summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Vogt <mvo@debian.org>2014-09-26 22:45:18 +0200
committerMichael Vogt <mvo@debian.org>2014-09-26 23:33:57 +0200
commitbca84917c326fa3158e120147c8aecebe0789b47 (patch)
tree005e2998d4f9499c422d16ea028631086c31c2ee
parent631a7dc7906a10ccd5f14dcfe42224e6107e11f6 (diff)
test fixes
-rw-r--r--apt-pkg/acquire-item.cc41
-rwxr-xr-xtest/integration/test-apt-get-source-authenticated2
-rwxr-xr-xtest/integration/test-apt-get-update-unauth-warning14
-rwxr-xr-xtest/integration/test-apt-update-rollback16
-rwxr-xr-xtest/integration/test-apt-update-unauth2
-rwxr-xr-xtest/integration/test-bug-717891-abolute-uris-for-proxies2
-rwxr-xr-xtest/integration/test-bug-738785-switch-protocol2
-rwxr-xr-xtest/integration/test-policy-pinning3
8 files changed, 46 insertions, 36 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 7fad5605d..b8317b13d 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1316,7 +1316,6 @@ void pkgAcqMetaBase::AbortTransaction()
std::clog << "AbortTransaction: " << TransactionManager << std::endl;
// ensure the toplevel is in error state too
- Status = pkgAcquire::Item::StatError;
for (std::vector<Item*>::iterator I = Transaction.begin();
I != Transaction.end(); ++I)
{
@@ -1542,6 +1541,7 @@ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
_error->Error("The repository '%s' is no longer signed.",
URIDesc.c_str());
Rename(MetaIndexFile, MetaIndexFile+".FAILED");
+ Status = pkgAcquire::Item::StatError;
TransactionManager->AbortTransaction();
return;
}
@@ -1561,16 +1561,16 @@ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
}
// only allow going further if the users explicitely wants it
- if(_config->FindB("APT::Get::AllowUnauthenticated", false))
- {
- _error->Warning("Please use --allow-unauthenticated");
- }
- else
+ if(_config->FindB("APT::Get::AllowUnauthenticated", false) == true)
{
// we parse the indexes here because at this point the user wanted
// a repository that may potentially harm him
MetaIndexParser->Load(MetaIndexFile);
((pkgAcqMetaIndex*)TransactionManager)->QueueIndexes(true);
+ }
+ else
+ {
+ _error->Warning("Use --allow-unauthenticated to force the update");
}
// FIXME: this is used often (e.g. in pkgAcqIndexTrans) so refactor
@@ -1793,12 +1793,12 @@ void pkgAcqMetaIndex::AuthDone(string Message) /*{{{*/
// Download further indexes with verification
//
- // we do not need to download indexfiles if the Release file has not
- // changed because without a changed release file there are no new hashes
- // and we ensure that the repository is always "complete" (i.e. all
- // that is in the release file is downloaded)
- if(IMSHit == false)
- QueueIndexes(true);
+ // it would be really nice if we could simply do
+ // if (IMSHit == false) QueueIndexes(true)
+ // and skip the download if the Release file has not changed
+ // - but right now the list cleaner will needs to be tricked
+ // to not delete all our packages/source indexes in this case
+ QueueIndexes(true);
#if 0
// is it a clearsigned MetaIndex file?
@@ -2012,19 +2012,20 @@ void pkgAcqMetaIndex::Failed(string Message,
DestFile = FinalFile;
}
+ _error->Warning(_("The data from '%s' is not signed. Packages "
+ "from that repository can not be authenticated."),
+ URIDesc.c_str());
+
// No Release file was present, or verification failed, so fall
// back to queueing Packages files without verification
// only allow going further if the users explicitely wants it
- if(_config->FindB("APT::Get::AllowUnauthenticated", false))
+ if(_config->FindB("APT::Get::AllowUnauthenticated", false) == true)
{
- // warn if the repository is unsinged
- _error->Warning(_("The data from '%s' is not signed. Packages "
- "from that repository can not be authenticated."),
- URIDesc.c_str());
- _error->Warning("Please use --allow-unauthenticated");
- } else {
QueueIndexes(false);
- }
+ } else {
+ // warn if the repository is unsinged
+ _error->Warning("Use --allow-unauthenticated to force the update");
+ }
}
/*}}}*/
diff --git a/test/integration/test-apt-get-source-authenticated b/test/integration/test-apt-get-source-authenticated
index 2cee13923..d73097b54 100755
--- a/test/integration/test-apt-get-source-authenticated
+++ b/test/integration/test-apt-get-source-authenticated
@@ -21,7 +21,7 @@ APTARCHIVE=$(readlink -f ./aptarchive)
rm -f $APTARCHIVE/dists/unstable/*Release*
# update without authenticated InRelease file
-testsuccess aptget update
+testsuccess aptget update --allow-unauthenticated
# this all should fail
testfailure aptget install -y foo
diff --git a/test/integration/test-apt-get-update-unauth-warning b/test/integration/test-apt-get-update-unauth-warning
index 4411a7430..b1c676738 100755
--- a/test/integration/test-apt-get-update-unauth-warning
+++ b/test/integration/test-apt-get-update-unauth-warning
@@ -18,11 +18,21 @@ setupaptarchive --no-update
APTARCHIVE=$(readlink -f ./aptarchive)
rm -f $APTARCHIVE/dists/unstable/*Release*
-# update without authenticated InRelease file
+# update without authenticated files leads to warning
testequal "Ign file: unstable InRelease
Ign file: unstable Release
Reading package lists...
