mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-11-16 11:50:10 +01:00
3011953d0e
pickle can serialize executable code, while JSON is only ever pure data. The APK cache is only ever pure data, so no need for the security risks of pickle. For example, if some malicious thing gets write access on the `fdroid update` machine, it can write out a custom tmp/apkcache which would then be executed. That is not possible with JSON. This does just ignore any existing cache and rebuilds from scratch. That is so we don't need to maintain pickle anywhere, and to ensure there are no glitches from a conversion from pickle to JSON. closes #163
1113 lines
39 KiB
Bash
Executable File
1113 lines
39 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -e # quit script on error
|
|
|
|
echo_header() {
|
|
{ echo -e "==============================================================================\n$1"; } 2>/dev/null
|
|
}
|
|
|
|
get_fdroid_apk_filename() {
|
|
if [ -z $aapt ]; then
|
|
python3 -c "from androguard.core.bytecodes.apk import APK; a=APK('$1'); print(a.package+'_'+a.get_androidversion_code()+'.apk')"
|
|
else
|
|
$aapt dump badging "$1" | sed -n "s,^package: name='\(.*\)' versionCode='\([0-9][0-9]*\)' .*,\1_\2.apk,p"
|
|
fi
|
|
}
|
|
|
|
copy_apks_into_repo() {
|
|
set +x
|
|
find $APKDIR -type f -name '*.apk' -print0 | while IFS= read -r -d '' f; do
|
|
echo $f | grep -F -v -e unaligned -e unsigned -e badsig -e badcert -e bad-unicode -e janus.apk || continue
|
|
apk=`get_fdroid_apk_filename "$f"`
|
|
test "$f" -nt repo/$apk && rm -f repo/$apk # delete existing if $f is newer
|
|
if [ ! -e repo/$apk ] && [ ! -e archive/$apk ]; then
|
|
echo "$f --> repo/$apk"
|
|
ln "$f" $1/repo/$apk || \
|
|
rsync -axv "$f" $1/repo/$apk # rsync if hard link is not possible
|
|
fi
|
|
done
|
|
set -x
|
|
}
|
|
|
|
# keep this as an old version to test the automatic parsing of build-tools
|
|
# verion numbers in `fdroid init`
|
|
create_fake_android_home() {
|
|
mkdir $1/tools
|
|
mkdir $1/platform-tools
|
|
mkdir $1/build-tools
|
|
mkdir $1/build-tools/19.0.2
|
|
touch $1/build-tools/19.0.2/aapt
|
|
}
|
|
|
|
create_test_dir() {
|
|
test -e $WORKSPACE/.testfiles || mkdir $WORKSPACE/.testfiles
|
|
mktemp -d $WORKSPACE/.testfiles/run-tests.XXXX
|
|
}
|
|
|
|
create_test_file() {
|
|
test -e $WORKSPACE/.testfiles || mkdir $WORKSPACE/.testfiles
|
|
TMPDIR=$WORKSPACE/.testfiles mktemp
|
|
}
|
|
|
|
fdroid_init_with_prebuilt_keystore() {
|
|
if [ -z "$1" ]; then
|
|
keystore=$WORKSPACE/tests/keystore.jks
|
|
else
|
|
keystore="$1"
|
|
fi
|
|
$fdroid init --keystore $keystore --repo-keyalias=sova
|
|
echo 'keystorepass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py
|
|
echo 'keypass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py
|
|
}
|
|
|
|
# the < is reverse since 0 means success in exit codes
|
|
have_git_2_3() {
|
|
python3 -c "import sys; from distutils.version import LooseVersion as V; sys.exit(V(sys.argv[3]) < V('2.3'))" `git --version`
|
|
}
|
|
|
|
is_MD5_disabled() {
|
|
javac $WORKSPACE/tests/IsMD5Disabled.java && java -cp $WORKSPACE/tests IsMD5Disabled
|
|
return $?
|
|
}
|
|
|
|
#------------------------------------------------------------------------------#
|
|
# "main"
|
|
|
|
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
|
|
set +x
|
|
echo "Usage: $0 '/path/to/folder/with/apks'"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "$ANDROID_HOME" ]; then
|
|
if python3 -c "import androguard"; then
|
|
echo "ANDROID_HOME is not set, using androguard"
|
|
else
|
|
echo "ERROR: ANDROID_HOME is not set, androguard is not available!"
