apt/test/integration, branch 1.2.10

Allow lowering trust level of a hash via config

2016-03-28T12:59:33Z

Introduces APT::Hashes:: with entries Untrusted and Weak which can be set to true to cause the hash to be treated as untrusted and/or weak.

test-apt-update-reporting: Make more use of framework

2016-03-27T13:14:32Z

Use msgtest and testsuccess with a function instead of failing with a simple exit 1. This looks nicer. Gbp-Dch: ignore

test-acquire-same-file-multiple-times: Delete files before retrying

2016-03-27T10:37:09Z

This gets rid of byte-range requests and 416 responses. Gbp-Dch: ignore

test-apt-download-progress: Use a larger file for testing

2016-03-27T10:31:24Z

This should make the test less flaky, as with a small file, we might have already received all the data before trying to apply rate limits which is a constant source of failure on the i386 Ubuntu autopkgtest.

Do not mark packages for keep that we want to remove

2016-03-27T00:09:14Z

If the package is marked for removal, keep it marked for removal and do not mark it for keep. If we mark it for keep, we some how later get to a different stage where it is marked for unpack instead of removal. In the example in the bug report, we would get a: SmartUnPack maas-region-controller-min:amd64 (replace version 2.0.0~alpha3+bzr4810-0ubuntu1 with Segmentation fault maas-region-controller-min:amd64 was marked for removal, but we changed it to keep and somehow it thinks that this is to be replaced now instead of removed (probably because the InstallVer != CandidateVer [with InstallVer = 0]). This fixes a regression introduced in release 1.2.7, commit: 0390edd5452b081f8efcf412f96d535a1d959457 Reported-by: LaMont Jones on IRC LP: #1562402

drop confusing comma from no strong hash message

2016-03-25T08:31:42Z

handle gpgv's weak-digests ERRSIG

2016-03-22T00:58:45Z

Our own gpgv method can declare a digest algorithm as untrusted and handles these as worthless signatures. If gpgv comes with inbuilt untrusted (which is called weak in official terminology) which it e.g. does for MD5 in recent versions we should handle it in the same way. To check this we use the most uncommon still fully trusted hash as a configureable one via a hidden config option to toggle through all of the three states a hash can be in.

properly check for "all good sigs are weak"

2016-03-21T21:47:17Z

Using erase(pos) is invalid in our case here as pos must be a valid and derefenceable iterator, which isn't the case for an end-iterator (like if we had no good signature). The problem runs deeper still through as VALIDSIG is a keyid while GOODSIG is just a longid so comparing them will always fail. Closes: 818910

tests: reenable basic auth test and add @ in username

2016-03-19T08:48:44Z

On launchpad #1558484 a user reports that @ in the authentication tokens parsing of sources.list isn't working in an older (precise) version. It isn't the recommended way of specifying passwords and co (auth.conf is), but we can at least test for regressions (and in this case test at all… who was that "clever" boy disabling a test with exit……… oh, nevermind. Git-Dch: Ignore

cachefile: Only set members that were initialized successfully

2016-03-19T06:19:24Z

Otherwise, things will just start failing later down the stack, because (a) the lazy getters do not check if building was successful and (b) any further getter call would return the invalid object anyway. Also initialize VS in pkgCache to nullptr by default. Closes: #818628