summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--apt-pkg/cachefilter-patterns.cc56
-rw-r--r--apt-pkg/cachefilter-patterns.h130
-rw-r--r--apt-pkg/contrib/netrc.cc22
-rw-r--r--debian/NEWS10
-rw-r--r--doc/apt-patterns.7.xml46
-rw-r--r--doc/apt_auth.conf.5.xml14
-rwxr-xr-xtest/integration/test-apt-patterns56
-rwxr-xr-xtest/integration/test-authentication-basic42
8 files changed, 356 insertions, 20 deletions
diff --git a/apt-pkg/cachefilter-patterns.cc b/apt-pkg/cachefilter-patterns.cc
index bf6166ee4..a9f76ff1d 100644
--- a/apt-pkg/cachefilter-patterns.cc
+++ b/apt-pkg/cachefilter-patterns.cc
@@ -6,8 +6,12 @@
* SPDX-License-Identifier: GPL-2.0+
*/
+#include <config.h>
+
#include <apt-pkg/cachefilter-patterns.h>
+#include <apti18n.h>
+
namespace APT
{
namespace Internal
@@ -210,6 +214,12 @@ std::unique_ptr<APT::CacheFilter::Matcher> PatternParser::aPattern(std::unique_p
if (node->matches("?architecture", 1, 1))
return std::make_unique<APT::CacheFilter::PackageArchitectureMatchesSpecification>(aWord(node->arguments[0]));
+ if (node->matches("?archive", 1, 1))
+ return std::make_unique<Patterns::VersionIsArchive>(aWord(node->arguments[0]));
+ if (node->matches("?all-versions", 1, 1))
+ return std::make_unique<Patterns::VersionIsAllVersions>(aPattern(node->arguments[0]));
+ if (node->matches("?any-version", 1, 1))
+ return std::make_unique<Patterns::VersionIsAnyVersion>(aPattern(node->arguments[0]));
if (node->matches("?automatic", 0, 0))
return std::make_unique<Patterns::PackageIsAutomatic>(file);
if (node->matches("?broken", 0, 0))
@@ -232,21 +242,33 @@ std::unique_ptr<APT::CacheFilter::Matcher> PatternParser::aPattern(std::unique_p
return std::make_unique<APT::CacheFilter::NOTMatcher>(aPattern(node->arguments[0]).release());
if (node->matches("?obsolete", 0, 0))
return std::make_unique<Patterns::PackageIsObsolete>();
+ if (node->matches("?origin", 1, 1))
+ return std::make_unique<Patterns::VersionIsOrigin>(aWord(node->arguments[0]));
+ if (node->matches("?section", 1, 1))
+ return std::make_unique<Patterns::VersionIsSection>(aWord(node->arguments[0]));
+ if (node->matches("?source-package", 1, 1))
+ return std::make_unique<Patterns::VersionIsSourcePackage>(aWord(node->arguments[0]));
+ if (node->matches("?source-version", 1, 1))
+ return std::make_unique<Patterns::VersionIsSourceVersion>(aWord(node->arguments[0]));
if (node->matches("?true", 0, 0))
return std::make_unique<APT::CacheFilter::TrueMatcher>();
if (node->matches("?upgradable", 0, 0))
return std::make_unique<Patterns::PackageIsUpgradable>(file);
+ if (node->matches("?version", 1, 1))
+ return std::make_unique<Patterns::VersionIsVersion>(aWord(node->arguments[0]));
if (node->matches("?virtual", 0, 0))
return std::make_unique<Patterns::PackageIsVirtual>();
if (node->matches("?x-name-fnmatch", 1, 1))
return std::make_unique<APT::CacheFilter::PackageNameMatchesFnmatch>(aWord(node->arguments[0]));
// Variable argument patterns
- if (node->matches("?and", 0, -1))
+ if (node->matches("?and", 0, -1) || node->matches("?narrow", 0, -1))
{
auto pattern = std::make_unique<APT::CacheFilter::ANDMatcher>();
for (auto &arg : node->arguments)
pattern->AND(aPattern(arg).release());
+ if (node->term == "?narrow")
+ return std::make_unique<Patterns::VersionIsAnyVersion>(std::move(pattern));
return pattern;
}
if (node->matches("?or", 0, -1))