|
|
exit 1
|
|
fi
|
|
else
|
|
echo "Using ANDROID_HOME=$ANDROID_HOME"
|
|
fi
|
|
|
|
if [ -d tests ]; then
|
|
cd tests
|
|
fi
|
|
|
|
if [ -z "$1" ]; then
|
|
APKDIR=`pwd`
|
|
else
|
|
APKDIR=$1
|
|
fi
|
|
|
|
if [ -z $WORKSPACE ]; then
|
|
WORKSPACE=`dirname $(pwd)`
|
|
echo "Setting Workspace to $WORKSPACE"
|
|
fi
|
|
|
|
# allow the location of the script to be overridden
|
|
if [ -z $fdroid ]; then
|
|
fdroid="$WORKSPACE/fdroid"
|
|
fi
|
|
|
|
# allow the location of aapt to be overridden
|
|
if [ -z $aapt ]; then
|
|
aapt=`ls -1 $ANDROID_HOME/build-tools/*/aapt 2> /dev/null | sort | tail -1`
|
|
fi
|
|
|
|
# try to use GNU sed on OSX/BSD cuz BSD sed sucks
|
|
if which gsed; then
|
|
sed=gsed
|
|
else
|
|
sed=sed
|
|
fi
|
|
|
|
set -x # show each command as it is executed
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "run commit hooks"
|
|
|
|
cd $WORKSPACE
|
|
./hooks/pre-commit
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "test python getsig replacement"
|
|
|
|
cd $WORKSPACE/tests/getsig
|
|
./make.sh
|
|
|
|
cd $WORKSPACE/tests
|
|
for testcase in $WORKSPACE/tests/*.TestCase; do
|
|
if [ $testcase == $WORKSPACE/tests/install.TestCase ]; then
|
|
echo "skipping install.TestCase, its too troublesome in CI builds"
|
|
continue
|
|
fi
|
|
$testcase
|
|
done
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "print fdroid version"
|
|
|
|
$fdroid --version
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header 'run process when building and signing are on separate machines'
|
|
|
|
if which zipalign || ls -1 $ANDROID_HOME/build-tools/*/zipalign; then
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
cp $WORKSPACE/tests/keystore.jks $REPOROOT/
|
|
$fdroid init --keystore keystore.jks --repo-keyalias=sova
|
|
echo 'keystorepass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py
|
|
echo 'keypass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py
|
|
echo "accepted_formats = ['txt', 'yml']" >> config.py
|
|
echo 'keydname = "CN=Birdman, OU=Cell, O=Alcatraz, L=Alcatraz, S=California, C=US"' >> config.py
|
|
test -d archive || mkdir archive
|
|
test -d metadata || mkdir metadata
|
|
cp $WORKSPACE/tests/metadata/info.guardianproject.urzip.yml metadata/
|
|
test -d repo || mkdir repo
|
|
test -d unsigned || mkdir unsigned
|
|
cp $WORKSPACE/tests/urzip-release-unsigned.apk unsigned/info.guardianproject.urzip_100.apk
|
|
$fdroid publish --verbose
|
|
$fdroid update --verbose --nosign
|
|
$fdroid signindex --verbose
|
|
test -e repo/index.xml
|
|
test -e repo/index.jar
|
|
test -e repo/index-v1.jar
|
|
test -e tmp/apkcache.json
|
|
! test -z tmp/apkcache.json
|
|
test -L urzip.apk
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
fi
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "test UTF-8 metadata"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
|
|
fdroid_init_with_prebuilt_keystore
|
|
$sed -i.tmp 's,^ *repo_description.*,repo_description = """获取已安装在您的设备上的应用的,' config.py
|
|
echo "mirrors = ('https://foo.bar/fdroid', 'http://secret.onion/fdroid')" >> config.py
|
|
mkdir metadata
|
|
cp $WORKSPACE/tests/urzip.apk $WORKSPACE/tests/bad-unicode*.apk repo/
|
|
cp $WORKSPACE/tests/metadata/info.guardianproject.urzip.yml metadata/
|
|
|
|
$fdroid readmeta
|
|
$fdroid update
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header 'run "fdroid build" in fresh git checkout from import.TestCase'
|
|
|
|
cd $WORKSPACE/tests/tmp/importer
|
|
git remote update -p
|
|
git clean -fdx
|
|
# stick with known working commit, in case future commits break things for this code
|
|
git reset --hard fea54e1161d5eb9eb1a54e26253ef84d3ab63705
|
|
if [ -d $ANDROID_HOME/platforms/android-23 && -d $ANDROID_HOME/build-tools/23.0.3 ]; then
|
|
echo "build_tools = '`ls -1 $ANDROID_HOME/build-tools/ | sort -n | tail -1`'" > config.py
|
|
echo "force_build_tools = True" >> config.py
|
|
$fdroid build --verbose org.fdroid.ci.test.app:300
|
|
else
|
|
echo 'WARNING: Skipping "fdroid build" test since android-23 is missing!'
