summaryrefslogtreecommitdiff
path: root/test/integration/test-apt-get-update-unauth-warning
Commit message (Collapse)AuthorAgeFilesLines
* Read and work with canonical file-URIs from sources.listsDavid Kalnischkies2021-09-131-1/+1
| | | | | | | | | | | | | | | We allow file (and other file-based methods) URIs to either be given as file:///path or as file:/path, but in various places of the acquire system we perform string comparisons on URIs which do not handle this expecting the canonical representation produced by our URI code. That used to be hidden by us quoting and dequoting the URIs in the system, but as we don't do this anymore we have to be a bit more careful on input. Ideally we would do less of these comparisons, but for now lets be content with inserting a canonicalisation early on to prevent hangs in the acquire system.
* allow a method to request auxiliary filesDavid Kalnischkies2018-01-031-1/+2
| | | | | | | | | | | | | | | | | | | | If a method needs a file to operate like e.g. mirror needs to get a list of mirrors before it can redirect the the actual requests to them. That could easily be solved by moving the logic into libapt directly, but by allowing a method to request other methods to do something we can keep this logic contained in the method and allow e.g. also methods which perform binary patching or similar things. Previously they would need to implement their own acquire system inside the existing one which in all likelyhood will not support the same features and methods nor operate with similar security compared to what we have already running 'above' the requesting method. That said, to avoid methods producing conflicts with "proper" files we are downloading a new directory is introduced to keep the auxiliary files in. [The message magic number 351 is a tribute to the german Grundgesetz article 35 paragraph 1 which defines that all authorities of the state(s) help each other on request.]
* fail instead of warn on insecure repositories in apt-getDavid Kalnischkies2017-06-281-2/+3
| | | | | | | | | The exception was made to give (script) users a one-release grace period to adapt their setup to deal with apt enforcing signing of repositories. As we are now at the start of a new release cycle its as good a time as any to lift it now. Removes-Exception: 952ee63b0af14a534c0aca00c11d1a99be6b22b2
* tests: support spaces in path and TMPDIRDavid Kalnischkies2015-12-191-2/+2
| | | | | | | This doesn't allow all tests to run cleanly, but it at least allows to write tests which could run successfully in such environments. Git-Dch: Ignore
* slightly rephrase notice shown for insecure repositoriesJustin B Rye2015-11-251-1/+1
| | | | Git-Dch: Ignore
* review of new/changed translatable program stringsJustin B Rye2015-11-211-2/+2
| | | | | Reference mail: https://lists.debian.org/debian-l10n-english/2015/11/msg00006.html
* tests: use quiet level 0 by default in testsDavid Kalnischkies2015-11-191-2/+2
| | | | Git-Dch: Ignore
* "support" unsigned Release files without hashes againDavid Kalnischkies2015-11-051-2/+7
| | | | | | | | | This 'ignores' the component Release files you can find in Debian alongside the binary-* directories, which isn't exactly a common usecase, but it worked before, so lets support it again as this isn't worse than a valid Release file which is unsigned. Git-Dch: Ignore
* drop privileges in copy:// method as we do for file://David Kalnischkies2015-11-051-16/+3
| | | | | | | | | | | Continueing on the track of dropping privileges in all methods, lets drop it in copy, too, as the reasoning for it is very similar to file and the interaction between the too quiet interesting as copy kinda surfed as a fallback for file not being able to read the file. Both now show a better error message as well as it was previously claiming to have a hashsum mismatch, given that it couldn't read the file. Git-Dch: Ignore
* support arch:all data e.g. in separate Packages fileDavid Kalnischkies2015-11-041-9/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Based on a discussion with Niels Thykier who asked for Contents-all this implements apt trying for all architecture dependent files to get a file for the architecture all, which is treated internally now as an official architecture which is always around (like native). This way arch:all data can be shared instead of duplicated for each architecture requiring the user to download the same information again and again. There is one problem however: In Debian there is already a binary-all/ Packages file, but the binary-any files still include arch:all packages, so that downloading this file now would be a waste of time, bandwidth and diskspace. We therefore need a way to decide if it makes sense to download the all file for Packages in Debian or not. The obvious answer would be a special flag in the Release file indicating this, which would need to default to 'no' and every reasonable repository would override it to 'yes' in a few years time, but the flag would be there "forever". Looking closer at a Release file we see the field "Architectures", which doesn't include 'all' at the moment. With the idea outlined above that 'all' is a "proper" architecture now, we interpret this field as being authoritative in declaring which architectures are supported by this repository. If it says 'all', apt will try to get all, if not it will be skipped. This gives us another interesting feature: If I configure a source to download armel and mips, but it declares it supports only armel apt will now print a notice saying as much. Previously this was a very cryptic failure. If on the other hand the repository supports mips, too, but for some reason doesn't ship mips packages at the moment, this 'missing' file is silently ignored (= that is the same as the repository including an empty file). The Architectures field isn't mandatory through, so if it isn't there, we assume that every architecture is supported by this repository, which skips the arch:all if not listed in the release file.
