test-hashsum-verification 3.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
  1. #!/bin/sh
  2. set -e
  3. TESTDIR=$(readlink -f $(dirname $0))
  4. . $TESTDIR/framework
  5. setupenvironment
  6. configarchitecture "i386"
  7. buildaptarchive
  8. setupflataptarchive
  9. changetowebserver
  10. prepare() {
  11. local DATE="${2:-now}"
  12. if [ "$DATE" = 'now' -a "$1" = "${PKGFILE}-new" ]; then
  13. DATE='now + 6 days'
  14. fi
  15. for release in $(find rootdir/var/lib/apt/lists 2> /dev/null); do
  16. touch -d 'now - 6 hours' $release
  17. done
  18. cp $1 aptarchive/Packages
  19. find aptarchive -name 'Release' -delete
  20. compressfile aptarchive/Packages
  21. # create Release file with incorret checksums
  22. cat > aptarchive/Release <<EOF
  23. Date: Fri, 05 Aug 2011 09:22:08 UTC
  24. MD5Sum:
  25. x15c483ac486f5dbe95095c7ec08626f 760 Packages
  26. x0579797df4792164a17305fb0b317e9 546 Packages.bz2
  27. xc532a82873d2206b4e4503e92d167bd 489 Packages.gz
  28. x4d1d25661377dd4bb95a1736e2624d3 527 Packages.lzma
  29. xf1cc221194edbaa943d2375d6f44a88 572 Packages.xz
  30. SHA1:
  31. x0d3317839cf68cd40c28f0bddca8d2ce5a29cad 760 Packages
  32. xffddf046ad8dfd8338a355d76fb08d143c8b636 546 Packages.bz2
  33. xa27a3df51ca4474b880a6594c4811957079b613 489 Packages.gz
  34. x9d7bba4e6fa927a34dcd797694c2893c21f1004 527 Packages.lzma
  35. x7d988fe59cf67298828e5299a15d329c0f00f1b 572 Packages.xz
  36. SHA256:
  37. x5a47d72f6b97bfa164b23326b6ad3cb019b5c6cc73769f8c0187616933d1b2b 760 Packages
  38. x617252f5bfe3e9126352c7c2f8122d9c3b2c5e1a6c8a9616d62adc0ed164172 546 Packages.bz2
  39. xc6abc6fe9a4fcf0758ec5366dfd19bcba90af026a7017c3f6198c59eccd8ef5 489 Packages.gz
  40. xb306e66e5e6a7169c8d281a888539d1fdca9cecc99ae605717df579d5b9c166 527 Packages.lzma
  41. x9585d0e66b74c9385727fbea11fea9ab33c716b18a32f3036f037a2b9b57120 572 Packages.xz
  42. EOF
  43. cp aptarchive/Release aptarchive/InRelease
  44. }
  45. # fake our downloadable file
  46. touch aptarchive/apt.deb
  47. PKGFILE="${TESTDIR}/$(echo "$(basename $0)" | sed 's#^test-#Packages-#')"
  48. runtest() {
  49. prepare ${PKGFILE}
  50. rm -rf rootdir/var/lib/apt/lists
  51. signreleasefiles 'Joe Sixpack'
  52. find aptarchive/ -name "$DELETEFILE" -delete
  53. # test signed release file
  54. msgtest 'apt-get update gets the expected hashsum mismatch'
  55. aptget update 2>&1 | grep "Hash Sum mismatch" > /dev/null && msgpass || msgfail
  56. msgtest 'No package from the source available'
  57. [ "$(aptcache show apt 2>&1)" = "E: No packages found" ] && msgpass || msgfail
  58. msgtest 'No Packages file in /var/lib/apt/lists'
  59. [ "$(ls rootdir/var/lib/apt/lists/*Package* 2>/dev/null | grep -v FAILED 2>/dev/null)" = "" ] && msgpass || msgfail
  60. # now with the unsigned Release file
  61. rm -rf rootdir/var/lib/apt/lists
  62. rm aptarchive/InRelease aptarchive/Release.gpg
  63. msgtest 'unsigned apt-get update gets the expected hashsum mismatch'
  64. aptget update --allow-unauthenticated >output.log 2>&1 || true
  65. if grep -q "Hash Sum mismatch" output.log; then
  66. msgpass
  67. else
  68. cat output.log
  69. msgfail
  70. fi
  71. }
  72. for COMPRESSEDINDEXES in 'false' 'true'; do
  73. echo "Acquire::GzipIndexes \"$COMPRESSEDINDEXES\";" > rootdir/etc/apt/apt.conf.d/compressindexes
  74. if $COMPRESSEDINDEXES; then
  75. msgmsg 'Run tests with GzipIndexes enabled'
  76. else
  77. msgmsg 'Run tests with GzipIndexes disabled'
  78. fi
  79. runtest
  80. done