Browse Source

tests: disable generation of Release.gpg by default

Most tests just need a signed repository and don't care if it signed by
an InRelease file or a Release.gpg file, so we can save some time by
just generating one of them by default.

Sounds like not much, but quickly adds up to a few seconds with the
amount of tests we have accumulated by now.

Git-Dch: Ignore
tags/debian/1.3_exp1
David Kalnischkies 5 years ago
parent
commit
5a23c56d68
9 changed files with 27 additions and 40 deletions
  1. +3
    -0
      test/integration/framework
  2. +1
    -0
      test/integration/test-apt-update-expected-size
  3. +1
    -0
      test/integration/test-apt-update-ims
  4. +8
    -9
      test/integration/test-apt-update-nofallback
  5. +1
    -0
      test/integration/test-apt-update-not-modified
  6. +4
    -8
      test/integration/test-apt-update-rollback
  7. +2
    -13
      test/integration/test-bug-633350-do-not-kill-last-char-in-Release
  8. +4
    -8
      test/integration/test-hashsum-verification
  9. +3
    -2
      test/integration/test-releasefile-verification

+ 3
- 0
test/integration/framework View File

@@ -421,6 +421,9 @@ EOF
echo 'Acquire::gpgv::Options { "--weak-digest"; "sha1"; };' > rootdir/etc/apt/apt.conf.d/no-sha1
fi

# most tests just need one signed Release file, not both
export APT_DONT_SIGN='Release.gpg'

msgdone "info"
}



+ 1
- 0
test/integration/test-apt-update-expected-size View File

@@ -10,6 +10,7 @@ configcompression '.' 'gz'

insertpackage 'unstable' 'apt' 'i386' '1.0'

export APT_DONT_SIGN=''
setupaptarchive --no-update
cp -a aptarchive/dists aptarchive/dists.good



+ 1
- 0
test/integration/test-apt-update-ims View File

@@ -10,6 +10,7 @@ insertpackage 'unstable' 'unrelated' 'all' '0.5~squeeze1'
insertpackage 'unstable' 'unrelated2' 'amd64' '0.5~squeeze1'
insertsource 'unstable' 'unrelated' 'all' '0.5~squeeze1'

export APT_DONT_SIGN=""
setupaptarchive --no-update
changetowebserver



+ 8
- 9
test/integration/test-apt-update-nofallback View File

@@ -58,7 +58,7 @@ setupaptarchive_with_lists_clean()

test_from_inrelease_to_unsigned()
{
# setup archive with InRelease file
export APT_DONT_SIGN='Release.gpg'
setupaptarchive_with_lists_clean
testsuccess aptget update
listcurrentlistsdirectory > lists.before
@@ -70,9 +70,8 @@ test_from_inrelease_to_unsigned()

test_from_release_gpg_to_unsigned()
{
# setup archive with Release/Release.gpg (but no InRelease)
export APT_DONT_SIGN='InRelease'
setupaptarchive_with_lists_clean
rm "$APTARCHIVE/dists/unstable/InRelease"
testsuccess aptget update
listcurrentlistsdirectory > lists.before

@@ -83,6 +82,7 @@ test_from_release_gpg_to_unsigned()

test_from_inrelease_to_unsigned_with_override()
{
export APT_DONT_SIGN='Release.gpg'
# setup archive with InRelease file
setupaptarchive_with_lists_clean
testsuccess aptget update
@@ -119,13 +119,13 @@ test_cve_2012_0214()
#
# Still worth having a regression test the simulates the condition

# setup archive with InRelease
export APT_DONT_SIGN='Release.gpg'
setupaptarchive_with_lists_clean
testsuccess aptget update
listcurrentlistsdirectory > lists.before

# do what CVE-2012-0214 did
rm "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg"
rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg"
inject_evil_package
# build valid Release file
aptftparchive -qq release ./aptarchive > aptarchive/dists/unstable/Release
@@ -139,7 +139,7 @@ test_cve_2012_0214()

test_subvert_inrelease()
{
# setup archive with InRelease
export APT_DONT_SIGN='Release.gpg'
setupaptarchive_with_lists_clean
testsuccess aptget update
listcurrentlistsdirectory > lists.before
@@ -157,7 +157,7 @@ E: Some index files failed to download. They have been ignored, or old ones used

test_inrelease_to_invalid_inrelease()
{
# setup archive with InRelease
export APT_DONT_SIGN='Release.gpg'
setupaptarchive_with_lists_clean
testsuccess aptget update
listcurrentlistsdirectory > lists.before
@@ -178,9 +178,8 @@ W: Some index files failed to download. They have been ignored, or old ones used

test_release_gpg_to_invalid_release_release_gpg()
{
# setup archive with InRelease
export APT_DONT_SIGN='InRelease'
setupaptarchive_with_lists_clean
rm "$APTARCHIVE/dists/unstable/InRelease"
testsuccess aptget update
listcurrentlistsdirectory > lists.before



