Browse Source

tests: allow to disable generation of InRelease/Release.gpg file

If the test just signs release files to throw away one of them to test
the other, we can just as well save the time and not create it.

Git-Dch: Ignore
David Kalnischkies 10 years ago
parent
commit
761a5ad2ec

+ 14 - 4
test/integration/framework

@@ -1134,11 +1134,21 @@ signreleasefiles() {
 	fi
 	fi
 	local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo ${APT_TESTS_DIGEST_ALGO:-SHA512}"
 	local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo ${APT_TESTS_DIGEST_ALGO:-SHA512}"
 	for RELEASE in $(find "${REPODIR}/" -name Release); do
 	for RELEASE in $(find "${REPODIR}/" -name Release); do
-		testsuccess $GPG "$@" $SIGUSERS --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
-		local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')"
-		testsuccess $GPG "$@" $SIGUSERS --clearsign --output "$INRELEASE" "$RELEASE"
 		# we might have set a specific date for the Release file, so copy it
 		# we might have set a specific date for the Release file, so copy it
-		touch -d "$(stat --format "%y" ${RELEASE})" "${RELEASE}.gpg" "${INRELEASE}"
+		local DATE="$(stat --format "%y" "${RELEASE}")"
+		if [ "$APT_DONT_SIGN" = 'Release.gpg' ]; then
+			rm -f "${RELEASE}.gpg"
+		else
+			testsuccess $GPG "$@" $SIGUSERS --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}"
+			touch -d "$DATE" "${RELEASE}.gpg"
+		fi
+		local INRELEASE="${RELEASE%/*}/InRelease"
+		if [ "$APT_DONT_SIGN" = 'InRelease' ]; then
+			rm -f "$INRELEASE"
+		else
+			testsuccess $GPG "$@" $SIGUSERS --clearsign --output "$INRELEASE" "$RELEASE"
+			touch -d "$DATE" "${INRELEASE}"
+		fi
 	done
 	done
 	if [ -f "$SECEXPIREBAK" ] && [ -f "$PUBEXPIREBAK" ]; then
 	if [ -f "$SECEXPIREBAK" ] && [ -f "$PUBEXPIREBAK" ]; then
 		mv -f "$SECEXPIREBAK" "${REXKEY}.sec"
 		mv -f "$SECEXPIREBAK" "${REXKEY}.sec"

+ 3 - 5
test/integration/test-apt-update-nofallback

@@ -9,8 +9,7 @@ set -e
 simulate_mitm_and_inject_evil_package()
 simulate_mitm_and_inject_evil_package()
 {
 {
     redatereleasefiles '+1 hour'
     redatereleasefiles '+1 hour'
-    rm -f "$APTARCHIVE/dists/unstable/InRelease"
-    rm -f "$APTARCHIVE/dists/unstable/Release.gpg"
+    rm -f "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg"
     inject_evil_package
     inject_evil_package
 }
 }
 
 
@@ -126,11 +125,10 @@ test_cve_2012_0214()
     listcurrentlistsdirectory > lists.before
     listcurrentlistsdirectory > lists.before
 
 
     # do what CVE-2012-0214 did
     # do what CVE-2012-0214 did
-    rm "$APTARCHIVE/dists/unstable/InRelease"
-    rm "$APTARCHIVE/dists/unstable/Release.gpg"
+    rm "$APTARCHIVE/dists/unstable/InRelease" "$APTARCHIVE/dists/unstable/Release.gpg"
     inject_evil_package
     inject_evil_package
     # build valid Release file
     # build valid Release file
-    aptftparchive -qq release ./aptarchive > aptarchive/dists/unstable/Release 
+    aptftparchive -qq release ./aptarchive > aptarchive/dists/unstable/Release
 
 
     assert_update_is_refused_and_last_good_state_used
     assert_update_is_refused_and_last_good_state_used
     testfileequal lists.before "$(listcurrentlistsdirectory)"
     testfileequal lists.before "$(listcurrentlistsdirectory)"

+ 0 - 2
test/integration/test-hashsum-verification

@@ -44,7 +44,6 @@ SHA256:
  xb306e66e5e6a7169c8d281a888539d1fdca9cecc99ae605717df579d5b9c166              527 Packages.lzma
  xb306e66e5e6a7169c8d281a888539d1fdca9cecc99ae605717df579d5b9c166              527 Packages.lzma
  x9585d0e66b74c9385727fbea11fea9ab33c716b18a32f3036f037a2b9b57120              572 Packages.xz
  x9585d0e66b74c9385727fbea11fea9ab33c716b18a32f3036f037a2b9b57120              572 Packages.xz
 EOF
 EOF
-        cp aptarchive/Release aptarchive/InRelease
 }
 }
 