|
|
fi
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header 'copy git import and run "fdroid scanner" on it'
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
cp $WORKSPACE/examples/fdroid-icon.png $REPOROOT/
|
|
mkdir metadata
|
|
echo "Auto Name:Just A Test" > metadata/org.fdroid.ci.test.app.txt
|
|
echo "Web Site:" >> metadata/org.fdroid.ci.test.app.txt
|
|
echo "Build:0.3,300" >> metadata/org.fdroid.ci.test.app.txt
|
|
echo " commit=0.3" >> metadata/org.fdroid.ci.test.app.txt
|
|
echo " subdir=app" >> metadata/org.fdroid.ci.test.app.txt
|
|
echo " gradle=yes" >> metadata/org.fdroid.ci.test.app.txt
|
|
echo "" >> metadata/org.fdroid.ci.test.app.txt
|
|
echo "Repo:https://gitlab.com/fdroid/ci-test-app.git" >> metadata/org.fdroid.ci.test.app.txt
|
|
echo "Repo Type:git" >> metadata/org.fdroid.ci.test.app.txt
|
|
mkdir build
|
|
cp -a $WORKSPACE/tests/tmp/importer build/org.fdroid.ci.test.app
|
|
ls -l build/org.fdroid.ci.test.app
|
|
$fdroid scanner org.fdroid.ci.test.app --verbose
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "copy tests/repo, generate java/gpg keys, update, and gpgsign"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
GNUPGHOME=$REPOROOT/gnupghome
|
|
cd $REPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
cp -a $WORKSPACE/tests/metadata $WORKSPACE/tests/repo $WORKSPACE/tests/stats $REPOROOT/
|
|
cp -a $WORKSPACE/tests/gnupghome $GNUPGHOME
|
|
chmod 0700 $GNUPGHOME
|
|
echo "accepted_formats = ['json', 'txt', 'yml']" >> config.py
|
|
echo "install_list = 'org.adaway'" >> config.py
|
|
echo "uninstall_list = ('com.android.vending', 'com.facebook.orca',)" >> config.py
|
|
echo "gpghome = '$GNUPGHOME'" >> config.py
|
|
echo "gpgkey = 'CE71F7FB'" >> config.py
|
|
echo "mirrors = ('http://foobarfoobarfoobar.onion/fdroid','https://foo.bar/fdroid',)" >> config.py
|
|
$fdroid update --verbose --pretty
|
|
test -e repo/index.xml
|
|
test -e repo/index.jar
|
|
test -e repo/index-v1.jar
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
grep -F '<install packageName=' repo/index.xml > /dev/null
|
|
grep -F '<uninstall packageName=' repo/index.xml > /dev/null
|
|
# OSX tests are run on Travis-CI, and gpg fails to launch gpg-agent there
|
|
if [ "$TRAVIS_OS_NAME" != "osx" ] && which gpg; then
|
|
$fdroid gpgsign --verbose
|
|
$fdroid gpgsign --verbose
|
|
test -e repo/obb.mainpatch.current_1619.apk.asc
|
|
test -e repo/obb.main.twoversions_1101617_src.tar.gz.asc
|
|
! test -e repo/obb.mainpatch.current_1619.apk.asc.asc
|
|
! test -e repo/obb.main.twoversions_1101617_src.tar.gz.asc.asc
|
|
! test -e repo/index.xml.asc
|
|
fi
|
|
|
|
v0timestamp=`$sed -n -e 's,.*timestamp="\([0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]\)".*,\1,p' repo/index.xml`
|
|
v1timestamp=`$sed -n -e 's,.*"timestamp": \([0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]\).*,\1,p' repo/index-v1.json`
|
|
test $v0timestamp -eq $v1timestamp
|
|
|
|
# we can't easily reproduce the timestamps for things, so just hardcode them
|
|
$sed -i.tmp -e 's,timestamp="[0-9]*",timestamp="1480431575",' repo/index.xml
|
|
diff -uw $WORKSPACE/tests/repo/index.xml repo/index.xml
|
|
sed -i --expression='s,"timestamp": [0-9]*,"timestamp": 1502845383782,' repo/index-v1.json
|
|
diff -uw $WORKSPACE/tests/repo/index-v1.json repo/index-v1.json
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header 'test moving lots of APKs to the archive'
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
echo "accepted_formats = ['txt']" >> config.py
|
|
$sed -i.tmp '/allow_disabled_algorithms/d' config.py
|
|
test -d metadata || mkdir metadata
|
|
cp $WORKSPACE/tests/metadata/*.txt metadata/
|
|
echo 'Summary:good test version of urzip' > metadata/info.guardianproject.urzip.txt
|
|
