summaryrefslogtreecommitdiff
path: root/test/integration
AgeCommit message (Collapse)AuthorFilesLines
2019-11-27Remove failed trusted signature instead of index on IMS hitDavid Kalnischkies1-0/+2
While passing the combi Release and Release.gpg to the gpgv method for verification the filename of Release is placed where usually Release.gpg is assumed in the rest of the code. The "usual" cases like passing verification and failing verification ending in an error are taking care of this, but the code path dealing with a failed verification, but ignoring said failure (e.g. due to trusted=yes) was not which results in the wrong file being removed later on (in case the index happens to be unmodified since the last update call) leading us into the abyss of strange failures (fixed in the previous commit) were nothing should have changed. This is not a security issue in this form as the repository needs to fail verification & the user forcing apt to ignore the failure and carry on anyhow. It does show however how complicated the code and its various interconnected paths can become. Reported-By: Val "pinkieval" Lorentz on IRC
2019-11-27Use correct filename on IMS-hit reverify for indicesDavid Kalnischkies1-0/+73
If we have no old Release file, but old indices we can't compare hashsums with the new Release file and hence must request the indices again and have to react to IMS hits if they didn't change. We used to symlink the old index file to the partial directory, but that usually meant that we linked an uncompressed file to a compressed file, which not all uncompressors can deal with transparently resulting in strange failures. We could do without the symlink, but that would require changes in the codepaths dealing with failure as they would rename the file to FAILED.
2019-11-26Fix skip-bug-601016-description-translation testDavid Kalnischkies1-6/+7
Skipped tests do not age very well as changes to the infrastructure go by unnoticied. In this case we are fetching Translation files now differently meaning only if mentioned in Release file, which broke this test. As it makes use of LC_ALL and utf8 locales it can't really be reenabled, but it might be able to serve as an example for others and hence at least deserves being fixed. Gbp-Dch: Ignore
2019-11-25Search in all available description translationsАлексей Шилин1-0/+107
When multiple translations of package descriptions are available, perform search in all of them. It allows using search patterns in any of the configured languages. Previously, only the first available translation was searched. As the result, patterns in e.g. English never matched packages which had their descriptions translated into local language. Closes: #490000
2019-09-27Parse 'show' arguments for the 'info' alias as wellJulian Andres Klode1-0/+76
We recently made info an alias for show, but we did not change the command-line parser to work around it. LP: #1843812
2019-09-19Pass --abort-after=1 to dpkg when using --force-dependsJulian Andres Klode1-0/+29
Using --force-depends causes dpkg to continue removing packages a package depends upon even if that package fails to be removed, because dpkg turns off all sanity checks. So we gotta tell dpkg to stop immediately if there's an error removing stuff. Closes: #935910 LP: #1844634
2019-08-15Add ?virtual patternJulian Andres Klode1-0/+6
This matches any package that does not have versions.
2019-08-15Add the ?exact-name patternJulian Andres Klode1-0/+4
The ?exact-name pattern matches the name exactly, there is no substring matching going on, or any regular expression or fnmatch magic.
2019-08-15Add ?essential patternJulian Andres Klode1-0/+3
This matches all packages where at least one of the versions is marked essential; or well, whenver apt considers a package essential.
2019-08-15Add ?broken patternJulian Andres Klode1-0/+3
This matches all packages that have broken dependencies in the installed version or the version selected for install.
2019-08-15Add ?config-files and ?installed patternsJulian Andres Klode1-0/+18
These two are mutually exclusive states of installed-ness. And ?installed package is fully unpacked and configured; a ?config-files package only has config files left.
2019-08-15Add ?obsolete and ?upgradable patternsJulian Andres Klode1-0/+10
These match packages that have no version in a repository, or where an upgrade is available. Notably, ?and(?obsolete,?upgradable) == ?false because an upgradable package is by definition not obsolete.
2019-08-15Add ?automatic and ?garbage patternsJulian Andres Klode1-0/+6
These patterns allow you to identify automatically installed packages, as well as automatically installed packages that are no longer reachable from the manually installed ones.
