summaryrefslogtreecommitdiff
path: root/test/integration/test-releasefile-verification
Commit message (Collapse)AuthorAgeFilesLines
* tests: add a webserverconfig method to abstract configDavid Kalnischkies2013-11-301-1/+1
| | | | | | | The URI to use to set a config option is a bit arcane to write/remember and checking if the setting was successful doubly so. Git-Dch: Ignore
* retry without partial data after a 416 responseDavid Kalnischkies2013-10-011-16/+43
| | | | | | | | | | | | | | | If we get a 416 from the server it means the Range we asked for is above the real filesize of the file on the server. Mostly this happens if the server isn't supporting If-Range, but regardless of how we end up with the partial data, the data is invalid so we discard it and retry with a fresh plate and hope for the best. Old behavior was to consider 416 an error and retry with a different compression until we ran out of compression and requested the uncompressed file (which doesn't exist on most mirrors) with an accept line which server answered with "406 Not Acceptable". Closes: 710924
* configurable compression for testcasesDavid Kalnischkies2013-08-281-3/+1
| | | | | | | | Compressing files in 4 different styles eats test-time for no practical gain if we don't test them explicitly, so default to just building 'gz' compressed files as it is the simplest compression algorithm supported Git-Dch: Ignore
* test Release file handling with expired keysDavid Kalnischkies2013-08-121-2/+33
| | | | | | | | | Signing files with expired keys is not as easy as it sounds, so the framework jumps a few loops to do it, but it might come in handy to have an expired key around for later tests even if it is not that different from having no key in regards to APT behaviour. Git-Dch: Ignore
* simple fork and pidfile aptwebserverDavid Kalnischkies2013-06-241-2/+2
| | | | | | | | | | | Forking only after being ready to accept clients avoids running races with the tests which sometimes failed on the first 'apt-get update' (or similar) with the previous background-start and hope for the best… The commit fixes also some oversight output-order changes in regards to Description-md5 and (I-M-S) race conditions in various tests. Git-Dch: Ignore
* merged patch from Daniel Hartwig to fix URI and proxy releated issuesMichael Vogt2013-05-081-2/+2
|
* * SECURITY UPDATE: InRelease verification bypassMichael Vogt2013-03-141-2/+2
| | | | | | | | | - CVE-2013-1051 * apt-pkg/deb/debmetaindex.cc, test/integration/test-bug-595691-empty-and-broken-archive-files, test/integration/test-releasefile-verification: - disable InRelease downloading until the verification issue is fixed, thanks to Ansgar Burchardt for finding the flaw
* fix the remaining lzma calls with xz --format=lzma in the testcasesDavid Kalnischkies2012-04-111-1/+1
|
* testcase for CVE-2012-0214Simon Ruderich2012-03-031-0/+29
|
* remove the caches in 'apt-get update', too, as they will beDavid Kalnischkies2011-08-221-2/+1
| | | invalid in most cases anyway
* - try downloading clearsigned InRelease before trying Release.gpgDavid Kalnischkies2011-01-201-0/+160
* apt-pkg/deb/deblistparser.cc: - rewrite LoadReleaseInfo to cope with clearsigned Releasefiles