summaryrefslogtreecommitdiff
path: root/test/integration/test-apt-update-rollback
Commit message (Collapse)AuthorAgeFilesLines
* tests: disable generation of Release.gpg by defaultDavid Kalnischkies2016-05-041-8/+4
| | | | | | | | | | | Most tests just need a signed repository and don't care if it signed by an InRelease file or a Release.gpg file, so we can save some time by just generating one of them by default. Sounds like not much, but quickly adds up to a few seconds with the amount of tests we have accumulated by now. Git-Dch: Ignore
* show more details for "Hash Sum mismatch" errorsDavid Kalnischkies2016-04-251-0/+17
| | | | | | | | | | | | | | | | Users tend to report these errors with just this error message… not very actionable and hard to figure out if this is a temporary or 'permanent' mirror-sync issue or even the occasional apt bug. Showing the involved hashsums and modification times should help in triaging these kind of bugs – and eventually we will have less of them via by-hash. The subheaders aren't marked for translation for now as they are technical glibberish and probably easier to deal with if not translated. After all, our iconic "Hash Sum mismatch" is translated at least. These additions were proposed in #817240 by Peter Palfrader.
* Report non-transient errors as errors, not as warningsJulian Andres Klode2016-03-161-2/+2
| | | | | This makes it easier to understand what really is an error and what not.
* tests: support spaces in path and TMPDIRDavid Kalnischkies2015-12-191-2/+2
| | | | | | | This doesn't allow all tests to run cleanly, but it at least allows to write tests which could run successfully in such environments. Git-Dch: Ignore
* new quiet level -qq for apt to hide progress outputDavid Kalnischkies2015-11-041-2/+2
| | | | | | | | | -q is for logging and -qqq (old -qq) basically kills every output expect errors, so there should be a way of declaring a middleground in which the output of e.g. 'update' isn't as verbose, but still shows some things. The test framework was actually making use of by accident as it ignored the quiet level in output setup for apt before. Eventually we should figure out some better quiet levels for all tools…
* tests: try to support spaces in TMPDIRDavid Kalnischkies2015-09-141-24/+24
| | | | | | | | Not all tests work yet, most notable the cdrom tests, but those require changes in libapt itself to have a proper fix and what we have fixed so far is good enough progress for now. Git-Dch: Ignore
* Replace --force-yes by various options starting with --allowJulian Andres Klode2015-08-141-2/+2
| | | | This enables more fine grained control over such exceptions.
* drop extra newline in 'Failed to fetch' and 'GPG error' messageDavid Kalnischkies2015-08-101-4/+0
| | | | | | I never understood why there is an extra newline in those messages, so now is as good time as any to drop them. Lets see if someone complains with a good reason to keep it…
* show URI.Path in all acquire item descriptionsDavid Kalnischkies2015-06-111-3/+3
| | | | | | | | | | | | | | It is a rather strange sight that index items use SiteOnly which strips the Path, while e.g. deb files are downloaded with NoUserPassword which does not. Important to note here is that for the file transport Path is pretty important as there is no Host which would be displayed by Site, which always resulted in "interesting" unspecific errors for "file:". Adding a 'middle' ground between the two which does show the Path but potentially modifies it (it strips a pending / at the end if existing) solves this "file:" issue, syncs the output and in the end helps to identify which file is meant exactly in progress output and co as a single site can have multiple repositories in different paths.
* do not request files if we expect an IMS hitDavid Kalnischkies2015-06-091-1/+5
| | | | | | | | | | If we have a file on disk and the hashes are the same in the new Release file and the old one we have on disk we know that if we ask the server for the file, we will at best get an IMS hit – at worse the server doesn't support this and sends us the (unchanged) file and we have to run all our checks on it again for nothing. So, we can save ourselves (and the servers) some unneeded requests if we figure this out on our own.