@@ -272,6 +294,38 @@ std::string PatternParser::aWord(std::unique_ptr<PatternTreeParser::Node> &nodeP
return node->word.to_string();
}
+namespace Patterns
+{
+
+BaseRegexMatcher::BaseRegexMatcher(std::string const &Pattern)
+{
+ pattern = new regex_t;
+ int const Res = regcomp(pattern, Pattern.c_str(), REG_EXTENDED | REG_ICASE | REG_NOSUB);
+ if (Res == 0)
+ return;
+
+ delete pattern;
+ pattern = NULL;
+ char Error[300];
+ regerror(Res, pattern, Error, sizeof(Error));
+ _error->Error(_("Regex compilation error - %s"), Error);
+}
+bool BaseRegexMatcher::operator()(const char *string)
+{
+ if (unlikely(pattern == NULL))
+ return false;
+ else
+ return regexec(pattern, string, 0, 0, 0) == 0;
+}
+BaseRegexMatcher::~BaseRegexMatcher()
+{
+ if (pattern == NULL)
+ return;
+ regfree(pattern);
+ delete pattern;
+}
+} // namespace Patterns
+
} // namespace Internal
// The bridge into the public world
diff --git a/apt-pkg/cachefilter-patterns.h b/apt-pkg/cachefilter-patterns.h
index d37da815f..bd8ce7e7e 100644
--- a/apt-pkg/cachefilter-patterns.h
+++ b/apt-pkg/cachefilter-patterns.h
@@ -117,6 +117,21 @@ namespace Patterns
{
using namespace APT::CacheFilter;
+/** \brief Basic helper class for matching regex */
+class BaseRegexMatcher
+{
+ regex_t *pattern;
+
+ public:
+ BaseRegexMatcher(std::string const &string);
+ ~BaseRegexMatcher();
+ bool operator()(const char *cstring);
+ bool operator()(std::string const &string)
+ {
+ return (*this)(string.c_str());
+ }
+};
+
struct PackageIsAutomatic : public PackageMatcher
{
pkgCacheFile *Cache;
@@ -229,6 +244,121 @@ struct PackageIsVirtual : public PackageMatcher
return Pkg->VersionList == 0;
}
};
+
+struct VersionAnyMatcher : public Matcher
+{
+ bool operator()(pkgCache::GrpIterator const &Grp) override { return false; }
+ bool operator()(pkgCache::VerIterator const &Ver) override = 0;
+ bool operator()(pkgCache::PkgIterator const &Pkg) override
+ {
+ for (auto Ver = Pkg.VersionList(); not Ver.end(); Ver++)
+ {
+ if ((*this)(Ver))
+ return true;
+ }
+ return false;
+ }
+};
+
+struct VersionIsAllVersions : public Matcher
+{
+ std::unique_ptr<APT::CacheFilter::Matcher> base;
+ VersionIsAllVersions(std::unique_ptr<APT::CacheFilter::Matcher> base) : base(std::move(base)) {}
+ bool operator()(pkgCache::GrpIterator const &) override { return false; }
+ bool operator()(pkgCache::VerIterator const &Ver) override
+ {
+ return (*base)(Ver);
+ }
+ bool operator()(pkgCache::PkgIterator const &Pkg) override
+ {
+ for (auto Ver = Pkg.VersionList(); not Ver.end(); Ver++)
+ {
+ if (not(*this)(Ver))
+ return false;
+ }
+ return true;
+ }
+};
+
+struct VersionIsAnyVersion : public VersionAnyMatcher
+{
+ std::unique_ptr<APT::CacheFilter::Matcher> base;
+ VersionIsAnyVersion(std::unique_ptr<APT::CacheFilter::Matcher> base) : base(std::move(base)) {}
+ bool operator()(pkgCache::VerIterator const &Ver) override
+ {
+ return (*base)(Ver);
+ }
+};
+
+struct VersionIsArchive : public VersionAnyMatcher
+{
+ BaseRegexMatcher matcher;
+ VersionIsArchive(std::string const &pattern) : matcher(pattern) {}
+ bool operator()(pkgCache::VerIterator const &Ver) override
+ {
+ for (auto VF = Ver.FileList(); not VF.end(); VF++)
+ {
+ if (VF.File().Archive() && matcher(VF.File().Archive()))
+ return true;
+ }
+ return false;
+ }
+};
+
+struct VersionIsOrigin : public VersionAnyMatcher
+{
