[devel] [PATCH for apt 36/38] Add http and https methods tests
Aleksei Nikiforov
darktemplar на altlinux.org
Вт Дек 10 18:23:41 MSK 2019
---
apt/test/integration/framework | 104 +++++++++++++++++-
apt/test/integration/test-apt-method-http | 29 +++++
apt/test/integration/test-apt-method-https | 56 ++++++++++
...est-apt-method-https-invalid-cert-hostname | 41 +++++++
4 files changed, 229 insertions(+), 1 deletion(-)
create mode 100755 apt/test/integration/test-apt-method-http
create mode 100755 apt/test/integration/test-apt-method-https
create mode 100755 apt/test/integration/test-apt-method-https-invalid-cert-hostname
diff --git a/apt/test/integration/framework b/apt/test/integration/framework
index fa9672d..6098089 100644
--- a/apt/test/integration/framework
+++ b/apt/test/integration/framework
@@ -519,7 +519,7 @@ generaterepository() {
--suite="${GB_REPO_SUITE:-$label}" \
--version="${GB_REPO_VERSION:-$date_s}" \
--topdir="$REPO_DIR" \
- --flat --no-oldhashfile --no-bz2 --no-xz --mapi \
+ --flat --no-oldhashfile --bz2 --xz --mapi \
$dir $comps
if [ -n "$REPO_DATE" ] ; then
@@ -552,3 +552,105 @@ ENDSCRIPT
chmod +x $TMPWORKINGDIRECTORY/bash/scripts/${SCRIPTFILENAME}.sh
}
+
+nginxsetuphttp() {
+ mkdir -p $TMPWORKINGDIRECTORY/nginx ||:
+ mkdir -p $TMPWORKINGDIRECTORY/nginx/tmp ||:
+
+cat >> $TMPWORKINGDIRECTORY/nginx/nginx.conf << ENDCONFIG
+worker_processes 1;
+error_log $TMPWORKINGDIRECTORY/nginx/error.log;
+daemon off;
+pid $TMPWORKINGDIRECTORY/nginx/nginx.pid;
+
+events {
+ worker_connections 1024;
+}
+
+http {
+ client_body_temp_path $TMPWORKINGDIRECTORY/nginx/tmp/client_body;
+ fastcgi_temp_path $TMPWORKINGDIRECTORY/nginx/tmp/fastcgi_temp;
+ proxy_temp_path $TMPWORKINGDIRECTORY/nginx/tmp/proxy_temp;
+ scgi_temp_path $TMPWORKINGDIRECTORY/nginx/tmp/scgi_temp;
+ uwsgi_temp_path $TMPWORKINGDIRECTORY/nginx/tmp/uwsgi_temp;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ sendfile on;
+
+ keepalive_timeout 65;
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_prefer_server_ciphers on;
+ access_log $TMPWORKINGDIRECTORY/nginx/http.access.log;
+ error_log $TMPWORKINGDIRECTORY/nginx/http.error.log;
+
+ server {
+ listen 8080;
+ server_name localhost localhost.localdomain;
+
+ location / {
+ root $TMPWORKINGDIRECTORY/nginx/repo;
+ autoindex on;
+ }
+ }
+}
+ENDCONFIG
+}
+
+nginxsetuphttps() {
+ mkdir -p $TMPWORKINGDIRECTORY/nginx ||:
+ mkdir -p $TMPWORKINGDIRECTORY/nginx/tmp ||:
+
+ cat >> $TMPWORKINGDIRECTORY/nginx/nginx.conf << ENDCONFIG
+worker_processes 1;
+error_log $TMPWORKINGDIRECTORY/nginx/error.log;
+daemon off;
+pid $TMPWORKINGDIRECTORY/nginx/nginx.pid;
+
+events {
+ worker_connections 1024;
+}
+
+http {
+ client_body_temp_path $TMPWORKINGDIRECTORY/nginx/tmp/client_body;
+ fastcgi_temp_path $TMPWORKINGDIRECTORY/nginx/tmp/fastcgi_temp;
+ proxy_temp_path $TMPWORKINGDIRECTORY/nginx/tmp/proxy_temp;
+ scgi_temp_path $TMPWORKINGDIRECTORY/nginx/tmp/scgi_temp;
+ uwsgi_temp_path $TMPWORKINGDIRECTORY/nginx/tmp/uwsgi_temp;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ sendfile on;
+