* refer to apt-secure(8) in unsecure repositories warningDavid Kalnischkies2015-11-041-2/+3
| | | | | | The manpage is also slightly updated to work better as a central hub to push people from all angles into the right directions without writting a book disguised as an error message.
* rework errors and warnings around insecure repositoriesDavid Kalnischkies2015-11-041-3/+5
| | | | | | | | | | | | | | | | Insecure (aka unsigned) repositories are bad, period. We want to get right of them finally and as a first step we are printing scary warnings. This is already done, this commit just changes the messages to be more consistent and prevents them from being displayed if authenticity is guaranteed some other way (as indicated with trusted=yes). The idea is to first print the pure fact like "repository isn't signed" as a warning (and later as an error), while giving an explaination in a immediately following notice (which is displayed only in quiet level 0: so in interactive use, not in scripts and alike). Closes: 796549
* tests: try to support spaces in TMPDIRDavid Kalnischkies2015-09-141-2/+2
| | | | | | | | Not all tests work yet, most notable the cdrom tests, but those require changes in libapt itself to have a proper fix and what we have fixed so far is good enough progress for now. Git-Dch: Ignore
* avoid using global PendingError to avoid failing too often too soonDavid Kalnischkies2015-09-141-0/+1
| | | | | | | | | | | | | | | | | | | Our error reporting is historically grown into some kind of mess. A while ago I implemented stacking for the global error which is used in this commit now to wrap calls to functions which do not report (all) errors via return, so that only failures in those calls cause a failure to propergate down the chain rather than failing if anything (potentially totally unrelated) has failed at some point in the past. This way we can avoid stopping the entire acquire process just because a single source produced an error for example. It also means that after the acquire process the cache is generated – even if the acquire process had failures – as we still have the old good data around we can and should generate a cache for (again). There are probably more instances of this hiding, but all these looked like the easiest to work with and fix with reasonable (aka net-positive) effects.
* Replace --force-yes by various options starting with --allowJulian Andres Klode2015-08-141-1/+1
| | | | This enables more fine grained control over such exceptions.
* rename 'apt-get files' to 'apt-get indextargets'David Kalnischkies2015-08-101-1/+1
| | | | | | | | 'files' is a bit too generic as a name for a command usually only used programmatically (if at all) by developers, so instead of "wasting" this generic name for this we use "indextargets" which is actually the name of the datastructure the displayed data is stored in. Along with this rename the config options are renamed accordingly.
* condense parallel requests with the same hashes to oneDavid Kalnischkies2015-06-151-2/+35
| | | | | | | | | | | | | It shouldn't be too common, but sometimes people have multiple mirrors in the sources or otherwise repositories with the same content. Now that we gracefully can handle multiple requests to the same URI, we can also fold multiple requests with the same expected hashes into one. Note that this isn't trying to find oppertunities for merging, but just merges if it happens to encounter the oppertunity for it. This is most obvious in the new testcase actually as it needs to delay the action to give the acquire system enough time to figure out that they can be merged.
