summaryrefslogtreecommitdiffstats
path: root/test/integration/test-sourceslist-trusted-options
diff options
context:
space:
mode:
Diffstat (limited to 'test/integration/test-sourceslist-trusted-options')
-rwxr-xr-xtest/integration/test-sourceslist-trusted-options218
1 files changed, 218 insertions, 0 deletions
diff --git a/test/integration/test-sourceslist-trusted-options b/test/integration/test-sourceslist-trusted-options
new file mode 100755
index 0000000..1eee3b0
--- /dev/null
+++ b/test/integration/test-sourceslist-trusted-options
@@ -0,0 +1,218 @@
+#!/bin/sh
+set -e
+
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
+
+setupenvironment
+configarchitecture 'amd64'
+
+buildsimplenativepackage 'foo' 'amd64' '1' 'stable'
+buildsimplenativepackage 'foo' 'amd64' '2' 'testing'
+
+setupaptarchive --no-update
+
+APTARCHIVE=$(readlink -f ./aptarchive)
+
+everythingsucceeds() {
+ testsuccessequal 'Listing...
+foo/testing 2 amd64
+foo/stable 1 amd64
+' apt list foo -a
+
+ cd downloaded
+ rm -f foo_1_amd64.deb foo_2_amd64.deb
+ testsuccess aptget download foo "$@"
+ testsuccess test -s foo_1_amd64.deb -o -s foo_2_amd64.deb
+
+ rm -f foo_1.dsc foo_2.dsc
+ testsuccess aptget source foo --dsc-only "$@"
+ testsuccess test -s foo_1.dsc -o -s foo_2.dsc
+ cd - >/dev/null
+}
+
+everythingfails() {
+ testsuccessequal 'Listing...
+foo/testing 2 amd64
+foo/stable 1 amd64
+' apt list foo -a
+
+ local WARNING='WARNING: The following packages cannot be authenticated!
+ foo
+E: Some packages could not be authenticated'
+
+ cd downloaded
+ rm -f foo_1_amd64.deb foo_2_amd64.deb
+ testfailure aptget download foo "$@"
+ testequal "$WARNING" tail -n 3 ../rootdir/tmp/testfailure.output
+ testfailure test -s foo_1_amd64.deb -o -s foo_2_amd64.deb
+
+ rm -f foo_1.dsc foo_2.dsc
+ testfailure aptget source foo --dsc-only "$@"
+ testequal "$WARNING" tail -n 3 ../rootdir/tmp/testfailure.output
+ testfailure test -s foo_1.dsc -o -s foo_2.dsc
+ cd - >/dev/null
+}
+
+cp -a rootdir/etc/apt/sources.list.d/ rootdir/etc/apt/sources.list.d.bak/
+echo 'Debug::Acquire::Transaction "true";
+Debug::pkgAcquire::Worker "true";' > rootdir/etc/apt/apt.conf.d/00debugging
+
+aptgetupdate() {
+ rm -rf rootdir/var/lib/apt/lists
+ # note that insecure with trusted=yes are allowed
+ # as the trusted=yes indicates that security is provided by
+ # something above the understanding of apt
+ ${1:-testsuccess} aptget update --no-allow-insecure-repositories
+}
+
+insecureaptgetupdate() {
+ rm -rf rootdir/var/lib/apt/lists
+ testfailure aptget update --no-allow-insecure-repositories
+ rm -rf rootdir/var/lib/apt/lists
+ testwarning aptget update --allow-insecure-repositories
+}
+
+msgmsg 'Test without trusted option and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+aptgetupdate
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=yes option and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
+aptgetupdate
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=no option and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
+# we want the warnings on the actions, but for 'update' everything is fine
+aptgetupdate
+everythingfails
+everythingfails -t stable
+everythingfails -t testing
+
+find aptarchive/dists/stable \( -name 'InRelease' -o -name 'Release.gpg' \) -delete
+
+msgmsg 'Test without trusted option and good and unsigned sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+insecureaptgetupdate
+everythingsucceeds
+everythingfails -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=yes option and good and unsigned sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
+aptgetupdate
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=no option and good and unsigned sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
+insecureaptgetupdate
+everythingfails
+everythingfails -t stable
+everythingfails -t testing
+
+signreleasefiles 'Marvin Paranoid' 'aptarchive/dists/stable'
+
+msgmsg 'Test without trusted option and good and unknown sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+insecureaptgetupdate
+everythingsucceeds
+everythingfails -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=yes option and good and unknown sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
+aptgetupdate 'testwarning'
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=no option and good and unknown sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
+insecureaptgetupdate
+everythingfails
+everythingfails -t stable
+everythingfails -t testing
+
+signreleasefiles 'Rex Expired' 'aptarchive/dists/stable'
+cp -a keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
+
+msgmsg 'Test without trusted option and good and expired sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+insecureaptgetupdate
+everythingsucceeds
+everythingfails -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=yes option and good and expired sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
+aptgetupdate 'testwarning'
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=no option and good and expired sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
+insecureaptgetupdate
+everythingfails
+everythingfails -t stable
+everythingfails -t testing
+
+# same as the one further above, but this time testing is unsigned
+find aptarchive/ \( -name 'InRelease' -o -name 'Release.gpg' \) -delete
+signreleasefiles 'Joe Sixpack' 'aptarchive/dists/stable'
+
+msgmsg 'Test without trusted option and unsigned and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+insecureaptgetupdate
+everythingfails
+everythingsucceeds -t stable
+everythingfails -t testing
+
+msgmsg 'Test with trusted=yes option and unsigned and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
+aptgetupdate
+everythingsucceeds
+everythingsucceeds -t stable
+everythingsucceeds -t testing
+
+msgmsg 'Test with trusted=no option and unsigned and good sources'
+cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
+sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
+insecureaptgetupdate
+everythingfails
+everythingfails -t stable
+everythingfails -t testing
+
+msgmsg 'Test conflicting trusted options are refused'
+testsource() {
+ echo "$@" > rootdir/etc/apt/sources.list.d/example.list
+ testfailuremsg 'E: Conflicting values set for option Trusted regarding source http://example.org/bad/ unstable
+E: The list of sources could not be read.' aptget update --print-uris
+}
+for VAL in 'yes' 'no'; do
+ testsource "deb http://example.org/bad unstable main
+deb [trusted=${VAL}] http://example.org/bad unstable non-free"
+ testsource "deb [trusted=${VAL}] http://example.org/bad unstable main
+deb http://example.org/bad unstable non-free"
+done
+testsource 'deb [trusted=yes] http://example.org/bad unstable main
+deb [trusted=no] http://example.org/bad unstable non-free'
+testsource 'deb [trusted=no] http://example.org/bad unstable main
+deb [trusted=yes] http://example.org/bad unstable non-free'