1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-04 22:40:12 +01:00
fdroidserver/tests/run-tests
Hans-Christoph Steiner 86865faa62 make fdroid update check that it can sign the repo, or exit with error
There is no good reason to run unsigned repos any more.  It is trivially
easy to create and use a signed repo, and having to support unsigned repos
in the client makes some security-critical parts of the code a lot more
complicated.

refs #13 https://gitlab.com/fdroid/fdroidserver/issues/13
https://gitlab.com/fdroid/fdroidclient/issues/12
2015-05-08 16:13:15 -04:00

399 lines
11 KiB
Bash
Executable File

#!/bin/bash
set -e # quit script on error
set -x # show each command as it is executed
echo_header() {
echo "=============================================================================="
echo $1
}
copy_apks_into_repo() {
set +x
for f in `find $APKDIR -name '*.apk' | grep -F -v -e unaligned -e unsigned -e badsig -e badcert`; do
name=$(basename $(dirname `dirname $f`))
apk=`$aapt dump badging "$f" | sed -n "s,^package: name='\(.*\)' versionCode='\([0-9][0-9]*\)' .*,\1_\2.apk,p"`
test $f -nt repo/$apk && rm -f repo/$apk # delete existing if $f is newer
if [ ! -e repo/$apk ] && [ ! -e archive/$apk ]; then
echo "$f --> repo/$apk"
ln $f $1/repo/$apk || \
rsync -axv $f $1/repo/$apk # rsync if hard link is not possible
fi
done
set -x
}
# keep this as an old version to test the automatic parsing of build-tools
# verion numbers in `fdroid init`
create_fake_android_home() {
mkdir $1/tools
mkdir $1/platform-tools
mkdir $1/build-tools
mkdir $1/build-tools/19.0.2
touch $1/build-tools/19.0.2/aapt
}
create_test_dir() {
test -e $WORKSPACE/.testfiles || mkdir $WORKSPACE/.testfiles
mktemp --directory --tmpdir=$WORKSPACE/.testfiles
}
create_test_file() {
test -e $WORKSPACE/.testfiles || mkdir $WORKSPACE/.testfiles
mktemp --tmpdir=$WORKSPACE/.testfiles
}
#------------------------------------------------------------------------------#
# "main"
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
set +x
echo "Usage: $0 '/path/to/folder/with/apks'"
exit 1
fi
if [ -z "$ANDROID_HOME" ]; then
echo "ANDROID_HOME must be set with the path to the Android SDK, i.e.: "
echo " export ANDROID_HOME=/opt/android-sdk"
exit 1
fi
if [ -z "$1" ]; then
APKDIR=`pwd`
else
APKDIR=$1
fi
if [ -z $WORKSPACE ]; then
WORKSPACE=`dirname $(pwd)`
echo "Setting Workspace to $WORKSPACE"
fi
# allow the location of the script to be overridden
if [ -z $fdroid ]; then
fdroid="$WORKSPACE/fdroid"
fi
# allow the location of aapt to be overridden
if [ -z $aapt ]; then
aapt=`ls -1 $ANDROID_HOME/build-tools/*/aapt | sort | tail -1`
fi
# allow the location of python to be overridden
if [ -z $python ]; then
python=python2
fi
#------------------------------------------------------------------------------#
echo_header "run commit hooks"
cd $WORKSPACE
./hooks/pre-commit
#------------------------------------------------------------------------------#
echo_header "test python getsig replacement"
cd $WORKSPACE/tests/getsig
./make.sh
for testcase in $WORKSPACE/tests/*.TestCase; do
$testcase
done
#------------------------------------------------------------------------------#
echo_header "create a source tarball and use that to build a repo"
cd $WORKSPACE
$python setup.py sdist
REPOROOT=`create_test_dir`
cd $REPOROOT
tar xzf `ls -1 $WORKSPACE/dist/fdroidserver-*.tar.gz | sort -n | tail -1`
cd $REPOROOT
./fdroidserver-*/fdroid init
copy_apks_into_repo $REPOROOT
./fdroidserver-*/fdroid update --create-metadata
#------------------------------------------------------------------------------#
echo_header "test config checks of local_copy_dir"
REPOROOT=`create_test_dir`
cd $REPOROOT
$fdroid init
$fdroid update --create-metadata
$fdroid server update --local-copy-dir=/tmp/fdroid
# now test the errors work
set +e
$fdroid server update --local-copy-dir=thisisnotanabsolutepath
if [ $? -eq 0 ]; then
echo "This should have failed because thisisnotanabsolutepath is not an absolute path!"