echo 'Summary:good MD5 sig, which is disabled algorithm' > metadata/org.bitbucket.tickytacky.mirrormirror.txt
|
|
$sed -i.tmp '/Archive Policy:/d' metadata/*.txt
|
|
test -d repo || mkdir repo
|
|
cp $WORKSPACE/tests/urzip.apk \
|
|
$WORKSPACE/tests/org.bitbucket.tickytacky.mirrormirror_[0-9].apk \
|
|
$WORKSPACE/tests/repo/com.politedroid_[0-9].apk \
|
|
$WORKSPACE/tests/repo/obb.main.twoversions_110161[357].apk \
|
|
repo/
|
|
$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py
|
|
|
|
$fdroid update --pretty --nosign
|
|
echo "This will fail when jarsigner allows MD5 for APK signatures"
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 5
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 7
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header 'test per-app "Archive Policy"'
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
echo "accepted_formats = ['txt']" >> config.py
|
|
test -d metadata || mkdir metadata
|
|
cp $WORKSPACE/tests/metadata/com.politedroid.txt metadata/
|
|
test -d repo || mkdir repo
|
|
cp $WORKSPACE/tests/repo/com.politedroid_[0-9].apk repo/
|
|
$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py
|
|
|
|
$fdroid update --pretty --nosign
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 0
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 4
|
|
grep -F com.politedroid_3.apk repo/index.xml
|
|
grep -F com.politedroid_4.apk repo/index.xml
|
|
grep -F com.politedroid_5.apk repo/index.xml
|
|
grep -F com.politedroid_6.apk repo/index.xml
|
|
test -e repo/com.politedroid_3.apk
|
|
test -e repo/com.politedroid_4.apk
|
|
test -e repo/com.politedroid_5.apk
|
|
test -e repo/com.politedroid_6.apk
|
|
|
|
echo "enable one app in the repo"
|
|
$sed -i.tmp 's,^Archive Policy:4,Archive Policy:1,' metadata/com.politedroid.txt
|
|
$fdroid update --pretty --nosign
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 3
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 1
|
|
grep -F com.politedroid_3.apk archive/index.xml
|
|
grep -F com.politedroid_4.apk archive/index.xml
|
|
grep -F com.politedroid_5.apk archive/index.xml
|
|
grep -F com.politedroid_6.apk repo/index.xml
|
|
test -e archive/com.politedroid_3.apk
|
|
test -e archive/com.politedroid_4.apk
|
|
test -e archive/com.politedroid_5.apk
|
|
test -e repo/com.politedroid_6.apk
|
|
|
|
echo "remove all apps from the repo"
|
|
$sed -i.tmp 's,^Archive Policy:1,Archive Policy:0,' metadata/com.politedroid.txt
|
|
$fdroid update --pretty --nosign
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 4
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 0
|
|
grep -F com.politedroid_3.apk archive/index.xml
|
|
grep -F com.politedroid_4.apk archive/index.xml
|
|
grep -F com.politedroid_5.apk archive/index.xml
|
|
grep -F com.politedroid_6.apk archive/index.xml
|
|
test -e archive/com.politedroid_3.apk
|
|
test -e archive/com.politedroid_4.apk
|
|
test -e archive/com.politedroid_5.apk
|
|
test -e archive/com.politedroid_6.apk
|
|
! test -e repo/com.politedroid_6.apk
|
|
|
|
echo "move back one from archive to the repo"
|
|
$sed -i.tmp 's,^Archive Policy:0,Archive Policy:1,' metadata/com.politedroid.txt
|
|
$fdroid update --pretty --nosign
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 3
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 1
|
|
grep -F com.politedroid_3.apk archive/index.xml
|
|
grep -F com.politedroid_4.apk archive/index.xml
|
|
grep -F com.politedroid_5.apk archive/index.xml
|
|
grep -F com.politedroid_6.apk repo/index.xml
|
|
test -e archive/com.politedroid_3.apk
|
|
test -e archive/com.politedroid_4.apk
|
|
test -e archive/com.politedroid_5.apk
|
|
! test -e archive/com.politedroid_6.apk
|
|
test -e repo/com.politedroid_6.apk
|
|
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header 'test moving old APKs to and from the archive'
