summaryrefslogtreecommitdiff
path: root/test/integration/test-apt-get-source-authenticated
Commit message (Collapse)AuthorAgeFilesLines
* rework hashsum verification in the acquire systemDavid Kalnischkies2015-06-091-1/+1
| | | | | | | | | | | | | | | | | | | | | Having every item having its own code to verify the file(s) it handles is an errorprune process and easy to break, especially if items move through various stages (download, uncompress, patching, …). With a giant rework we centralize (most of) the verification to have a better enforcement rate and (hopefully) less chance for bugs, but it breaks the ABI bigtime in exchange – and as we break it anyway, it is broken even harder. It shouldn't effect most frontends as they don't deal with the acquire system at all or implement their own items, but some do and will need to be patched (might be an opportunity to use apt on-board material). The theory is simple: Items implement methods to decide if hashes need to be checked (in this stage) and to return the expected hashes for this item (in this stage). The verification itself is done in worker message passing which has the benefit that a hashsum error is now a proper error for the acquire system rather than a Done() which is later revised to a Failed().
* fix file ownership tests to work on kfreebsdDavid Kalnischkies2014-11-181-1/+0
| | | | | | While on linux files are created in /tmp with $USER:$USER, on my kfreebsd testmachine they are created with $USER:root, so we pull some strings here to make it work on both.
* chown finished partial files earlierDavid Kalnischkies2014-10-231-2/+5
| | | | | | | | | | | | | | | | | partial files are chowned by the Item baseclass to let the methods work with them. Now, this baseclass is also responsible for chowning the files back to root instead of having various deeper levels do this. The consequence is that all overloaded Failed() methods now call the Item::Failed base as their first step. The same is done for Done(). The effect is that even in partial files usually don't belong to _apt anymore, helping sneakernets and reducing possibilities of a bad method modifying files not belonging to them. The change is supported by the framework not only supporting being run as root, but with proper permission management, too, so that privilege dropping can be tested with them.
* testcases: do not allow warnings in testsuccessDavid Kalnischkies2014-10-201-1/+1
| | | | | | | | | | Adds a new testwarning which tests for zero exit and the presents of a warning in the output, failing if either is not the case or if an error is found, too. This allows us to change testsuccess to accept only totally successful executions (= without warnings) which should help finding regressions. Git-Dch: Ignore
* Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}Michael Vogt2014-10-011-1/+1
| | | | | | | | | | | The configuration key Acquire::AllowInsecureRepositories controls if apt allows loading of unsigned repositories at all. The configuration Acquire::AllowDowngradeToInsecureRepositories controls if a signed repository can ever become unsigned. This should really never be needed but we provide it to avoid having to mess around in /var/lib/apt/lists if there is a use-case for this (which I can't think of right now).
* test fixesMichael Vogt2014-09-261-1/+1
|
* Show unauthenticated warning for source packages as wellMichael Vogt2014-06-021-0/+31
This will show the same unauthenticated warning for source packages as for binary packages and will not download a source package if it is unauthenticated. This can be overridden with --allow-unauthenticated Closes: #749795