exit 1
else
echo "testing absolute path checker passed"
fi
$fdroid server update --local-copy-dir=/tmp/IReallyDoubtThisPathExistsasdfasdf
if [ $? -eq 0 ]; then
echo "This should have failed because the path does not end with 'fdroid'!"
exit 1
else
echo "testing dirname exists checker passed"
fi
$fdroid server update --local-copy-dir=/tmp/IReallyDoubtThisPathExistsasdfasdf/fdroid
if [ $? -eq 0 ]; then
echo "This should have failed because the dirname path does not exist!"
exit 1
else
echo "testing dirname exists checker passed"
fi
set -e
#------------------------------------------------------------------------------#
echo_header "setup a new repo from scratch using ANDROID_HOME and do a local sync"
REPOROOT=`create_test_dir`
cd $REPOROOT
$fdroid init
copy_apks_into_repo $REPOROOT
$fdroid update --create-metadata
grep -F '<application id=' repo/index.xml
LOCALCOPYDIR=`create_test_dir`/fdroid
$fdroid server update --local-copy-dir=$LOCALCOPYDIR
NEWREPOROOT=`create_test_dir`
cd $NEWREPOROOT
$fdroid init
$fdroid server update --local-copy-dir=$LOCALCOPYDIR --sync-from-local-copy-dir
#------------------------------------------------------------------------------#
# check that --android-home fails when dir does not exist or is not a dir
REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
set +e
$fdroid init --keystore $KEYSTORE --android-home /opt/fakeandroidhome
if [ $? -eq 0 ]; then
echo "This should have failed because /opt/fakeandroidhome does not exist!"
exit 1
else
echo "testing android-home path checker passed"
fi
TESTFILE=`create_test_file`
$fdroid init --keystore $KEYSTORE --android-home $TESTFILE
if [ $? -eq 0 ]; then
echo "This should have failed because $TESTFILE is a file not a dir!"
exit 1
else
echo "testing android-home not-dir checker passed"
fi
set -e
#------------------------------------------------------------------------------#
echo_header "check that fake android home passes 'fdroid init'"
REPOROOT=`create_test_dir`
FAKE_ANDROID_HOME=`create_test_dir`
create_fake_android_home $FAKE_ANDROID_HOME
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
#------------------------------------------------------------------------------#
echo_header "check that 'fdroid init' fails when build-tools cannot be found"
if [ -e /usr/bin/aapt ]; then
echo "/usr/bin/aapt exists, not running test"
else
REPOROOT=`create_test_dir`
FAKE_ANDROID_HOME=`create_test_dir`
create_fake_android_home $FAKE_ANDROID_HOME
rm -f $FAKE_ANDROID_HOME/build-tools/*/aapt
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
set +e
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
[ $? -eq 0 ] && exit 1
set -e
fi
#------------------------------------------------------------------------------#
echo_header "check that --android-home overrides ANDROID_HOME"
REPOROOT=`create_test_dir`
FAKE_ANDROID_HOME=`create_test_dir`
create_fake_android_home $FAKE_ANDROID_HOME
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
set +e
grep $FAKE_ANDROID_HOME $REPOROOT/config.py
if [ $? -ne 0 ]; then
echo "the value set in --android-home '$FAKE_ANDROID_HOME' should override ANDROID_HOME '$ANDROID_HOME'"
