blob: f286f5650434360d312541e74db0beb5806e282a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
|
#!/bin/sh
set -e
TESTDIR=$(readlink -f $(dirname $0))
. $TESTDIR/framework
setupenvironment
configarchitecture 'native'
cat > aptarchive/Sources <<EOF
Package: pkg-md5-ok
Binary: pkg-md5-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc
db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz
Package: pkg-sha256-ok
Binary: pkg-sha256-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
9604ba9427a280db542279d9ed78400b 3 pkg-sha256-ok_1.0.dsc
db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-ok_1.0.tar.gz
Checksums-Sha1:
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-ok_1.0.dsc
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-ok_1.0.tar.gz
Checksums-Sha256:
943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc
90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz
Package: pkg-sha256-bad
Binary: pkg-sha256-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
9604ba9427a280db542279d9ed78400b 3 pkg-sha256-bad_1.0.dsc
db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-bad_1.0.tar.gz
Checksums-Sha1:
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-bad_1.0.dsc
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-bad_1.0.tar.gz
Checksums-Sha256:
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz
Package: pkg-md5-bad
Binary: pkg-md5-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-bad_1.0.dsc
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-bad_1.0.tar.gz
Package: pkg-no-md5
Binary: pkg-no-md5
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-no-md5_1.0.dsc
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-no-md5_1.0.tar.gz
Checksums-Sha256:
943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-no-md5_1.0.dsc
90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-no-md5_1.0.tar.gz
Package: pkg-mixed-ok
Binary: pkg-mixed-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-mixed-ok_1.0.tar.gz
Checksums-Sha256:
943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-mixed-ok_1.0.dsc
Package: pkg-mixed-sha1-bad
Binary: pkg-mixed-sha1-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-mixed-sha1-bad_1.0.dsc
Checksums-Sha256:
90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-mixed-sha1-bad_1.0.tar.gz
Package: pkg-mixed-sha2-bad
Binary: pkg-mixed-sha2-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-mixed-sha2-bad_1.0.dsc
Checksums-Sha256:
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-mixed-sha2-bad_1.0.tar.gz
Package: pkg-md5-disagree
Binary: pkg-md5-disagree
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
9604ba9427a280db542279d9ed78400b 3 pkg-md5-disagree_1.0.dsc
db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-disagree_1.0.tar.gz
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-disagree_1.0.dsc
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-disagree_1.0.tar.gz
Package: pkg-md5-agree
Binary: pkg-md5-agree
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
Package: pkg-sha256-disagree
Binary: pkg-sha256-disagree
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
9604ba9427a280db542279d9ed78400b 3 pkg-sha256-disagree_1.0.dsc
db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-disagree_1.0.tar.gz
Checksums-Sha1:
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-disagree_1.0.dsc
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-disagree_1.0.tar.gz
Checksums-Sha256:
943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-disagree_1.0.dsc
90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-disagree_1.0.tar.gz
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-disagree_1.0.dsc
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-disagree_1.0.tar.gz
EOF
# create fetchable files
for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \
'pkg-md5-bad'; do
echo -n 'dsc' > aptarchive/${x}_1.0.dsc
echo -n 'tar' > aptarchive/${x}_1.0.tar.gz
done
setupaptarchive --no-update
changetowebserver
testsuccess aptget update
cd downloaded
testok() {
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
testsuccessequal "Reading package lists...
Building dependency tree...
Need to get 6 B of source archives.
Get:1 http://localhost:8080 $1 1.0 (dsc) [3 B]
Get:2 http://localhost:8080 $1 1.0 (tar) [3 B]
Download complete and in download only mode" aptget source -d "$@"
msgtest 'Files were successfully downloaded for' "$1"
testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
}
testkeep() {
echo -n 'dsc' > ${1}_1.0.dsc
echo -n 'tar' > ${1}_1.0.tar.gz
testsuccessequal "Reading package lists...
Building dependency tree...