 
 # fake our downloadable file
 # fake our downloadable file
@@ -56,7 +55,6 @@ runtest() {
 	prepare "${PKGFILE}"
 	prepare "${PKGFILE}"
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Joe Sixpack'
 	signreleasefiles 'Joe Sixpack'
-	find aptarchive/ -name "$DELETEFILE" -delete
 
 
 	# test signed release file
 	# test signed release file
 	msgtest 'apt-get update gets the expected hashsum mismatch'
 	msgtest 'apt-get update gets the expected hashsum mismatch'

+ 8 - 5
test/integration/test-releasefile-date-older

@@ -26,40 +26,43 @@ testsuccess aptget update
 testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
 testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
 
 
 msgmsg 'Release.gpg file is silently rejected if' 'new Date is before old Date'
 msgmsg 'Release.gpg file is silently rejected if' 'new Date is before old Date'
+export APT_DONT_SIGN='InRelease'
 rm -rf rootdir/var/lib/apt/lists
 rm -rf rootdir/var/lib/apt/lists
 generatereleasefiles 'now' 'now + 7 days'
 generatereleasefiles 'now' 'now + 7 days'
 signreleasefiles
 signreleasefiles
-find aptarchive -name 'InRelease' -delete
 testsuccess aptget update
 testsuccess aptget update
 listcurrentlistsdirectory > listsdir.lst
 listcurrentlistsdirectory > listsdir.lst
 redatereleasefiles 'now - 2 days'
 redatereleasefiles 'now - 2 days'
-find aptarchive -name 'InRelease' -delete
 testsuccess aptget update
 testsuccess aptget update
 testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
 testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
+unset APT_DONT_SIGN
 
 
 msgmsg 'Crisscross InRelease/Release.gpg file is silently rejected if' 'new Date is before old Date'
 msgmsg 'Crisscross InRelease/Release.gpg file is silently rejected if' 'new Date is before old Date'
+export APT_DONT_SIGN='Release.gpg'
 rm -rf rootdir/var/lib/apt/lists
 rm -rf rootdir/var/lib/apt/lists
 generatereleasefiles 'now' 'now + 7 days'
 generatereleasefiles 'now' 'now + 7 days'
 signreleasefiles
 signreleasefiles
-find aptarchive -name 'Release.gpg' -delete
 testsuccess aptget update
 testsuccess aptget update
+export APT_DONT_SIGN='InRelease'
 listcurrentlistsdirectory > listsdir.lst
 listcurrentlistsdirectory > listsdir.lst
 redatereleasefiles 'now - 2 days'
 redatereleasefiles 'now - 2 days'
-find aptarchive -name 'InRelease' -delete
 testsuccess aptget update
 testsuccess aptget update
 testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
 testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
+unset APT_DONT_SIGN
 
 
 msgmsg 'Crisscross Release.gpg/InRelease file is silently rejected if' 'new Date is before old Date'
 msgmsg 'Crisscross Release.gpg/InRelease file is silently rejected if' 'new Date is before old Date'
+export APT_DONT_SIGN='InRelease'
 rm -rf rootdir/var/lib/apt/lists
 rm -rf rootdir/var/lib/apt/lists
 generatereleasefiles 'now' 'now + 7 days'
 generatereleasefiles 'now' 'now + 7 days'
 signreleasefiles
 signreleasefiles
 find aptarchive -name 'InRelease' -delete
 find aptarchive -name 'InRelease' -delete
 testsuccess aptget update
 testsuccess aptget update
+export APT_DONT_SIGN='Release.gpg'
 listcurrentlistsdirectory > listsdir.lst
 listcurrentlistsdirectory > listsdir.lst
 redatereleasefiles 'now - 2 days'
 redatereleasefiles 'now - 2 days'
-find aptarchive -name 'Release.gpg' -delete
 testsuccess aptget update
 testsuccess aptget update
 testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
 testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
+unset APT_DONT_SIGN
 
 
 msgmsg 'Release file has' 'no Date and no Valid-Until field'
 msgmsg 'Release file has' 'no Date and no Valid-Until field'
 rm -rf rootdir/var/lib/apt/lists
 rm -rf rootdir/var/lib/apt/lists