* show item ID in Hit, Ign and Err lines as wellDavid Kalnischkies2015-06-151-7/+7
| | | | | | | | Again, consistency is the main sellingpoint here, but this way it is now also easier to explain that some files move through different stages and lines are printed for them hence multiple times: That is a bit hard to believe if the number is changing all the time, but now that it keeps consistent.
* call URIStart in cdrom and file methodDavid Kalnischkies2015-06-151-0/+7
| | | | | | | | | | | | | | | All other methods call it, so they should follow along even if the work they do afterwards is hardly breathtaking and usually results in a URIDone pretty soon, but the acquire system tells the individual item about this via a virtual method call, so even through none of our existing items contains any critical code in these, maybe one day they might. Consistency at least once… Which is also why this has a good sideeffect: file: and cdrom: requests appear now in the 'apt-get update' output. Finally - it never made sense to hide them for me. Okay, I guess it made before the new hit behavior, but now that you can actually see the difference in an update it makes sense to see if a file: repository changed or not as well.
* show URI.Path in all acquire item descriptionsDavid Kalnischkies2015-06-111-6/+6
| | | | | | | | | | | | | | It is a rather strange sight that index items use SiteOnly which strips the Path, while e.g. deb files are downloaded with NoUserPassword which does not. Important to note here is that for the file transport Path is pretty important as there is no Host which would be displayed by Site, which always resulted in "interesting" unspecific errors for "file:". Adding a 'middle' ground between the two which does show the Path but potentially modifies it (it strips a pending / at the end if existing) solves this "file:" issue, syncs the output and in the end helps to identify which file is meant exactly in progress output and co as a single site can have multiple repositories in different paths.
* test exitcode as well as string equalityDavid Kalnischkies2015-03-161-4/+4
| | | | | | | | We use test{success,failure} now all over the place in the framework, so its only consequencial to do this in the situations in which we test for a specific output as well. Git-Dch: Ignore
* disable the lock disabling in the testsDavid Kalnischkies2014-11-091-2/+3
| | | | | | | We create our own directories here and work without root in them, so we can also test the locking with them as it is how we usually operate. Git-Dch: Ignore
* testcases runable as rootDavid Kalnischkies2014-10-151-1/+1
| | | | | | | Running the testcases is usually not a good idea, but it can be handy to check if the privilege dropping works. Git-Dch: Ignore
* fix compile and tests errorDavid Kalnischkies2014-10-131-4/+1
| | | | | | I am pretty sure I did that before committing broken stuff… Git-Dch: Ignore
* display errortext for all Err as well as Ign logsDavid Kalnischkies2014-10-071-2/+5
| | | | | | | consistently using Item::Failed in all specializec classes helps setting up some information bits otherwise unset, so some errors had an empty reason as an error. Ign is upgraded to display the error message we ignored to further help in understanding what happens.
* fix testMichael Vogt2014-10-061-2/+1
|
* cleanup pkgAcq*::Failed()Michael Vogt2014-10-061-1/+1
|
* update testMichael Vogt2014-10-061-3/+7
|
* Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}Michael Vogt2014-10-011-2/+2
| | | | | | | | | | | The configuration key Acquire::AllowInsecureRepositories controls if apt allows loading of unsigned repositories at all. The configuration Acquire::AllowDowngradeToInsecureRepositories controls if a signed repository can ever become unsigned. This should really never be needed but we provide it to avoid having to mess around in /var/lib/apt/lists if there is a use-case for this (which I can't think of right now).
* test fixesMichael Vogt2014-09-261-2/+12
|
* Print warning for unauthenticated repositoriesMichael Vogt2014-09-261-0/+30