+ BaseRegexMatcher matcher;
+ VersionIsOrigin(std::string const &pattern) : matcher(pattern) {}
+ bool operator()(pkgCache::VerIterator const &Ver) override
+ {
+ for (auto VF = Ver.FileList(); not VF.end(); VF++)
+ {
+ if (VF.File().Origin() && matcher(VF.File().Origin()))
+ return true;
+ }
+ return false;
+ }
+};
+
+struct VersionIsSection : public VersionAnyMatcher
+{
+ BaseRegexMatcher matcher;
+ VersionIsSection(std::string const &pattern) : matcher(pattern) {}
+ bool operator()(pkgCache::VerIterator const &Ver) override
+ {
+ return matcher(Ver.Section());
+ }
+};
+
+struct VersionIsSourcePackage : public VersionAnyMatcher
+{
+ BaseRegexMatcher matcher;
+ VersionIsSourcePackage(std::string const &pattern) : matcher(pattern) {}
+ bool operator()(pkgCache::VerIterator const &Ver) override
+ {
+ return matcher(Ver.SourcePkgName());
+ }
+};
+
+struct VersionIsSourceVersion : public VersionAnyMatcher
+{
+ BaseRegexMatcher matcher;
+ VersionIsSourceVersion(std::string const &pattern) : matcher(pattern) {}
+ bool operator()(pkgCache::VerIterator const &Ver) override
+ {
+ return matcher(Ver.SourceVerStr());
+ }
+};
+
+struct VersionIsVersion : public VersionAnyMatcher
+{
+ BaseRegexMatcher matcher;
+ VersionIsVersion(std::string const &pattern) : matcher(pattern) {}
+ bool operator()(pkgCache::VerIterator const &Ver) override
+ {
+ return matcher(Ver.VerStr());
+ }
+};
} // namespace Patterns
} // namespace Internal
} // namespace APT
diff --git a/apt-pkg/contrib/netrc.cc b/apt-pkg/contrib/netrc.cc
index ee1996f8d..2069a0394 100644
--- a/apt-pkg/contrib/netrc.cc
+++ b/apt-pkg/contrib/netrc.cc
@@ -72,6 +72,26 @@ bool MaybeAddAuth(FileFd &NetRCFile, URI &Uri)
active_token = MACHINE;
break;
case MACHINE:
+ // If token contains a protocol: Check it first, and strip it away if
+ // it matches. If it does not match, ignore this stanza.
+ // If there is no protocol, only allow https protocols.
+ if (token.find("://") != std::string::npos)
+ {
+ if (not APT::String::Startswith(token, Uri.Access + "://"))
+ {
+ active_token = NO;
+ break;
+ }
+ token.erase(0, Uri.Access.length() + 3);
+ }
+ else if (Uri.Access != "https" && Uri.Access != "tor+https")
+ {
+ if (Debug)
+ std::clog << "MaybeAddAuth: Rejecting matching host adding '" << Uri.User << "' and '" << Uri.Password << "' for "
+ << (std::string)Uri << " from " << NetRCFile.Name() << "as the protocol is not https" << std::endl;
+ active_token = NO;
+ break;
+ }
if (token.find('/') == std::string::npos)
{
if (Uri.Port != 0 && Uri.Host == token)
@@ -168,7 +188,7 @@ bool IsAuthorized(pkgCache::PkgFileIterator const I, std::vector<std::unique_ptr
}
// FIXME: Use the full base url
- URI uri(std::string("http://") + I.Site() + "/");
+ URI uri(std::string("https://") + I.Site() + "/");
for (auto &authconf : authconfs)
{
if (not authconf->IsOpen())
diff --git a/debian/NEWS b/debian/NEWS
index e8cb4e279..555791602 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,3 +1,13 @@
+apt (1.9.5) UNRELEASED; urgency=medium
+
+ Credentials in apt_auth.conf(5) now only apply to https and tor+https
+ sources to avoid them being leaked over plaintext (Closes: #945911). To
+ opt-in to http, add http:// before the hostname. Note that this will transmit
+ credentials in plain text, which you do not want on devices that could be
+ operating in an untrusted network.