-W: The data from 'file: unstable Release' is not signed. Packages from that repository can not be authenticated." aptget update
+W: The data from 'file: unstable Release' is not signed. Packages from that repository can not be authenticated.
+W: Use --allow-unauthenticated to force the update" aptget update
+
+# no package foo
+testequal "Listing..." apt list foo
+
+# allow override
+testequal "Ign file: unstable InRelease
+Ign file: unstable Release
+Reading package lists...
+W: The data from 'file: unstable Release' is not signed. Packages from that repository can not be authenticated." aptget update --allow-unauthenticated
# ensure we can not install the package
testequal "WARNING: The following packages cannot be authenticated!
diff --git a/test/integration/test-apt-update-rollback b/test/integration/test-apt-update-rollback
index ccd7f57ff..a88b0042b 100755
--- a/test/integration/test-apt-update-rollback
+++ b/test/integration/test-apt-update-rollback
@@ -75,15 +75,14 @@ test_inreleae_to_valid_release() {
rm $APTARCHIVE/dists/unstable/Release.gpg
avoid_ims_hit
- # update works
- testsuccess aptget update -o Debug::Acquire::Transaction=1
+ # update fails
+ testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq
# test that we can install the new packages but do no longer have a sig
testsuccess aptget install old -s
- testsuccess aptget install new -s
- testfailure ls $ROOTDIR/var/lib/apt/lists/*_InRelease
- testfailure ls $ROOTDIR/var/lib/apt/lists/*_Release.gpg
- testsuccess ls $ROOTDIR/var/lib/apt/lists/*_Release
+ testfailure aptget install new -s
+ testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease
+ testfailure ls $ROOTDIR/var/lib/apt/lists/*_Release
}
test_inreleae_to_release_reverts_all() {
@@ -98,9 +97,7 @@ test_inreleae_to_release_reverts_all() {
break_repository_sources_index
# ensure error
- testequal "W: Failed to fetch file:$APTARCHIVE/dists/unstable/main/source/Sources Hash Sum mismatch
-
-E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq # -o Debug::acquire::transaction=1
+ testequal "E: The repository 'file: unstable Release.gpg' is no longer signed." aptget update -qq # -o Debug::acquire::transaction=1
# ensure that the Packages file is also rolled back
testsuccess aptget install old -s
@@ -112,6 +109,7 @@ E: Some index files failed to download. They have been ignored, or old ones used
test_unauthenticated_to_invalid_inrelease() {
msgmsg "Test UnAuthenticated to invalid InRelease reverts everything"
create_fresh_archive
+ rm -rf rootdir/var/lib/apt/lists/*
rm $APTARCHIVE/dists/unstable/InRelease
rm $APTARCHIVE/dists/unstable/Release.gpg
avoid_ims_hit
diff --git a/test/integration/test-apt-update-unauth b/test/integration/test-apt-update-unauth
index 4e08b5e35..2e46e3ace 100755
--- a/test/integration/test-apt-update-unauth
+++ b/test/integration/test-apt-update-unauth
@@ -26,7 +26,7 @@ runtest() {
rm -f aptarchive/dists/unstable/*Release*
# remove uncompressed version
find aptarchive/ -name Packages | xargs rm -f
- aptget update -qq
+ aptget update -qq --allow-unauthenticated
# become authenticated
generatereleasefiles
diff --git a/test/integration/test-bug-717891-abolute-uris-for-proxies b/test/integration/test-bug-717891-abolute-uris-for-proxies
index ac1d6ec11..a8947b5e2 100755
--- a/test/integration/test-bug-717891-abolute-uris-for-proxies
+++ b/test/integration/test-bug-717891-abolute-uris-for-proxies
@@ -12,7 +12,7 @@ setupaptarchive
changetowebserver --request-absolute='uri'
msgtest 'Check that absolute paths are' 'not accepted'
-testfailure --nomsg aptget update
+testfailure --nomsg aptget update --allow-unauthenticated
echo 'Acquire::http::Proxy "http://localhost:8080";' > rootdir/etc/apt/apt.conf.d/99proxy
diff --git a/test/integration/test-bug-738785-switch-protocol b/test/integration/test-bug-738785-switch-protocol
index 1e5748eae..4ff044515 100755
--- a/test/integration/test-bug-738785-switch-protocol
+++ b/test/integration/test-bug-738785-switch-protocol
@@ -60,4 +60,4 @@ mv rootdir/${COPYMETHODS}.bak rootdir/${COPYMETHODS}
# check that downgrades from https to http are not allowed
webserverconfig 'aptwebserver::support::http' 'true'
sed -i -e 's#:8080/redirectme#:4433/downgrademe#' -e 's# http:# https:#' rootdir/etc/apt/sources.list.d/*
-testfailure aptget update
+testfailure aptget update --allow-unauthenticated
diff --git a/test/integration/test-policy-pinning b/test/integration/test-policy-pinning
index 8eb4bcbad..2281d7a1d 100755
--- a/test/integration/test-policy-pinning
+++ b/test/integration/test-policy-pinning
@@ -28,7 +28,7 @@ Pinned packages:" aptcache policy $*
aptgetupdate() {
# just to be sure that no old files are used
rm -rf rootdir/var/lib/apt
- if aptget update -qq 2>&1 | grep '^E: '; then
+ if aptget update --allow-unauthenticated -qq 2>&1 | grep '^E: '; then
msgwarn 'apt-get update failed with an error'
fi
}
@@ -36,6 +36,7 @@ aptgetupdate() {
### not signed archive
aptgetupdate
+
testequalpolicy 100 500
testequalpolicy 990 500 -t now