2019-08-15Add patterns for the existing CacheFilter::Matcher classesJulian Andres Klode1-0/+62
This implements the basic logic patterns: ?and ?false ?not ?or ?true and the basic package patterns: ?architecture ?name ?x-name-fnmatch
2019-08-15Add pattern tree parser infra and connect with cacheset and apt listJulian Andres Klode1-0/+61
This adds a transformation from parse tree into a CacheFilter and connects it with cachesets and the apt list command.
2019-08-15test: Use valgrind to ensure Acquire::Queue-Mode=access does not crashJulian Andres Klode2-1/+23
Unfortunately for us, apt update with Acquire::Queue-Mode=access does not always crash on a real system, so run the whole thing in valgrind.
2019-08-15Fix segfault in pkgAcquire::Enqueue() with Acquire::Queue-Mode=accessJulian Andres Klode1-0/+3
In commit 79b1a8298, QueueName() was changed, amongst other things, to exit early when the queue mode was single access, as single access does not need any fancy queue name. The exit became too early though, as Config was not initialized anymore, but the caller was relying on it. Fix QueueName() to always initialize Config and in Enqueue() initialize Config with a nullptr, so if this regresses it's guaranteed to fail harder. Also add a test case - this is very simple, but the first and only test case for access queue mode. Regression-Of: 79b1a82983e737e74359bc306d9edb357c5bdd46 LP: #1839714
2019-07-10Fix typos reported by codespell in code commentsDavid Kalnischkies2-4/+4
Also in old changelogs, but nothing really user visible like error messages or alike so barely noteworthy. Reported-By: codespell Gbp-Dch: Ignore
2019-06-11http: Fix Host header in proxied https connectionsSimon Körner1-0/+22
Currently CONNECT requests use the name of the proxy as Host value, instead of the origin server's name. According to RFC 2616 "The Host field value MUST represent the naming authority of the origin server or gateway given by the original URL." The current implementation causes problems with some proxy vendors. This commit fixes this. [jak: Adding a test case] See merge request apt-team/apt!66
2019-06-11Introduce apt satisfy and apt-get satisfyJulian Andres Klode1-0/+72
Allow to satisfy dependency strings supplied on the command line, optionally prefixed with "Conflicts:" to satisfy them like Conflicts. Build profiles and architecture restriction lists, as used in build dependencies, are supported as well. Compared to build-dep, build-essential is not installed automatically, and installing of recommended packages follows the global default, which defaults to yes. Closes: #275379 See merge request apt-team/apt!63
2019-05-06Use debDebFile to get control file instead of dpkg-debJulian Andres Klode1-3/+3
2019-04-15Add test case for local-only packages pinned to neverJulian Andres Klode1-1/+14
Test from the fix for the regression in trusty for LP #1821308.
2019-03-03Add explicit message for unsupported binary signatureDavid Kalnischkies1-0/+22
Verifying the content of Release.gpg made us fail on binary signatures which were never officially supported (apt-secure manpage only documents only the generation of ASCII armored), but silently accepted by gpgv as we passed it on unchecked before. The binary format is complex and is itself split into old and new formats so adding support for this would not only add lots of code but also a good opportunity for bugs and dubious benefit. Reporting this issue explicitly should help repository creators figure out the problem faster than the default NODATA message hinting at captive portals. Given that the binary format has no file magic or any other clear and simple indication that this is a detached signature we guess based on the first two bits only – and by that only supporting the "old" binary format which seems to be the only one generated by gnupg in this case. References: e2965b0b6bdd68ffcad0e06d11755412a7e16e50 Closes: #921685
2019-02-10Fix various typos in the documentationJakub Wilk1-1/+1
2019-02-04Merge branch 'pu/dead-pin' into 'master'Julian Andres Klode2-3/+123
A pin of -32768 overrides any other, disables repo See merge request apt-team/apt!40
2019-02-01Add a Packages-Require-Authorization Release file fieldJulian Andres Klode1-0/+61
This new field allows a repository to declare that access to packages requires authorization. The current implementation will set the pin to -32768 if no authorization has been provided in the auth.conf(.d) files. This implementation is suboptimal in two aspects: (1) A repository should behave more like NotSource repositories (2) We only have the host name for the repository, we cannot use paths yet. - We can fix those after an ABI break. The code also adds a check to acquire-item.cc to not use the specified repository as a download source, mimicking NotSource.
