd64' '2' 'testing' + +setupaptarchive --no-update + +APTARCHIVE=$(readlink -f ./aptarchive) + +everythingsucceeds() { + testsuccessequal 'Listing... +foo/testing 2 amd64 +foo/stable 1 amd64 +' apt list foo -a + + cd downloaded + rm -f foo_1_amd64.deb foo_2_amd64.deb + testsuccess aptget download foo "$@" + testsuccess test -s foo_1_amd64.deb -o -s foo_2_amd64.deb + + rm -f foo_1.dsc foo_2.dsc + testsuccess aptget source foo --dsc-only "$@" + testsuccess test -s foo_1.dsc -o -s foo_2.dsc + cd - >/dev/null +} + +everythingfails() { + testsuccessequal 'Listing... +foo/testing 2 amd64 +foo/stable 1 amd64 +' apt list foo -a + + local WARNING='WARNING: The following packages cannot be authenticated! + foo +E: Some packages could not be authenticated' + + cd downloaded + rm -f foo_1_amd64.deb foo_2_amd64.deb + testfailure aptget download foo "$@" + testequal "$WARNING" tail -n 3 ../rootdir/tmp/testfailure.output + testfailure test -s foo_1_amd64.deb -o -s foo_2_amd64.deb + + rm -f foo_1.dsc foo_2.dsc + testfailure aptget source foo --dsc-only "$@" + testequal "$WARNING" tail -n 3 ../rootdir/tmp/testfailure.output + testfailure test -s foo_1.dsc -o -s foo_2.dsc + cd - >/dev/null +} + +cp -a rootdir/etc/apt/sources.list.d/ rootdir/etc/apt/sources.list.d.bak/ +echo 'Debug::Acquire::Transaction "true"; +Debug::pkgAcquire::Worker "true";' > rootdir/etc/apt/apt.conf.d/00debugging + +aptgetupdate() { + rm -rf rootdir/var/lib/apt/lists + # note that insecure with trusted=yes are allowed + # as the trusted=yes indicates that security is provided by + # something above the understanding of apt + ${1:-testsuccess} aptget update --no-allow-insecure-repositories +} + +insecureaptgetupdate() { + rm -rf rootdir/var/lib/apt/lists + testfailure aptget update --no-allow-insecure-repositories + rm -rf rootdir/var/lib/apt/lists + testwarning aptget update --allow-insecure-repositories +} + +msgmsg 'Test without trusted option and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +aptgetupdate +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=yes option and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/* +aptgetupdate +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=no option and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/* +# we want the warnings on the actions, but for 'update' everything is fine +aptgetupdate +everythingfails +everythingfails -t stable +everythingfails -t testing + +find aptarchive/dists/stable \( -name 'InRelease' -o -name 'Release.gpg' \) -delete + +msgmsg 'Test without trusted option and good and unsigned sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +insecureaptgetupdate +everythingsucceeds +everythingfails -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=yes option and good and unsigned sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/* +aptgetupdate +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=no option and good and unsigned sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/* +insecureaptgetupdate +everythingfails +everythingfails -t stable +everythingfails -t testing + +signreleasefiles 'Marvin Paranoid' 'aptarchive/dists/stable' + +msgmsg 'Test without trusted option and good and unknown sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +insecureaptgetupdate +everythingsucceeds +everythingfails -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=yes option and good and unknown sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/* +aptgetupdate 'testwarning' +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=no option and good and unknown sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/* +insecureaptgetupdate +everythingfails +everythingfails -t stable +everythingfails -t testing + +signreleasefiles 'Rex Expired' 'aptarchive/dists/stable' +cp -a keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg + +msgmsg 'Test without trusted option and good and expired sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +insecureaptgetupdate +everythingsucceeds +everythingfails -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=yes option and good and expired sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/* +aptgetupdate 'testwarning' +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=no option and good and expired sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/* +insecureaptgetupdate +everythingfails +everythingfails -t stable +everythingfails -t testing + +# same as the one further above, but this time testing is unsigned +find aptarchive/ \( -name 'InRelease' -o -name 'Release.gpg' \) -delete +signreleasefiles 'Joe Sixpack' 'aptarchive/dists/stable' + +msgmsg 'Test without trusted option and unsigned and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +insecureaptgetupdate +everythingfails +everythingsucceeds -t stable +everythingfails -t testing + +msgmsg 'Test with trusted=yes option and unsigned and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/* +aptgetupdate +everythingsucceeds +everythingsucceeds -t stable +everythingsucceeds -t testing + +msgmsg 'Test with trusted=no option and unsigned and good sources' +cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/ +sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/* +insecureaptgetupdate +everythingfails +everythingfails -t stable +everythingfails -t testing + +msgmsg 'Test conflicting trusted options are refused' +testsource() { + echo "$@" > rootdir/etc/apt/sources.list.d/example.list + testfailuremsg 'E: Conflicting values set for option Trusted regarding source http://example.org/bad/ unstable +E: The list of sources could not be read.' aptget update --print-uris +} +for VAL in 'yes' 'no'; do + testsource "deb http://example.org/bad unstable main +deb [trusted=${VAL}] http://example.org/bad unstable non-free" + testsource "deb [trusted=${VAL}] http://example.org/bad unstable main +deb http://example.org/bad unstable non-free" +done +testsource 'deb [trusted=yes] http://example.org/bad unstable main +deb [trusted=no] http://example.org/bad unstable non-free' +testsource 'deb [trusted=no] http://example.org/bad unstable main +deb [trusted=yes] http://example.org/bad unstable non-free' |