apt/test/integration/test-hashsum-verification, branch 2.9.1Debians commandline package managerhttps://git.kalnischkies.de/apt/atom?h=2.9.12019-07-10T14:15:30ZFix typos reported by codespell in code comments2019-07-10T14:15:30ZDavid Kalnischkiesdavid@kalnischkies.de2019-07-10T14:15:30Zurn:sha1:5cfbc5727dba2f4662d24cf4deb7cab7cdd57c14
Also in old changelogs, but nothing really user visible
like error messages or alike so barely noteworthy.
Reported-By: codespell
Gbp-Dch: Ignore
tests: disable generation of Release.gpg by default2016-05-04T10:12:33ZDavid Kalnischkiesdavid@kalnischkies.de2016-05-04T09:45:35Zurn:sha1:5a23c56d6852a27d45c2ae227b43060f7beac051
Most tests just need a signed repository and don't care if it signed by
an InRelease file or a Release.gpg file, so we can save some time by
just generating one of them by default.
Sounds like not much, but quickly adds up to a few seconds with the
amount of tests we have accumulated by now.
Git-Dch: Ignore
tests: allow to disable generation of InRelease/Release.gpg file2016-05-04T10:12:27ZDavid Kalnischkiesdavid@kalnischkies.de2016-05-04T09:10:08Zurn:sha1:761a5ad2ec07f097b05c32427bd0ebddfd587987
If the test just signs release files to throw away one of them to test
the other, we can just as well save the time and not create it.
Git-Dch: Ignore
tests: support spaces in path and TMPDIR2015-12-19T22:04:34ZDavid Kalnischkiesdavid@kalnischkies.de2015-12-15T16:20:26Zurn:sha1:3abb6a6a1e485b3bc899b64b0a1b7dc2db25a9c2
This doesn't allow all tests to run cleanly, but it at least allows to
write tests which could run successfully in such environments.
Git-Dch: Ignore
tests: use quiet level 0 by default in tests2015-11-19T16:13:56ZDavid Kalnischkiesdavid@kalnischkies.de2015-11-19T15:00:33Zurn:sha1:87d6947d51717e8b0e975d913986161598a7259a
Git-Dch: Ignore
Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}2014-10-01T11:05:26ZMichael Vogtmvo@ubuntu.com2014-10-01T10:21:55Zurn:sha1:c99fe2e169243fc6e1a3278ce3768f0f521e260b
The configuration key Acquire::AllowInsecureRepositories controls if
apt allows loading of unsigned repositories at all.
The configuration Acquire::AllowDowngradeToInsecureRepositories
controls if a signed repository can ever become unsigned. This
should really never be needed but we provide it to avoid having
to mess around in /var/lib/apt/lists if there is a use-case for
this (which I can't think of right now).
more test fixes2014-09-29T09:47:03ZMichael Vogtmvo@ubuntu.com2014-09-29T09:47:03Zurn:sha1:c292cc32b3ab0d70c63e68f7c94446932217c0ecSECURITY UPDATE for CVE-2014-{0488,0487,0489}2014-09-16T18:39:13ZMichael Vogtmvo@ubuntu.com2014-09-16T18:23:43Zurn:sha1:ca7fd76c2f30c100dcf1c12e717ce397cccd690b
incorrect invalidating of unauthenticated data (CVE-2014-0488)
incorect verification of 304 reply (CVE-2014-0487)
incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
configurable compression for testcases2013-08-27T22:24:32ZDavid Kalnischkieskalnischkies@gmail.com2013-08-27T22:24:32Zurn:sha1:276e51dd701590d187ca2999722329518af96121
Compressing files in 4 different styles eats test-time for no practical
gain if we don't test them explicitly, so default to just building 'gz'
compressed files as it is the simplest compression algorithm supported
Git-Dch: Ignore
fix the remaining lzma calls with xz --format=lzma in the testcases2012-04-11T10:36:32ZDavid Kalnischkieskalnischkies@gmail.com2012-04-11T10:36:32Zurn:sha1:3b4d8136e78b9f2a70431ece4c850861d90e8bb1