2019-02-01Introduce experimental 'never' pinning for sourcesJulian Andres Klode1-3/+62
This allows disabling a repository by pinning it to 'never', which is internally translated to a value of -32768 (or whatever the minimum of short is). This overrides any other pin for that repository. It can be used to make sure certain sources are never used; for example, in unattended-upgrades. To prevent semantic changes to existing files, we substitute min + 1 for every pin-priority: <min>. This is a temporary solution, as we are waiting for an ABI break. To add pins with that value, the special Pin-Priority "never" may be used for now. It's unclear if that will persist, or if the interface will change eventually.
2019-02-01Merge branch 'pu/refuseunsignedlines' into 'master'Julian Andres Klode4-18/+87
Fail if InRelease or Release.gpg contain unsigned lines See merge request apt-team/apt!45
2019-02-01Step over empty sections in TagFiles with commentsDavid Kalnischkies1-0/+68
Implementing a parser with recursion isn't the best idea, but in practice we should get away with it for the time being to avoid needless codechurn. Closes: #920317 #921037
2019-01-24Merge and reuse tmp file handling across the boardDavid Kalnischkies1-0/+7
Having many rather similar implementations especially if one is exported while others aren't (and the rest of it not factored out at all) seems suboptimal.
2019-01-23Fail on non-signature lines in Release.gpgDavid Kalnischkies2-16/+75
The exploit for CVE-2019-3462 uses the fact that a Release.gpg file can contain additional content beside the expected detached signature(s). We were passing the file unchecked to gpgv which ignores these extras without complains, so we reuse the same line-reading implementation we use for InRelease splitting to detect if a Release.gpg file contains unexpected data and fail in this case given that we in the previous commit we established that we fail in the similar InRelease case now.
2019-01-23Fail instead of warn for unsigned lines in InReleaseDavid Kalnischkies1-2/+5
The warnings were introduced 2 years ago without any reports from the wild about them actually appearing for anyone, so now seems to be an as good time as any to switch them to errors. This allows rewritting the code by failing earlier instead of trying to keep going which makes the diff a bit hard to follow but should help simplifying reasoning about it. References: 6376dfb8dfb99b9d182c2fb13aa34b2ac89805e3
2019-01-22Merge branch 'pu/gpgvsignedby' into 'master'Julian Andres Klode1-21/+43
Report keys used to sign file from gpgv method to acquire system See merge request apt-team/apt!44
2019-01-22SECURITY UPDATE: content injection in http method (CVE-2019-3462)Julian Andres Klode1-0/+66
This fixes a security issue that can be exploited to inject arbritrary debs or other files into a signed repository as followed: (1) Server sends a redirect to somewhere%0a<headers for the apt method> (where %0a is \n encoded) (2) apt method decodes the redirect (because the method encodes the URLs before sending them out), writting something like somewhere\n <headers> into its output (3) apt then uses the headers injected for validation purposes. Regression-Of: c34ea12ad509cb34c954ed574a301c3cbede55ec LP: #1812353
2019-01-22Communicate back which key(s) were used for signingDavid Kalnischkies1-20/+42
Telling the acquire system which keys caused the gpgv method to succeed allows us for now just a casual check if the gpgv method really executed catching bugs like CVE-2018-0501, but we will make use of the information for better features in the following commits.