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
echo "accepted_formats = ['txt']" >> config.py
|
|
test -d metadata || mkdir metadata
|
|
cp $WORKSPACE/tests/metadata/com.politedroid.txt metadata/
|
|
$sed -i.tmp '/Archive Policy:/d' metadata/com.politedroid.txt
|
|
test -d repo || mkdir repo
|
|
cp $WORKSPACE/tests/repo/com.politedroid_[0-9].apk repo/
|
|
$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py
|
|
|
|
$fdroid update --pretty --nosign
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 1
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 3
|
|
grep -F com.politedroid_3.apk archive/index.xml
|
|
grep -F com.politedroid_4.apk repo/index.xml
|
|
grep -F com.politedroid_5.apk repo/index.xml
|
|
grep -F com.politedroid_6.apk repo/index.xml
|
|
test -e archive/com.politedroid_3.apk
|
|
test -e repo/com.politedroid_4.apk
|
|
test -e repo/com.politedroid_5.apk
|
|
test -e repo/com.politedroid_6.apk
|
|
|
|
$sed -i.tmp 's,archive_older = 3,archive_older = 1,' config.py
|
|
$fdroid update --pretty --nosign
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 3
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 1
|
|
grep -F com.politedroid_3.apk archive/index.xml
|
|
grep -F com.politedroid_4.apk archive/index.xml
|
|
grep -F com.politedroid_5.apk archive/index.xml
|
|
grep -F com.politedroid_6.apk repo/index.xml
|
|
test -e archive/com.politedroid_3.apk
|
|
test -e archive/com.politedroid_4.apk
|
|
test -e archive/com.politedroid_5.apk
|
|
test -e repo/com.politedroid_6.apk
|
|
|
|
# disabling deletes from the archive
|
|
$sed -i.tmp 's/Build:1.3,4/Build:1.3,4\n disable=testing deletion/' metadata/com.politedroid.txt
|
|
$fdroid update --pretty --nosign
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 2
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 1
|
|
grep -F com.politedroid_3.apk archive/index.xml
|
|
! grep -F com.politedroid_4.apk archive/index.xml
|
|
grep -F com.politedroid_5.apk archive/index.xml
|
|
grep -F com.politedroid_6.apk repo/index.xml
|
|
test -e archive/com.politedroid_3.apk
|
|
! test -e archive/com.politedroid_4.apk
|
|
test -e archive/com.politedroid_5.apk
|
|
test -e repo/com.politedroid_6.apk
|
|
|
|
# disabling deletes from the repo, and promotes one from the archive
|
|
$sed -i.tmp 's/Build:1.5,6/Build:1.5,6\n disable=testing deletion/' metadata/com.politedroid.txt
|
|
$fdroid update --pretty --nosign
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 1
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 1
|
|
grep -F com.politedroid_3.apk archive/index.xml
|
|
grep -F com.politedroid_5.apk repo/index.xml
|
|
! grep -F com.politedroid_6.apk repo/index.xml
|
|
test -e archive/com.politedroid_3.apk
|
|
test -e repo/com.politedroid_5.apk
|
|
! test -e repo/com.politedroid_6.apk
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header 'test that verify can succeed and fail'
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
test -d tmp || mkdir tmp
|
|
test -d unsigned || mkdir unsigned
|
|
cp $WORKSPACE/tests/repo/com.politedroid_6.apk tmp/
|
|
cp $WORKSPACE/tests/repo/com.politedroid_6.apk unsigned/
|
|
$fdroid verify --reuse-remote-apk --verbose com.politedroid
|
|
# force a fail
|
|
cp $WORKSPACE/tests/repo/com.politedroid_5.apk unsigned/com.politedroid_6.apk
|
|
! $fdroid verify --reuse-remote-apk --verbose com.politedroid
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header 'test allowing disabled signatures in repo and archive'
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
echo "accepted_formats = ['txt']" >> config.py
|
|
echo 'allow_disabled_algorithms = True' >> config.py
|
|
$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py
|
|
test -d metadata || mkdir metadata
|
|
