From 39304fb440f62b3a9f4dd85871b7049fb5b8eb8f Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Sat, 23 Apr 2022 22:46:33 +0200 Subject: Support uncompressed indexes from partial file:/ mirrors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If a file:/ mirror does not contain the requested compressed file, but the uncompressed variant of that file the method will sent us a fitting Done message with data only about the Alt-Filename, but the central hash verification code in the acquire system does not expect that looking for the non-existent compressed file to compare its hashes with the expected result – which fails (if we are verifying at least). That file:/ as well as the item code deals with this suggests that this feature was broken by 448c38bdcd72b52f11ec5f326f822cf57653f81c, but I couldn't (easily) compile that to verify, so this is only a guess. Supporting this allows using index files from /var/lib/apt/lists – which are likely uncompressed or can at least made so easily – to construct a file:/ mirror. --- .../integration/test-apt-get-update-unauth-warning | 66 ++++++++++++---------- .../test-apt-update-incomplete-file-mirror | 31 ++++++++++ 2 files changed, 66 insertions(+), 31 deletions(-) create mode 100755 test/integration/test-apt-update-incomplete-file-mirror (limited to 'test/integration') diff --git a/test/integration/test-apt-get-update-unauth-warning b/test/integration/test-apt-get-update-unauth-warning index 42c4e5a9d..46df14c29 100755 --- a/test/integration/test-apt-get-update-unauth-warning +++ b/test/integration/test-apt-get-update-unauth-warning @@ -44,46 +44,15 @@ testequal 'auxfiles lock partial' ls rootdir/var/lib/apt/lists -filesize() { - local CREATEDBY="$1" - shift - stat -c%s "/$(aptget indextargets --no-release-info --format '$(URI)' "Created-By: $CREATEDBY" "$@" | cut -d'/' -f 2- ).gz" -} # allow override -#aptget update --allow-insecure-repositories -o Debug::pkgAcquire::worker=1 -#exit testwarningequal "Get:1 file:$APTARCHIVE unstable InRelease Ign:1 file:$APTARCHIVE unstable InRelease Get:2 file:$APTARCHIVE unstable Release Ign:2 file:$APTARCHIVE unstable Release Get:3 file:$APTARCHIVE unstable/main Sources -Ign:3 file:$APTARCHIVE unstable/main Sources Get:4 file:$APTARCHIVE unstable/main i386 Packages -Ign:4 file:$APTARCHIVE unstable/main i386 Packages Get:5 file:$APTARCHIVE unstable/main all Packages -Ign:5 file:$APTARCHIVE unstable/main all Packages Get:6 file:$APTARCHIVE unstable/main Translation-en -Ign:6 file:$APTARCHIVE unstable/main Translation-en -Get:3 file:$APTARCHIVE unstable/main Sources -Ign:3 file:$APTARCHIVE unstable/main Sources -Get:4 file:$APTARCHIVE unstable/main i386 Packages -Ign:4 file:$APTARCHIVE unstable/main i386 Packages -Get:5 file:$APTARCHIVE unstable/main all Packages -Ign:5 file:$APTARCHIVE unstable/main all Packages -Get:6 file:$APTARCHIVE unstable/main Translation-en -Ign:6 file:$APTARCHIVE unstable/main Translation-en -Get:3 file:$APTARCHIVE unstable/main Sources -Ign:3 file:$APTARCHIVE unstable/main Sources -Get:4 file:$APTARCHIVE unstable/main i386 Packages -Ign:4 file:$APTARCHIVE unstable/main i386 Packages -Get:5 file:$APTARCHIVE unstable/main all Packages -Ign:5 file:$APTARCHIVE unstable/main all Packages -Get:6 file:$APTARCHIVE unstable/main Translation-en -Ign:6 file:$APTARCHIVE unstable/main Translation-en -Get:3 file:$APTARCHIVE unstable/main Sources [$(filesize 'Sources') B] -Get:4 file:$APTARCHIVE unstable/main i386 Packages [$(filesize 'Packages' 'Architecture: i386') B] -Get:5 file:$APTARCHIVE unstable/main all Packages [$(filesize 'Packages' 'Architecture: all') B] -Get:6 file:$APTARCHIVE unstable/main Translation-en [$(filesize 'Translations') B] Reading package lists... W: The repository 'file:$APTARCHIVE unstable Release' does not have a Release file. N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. @@ -92,3 +61,38 @@ N: See apt-secure(8) manpage for repository creation and user configuration deta testfailureequal "WARNING: The following packages cannot be authenticated! foo E: There were unauthenticated packages and -y was used without --allow-unauthenticated" aptget install -qq -y foo + +rm -rf rootdir/var/lib/apt/lists +changetowebserver + +filesize() { + local CREATEDBY="$1" + shift + stat -c%s "${APTARCHIVE}/$(aptget indextargets --no-release-info --format '$(URI)' "Created-By: $CREATEDBY" "$@" | cut -d'/' -f 4- ).gz" +} +testwarningequal "Ign:1 http://localhost:$APTHTTPPORT unstable InRelease +Ign:2 http://localhost:$APTHTTPPORT unstable Release +Ign:3 http://localhost:$APTHTTPPORT unstable/main Sources +Ign:4 http://localhost:$APTHTTPPORT unstable/main i386 Packages +Ign:5 http://localhost:$APTHTTPPORT unstable/main all Packages +Ign:6 http://localhost:$APTHTTPPORT unstable/main Translation-en +Ign:3 http://localhost:$APTHTTPPORT unstable/main Sources +Ign:4 http://localhost:$APTHTTPPORT unstable/main i386 Packages +Ign:5 http://localhost:$APTHTTPPORT unstable/main all Packages +Ign:6 http://localhost:$APTHTTPPORT unstable/main Translation-en +Ign:3 http://localhost:$APTHTTPPORT unstable/main Sources +Ign:4 http://localhost:$APTHTTPPORT unstable/main i386 Packages +Ign:5 http://localhost:$APTHTTPPORT unstable/main all Packages +Ign:6 http://localhost:$APTHTTPPORT unstable/main Translation-en +Get:3 http://localhost:$APTHTTPPORT unstable/main Sources [$(filesize 'Sources') B] +Get:4 http://localhost:$APTHTTPPORT unstable/main i386 Packages [$(filesize 'Packages' 'Architecture: i386') B] +Get:5 http://localhost:$APTHTTPPORT unstable/main all Packages [$(filesize 'Packages' 'Architecture: all') B] +Get:6 http://localhost:$APTHTTPPORT unstable/main Translation-en [$(filesize 'Translations') B] +Reading package lists... +W: The repository 'http://localhost:$APTHTTPPORT unstable Release' does not have a Release file. +N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. +N: See apt-secure(8) manpage for repository creation and user configuration details." aptget update --allow-insecure-repositories +# ensure we can not install the package +testfailureequal "WARNING: The following packages cannot be authenticated! + foo +E: There were unauthenticated packages and -y was used without --allow-unauthenticated" aptget install -qq -y foo diff --git a/test/integration/test-apt-update-incomplete-file-mirror b/test/integration/test-apt-update-incomplete-file-mirror new file mode 100755 index 000000000..d6894d607 --- /dev/null +++ b/test/integration/test-apt-update-incomplete-file-mirror @@ -0,0 +1,31 @@ +#!/bin/sh +set -e + +TESTDIR="$(readlink -f "$(dirname "$0")")" +. "$TESTDIR/framework" + +setupenvironment +configarchitecture "amd64" +configcompression 'gz' + +insertpackage 'unstable' 'foo' 'amd64' '1' + +setupaptarchive --no-update + +testfailure aptcache show foo + +# the Release file says gz available, but the mirror has only uncompressed files +find aptarchive/dists -name '*.gz' -delete + +testsuccess apt update +testsuccess aptcache show foo +testfailure aptcache show bar + +testsuccess apt update + +rm -rf rootdir/var/lib/apt/lists + +find aptarchive/dists -name 'Packages' | while read FILE; do + echo 'hacked' > $FILE +done +testfailure apt update -- cgit v1.2.3-70-g09d2