+ 1
- 0
test/integration/test-apt-update-not-modified View File

@@ -10,6 +10,7 @@ confighashes 'SHA256'

insertpackage 'unstable' 'apt' 'amd64,i386' '1.0'

export APT_DONT_SIGN=''
setupaptarchive --no-update

methodtest() {


+ 4
- 8
test/integration/test-apt-update-rollback View File

@@ -82,8 +82,7 @@ test_inrelease_to_valid_release() {

add_new_package '+1hour'
# switch to a unsigned repo now
rm "$APTARCHIVE/dists/unstable/InRelease"
rm "$APTARCHIVE/dists/unstable/Release.gpg"
rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg"

# update fails
testfailureequal "E: The repository 'file:${APTARCHIVE} unstable Release' is no longer signed." aptget update -qq
@@ -102,8 +101,7 @@ test_inrelease_to_release_reverts_all() {

# switch to a unsigned repo now
add_new_package '+1hour'
rm "$APTARCHIVE/dists/unstable/InRelease"
rm "$APTARCHIVE/dists/unstable/Release.gpg"
rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg"

# break it
break_repository_sources_index '+1hour'
@@ -122,8 +120,7 @@ test_inrelease_to_release_reverts_all() {
test_unauthenticated_to_invalid_inrelease() {
msgmsg 'Test UnAuthenticated to invalid InRelease reverts everything'
create_fresh_archive
rm "$APTARCHIVE/dists/unstable/InRelease"
rm "$APTARCHIVE/dists/unstable/Release.gpg"
rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg"

testwarning aptget update --allow-insecure-repositories
listcurrentlistsdirectory > lists.before
@@ -191,9 +188,8 @@ TESTDIR="$(readlink -f "$(dirname "$0")")"

setupenvironment
configarchitecture "i386"
export APT_DONT_SIGN='Release.gpg'

# setup the archive and ensure we have a single package that installs fine
setupaptarchive
APTARCHIVE="$(readlink -f ./aptarchive)"
ROOTDIR="${TMPWORKINGDIRECTORY}/rootdir"
APTARCHIVE_LISTS="$(echo "$APTARCHIVE" | tr "/" "_" )"


+ 2
- 13
test/integration/test-bug-633350-do-not-kill-last-char-in-Release View File

@@ -8,20 +8,9 @@ configarchitecture 'amd64'

insertpackage 'unstable' 'cool' 'amd64' '1.0'

export APT_DONT_SIGN='InRelease'
setupaptarchive --no-update

echo 'NotAutomatic: yes' >> aptarchive/dists/unstable/Release

signreleasefiles
find aptarchive/dists -name 'InRelease' -delete

rm -rf rootdir/var/lib/apt/lists

OUTPUT="$(aptget update 2>&1)"
msgtest 'Check that parsing happens without warnings' 'with missing newline'
if echo "${OUTPUT}" | grep '^W:' > /dev/null; then
msgfail
echo "${OUTPUT}"
else
msgpass
fi
testsuccess aptget update

+ 4
- 8
test/integration/test-hashsum-verification View File

@@ -46,9 +46,6 @@ SHA256:
EOF
}

# fake our downloadable file
touch aptarchive/apt.deb

PKGFILE="${TESTDIR}/$(echo "$(basename $0)" | sed 's#^test-#Packages-#')"

runtest() {
@@ -63,12 +60,12 @@ runtest() {
msgtest 'No package from the source available'
testfailureequal --nomsg 'N: Unable to locate package apt
E: No packages found' aptcache show apt
msgtest 'No Packages file in /var/lib/apt/lists'
[ "$(ls rootdir/var/lib/apt/lists/*Package* 2>/dev/null | grep -v FAILED 2>/dev/null)" = "" ] && msgpass || msgfail
msgtest 'No Packages file in /var/lib/apt/lists'
testempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*Package*'
# now with the unsigned Release file
rm -rf rootdir/var/lib/apt/lists
rm aptarchive/InRelease aptarchive/Release.gpg
rm -f aptarchive/InRelease aptarchive/Release.gpg
msgtest 'unsigned apt-get update gets the expected hashsum mismatch'
testfailure --nomsg aptget update --allow-insecure-repositories
testsuccess grep "Hash Sum mismatch" rootdir/tmp/testfailure.output
@@ -81,6 +78,5 @@ for COMPRESSEDINDEXES in 'false' 'true'; do
else
msgmsg 'Run tests with GzipIndexes disabled'
fi
runtest
done

+ 3
- 2
test/integration/test-releasefile-verification View File

@@ -7,6 +7,7 @@ TESTDIR="$(readlink -f "$(dirname "$0")")"
setupenvironment
configarchitecture "i386"

export APT_DONT_SIGN='Release.gpg'
buildaptarchive
setupflataptarchive
changetowebserver
@@ -368,7 +369,7 @@ runtest3() {
export APT_DONT_SIGN="$DELETEFILE"
msgmsg "Running test with deletion of $DELETEFILE and $1 digest"
runtest
unset APT_DONT_SIGN
export APT_DONT_SIGN='Release.gpg'
done
}

@@ -424,7 +425,7 @@ runfailure() {
testsuccessequal "$(cat "${PKGFILE}")
" aptcache show apt
failaptold
unset APT_DONT_SIGN
export APT_DONT_SIGN='Release.gpg'
done
}
runfailure


Loading…
Cancel
Save