cp $WORKSPACE/tests/metadata/com.politedroid.txt metadata/
|
|
echo 'Summary:good test version of urzip' > metadata/info.guardianproject.urzip.txt
|
|
echo 'Summary:good MD5 sig, disabled algorithm' > metadata/org.bitbucket.tickytacky.mirrormirror.txt
|
|
$sed -i.tmp '/Archive Policy:/d' metadata/*.txt
|
|
test -d repo || mkdir repo
|
|
cp $WORKSPACE/tests/repo/com.politedroid_[0-9].apk \
|
|
$WORKSPACE/tests/org.bitbucket.tickytacky.mirrormirror_[0-9].apk \
|
|
$WORKSPACE/tests/urzip-badsig.apk \
|
|
repo/
|
|
|
|
$fdroid update --pretty --nosign
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 2
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 6
|
|
grep -F com.politedroid_3.apk archive/index.xml
|
|
grep -F com.politedroid_4.apk repo/index.xml
|
|
grep -F com.politedroid_5.apk repo/index.xml
|
|
grep -F com.politedroid_6.apk repo/index.xml
|
|
grep -F org.bitbucket.tickytacky.mirrormirror_1.apk archive/index.xml
|
|
grep -F org.bitbucket.tickytacky.mirrormirror_2.apk repo/index.xml
|
|
grep -F org.bitbucket.tickytacky.mirrormirror_3.apk repo/index.xml
|
|
grep -F org.bitbucket.tickytacky.mirrormirror_4.apk repo/index.xml
|
|
! grep -F urzip-badsig.apk repo/index.xml
|
|
! grep -F urzip-badsig.apk archive/index.xml
|
|
test -e archive/com.politedroid_3.apk
|
|
test -e repo/com.politedroid_4.apk
|
|
test -e repo/com.politedroid_5.apk
|
|
test -e repo/com.politedroid_6.apk
|
|
test -e archive/org.bitbucket.tickytacky.mirrormirror_1.apk
|
|
test -e repo/org.bitbucket.tickytacky.mirrormirror_2.apk
|
|
test -e repo/org.bitbucket.tickytacky.mirrormirror_3.apk
|
|
test -e repo/org.bitbucket.tickytacky.mirrormirror_4.apk
|
|
test -e archive/urzip-badsig.apk
|
|
|
|
$sed -i.tmp '/allow_disabled_algorithms/d' config.py
|
|
$fdroid update --pretty --nosign
|
|
test `grep '<package>' archive/index.xml | wc -l` -eq 5
|
|
test `grep '<package>' repo/index.xml | wc -l` -eq 3
|
|
grep -F org.bitbucket.tickytacky.mirrormirror_1.apk archive/index.xml
|
|
grep -F org.bitbucket.tickytacky.mirrormirror_2.apk archive/index.xml
|
|
grep -F org.bitbucket.tickytacky.mirrormirror_3.apk archive/index.xml
|
|
grep -F org.bitbucket.tickytacky.mirrormirror_4.apk archive/index.xml
|
|
grep -F com.politedroid_3.apk archive/index.xml
|
|
grep -F com.politedroid_4.apk repo/index.xml
|
|
grep -F com.politedroid_5.apk repo/index.xml
|
|
grep -F com.politedroid_6.apk repo/index.xml
|
|
! grep -F urzip-badsig.apk repo/index.xml
|
|
! grep -F urzip-badsig.apk archive/index.xml
|
|
test -e archive/org.bitbucket.tickytacky.mirrormirror_1.apk
|
|
test -e archive/org.bitbucket.tickytacky.mirrormirror_2.apk
|
|
test -e archive/org.bitbucket.tickytacky.mirrormirror_3.apk
|
|
test -e archive/org.bitbucket.tickytacky.mirrormirror_4.apk
|
|
test -e archive/com.politedroid_3.apk
|
|
test -e archive/urzip-badsig.apk
|
|
test -e repo/com.politedroid_4.apk
|
|
test -e repo/com.politedroid_5.apk
|
|
test -e repo/com.politedroid_6.apk
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header 'rename apks with `fdroid update --rename-apks`, --nosign for speed'
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
echo "accepted_formats = ['txt', 'yml']" >> config.py
|
|
echo 'keydname = "CN=Birdman, OU=Cell, O=Alcatraz, L=Alcatraz, S=California, C=US"' >> config.py
|
|
test -d metadata || mkdir metadata
|
|
cp $WORKSPACE/tests/metadata/info.guardianproject.urzip.yml metadata/
|
|
test -d repo || mkdir repo
|
|
cp $WORKSPACE/tests/urzip.apk "repo/asdfiuhk urzip-πÇÇπÇÇ现代汉语通用字-български-عربي1234 ö.apk"
|
|
$fdroid update --rename-apks --pretty --nosign
|
|
test -e repo/info.guardianproject.urzip_100.apk
|
|
grep -F 'info.guardianproject.urzip_100.apk' repo/index-v1.json repo/index.xml
|
|
cp $WORKSPACE/tests/urzip-release.apk repo/
|
|
$fdroid update --rename-apks --pretty --nosign