+
+ -- Julian Andres Klode <juliank@ubuntu.com> Mon, 02 Dec 2019 11:45:52 +0100
+
apt (1.8.0~alpha3) unstable; urgency=medium
The PATH for running dpkg is now configured by the option DPkg::Path,
diff --git a/doc/apt-patterns.7.xml b/doc/apt-patterns.7.xml
index efd4293dc..219d2c209 100644
--- a/doc/apt-patterns.7.xml
+++ b/doc/apt-patterns.7.xml
@@ -61,6 +61,23 @@
</variablelist>
</refsect1>
<refsect1>
+ <title>Narrowing patterns</title>
+ <para>
+ </para>
+ <variablelist>
+ <varlistentry><term><code>?all-versions(PATTERN)</code></term>
+ <listitem><para>Selects packages where all versions match PATTERN. When matching versions instead, same as PATTERN.</para></listitem>
+ </varlistentry>
+ <varlistentry><term><code>?any-version(PATTERN)</code></term>
+ <listitem><para>Selects any version where the pattern matches on the version.</para>
+ <para>For example, while <code>?and(?version(1),?version(2))</code> matches a package which has one version containing 1 and one version containing 2, <code>?any-version(?and(?version(1),?version(2)))</code> restricts the <code>?and</code> to act on the same version.</para></listitem>
+ </varlistentry>
+ <varlistentry><term><code>?narrow(PATTERN...)</code></term>
+ <listitem><para>Selects any version matching all PATTERNs, short for<code>?any-version(?and(PATTERN...))</code>.</para></listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+ <refsect1>
<title>Package patterns</title>
<para>
These patterns select specific packages.
@@ -106,6 +123,32 @@
</varlistentry>
</variablelist>
</refsect1>
+ <refsect1>
+ <title>Version patterns</title>
+ <para>
+ These patterns select specific versions of a package.
+ </para>
+ <variablelist>
+ <varlistentry><term><code>?archive(REGEX)</code></term>
+ <listitem><para>Selects versions that come from the archive that matches the specified regular expression. Archive, here, means the values after <code>a=</code> in <command>apt-cache policy</command>.</para></listitem>
+ </varlistentry>
+ <varlistentry><term><code>?origin(REGEX)</code></term>
+ <listitem><para>Selects versions that come from the origin that matches the specified regular expression. Origin, here, means the values after <code>o=</code> in <command>apt-cache policy</command>.</para></listitem>
+ </varlistentry>
+ <varlistentry><term><code>?section(REGEX)</code></term>
+ <listitem><para>Selects versions where the section matches the specified regular expression.</para></listitem>
+ </varlistentry>
+ <varlistentry><term><code>?source-package(REGEX)</code></term>
+ <listitem><para>Selects versions where the source package name matches the specified regular expression.</para></listitem>
+ </varlistentry>
+ <varlistentry><term><code>?source-version(REGEX)</code></term>
+ <listitem><para>Selects versions where the source package version matches the specified regular expression.</para></listitem>
+ </varlistentry>
+ <varlistentry><term><code>?version(REGEX)</code></term>
+ <listitem><para>Selects versions where the version string matching the specified regular expression.</para></listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
<refsect1><title>Examples</title>
@@ -147,6 +190,9 @@
<listitem>
<para>A trailing comma is allowed in argument lists</para>
</listitem>
+ <listitem>
+ <para>?narrow accepts infinite arguments</para>
+ </listitem>
</itemizedlist>
</refsect1>
diff --git a/doc/apt_auth.conf.5.xml b/doc/apt_auth.conf.5.xml
index e7961ef81..99394be00 100644
--- a/doc/apt_auth.conf.5.xml
+++ b/doc/apt_auth.conf.5.xml
@@ -50,7 +50,7 @@ Unknown tokens will be ignored. Tokens may be separated by spaces, tabs or newli
<variablelist>
<varlistentry>
-<term><literal>machine</literal> <replaceable>hostname</replaceable>[:<replaceable>port</replaceable>][/<replaceable>path</replaceable>]</term>
+<term><literal>machine</literal> <replaceable>[protocol://]</replaceable><replaceable>hostname</replaceable>[:<replaceable>port</replaceable>][/<replaceable>path</replaceable>]</term>
<listitem><para>Entries are looked up by searching for the
<emphasis><literal>machine</literal></emphasis> token matching the
hostname of the URI apt needs login information for. Extending the netrc-format
@@ -60,7 +60,8 @@ different login information reside on the same server. A machine token with a pa
matches if the path in the URI starts with the path given in the token.
