|
|
@@ -4,6 +4,8 @@ import sys
|
|
|
import os
|
|
|
import glob
|
|
|
import os.path
|
|
|
+import shutil
|
|
|
+import time
|
|
|
from subprocess import call, PIPE
|
|
|
|
|
|
import unittest
|
|
|
@@ -11,7 +13,92 @@ import unittest
|
|
|
stdout = os.open("/dev/null",0) #sys.stdout
|
|
|
stderr = os.open("/dev/null",0) # sys.stderr
|
|
|
|
|
|
-apt_args = [] # ["-o","Debug::pkgAcquire::Auth=true"]
|
|
|
+apt_args = []
|
|
|
+#apt_args = ["-o","Debug::pkgAcquire::Auth=true"]
|
|
|
+
|
|
|
+class testAptAuthenticationReliability(unittest.TestCase):
|
|
|
+ """
|
|
|
+ test if the spec https://wiki.ubuntu.com/AptAuthenticationReliability
|
|
|
+ is properly implemented
|
|
|
+ """
|
|
|
+ apt = "../bin/apt-get"
|
|
|
+
|
|
|
+ def setUp(self):
|
|
|
+ pass
|
|
|
+ def testRepositorySigFailure(self):
|
|
|
+ """
|
|
|
+ test if a repository that used to be authenticated and fails on
|
|
|
+ apt-get update refuses to update and uses the old state
|
|
|
+ """
|
|
|
+ # copy valid signatures into lists (those are ok, even
|
|
|
+ # if the name is "-broken-" ...
|
|
|
+ for f in glob.glob("./authReliability/lists/*"):
|
|
|
+ shutil.copy(f,"/var/lib/apt/lists")
|
|
|
+ # ensure we do *not* get a I-M-S hit
|
|
|
+ os.utime("/var/lib/apt/lists/%s" % os.path.basename(f), (0,0))
|
|
|
+ res = call([self.apt,
|
|
|
+ "update",
|
|
|
+ "-o","Dir::Etc::sourcelist=./authReliability/sources.list.failure"
|
|
|
+ ] + apt_args,
|
|
|
+ stdout=stdout, stderr=stderr)
|
|
|
+ self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg"),
|
|
|
+ "The gpg file disappeared, this should not happen")
|
|
|
+ self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages"),
|
|
|
+ "The Packages file disappeared, this should not happen")
|
|
|
+ # the same with i-m-s hit this time
|
|
|
+ for f in glob.glob("./authReliability/lists/*"):
|
|
|
+ shutil.copy(f,"/var/lib/apt/lists")
|
|
|
+ os.utime("/var/lib/apt/lists/%s" % os.path.basename(f), (time.time(),time.time()))
|
|
|
+ res = call([self.apt,
|
|
|
+ "update",
|
|
|
+ "-o","Dir::Etc::sourcelist=./authReliability/sources.list.failure"
|
|
|
+ ] + apt_args,
|
|
|
+ stdout=stdout, stderr=stderr)
|
|
|
+ self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Release.gpg"),
|
|
|
+ "The gpg file disappeared, this should not happen")
|
|
|
+ self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-broken_Packages"),
|
|
|
+ "The Packages file disappeared, this should not happen")
|
|
|
+ def testRepositorySigGood(self):
|
|
|
+ """
|
|
|
+ test that a regular repository with good data stays good
|
|
|
+ """
|
|
|
+ res = call([self.apt,
|
|
|
+ "update",
|
|
|
+ "-o","Dir::Etc::sourcelist=./authReliability/sources.list.good"
|
|
|
+ ] + apt_args,
|
|
|
+ stdout=stdout, stderr=stderr)
|
|
|
+ self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg"),
|
|
|
+ "The gpg file disappeared, this should not happen")
|
|
|
+ self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages"),
|
|
|
+ "The Packages file disappeared, this should not happen")
|
|
|
+ # test good is still good after non I-M-S hit and a previous files in lists/
|
|
|
+ for f in glob.glob("./authReliability/lists/*"):
|
|
|
+ shutil.copy(f,"/var/lib/apt/lists")
|
|
|
+ # ensure we do *not* get a I-M-S hit
|
|
|
+ os.utime("/var/lib/apt/lists/%s" % os.path.basename(f), (0,0))
|
|
|
+ res = call([self.apt,
|
|
|
+ "update",
|
|
|
+ "-o","Dir::Etc::sourcelist=./authReliability/sources.list.good"
|
|
|
+ ] + apt_args,
|
|
|
+ stdout=stdout, stderr=stderr)
|
|
|
+ self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg"),
|
|
|
+ "The gpg file disappeared, this should not happen")
|
|
|
+ self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages"),
|
|
|
+ "The Packages file disappeared, this should not happen")
|
|
|
+ # test good is still good after I-M-S hit
|
|
|
+ for f in glob.glob("./authReliability/lists/*"):
|
|
|
+ shutil.copy(f,"/var/lib/apt/lists")
|
|
|
+ # ensure we do get a I-M-S hit
|
|
|
+ os.utime("/var/lib/apt/lists/%s" % os.path.basename(f), (time.time(),time.time()))
|
|
|
+ res = call([self.apt,
|
|
|
+ "update",
|
|
|
+ "-o","Dir::Etc::sourcelist=./authReliability/sources.list.good"
|
|
|
+ ] + apt_args,
|
|
|
+ stdout=stdout, stderr=stderr)
|
|
|
+ self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Release.gpg"),
|
|
|
+ "The gpg file disappeared, this should not happen")
|
|
|
+ self.assert_(os.path.exists("/var/lib/apt/lists/people.ubuntu.com_%7emvo_apt_auth-test-suit_gpg-package-ok_Packages"),
|
|
|
+ "The Packages file disappeared, this should not happen")
|
|
|
|
|
|
|
|
|
class testAuthentication(unittest.TestCase):
|
|
|
@@ -149,6 +236,7 @@ if __name__ == "__main__":
|
|
|
if len(sys.argv) > 1 and sys.argv[1] == "-v":
|
|
|
stdout = sys.stdout
|
|
|
stderr = sys.stderr
|
|
|
+
|
|
|
+ # run only one for now
|
|
|
+ #unittest.main(defaultTest="testAptAuthenticationReliability")
|
|
|
unittest.main()
|
|
|
-
|
|
|
-
|