+ 6 - 25
test/integration/test-releasefile-verification

@@ -99,12 +99,10 @@ updatewithwarnings() {
 }
 }
 
 
 runtest() {
 runtest() {
-	local DELETEFILE="$1"
 	msgmsg 'Cold archive signed by' 'Joe Sixpack'
 	msgmsg 'Cold archive signed by' 'Joe Sixpack'
 	prepare "${PKGFILE}"
 	prepare "${PKGFILE}"
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Joe Sixpack'
 	signreleasefiles 'Joe Sixpack'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	successfulaptgetupdate
 	successfulaptgetupdate
 	testsuccessequal "$(cat "${PKGFILE}")
 	testsuccessequal "$(cat "${PKGFILE}")
 " aptcache show apt
 " aptcache show apt
@@ -113,7 +111,6 @@ runtest() {
 	msgmsg 'Good warm archive signed by' 'Joe Sixpack'
 	msgmsg 'Good warm archive signed by' 'Joe Sixpack'
 	prepare "${PKGFILE}-new"
 	prepare "${PKGFILE}-new"
 	signreleasefiles 'Joe Sixpack'
 	signreleasefiles 'Joe Sixpack'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	successfulaptgetupdate
 	successfulaptgetupdate
 	testsuccessequal "$(cat "${PKGFILE}-new")
 	testsuccessequal "$(cat "${PKGFILE}-new")
 " aptcache show apt
 " aptcache show apt
@@ -124,7 +121,6 @@ runtest() {
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	cp keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
 	cp keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
 	signreleasefiles 'Rex Expired'
 	signreleasefiles 'Rex Expired'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	updatewithwarnings '^W: .* EXPKEYSIG'
 	updatewithwarnings '^W: .* EXPKEYSIG'
 	testsuccessequal "$(cat "${PKGFILE}")
 	testsuccessequal "$(cat "${PKGFILE}")
 " aptcache show apt
 " aptcache show apt
@@ -144,7 +140,6 @@ runtest() {
 		prepare "${PKGFILE}"
 		prepare "${PKGFILE}"
 		rm -rf rootdir/var/lib/apt/lists
 		rm -rf rootdir/var/lib/apt/lists
 		signreleasefiles 'Joe Sixpack' 'aptarchive' --faked-system-time "20070924T154812" --default-sig-expire 2016-04-01
 		signreleasefiles 'Joe Sixpack' 'aptarchive' --faked-system-time "20070924T154812" --default-sig-expire 2016-04-01
-		find aptarchive/ -name "$DELETEFILE" -delete
 		updatewithwarnings '^W: .* EXPSIG'
 		updatewithwarnings '^W: .* EXPSIG'
 		testsuccessequal "$(cat "${PKGFILE}")
 		testsuccessequal "$(cat "${PKGFILE}")
 " aptcache show apt
 " aptcache show apt
@@ -158,7 +153,6 @@ runtest() {
 	prepare "${PKGFILE}"
 	prepare "${PKGFILE}"
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Joe Sixpack,Marvin Paranoid'
 	signreleasefiles 'Joe Sixpack,Marvin Paranoid'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	successfulaptgetupdate 'NO_PUBKEY'
 	successfulaptgetupdate 'NO_PUBKEY'
 	testsuccessequal "$(cat "${PKGFILE}")
 	testsuccessequal "$(cat "${PKGFILE}")
 " aptcache show apt
 " aptcache show apt
@@ -168,7 +162,6 @@ runtest() {
 	prepare "${PKGFILE}"
 	prepare "${PKGFILE}"
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Joe Sixpack,Rex Expired'
 	signreleasefiles 'Joe Sixpack,Rex Expired'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	cp keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
 	cp keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
 	successfulaptgetupdate 'EXPKEYSIG'
 	successfulaptgetupdate 'EXPKEYSIG'
 	rm -f rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
 	rm -f rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
@@ -180,7 +173,6 @@ runtest() {
 	prepare "${PKGFILE}"
 	prepare "${PKGFILE}"
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Marvin Paranoid'
 	signreleasefiles 'Marvin Paranoid'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	updatewithwarnings '^W: .* NO_PUBKEY'
 	updatewithwarnings '^W: .* NO_PUBKEY'
 	testsuccessequal "$(cat "${PKGFILE}")