+ keepalive_timeout 65;
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_prefer_server_ciphers on;
+ access_log $TMPWORKINGDIRECTORY/nginx/http.access.log;
+ error_log $TMPWORKINGDIRECTORY/nginx/http.error.log;
+
+ server {
+ listen 8080;
+ server_name localhost localhost.localdomain;
+
+ ssl_certificate $TMPWORKINGDIRECTORY/nginx/cert.crt;
+ ssl_certificate_key $TMPWORKINGDIRECTORY/nginx/cert.key;
+
+ ssl on;
+
+ ssl_session_cache builtin:1000 shared:SSL:10m;
+ ssl_protocols TLSv1.2;
+ ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
+ ssl_prefer_server_ciphers on;
+
+ location / {
+ root $TMPWORKINGDIRECTORY/nginx/repo;
+ autoindex on;
+ }
+ }
+}
+ENDCONFIG
+}
diff --git a/apt/test/integration/test-apt-method-http b/apt/test/integration/test-apt-method-http
new file mode 100755
index 0000000..0872c99
--- /dev/null
+++ b/apt/test/integration/test-apt-method-http
@@ -0,0 +1,29 @@
+#!/bin/bash
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+
+nginxsetuphttp
+
+buildpackage "simple-package"
+
+generaterepository "$TMPWORKINGDIRECTORY/usr/src/RPM/RPMS" "$TMPWORKINGDIRECTORY/nginx/repo"
+
+cat > $TMPWORKINGDIRECTORY/rootdir/etc/apt/sources.list << END
+rpm http://localhost:8080/ $(getarchitecture) apt-tests
+rpm http://localhost:8080/ noarch apt-tests
+END
+
+/usr/sbin/nginx -c $TMPWORKINGDIRECTORY/nginx/nginx.conf -p $TMPWORKINGDIRECTORY &>> $TMPWORKINGDIRECTORY/nginx/process-stderr.log &
+NGINXPID=$!
+
+addtrap 'prefix' "kill -SIGTERM $NGINXPID; [ \"$EXIT_CODE\" = '0' ] || cat $TMPWORKINGDIRECTORY/nginx/process-stderr.log;"
+
+testsuccess aptget update
+
+testpkgnotinstalled "simple-package"
+testsuccess aptget install simple-package
+testpkginstalled "simple-package"
diff --git a/apt/test/integration/test-apt-method-https b/apt/test/integration/test-apt-method-https
new file mode 100755
index 0000000..29e4d2d
--- /dev/null
+++ b/apt/test/integration/test-apt-method-https
@@ -0,0 +1,56 @@
+#!/bin/bash
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+
+nginxsetuphttps
+
+# generate key
+openssl req -x509 -newkey rsa:4096 -keyout $TMPWORKINGDIRECTORY/nginx/cert.key -out $TMPWORKINGDIRECTORY/nginx/cert.crt -nodes -days 365 -subj '/CN=localhost' &>/dev/null
+
+# add key to apt's config. Also pin the key
+cat > $TMPWORKINGDIRECTORY/rootdir/etc/apt/apt.conf.d/80https.conf << END
+Acquire::https::CaInfo "$TMPWORKINGDIRECTORY/nginx/cert.crt";
+END
+
+cat > $TMPWORKINGDIRECTORY/rootdir/etc/apt/apt.conf.d/81https-pinning.conf << END
+Acquire::https::PinnedCert "$TMPWORKINGDIRECTORY/nginx/cert.crt";
+END
+
+buildpackage "simple-package"
+buildpackage "conflicting-package-one"
+
+generaterepository "$TMPWORKINGDIRECTORY/usr/src/RPM/RPMS" "$TMPWORKINGDIRECTORY/nginx/repo"
+
+cat > $TMPWORKINGDIRECTORY/rootdir/etc/apt/sources.list << END
+rpm https://localhost:8080/ $(getarchitecture) apt-tests
+rpm https://localhost:8080/ noarch apt-tests
+END
+
+/usr/sbin/nginx -c $TMPWORKINGDIRECTORY/nginx/nginx.conf -p $TMPWORKINGDIRECTORY &>> $TMPWORKINGDIRECTORY/nginx/process-stderr.log &
+NGINXPID=$!