Skipping already downloaded file '${1}_1.0.dsc'
Skipping already downloaded file '${1}_1.0.tar.gz'
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d "$@"
msgtest 'Files already downloaded are kept for' "$1"
testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
}
testnohash() {
#FIXME: Maybe we should fail in this case instead of skipping
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
testsuccessequal "Reading package lists...
Building dependency tree...
Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d "$@"
msgtest 'Files are not downloaded for' "$1"
testfailure --nomsg test -e ${1}_1.0.dsc -o -e ${1}_1.0.tar.gz
}
testmismatch() {
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
testfailureequal "Reading package lists...
Building dependency tree...
Need to get 6 B of source archives.
Get:1 http://localhost:8080 $1 1.0 (dsc) [3 B]
Err:1 http://localhost:8080 $1 1.0 (dsc)
Hash Sum mismatch
Get:2 http://localhost:8080 $1 1.0 (tar) [3 B]
Err:2 http://localhost:8080 $1 1.0 (tar)
Hash Sum mismatch
E: Failed to fetch http://localhost:8080/${1}_1.0.dsc Hash Sum mismatch
E: Failed to fetch http://localhost:8080/${1}_1.0.tar.gz Hash Sum mismatch
E: Failed to fetch some archives." aptget source -d "$@"
msgtest 'Files were not download as they have hashsum mismatches for' "$1"
testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
if [ "$2" != '--allow-unauthenticated' ]; then
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
testsuccessequal "Reading package lists...
Building dependency tree...
Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
msgtest 'Files were not download as hash is unavailable for' "$1"
testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
fi
rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
testsuccessequal "Reading package lists...
Building dependency tree...
Need to get 6 B of source archives.
Get:1 http://localhost:8080 $1 1.0 (dsc) [3 B]
Get:2 http://localhost:8080 $1 1.0 (tar) [3 B]
Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
}
testnohash pkg-md5-ok
testok pkg-sha256-ok
testkeep pkg-sha256-ok
# pkg-sha256-bad has a bad SHA sum, but good MD5 sum. If apt is
# checking the best available hash (as it should), this will trigger
# a hash mismatch.
testmismatch pkg-sha256-bad
testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum
testnohash pkg-md5-bad
testmismatch pkg-md5-bad --allow-unauthenticated
# not having MD5 sum doesn't mean the file doesn't exist at all …
testok pkg-no-md5
testok pkg-no-md5 -o Acquire::ForceHash=SHA256
testsuccessequal "Reading package lists...
Building dependency tree...
Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d pkg-no-md5 -o Acquire::ForceHash=MD5Sum
msgtest 'Files were not download as MD5 is not available for this package' 'pkg-no-md5'
testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz
# deal with cases in which we haven't for all files the same checksum type
# mostly pathologic as this shouldn't happen, but just to be sure
testok pkg-mixed-ok
testfailureequal 'Reading package lists...
Building dependency tree...
Need to get 6 B of source archives.
Get:1 http://localhost:8080 pkg-mixed-sha1-bad 1.0 (tar) [3 B]
Get:2 http://localhost:8080 pkg-mixed-sha1-bad 1.0 (dsc) [3 B]
Err:2 http://localhost:8080 pkg-mixed-sha1-bad 1.0 (dsc)
Hash Sum mismatch
E: Failed to fetch http://localhost:8080/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch
E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha1-bad
msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
testfailureequal 'Reading package lists...
Building dependency tree...
Need to get 6 B of source archives.
Get:1 http://localhost:8080 pkg-mixed-sha2-bad 1.0 (tar) [3 B]
Err:1 http://localhost:8080 pkg-mixed-sha2-bad 1.0 (tar)
Hash Sum mismatch
Get:2 http://localhost:8080 pkg-mixed-sha2-bad 1.0 (dsc) [3 B]
E: Failed to fetch http://localhost:8080/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch
E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha2-bad
msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad'
testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz
# it gets even more pathologic: multiple entries for one file, some even disagreeing!
testnohash pkg-md5-agree
testfailureequal 'Reading package lists...
Building dependency tree...
E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
testfailureequal 'Reading package lists...
Building dependency tree...
E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree
|