2019-01-22Refactor internal Signers information storage in gpgvDavid Kalnischkies1-19/+19
Having a method take a bunch of string vectors is bad style, so we change this to a wrapping struct and adapt the rest of the code brushing it up slightly in the process, which results even in a slightly "better" debug output, no practical change otherwise. Gbp-Dch: Ignore
2018-12-10Merge branch 'pu/dpkg-path' into 'master'Julian Andres Klode2-0/+38
Set PATH=/usr/sbin:/usr/bin:/sbin:/bin when running dpkg See merge request apt-team/apt!38
2018-12-10Set PATH=/usr/sbin:/usr/bin:/sbin:/bin when running dpkgJulian Andres Klode2-0/+38
This avoids a lot of problems from local installations of scripting languages and other stuff in /usr/local for which maintainer scripts are not prepared. [v3: Inherit PATH during tests, check overrides work] [v2: Add testing]
2018-12-04Add support for /etc/apt/auth.conf.d/*.conf (netrcparts)Julian Andres Klode1-1/+12
This allows us to install matching auth files for sources.list.d files, for example; very useful. This converts aptmethod's authfd from one FileFd to a vector of pointers to FileFd, as FileFd cannot be copied, and move operators are hard.
2018-12-04Merge branch 'bugfix/spaceinconfig' into 'master'Julian Andres Klode1-0/+14
Use quoted tagnames in config dumps See merge request apt-team/apt!32
2018-12-03Provide a "autopurge" shortcutJulian Andres Klode1-0/+15
This adds a new "autopurge" command that will is a shortcut for "autoremove --purge" Thanks: Michael Vogt for the initial work
2018-12-03test-pdiff-usage: make transaction failure test case more robustJulian Andres Klode1-1/+7
Try 10 times in a row
2018-11-29Use quoted tagnames in config dumpsDavid Kalnischkies1-0/+14
Tagnames in configuration can include spaces (and other nasties) e.g. in repository-specific configuration options due to Origin/Label potentially containing a space. The configuration file format supports parsing quoted as well as encoded spaces, but the output generated by apt-config and other places which might be feedback into apt via parsing (e.g. before calling apt-key in our gpgv method) do not quote and hence produce invalid configuration files. Changing the default to be an encoded tagname ensures that the output of dump can be used as a config file, but other users might not expect this so that is technically a backward-breaking change.
2018-11-25Fix typo reported by codespell in code commentsDavid Kalnischkies1-1/+1
No user visible change expect for some years old changelog entries, so we don't really need to add a new one for this… Reported-By: codespell Gbp-Dch: Ignore
2018-11-21Print useful error on "apt changelog" without argumentsJulian Andres Klode1-0/+5
Fixes Debian/apt#77
2018-10-14Merge branch 'feature/subkeys' into 'master'Julian Andres Klode8-10/+147
Support subkeys and multiple keyrings in Signed-By options See merge request apt-team/apt!27
2018-10-13Default to https: scheme for fetching Debian changelogsBen Hutchings2-3/+3
Closes: #910941
2018-10-05Set DPKG_FRONTEND_LOCKED when running {pre,post}-invoke scriptsJulian Andres Klode1-0/+80
Some post-invoke scripts install packages, which fails because the environment variable is not set. This sets the variable for all three kinds of scripts {pre,post-}invoke and pre-install-pkgs, but we will only allow post-invoke at a later time. Gbp-Dch: full
2018-09-20Deal with descriptions embedded in displayed record correctlyDavid Kalnischkies1-2/+68
The implementation of "apt-cache show" (not "apt show") incorrectly resets the currently used parser if the record itself and the description to show come from the same file (as it is the case if no Translation-* files are available e.g. after debootstrap). The code is more complex than you would hope to support some rather unusual setups involving Descriptions and their translations as tested for by ./test-bug-712435-missing-descriptions as otherwise this could be a one-line change. Regression-Of: bf53f39c9a0221b670ffff74053ed36fc502d5a0 Closes: #909155
2018-09-18Merge branch 'bugfix/statusfd' into 'master'Julian Andres Klode4-57/+78
Process all of --status-fd and don't expect duplicate status msg See merge request apt-team/apt!26