 	testsuccessequal "$(cat "${PKGFILE}")
 " aptcache show apt
 " aptcache show apt
@@ -189,7 +181,6 @@ runtest() {
 	msgmsg 'Bad warm archive signed by' 'Joe Sixpack'
 	msgmsg 'Bad warm archive signed by' 'Joe Sixpack'
 	prepare "${PKGFILE}-new"
 	prepare "${PKGFILE}-new"
 	signreleasefiles 'Joe Sixpack'
 	signreleasefiles 'Joe Sixpack'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	successfulaptgetupdate
 	successfulaptgetupdate
 	testsuccessequal "$(cat "${PKGFILE}-new")
 	testsuccessequal "$(cat "${PKGFILE}-new")
 " aptcache show apt
 " aptcache show apt
@@ -199,7 +190,6 @@ runtest() {
 	prepare "${PKGFILE}"
 	prepare "${PKGFILE}"
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Joe Sixpack'
 	signreleasefiles 'Joe Sixpack'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	successfulaptgetupdate
 	successfulaptgetupdate
 	testsuccessequal "$(cat "${PKGFILE}")
 	testsuccessequal "$(cat "${PKGFILE}")
 " aptcache show apt
 " aptcache show apt
@@ -208,7 +198,6 @@ runtest() {
 	msgmsg 'Good warm archive signed by' 'Marvin Paranoid'
 	msgmsg 'Good warm archive signed by' 'Marvin Paranoid'
 	prepare "${PKGFILE}-new"
 	prepare "${PKGFILE}-new"
 	signreleasefiles 'Marvin Paranoid'
 	signreleasefiles 'Marvin Paranoid'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	updatewithwarnings '^W: .* NO_PUBKEY'
 	updatewithwarnings '^W: .* NO_PUBKEY'
 	testsuccessequal "$(cat "${PKGFILE}")
 	testsuccessequal "$(cat "${PKGFILE}")
 " aptcache show apt
 " aptcache show apt
@@ -218,7 +207,6 @@ runtest() {
 	prepare "${PKGFILE}-new"
 	prepare "${PKGFILE}-new"
 	cp keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
 	cp keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
 	signreleasefiles 'Rex Expired'
 	signreleasefiles 'Rex Expired'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	updatewithwarnings '^W: .* EXPKEYSIG'
 	updatewithwarnings '^W: .* EXPKEYSIG'
 	testsuccessequal "$(cat "${PKGFILE}")
 	testsuccessequal "$(cat "${PKGFILE}")
 " aptcache show apt
 " aptcache show apt
@@ -228,7 +216,6 @@ runtest() {
 	msgmsg 'Good warm archive signed by' 'Joe Sixpack'
 	msgmsg 'Good warm archive signed by' 'Joe Sixpack'
 	prepare "${PKGFILE}-new"
 	prepare "${PKGFILE}-new"
 	signreleasefiles
 	signreleasefiles
-	find aptarchive/ -name "$DELETEFILE" -delete
 	successfulaptgetupdate
 	successfulaptgetupdate
 	testsuccessequal "$(cat "${PKGFILE}-new")
 	testsuccessequal "$(cat "${PKGFILE}-new")
 " aptcache show apt
 " aptcache show apt
@@ -238,7 +225,6 @@ runtest() {
 	prepare "${PKGFILE}"
 	prepare "${PKGFILE}"
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Marvin Paranoid'
 	signreleasefiles 'Marvin Paranoid'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	local MARVIN="$(readlink -f keys/marvinparanoid.pub)"
 	local MARVIN="$(readlink -f keys/marvinparanoid.pub)"
 	sed -i "s#^\(deb\(-src\)\?\) #\1 [signed-by=$MARVIN] #" rootdir/etc/apt/sources.list.d/*
 	sed -i "s#^\(deb\(-src\)\?\) #\1 [signed-by=$MARVIN] #" rootdir/etc/apt/sources.list.d/*
 	successfulaptgetupdate
 	successfulaptgetupdate
@@ -249,7 +235,6 @@ runtest() {
 	msgmsg 'Cold archive signed by bad keyring' 'Joe Sixpack'
 	msgmsg 'Cold archive signed by bad keyring' 'Joe Sixpack'
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Joe Sixpack'
 	signreleasefiles 'Joe Sixpack'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	updatewithwarnings '^W: .* NO_PUBKEY'
 	updatewithwarnings '^W: .* NO_PUBKEY'
 	sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 #" rootdir/etc/apt/sources.list.d/*
 	sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 #" rootdir/etc/apt/sources.list.d/*
 