+
+addtrap 'prefix' "kill -SIGTERM $NGINXPID; [ \"$EXIT_CODE\" = '0' ] || cat $TMPWORKINGDIRECTORY/nginx/process-stderr.log;"
+
+testsuccess aptget update
+
+testpkgnotinstalled "simple-package"
+testsuccess aptget install simple-package
+testpkginstalled "simple-package"
+
+# generate another key, and pin apt to it. Check key pinning
+msgmsg "Pinning invalid key in apt"
+openssl req -x509 -newkey rsa:4096 -keyout $TMPWORKINGDIRECTORY/nginx/cert.invalid.key -out $TMPWORKINGDIRECTORY/nginx/cert.invalid.crt -nodes -days 365 -subj '/CN=localhost' &>/dev/null
+
+cat > $TMPWORKINGDIRECTORY/rootdir/etc/apt/apt.conf.d/81https-pinning.conf << END
+Acquire::https::PinnedCert "$TMPWORKINGDIRECTORY/nginx/cert.invalid.crt";
+END
+
+testfailure aptget update
+
+testpkgnotinstalled "conflicting-package-one"
+testfailure aptget install conflicting-package-one
+testpkgnotinstalled "conflicting-package-one"
diff --git a/apt/test/integration/test-apt-method-https-invalid-cert-hostname b/apt/test/integration/test-apt-method-https-invalid-cert-hostname
new file mode 100755
index 0000000..33e80b6
--- /dev/null
+++ b/apt/test/integration/test-apt-method-https-invalid-cert-hostname
@@ -0,0 +1,41 @@
+#!/bin/bash
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+
+nginxsetuphttps
+
+# generate key
+openssl req -x509 -newkey rsa:4096 -keyout $TMPWORKINGDIRECTORY/nginx/cert.key -out $TMPWORKINGDIRECTORY/nginx/cert.crt -nodes -days 365 -subj '/CN=wronghost' &>/dev/null
+
+# add key to apt's config. Also pin the key
+cat > $TMPWORKINGDIRECTORY/rootdir/etc/apt/apt.conf.d/80https.conf << END
+Acquire::https::CaInfo "$TMPWORKINGDIRECTORY/nginx/cert.crt";
+END
+
+cat > $TMPWORKINGDIRECTORY/rootdir/etc/apt/apt.conf.d/81https-pinning.conf << END
+Acquire::https::PinnedCert "$TMPWORKINGDIRECTORY/nginx/cert.crt";
+END
+
+buildpackage "simple-package"
+
+generaterepository "$TMPWORKINGDIRECTORY/usr/src/RPM/RPMS" "$TMPWORKINGDIRECTORY/nginx/repo"
+
+cat > $TMPWORKINGDIRECTORY/rootdir/etc/apt/sources.list << END
+rpm https://localhost:8080/ $(getarchitecture) apt-tests
+rpm https://localhost:8080/ noarch apt-tests
+END
+
+/usr/sbin/nginx -c $TMPWORKINGDIRECTORY/nginx/nginx.conf -p $TMPWORKINGDIRECTORY &>> $TMPWORKINGDIRECTORY/nginx/process-stderr.log &
+NGINXPID=$!
+
+addtrap 'prefix' "kill -SIGTERM $NGINXPID; [ \"$EXIT_CODE\" = '0' ] || cat $TMPWORKINGDIRECTORY/nginx/process-stderr.log;"
+
+testfailure aptget update
+
+testpkgnotinstalled "conflicting-package-one"
+testfailure aptget install conflicting-package-one
+testpkgnotinstalled "conflicting-package-one"
--
2.24.0
Подробная информация о списке рассылки Devel