apt/test/integration/test-releasefile-valid-until, branch 2.2.1Debians commandline package managerhttps://git.kalnischkies.de/apt/atom?h=2.2.12017-01-19T14:59:38Zfix various typos reported by spellintian2017-01-19T14:59:38ZDavid Kalnischkiesdavid@kalnischkies.de2017-01-19T14:14:19Zurn:sha1:93cff633a830e222693fc0f3d78e6e534d1126ee
Most of them in (old) code comments. The two instances of user visible
string changes the po files of the manpages are fixed up as well.
Gbp-Dch: Ignore
Reported-By: spellintian
tests: support spaces in path and TMPDIR2015-12-19T22:04:34ZDavid Kalnischkiesdavid@kalnischkies.de2015-12-15T16:20:26Zurn:sha1:3abb6a6a1e485b3bc899b64b0a1b7dc2db25a9c2
This doesn't allow all tests to run cleanly, but it at least allows to
write tests which could run successfully in such environments.
Git-Dch: Ignore
add sources.list Check-Valid-Until and Valid-Until-{Max,Min} options2015-08-10T15:25:26ZDavid Kalnischkiesdavid@kalnischkies.de2015-06-23T15:26:57Zurn:sha1:0741daeb7ab870b4dd62a93fa12a1cf6330f9a72
These options could be set via configuration before, but the connection
to the actual sources is so strong that they should really be set in the
sources.list instead – especially as this can be done a lot more
specific rather than e.g. disabling Valid-Until for all sources at once.
Valid-Until-* names are chosen instead of the Min/Max-ValidTime as this
seems like a better name and their use in the wild is probably low
enough that this isn't going to confuse anyone if we have to names for
the same thing in different areas.
In the longrun, the config options should be removed, but for now
documentation hinting at the new options is good enough as these are the
kind of options you set once across many systems with different apt
versions, so the new way should work everywhere first before we
deprecate the old way.
treat older Release files than we already have as an IMSHit2015-05-18T20:15:06ZDavid Kalnischkiesdavid@kalnischkies.de2015-05-18T20:15:06Zurn:sha1:6bf93605fdb8e858d3f0a79a124c1d39f760094d
Valid-Until protects us from long-living downgrade attacks, but not all
repositories have it and an attacker could still use older but still
valid files to downgrade us. While this makes it sounds like a security
improvement now, its a bit theoretical at best as an attacker with
capabilities to pull this off could just as well always keep us days
(but in the valid period) behind and always knows which state we have,
as we tell him with the If-Modified-Since header. This is also why this
is 'silently' ignored and treated as an IMSHit rather than screamed at
the user as this can at best be an annoyance for attackers.
An error here would 'regularily' be encountered by users by out-of-sync
mirrors serving a single run (e.g. load balancer) or in two consecutive
runs on the other hand, so it would just help teaching people ignore it.
That said, most of the code churn is caused by enforcing this additional
requirement. Crisscross from InRelease to Release.gpg is e.g. very
unlikely in practice, but if we would ignore it an attacker could
sidestep it this way.
check for failure message in testsuccess/failure2014-10-20T08:37:46ZDavid Kalnischkiesdavid@kalnischkies.de2014-10-19T12:14:37Zurn:sha1:1df24acfdb8ba1cd8bbbaa166f170dda480ce41e
These functions check the exit code of the command, but for apt commands
we can go further and require an error message for non-zero exits and
none for zero exits.
Git-Dch: Ignore
add chronic-like testsuccess/testfailure helpers2013-08-12T16:01:37ZDavid Kalnischkieskalnischkies@gmail.com2013-08-10T08:01:06Zurn:sha1:0440d936d70b1e331d49bbc32735f1b749632604
For many commands the output isn't stable (like then dpkg is called) but
the exitcode is, so this helper enhances the common && msgpass ||
msgfail by generating automatically a msgtest and showing the output of
the command in case of failure instead of discarding it unconditionally,
the later being chronic-like behaviour
Git-Dch: Ignore
fix bashism (local outside function) and releasefile creation in testcases2011-09-09T08:56:42ZDavid Kalnischkieskalnischkies@gmail.com2011-09-09T08:56:42Zurn:sha1:718f797cef0fb766b6f7cfa1d34b617ad047dbc5 - add an Acquire::Min-ValidTime option (Closes: #640122)2011-09-05T13:58:19ZDavid Kalnischkieskalnischkies@gmail.com2011-09-05T13:58:19Zurn:sha1:89500a25b30d53ea0f5ae213c4207e13f35d1d61
* doc/apt.conf.5.xml:
- reword Acquire::Max-ValidTime documentation to make clear
that it doesn't provide the new Min-ValidTime functionality* apt-pkg/indexrecords.cc:2011-09-05T12:50:30ZDavid Kalnischkieskalnischkies@gmail.com2011-09-05T12:50:30Zurn:sha1:884a4c0a3a6cba654e77478a086f26539bc5bd32
- fix Acquire::Max-ValidTime option by interpreting it really
as seconds as specified in the manpage and not as days