 
@@ -257,14 +242,12 @@ runtest() {
 	msgmsg 'Cold archive signed by bad keyid' 'Joe Sixpack'
 	msgmsg 'Cold archive signed by bad keyid' 'Joe Sixpack'
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Joe Sixpack'
 	signreleasefiles 'Joe Sixpack'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	sed -i "s#^\(deb\(-src\)\?\) #\1 [signed-by=$MARVIN] #" rootdir/etc/apt/sources.list.d/*
 	sed -i "s#^\(deb\(-src\)\?\) #\1 [signed-by=$MARVIN] #" rootdir/etc/apt/sources.list.d/*
 	updatewithwarnings '^W: .* be verified because the public key is not available: .*'
 	updatewithwarnings '^W: .* be verified because the public key is not available: .*'
 
 
 	msgmsg 'Cold archive signed by good keyid' 'Marvin Paranoid'
 	msgmsg 'Cold archive signed by good keyid' 'Marvin Paranoid'
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Marvin Paranoid'
 	signreleasefiles 'Marvin Paranoid'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	cp keys/marvinparanoid.pub rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg
 	cp keys/marvinparanoid.pub rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg
 	successfulaptgetupdate
 	successfulaptgetupdate
 	testsuccessequal "$(cat "${PKGFILE}")
 	testsuccessequal "$(cat "${PKGFILE}")
@@ -274,7 +257,6 @@ runtest() {
 	msgmsg 'Cold archive signed by good keyid' 'Marvin Paranoid,Joe Sixpack'
 	msgmsg 'Cold archive signed by good keyid' 'Marvin Paranoid,Joe Sixpack'
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Marvin Paranoid,Joe Sixpack'
 	signreleasefiles 'Marvin Paranoid,Joe Sixpack'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	successfulaptgetupdate 'NoPubKey: GOODSIG'
 	successfulaptgetupdate 'NoPubKey: GOODSIG'
 	testsuccessequal "$(cat "${PKGFILE}")
 	testsuccessequal "$(cat "${PKGFILE}")
 " aptcache show apt
 " aptcache show apt
@@ -284,7 +266,6 @@ runtest() {
 	msgmsg 'Cold archive signed by good keyids' 'Joe Sixpack'
 	msgmsg 'Cold archive signed by good keyids' 'Joe Sixpack'
 	rm -rf rootdir/var/lib/apt/lists
 	rm -rf rootdir/var/lib/apt/lists
 	signreleasefiles 'Joe Sixpack'
 	signreleasefiles 'Joe Sixpack'
-	find aptarchive/ -name "$DELETEFILE" -delete
 	sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 [signed-by=${SIXPACK},${MARVIN}] #" rootdir/etc/apt/sources.list.d/*
 	sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 [signed-by=${SIXPACK},${MARVIN}] #" rootdir/etc/apt/sources.list.d/*
 	successfulaptgetupdate
 	successfulaptgetupdate
 	testsuccessequal "$(cat "${PKGFILE}")
 	testsuccessequal "$(cat "${PKGFILE}")
@@ -306,7 +287,6 @@ runtest() {
 	cp -a rootdir/var/lib/apt/lists rootdir/var/lib/apt/lists-bak
 	cp -a rootdir/var/lib/apt/lists rootdir/var/lib/apt/lists-bak
 	prepare "${PKGFILE}-new"
 	prepare "${PKGFILE}-new"
 	signreleasefiles 'Joe Sixpack'
 	signreleasefiles 'Joe Sixpack'
-	find aptarchive/ -name "$DELETEFILE" -delete
 
 
 	msgmsg 'Warm archive with signed-by' 'Joe Sixpack'
 	msgmsg 'Warm archive with signed-by' 'Joe Sixpack'
 	sed -i "/^Valid-Until: / a\
 	sed -i "/^Valid-Until: / a\
@@ -364,8 +344,7 @@ runtest2() {
 	# package verification.
 	# package verification.
 	msgmsg 'Warm archive signed by' 'nobody'
 	msgmsg 'Warm archive signed by' 'nobody'
 	prepare "${PKGFILE}-new"
 	prepare "${PKGFILE}-new"
-	find aptarchive/ -name InRelease -delete
-	find aptarchive/ -name Release.gpg -delete
+	find aptarchive/ \( -name InRelease -o -name Release.gpg \) -delete
 	updatewithwarnings 'W: .* no longer signed.'
 	updatewithwarnings 'W: .* no longer signed.'
 	testsuccessequal "$(cat "${PKGFILE}-new")
 	testsuccessequal "$(cat "${PKGFILE}-new")
 " aptcache show apt
 " aptcache show apt
@@ -386,8 +365,10 @@ runtest3() {
 	runtest2
 	runtest2
 