|
|
test -e repo/info.guardianproject.urzip_100.apk
|
|
test -e repo/info.guardianproject.urzip_100_b4964fd.apk
|
|
grep -F 'info.guardianproject.urzip_100.apk' repo/index-v1.json repo/index.xml
|
|
grep -F 'info.guardianproject.urzip_100_b4964fd.apk' repo/index-v1.json
|
|
! grep -F 'info.guardianproject.urzip_100_b4964fd.apk' repo/index.xml
|
|
cp $WORKSPACE/tests/urzip-release.apk repo/
|
|
$fdroid update --rename-apks --pretty --nosign
|
|
test -e repo/info.guardianproject.urzip_100.apk
|
|
test -e repo/info.guardianproject.urzip_100_b4964fd.apk
|
|
test -e duplicates/repo/info.guardianproject.urzip_100_b4964fd.apk
|
|
grep -F 'info.guardianproject.urzip_100.apk' repo/index-v1.json repo/index.xml
|
|
grep -F 'info.guardianproject.urzip_100_b4964fd.apk' repo/index-v1.json
|
|
! grep -F 'info.guardianproject.urzip_100_b4964fd.apk' repo/index.xml
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "test metadata checks"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
|
|
mkdir repo
|
|
cp $WORKSPACE/tests/urzip.apk $REPOROOT/repo/
|
|
|
|
set +e
|
|
$fdroid build
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because there is no metadata!"
|
|
exit 1
|
|
else
|
|
echo "testing metadata checks passed"
|
|
fi
|
|
set -e
|
|
|
|
mkdir $REPOROOT/metadata/
|
|
cp $WORKSPACE/tests/metadata/org.smssecure.smssecure.txt $REPOROOT/metadata/
|
|
$fdroid readmeta
|
|
|
|
# now make a fake duplicate
|
|
touch $REPOROOT/metadata/org.smssecure.smssecure.yml
|
|
|
|
set +e
|
|
$fdroid readmeta
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because there is a duplicate metadata file!"
|
|
exit 1
|
|
else
|
|
echo "testing duplicate metadata checks passed"
|
|
fi
|
|
set -e
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "ensure commands that don't need the JDK work without a JDK configed"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
mkdir repo
|
|
mkdir metadata
|
|
echo "License:GPL-2.0-only" >> metadata/fake.txt
|
|
echo "Summary:Yup still fake" >> metadata/fake.txt
|
|
echo "Categories:Internet" >> metadata/fake.txt
|
|
echo "Description:" >> metadata/fake.txt
|
|
echo "this is fake" >> metadata/fake.txt
|
|
echo "." >> metadata/fake.txt
|
|
|
|
# fake that no JDKs are available
|
|
echo 'java_paths = {}' > config.py
|
|
|
|
LOCAL_COPY_DIR=`create_test_dir`/fdroid
|
|
mkdir -p $LOCAL_COPY_DIR/repo
|
|
echo "local_copy_dir = '$LOCAL_COPY_DIR'" >> config.py
|
|
|
|
$fdroid checkupdates --allow-dirty
|
|
which gpg && $fdroid gpgsign
|
|
$fdroid lint
|
|
$fdroid readmeta
|
|
$fdroid rewritemeta fake
|
|
$fdroid deploy
|
|
$fdroid server update
|
|
$fdroid scanner
|
|
|
|
# run these to get their output, but the are not setup, so don't fail
|
|
$fdroid build || true
|
|
$fdroid import || true
|
|
$fdroid install || true
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "create a source tarball"
|
|
|
|
cd $WORKSPACE
|
|
./setup.py compile_catalog sdist
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
tar xzf `ls -1 $WORKSPACE/dist/fdroidserver-*.tar.gz | sort -n | tail -1`
|
|
cd $REPOROOT
|
|
./fdroidserver-*/fdroid init
|
|
copy_apks_into_repo $REPOROOT
|
|
./fdroidserver-*/fdroid update --create-metadata --verbose
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "test config checks of local_copy_dir"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
$fdroid init
|
|
$fdroid update --create-metadata --verbose
|
|
$fdroid readmeta
|
|
$fdroid server update --local-copy-dir=/tmp/fdroid
|
|
$fdroid deploy --local-copy-dir=/tmp/fdroid --verbose
|
|
|
|
# now test the errors work
|
|
set +e
|
|
$fdroid server update --local-copy-dir=thisisnotanabsolutepath
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because thisisnotanabsolutepath is not an absolute path!"