exit 1
fi
set -e
#------------------------------------------------------------------------------#
# In this case, ANDROID_HOME is set to a fake, non-working version that will
# be detected by fdroid as an Android SDK install. It should use the path set
# by --android-home over the one in ANDROID_HOME, therefore if it uses the one
# in ANDROID_HOME, it won't work because it is a fake one. Only
# --android-home provides a working one.
echo_header "setup a new repo from scratch with keystore and android-home set on cmd line"
REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
FAKE_ANDROID_HOME=`create_test_dir`
create_fake_android_home $FAKE_ANDROID_HOME
STORED_ANDROID_HOME=$ANDROID_HOME
unset ANDROID_HOME
echo "ANDROID_HOME: $ANDROID_HOME"
cd $REPOROOT
$fdroid init --keystore $KEYSTORE --android-home $STORED_ANDROID_HOME --no-prompt
test -e $KEYSTORE
copy_apks_into_repo $REPOROOT
$fdroid update --create-metadata
grep -F '<application id=' repo/index.xml
test -e repo/index.xml
test -e repo/index.jar
export ANDROID_HOME=$STORED_ANDROID_HOME
#------------------------------------------------------------------------------#
echo_header "setup new repo from scratch using ANDROID_HOME, putting APKs in repo first"
REPOROOT=`create_test_dir`
cd $REPOROOT
mkdir repo
copy_apks_into_repo $REPOROOT
$fdroid init
$fdroid update --create-metadata
grep -F '<application id=' repo/index.xml
#------------------------------------------------------------------------------#
echo_header "setup a new repo from scratch and generate a keystore"
REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
$fdroid init --keystore $KEYSTORE
test -e $KEYSTORE
copy_apks_into_repo $REPOROOT
$fdroid update --create-metadata
test -e repo/index.xml
test -e repo/index.jar
grep -F '<application id=' repo/index.xml
#------------------------------------------------------------------------------#
echo_header "setup a new repo from scratch, generate a keystore, then add APK and update"
REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
$fdroid init --keystore $KEYSTORE
test -e $KEYSTORE
copy_apks_into_repo $REPOROOT
$fdroid update --create-metadata
test -e repo/index.xml
test -e repo/index.jar
grep -F '<application id=' repo/index.xml
cp $WORKSPACE/tests/urzip.apk $REPOROOT/
$fdroid update --create-metadata
test -e repo/index.xml
test -e repo/index.jar
grep -F '<application id=' repo/index.xml
#------------------------------------------------------------------------------#
echo_header "setup a new repo from scratch with a HSM/smartcard"
REPOROOT=`create_test_dir`
cd $REPOROOT
$fdroid init --keystore NONE
test -e opensc-fdroid.cfg
test ! -e NONE
#------------------------------------------------------------------------------#
echo_header "setup a new repo with no keystore, add APK, and update"
REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
touch config.py
touch fdroid-icon.png
mkdir repo/
cp $WORKSPACE/tests/urzip.apk $REPOROOT/
set +e
$fdroid update --create-metadata
if [ $? -eq 0 ]; then
echo "This should have failed because this repo has no keystore!"
exit 1
else
echo "`fdroid update` prompted to add keystore"
fi
set -e
# now set up fake, non-working keystore setup
touch $KEYSTORE
echo "keystore = \"$KEYSTORE\"" >> config.py
echo 'repo_keyalias = "foo"' >> config.py
echo 'keystorepass = "foo"' >> config.py
echo 'keypass = "foo"' >> config.py
set +e
$fdroid update --create-metadata
if [ $? -eq 0 ]; then
echo "This should have failed because this repo has a bad/fake keystore!"
exit 1
else
echo "`fdroid update` prompted to add keystore"
fi
set -e
#------------------------------------------------------------------------------#
echo_header "setup a new repo with keystore with APK, update, then without key"
REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
$fdroid init --keystore $KEYSTORE
test -e $KEYSTORE
cp $WORKSPACE/tests/urzip.apk $REPOROOT/repo/
$fdroid update --create-metadata
test -e repo/index.xml
test -e repo/index.jar
grep -F '<application id=' repo/index.xml
# now set fake repo_keyalias
sed -i 's,^ *repo_keyalias.*,repo_keyalias = "fake",' $REPOROOT/config.py
set +e
$fdroid update
if [ $? -eq 0 ]; then
echo "This should have failed because this repo has a bad repo_keyalias!"
exit 1
else
echo "`fdroid update` prompted to add keystore"
fi
set -e
#------------------------------------------------------------------------------#
# remove this to prevent git conflicts and complaining
rm -rf $WORKSPACE/fdroidserver.egg-info/
echo SUCCESS