* don't try other compressions on hashsum mismatchDavid Kalnischkies2015-06-071-2/+2
| | | | | | | | | If we e.g. fail on hash verification for Packages.xz its highly unlikely that it will be any better with Packages.gz, so we just waste download bandwidth and time. It also causes us always to fallback to the uncompressed Packages file for which the error will finally be reported, which in turn confuses users as the file usually doesn't exist on the mirrors, so a bug in apt is suspected for even trying it…
* treat older Release files than we already have as an IMSHitDavid Kalnischkies2015-05-181-2/+2
| | | | | | | | | | | | | | | | | | | | | Valid-Until protects us from long-living downgrade attacks, but not all repositories have it and an attacker could still use older but still valid files to downgrade us. While this makes it sounds like a security improvement now, its a bit theoretical at best as an attacker with capabilities to pull this off could just as well always keep us days (but in the valid period) behind and always knows which state we have, as we tell him with the If-Modified-Since header. This is also why this is 'silently' ignored and treated as an IMSHit rather than screamed at the user as this can at best be an annoyance for attackers. An error here would 'regularily' be encountered by users by out-of-sync mirrors serving a single run (e.g. load balancer) or in two consecutive runs on the other hand, so it would just help teaching people ignore it. That said, most of the code churn is caused by enforcing this additional requirement. Crisscross from InRelease to Release.gpg is e.g. very unlikely in practice, but if we would ignore it an attacker could sidestep it this way.
* detect Releasefile IMS hits even if the server doesn'tDavid Kalnischkies2015-05-131-0/+1
| | | | | | | | | | | Not all servers we are talking to support If-Modified-Since and some are not even sending Last-Modified for us, so in an effort to detect such hits we run a hashsum check on the 'old' compared to the 'new' file, we got the hashes for the 'new' already for "free" from the methods anyway and hence just need to calculated the old ones. This allows us to detect hits even with unsupported servers, which in turn means we benefit from all the new hit behavior also here.
* test exitcode as well as string equalityDavid Kalnischkies2015-03-161-10/+10
| | | | | | | | We use test{success,failure} now all over the place in the framework, so its only consequencial to do this in the situations in which we test for a specific output as well. Git-Dch: Ignore
* testcases: do not allow warnings in testsuccessDavid Kalnischkies2014-10-201-1/+1
| | | | | | | | | | Adds a new testwarning which tests for zero exit and the presents of a warning in the output, failing if either is not the case or if an error is found, too. This allows us to change testsuccess to accept only totally successful executions (= without warnings) which should help finding regressions. Git-Dch: Ignore
* check lists/ content in tests doing rollbackDavid Kalnischkies2014-10-201-1/+9
| | | | Git-Dch: Ignore
* fix compile and tests errorDavid Kalnischkies2014-10-131-1/+1
| | | | | | I am pretty sure I did that before committing broken stuff… Git-Dch: Ignore
* display errortext for all Err as well as Ign logsDavid Kalnischkies2014-10-071-51/+50
| | | | | | | consistently using Item::Failed in all specializec classes helps setting up some information bits otherwise unset, so some errors had an empty reason as an error. Ign is upgraded to display the error message we ignored to further help in understanding what happens.
* Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}Michael Vogt2014-10-011-1/+1
| | | | | | | | | | | The configuration key Acquire::AllowInsecureRepositories controls if apt allows loading of unsigned repositories at all. The configuration Acquire::AllowDowngradeToInsecureRepositories controls if a signed repository can ever become unsigned. This should really never be needed but we provide it to avoid having to mess around in /var/lib/apt/lists if there is a use-case for this (which I can't think of right now).
* test fixesMichael Vogt2014-09-291-1/+1
|
* test fixesMichael Vogt2014-09-261-9/+7
|
* add gzip test and todoMichael Vogt2014-08-011-0/+4
|
* make errors more consistentMichael Vogt2014-08-011-13/+3
|
* check hashes of compressed files as wellMichael Vogt2014-08-011-12/+17
|
* fix transactionid passingMichael Vogt2014-08-011-1/+0
|
* mve MetaKey into pkgAcqBaseIndexMichael Vogt2014-08-011-1/+3
|
* fail early (again) on gpg sig failuresMichael Vogt2014-07-311-6/+5
|
* ensure InRelease->Release is transactional as wellMichael Vogt2014-07-311-0/+18
|
* make test_unauthenticated_to_invalid_inrelease workMichael Vogt2014-07-311-4/+5
|
* Rework TransactionID stuffMichael Vogt2014-07-311-0/+180