 
 	for DELETEFILE in 'InRelease' 'Release.gpg'; do
 	for DELETEFILE in 'InRelease' 'Release.gpg'; do
+		export APT_DONT_SIGN="$DELETEFILE"
 		msgmsg "Running test with deletion of $DELETEFILE and $1 digest"
 		msgmsg "Running test with deletion of $DELETEFILE and $1 digest"
-		runtest "$DELETEFILE"
+		runtest
+		unset APT_DONT_SIGN
 	done
 	done
 }
 }
 
 
@@ -422,11 +403,11 @@ msgmsg "Running test with apt-untrusted digest"
 echo "APT::Hashes::$APT_TESTS_DIGEST_ALGO::Untrusted \"yes\";" > rootdir/etc/apt/apt.conf.d/truststate
 echo "APT::Hashes::$APT_TESTS_DIGEST_ALGO::Untrusted \"yes\";" > rootdir/etc/apt/apt.conf.d/truststate
 runfailure() {
 runfailure() {
 	for DELETEFILE in 'InRelease' 'Release.gpg'; do
 	for DELETEFILE in 'InRelease' 'Release.gpg'; do
+		export APT_DONT_SIGN="$DELETEFILE"
 		msgmsg 'Cold archive signed by' 'Joe Sixpack'
 		msgmsg 'Cold archive signed by' 'Joe Sixpack'
 		prepare "${PKGFILE}"
 		prepare "${PKGFILE}"
 		rm -rf rootdir/var/lib/apt/lists
 		rm -rf rootdir/var/lib/apt/lists
 		signreleasefiles 'Joe Sixpack'
 		signreleasefiles 'Joe Sixpack'
-		find aptarchive/ -name "$DELETEFILE" -delete
 		testfailure aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
 		testfailure aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
 		testsuccess grep 'The following signatures were invalid' rootdir/tmp/testfailure.output
 		testsuccess grep 'The following signatures were invalid' rootdir/tmp/testfailure.output
 		testnopackage 'apt'
 		testnopackage 'apt'
@@ -437,13 +418,13 @@ runfailure() {
 		prepare "${PKGFILE}"
 		prepare "${PKGFILE}"
 		rm -rf rootdir/var/lib/apt/lists
 		rm -rf rootdir/var/lib/apt/lists
 		signreleasefiles 'Marvin Paranoid'
 		signreleasefiles 'Marvin Paranoid'
-		find aptarchive/ -name "$DELETEFILE" -delete
 		testfailure aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
 		testfailure aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
 		testnopackage 'apt'
 		testnopackage 'apt'
 		updatewithwarnings '^W: .* NO_PUBKEY'
 		updatewithwarnings '^W: .* NO_PUBKEY'
 		testsuccessequal "$(cat "${PKGFILE}")
 		testsuccessequal "$(cat "${PKGFILE}")
 " aptcache show apt
 " aptcache show apt
 		failaptold
 		failaptold
+		unset APT_DONT_SIGN
 	done
 	done
 }
 }
 runfailure
 runfailure

+ 2 - 4
test/integration/test-ubuntu-bug-784473-InRelease-one-message-only

@@ -8,11 +8,9 @@ configarchitecture 'i386'
 
 
 insertpackage 'unstable' 'apt' 'i386' '0.8.11'
 insertpackage 'unstable' 'apt' 'i386' '0.8.11'
 
 
-setupaptarchive
+export APT_DONT_SIGN='Release.gpg'
+setupaptarchive --no-update
 
 
-rm -rf rootdir/var/lib/apt/lists
-
-find aptarchive/ -name 'Release.gpg' -delete
 find aptarchive/ -name 'InRelease' -exec cp {} {}.old \;
 find aptarchive/ -name 'InRelease' -exec cp {} {}.old \;
 
 
 for RELEASE in $(find aptarchive/ -name 'InRelease'); do
 for RELEASE in $(find aptarchive/ -name 'InRelease'); do