Once a match is made, the subsequent tokens are processed, stopping when the
end of file is reached or another <emphasis><literal>machine</literal></emphasis>
-token is encountered.</para></listitem>
+token is encountered.</para>
+<para>If protocol is not specified, the entry only matches https and tor+https.</para></listitem>
</varlistentry>
<varlistentry>
@@ -80,9 +81,9 @@ token is encountered.</para></listitem>
<refsect1><title>Example</title>
<para>Supplying login information for a user named <literal>apt</literal>
with the password <literal>debian</literal> for the &sources-list; entry
-<literallayout>deb http://example.org/debian &debian-stable-codename; main</literallayout>
+<literallayout>deb https://example.org/debian &debian-stable-codename; main</literallayout>
could be done in the entry directly:
-<literallayout>deb http://apt:debian@example.org/debian &debian-stable-codename; main</literallayout>
+<literallayout>deb https://apt:debian@example.org/debian &debian-stable-codename; main</literallayout>
Alternatively an entry like the following in the auth.conf file could be used:
<literallayout>machine example.org
login apt
@@ -95,7 +96,7 @@ machine example.org/debian login apt password debian
machine example.org/debian/ login apt password debian
</literallayout>
On the other hand neither of the following lines apply:
-<literallayout>machine example.org:80 login apt password debian
+<literallayout>machine example.org:443 login apt password debian
machine example.org/deb/ login apt password debian
machine example.org/ubuntu login apt password debian
machine example.orga login apt password debian
@@ -111,6 +112,9 @@ also the implementation slightly. For maximum backward compatibility you should
avoid multiple <literal>machine</literal> tokens with the same hostname, but if
you need multiple they should all have a path specified in the
<literal>machine</literal> token.</para>
+<para>Login information in auth.conf are more flexible than those in sources.list. For
+example, login information can be specified for parts of a repository only, or if the
+sources.list entry redirects elsewhere, login information for the redirect destination can be supplied.</para>
</refsect1>
<refsect1>
diff --git a/test/integration/test-apt-patterns b/test/integration/test-apt-patterns
index 92c76edd1..06c552479 100755
--- a/test/integration/test-apt-patterns
+++ b/test/integration/test-apt-patterns
@@ -5,15 +5,16 @@ TESTDIR="$(readlink -f "$(dirname "$0")")"
setupenvironment
configarchitecture 'i386' 'amd64'
-insertpackage 'unstable' 'available' 'all' '1.0'
+insertpackage 'unstable' 'available' 'all' '1.0' 'Section: asection'
insertinstalledpackage 'manual1' 'i386' '1.0' 'Depends: automatic1'
insertinstalledpackage 'manual2' 'i386' '1.0'
-insertinstalledpackage 'automatic1' 'i386' '1.0'
-insertinstalledpackage 'automatic2' 'i386' '1.0'
+insertinstalledpackage 'automatic1' 'i386' '1.0' 'Source: automatic (0)'
+insertinstalledpackage 'automatic2' 'i386' '1.0' 'Source: automatic (1)'
-insertinstalledpackage 'essential' 'i386' '1.0' 'Essential: yes'
+insertinstalledpackage 'essential' 'i386' '1.0' 'Essential: yes
+Section: asection'
insertinstalledpackage 'conf-only' 'i386' '1.0' '' '' 'deinstall ok config-files'
insertinstalledpackage 'broken' 'i386' '1.0' 'Depends: does-not-exist'
@@ -22,6 +23,7 @@ insertpackage 'unstable' 'not-obsolete' 'all' '2.0'
insertpackage 'unstable' 'foreign' 'amd64' '2.0'
+getoriginfromsuite() { echo -n 'meow'; }
setupaptarchive
testsuccess aptmark auto automatic1 automatic2
@@ -103,6 +105,27 @@ testsuccessequal "Listing...
automatic1/now 1.0 i386 [installed,local]" apt list '?and(?name(^automatic),?name(1$))'
+msgmsg "Narrow and friends"
+testsuccessequal "Listing...
+not-obsolete/unstable 2.0 i386 [upgradable from: 1.0]
+N: There is 1 additional version. Please use the '-a' switch to see it" apt list '?and(?version(^1\.0$),?version(^2\.0$))'
+
+testsuccessequal "Listing..." apt list '?any-version(?and(?version(^1\.0$),?version(^2\.0$)))'
+testsuccessequal "Listing..." apt list '?narrow(?version(^1\.0$),?version(^2\.0$))'
+
+# XXX FIXME: I guess we do want this to only show version 1.0?
+testsuccessequal "Listing...
+not-obsolete/unstable 2.0 i386 [upgradable from: 1.0]
+N: There is 1 additional version. Please use the '-a' switch to see it" apt list '?any-version(?and(?version(^1\.0$),?name(not-obsolete)))'
+testsuccessequal "Listing...
+not-obsolete/unstable 2.0 i386 [upgradable from: 1.0]
+N: There is 1 additional version. Please use the '-a' switch to see it" apt list '?narrow(?version(^1\.0$),?name(not-obsolete))'
+
+
+testsuccessequal "Listing...
+foreign/unstable 2.0 amd64
+not-obsolete/unstable 2.0 i386 [upgradable from: 1.0]" apt list '?not(?all-versions(?version(^1)))'
+
msgmsg "Package patterns"
testsuccessequal "Listing...
@@ -113,6 +136,11 @@ testsuccessequal "Listing..." apt list '?architecture(foreign)'
testsuccessequal "Listing..." apt list '?architecture(native)'
testsuccessequal "Listing...
+available/unstable 1.0 all
+foreign/unstable 2.0 amd64
+not-obsolete/unstable 2.0 i386 [upgradable from: 1.0]" apt list '?archive(^unstable$)'
+
+testsuccessequal "Listing...
automatic1/now 1.0 i386 [installed,local]
automatic2/now 1.0 i386 [installed,local]" apt list '?automatic'
@@ -158,9 +186,29 @@ foreign/unstable 2.0 amd64
not-obsolete/unstable 2.0 i386 [upgradable from: 1.0]" apt list '?not(?obsolete)'
testsuccessequal "Listing...
+available/unstable 1.0 all
+foreign/unstable 2.0 amd64
+not-obsolete/unstable 2.0 i386 [upgradable from: 1.0]" apt list '?origin(^meow$)'
+
+testsuccessequal "Listing...
+available/unstable 1.0 all
+essential/now 1.0 i386 [installed,local]" apt list '?section(asection)'
+
+testsuccessequal "Listing...
+automatic1/now 1.0 i386 [installed,local]
+automatic2/now 1.0 i386 [installed,local]" apt list '?source-package(^automatic$)'
+
+testsuccessequal "Listing...
+automatic2/now 1.0 i386 [installed,local]" apt list '?source-version(^1$)'
+
+testsuccessequal "Listing...
not-obsolete/unstable 2.0 i386 [upgradable from: 1.0]
N: There is 1 additional version. Please use the '-a' switch to see it" apt list '?upgradable'
+testsuccessequal "Listing...
+foreign/unstable 2.0 amd64
+not-obsolete/unstable 2.0 i386 [upgradable from: 1.0]" apt list '?version(2.0)'
+
testsuccessequal "Package: does-not-exist
State: not a real package (virtual)
N: Can't select candidate version from package does-not-exist as it has no candidate
diff --git a/test/integration/test-authentication-basic b/test/integration/test-authentication-basic
index 211c73e35..5aafaade0 100755
--- a/test/integration/test-authentication-basic
+++ b/test/integration/test-authentication-basic
@@ -65,35 +65,59 @@ runtest() {
authfile ''
testauthfailure "$1"
+ protocol="${1%%://*}"
+
# good auth
- authfile 'machine localhost
+ authfile "machine ${protocol}://localhost
login star@irc
-password hunter2'
+password hunter2"
testauthsuccess "$1"
# bad auth
- authfile 'machine localhost
+ authfile "machine ${protocol}://localhost
login anonymous
-password hunter2'
+password hunter2"
testauthfailure "$1"
# 2 stanzas: unmatching + good auth
- authfile 'machine debian.org
+ authfile "machine ${protocol}://debian.org
login debian
password jessie
-machine localhost
+machine ${protocol}://localhost
login star@irc
-password hunter2'
+password hunter2"
testauthsuccess "$1"
+ # no protocol specifier
+ authfile "machine localhost
+login star@irc
+password hunter2"
+ if [ "$protocol" = "https" ]; then
+ testauthsuccess "$1"
+ else
+ testauthfailure "$1"
+ fi
+
+ # wrong protocol specifier
+ if [ "$protocol" = "https" ]; then
+ authfile "machine http://localhost
+login star@irc
+password hunter2"
+ else
+ authfile "machine https://localhost
+login star@irc
+password hunter2"
+ fi
+ testauthfailure "$1"
+
# delete file, make sure it fails; add auth.conf.d snippet, works again.
rm rootdir/etc/apt/auth.conf
testauthfailure "$1"
- authfile 'machine localhost
+ authfile "machine ${protocol}://localhost
login star@irc
-password hunter2' rootdir/etc/apt/auth.conf.d/myauth.conf
+password hunter2" rootdir/etc/apt/auth.conf.d/myauth.conf
testauthsuccess "$1"
rm rootdir/etc/apt/auth.conf.d/myauth.conf
}
generated by cgit v1.2.3-18-g5258 (git 2.32.0) at 2024-06-03 02:40:02 +0000