|
|
exit 1
|
|
else
|
|
echo "testing absolute path checker passed"
|
|
fi
|
|
$fdroid server update --local-copy-dir=/tmp/IReallyDoubtThisPathExistsasdfasdf
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because the path does not end with 'fdroid'!"
|
|
exit 1
|
|
else
|
|
echo "testing dirname exists checker passed"
|
|
fi
|
|
$fdroid server update --local-copy-dir=/tmp/IReallyDoubtThisPathExistsasdfasdf/fdroid
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because the dirname path does not exist!"
|
|
exit 1
|
|
else
|
|
echo "testing dirname exists checker passed"
|
|
fi
|
|
set -e
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "setup a new repo from scratch using ANDROID_HOME and do a local sync"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
copy_apks_into_repo $REPOROOT
|
|
$fdroid update --create-metadata --verbose
|
|
$fdroid readmeta
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
|
|
LOCALCOPYDIR=`create_test_dir`/fdroid
|
|
$fdroid server update --local-copy-dir=$LOCALCOPYDIR
|
|
NEWREPOROOT=`create_test_dir`
|
|
cd $NEWREPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
echo "sync_from_local_copy_dir = True" >> config.py
|
|
$fdroid server update --local-copy-dir=$LOCALCOPYDIR
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
# check that --android-home fails when dir does not exist or is not a dir
|
|
|
|
REPOROOT=`create_test_dir`
|
|
KEYSTORE=$REPOROOT/keystore.jks
|
|
cd $REPOROOT
|
|
set +e
|
|
$fdroid init --keystore $KEYSTORE --android-home /opt/fakeandroidhome
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because /opt/fakeandroidhome does not exist!"
|
|
exit 1
|
|
else
|
|
echo "testing android-home path checker passed"
|
|
fi
|
|
TESTFILE=`create_test_file`
|
|
$fdroid init --keystore $KEYSTORE --android-home $TESTFILE
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because $TESTFILE is a file not a dir!"
|
|
exit 1
|
|
else
|
|
echo "testing android-home not-dir checker passed"
|
|
fi
|
|
set -e
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "check that fake android home passes 'fdroid init'"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
FAKE_ANDROID_HOME=`create_test_dir`
|
|
create_fake_android_home $FAKE_ANDROID_HOME
|
|
KEYSTORE=$REPOROOT/keystore.jks
|
|
cd $REPOROOT
|
|
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "check that 'fdroid init' fails when build-tools cannot be found"
|
|
|
|
if [ -e /usr/bin/aapt ] || python3 -c 'import androguard'; then
|
|
echo "/usr/bin/aapt or androguard installed, not running test"
|
|
else
|
|
REPOROOT=`create_test_dir`
|
|
FAKE_ANDROID_HOME=`create_test_dir`
|
|
create_fake_android_home $FAKE_ANDROID_HOME
|
|
rm -f $FAKE_ANDROID_HOME/build-tools/*/aapt
|
|
KEYSTORE=$REPOROOT/keystore.jks
|
|
cd $REPOROOT
|
|
set +e
|
|
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
|
|
[ $? -eq 0 ] && exit 1
|
|
set -e
|
|
fi
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "check that --android-home overrides ANDROID_HOME"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
FAKE_ANDROID_HOME=`create_test_dir`
|
|
create_fake_android_home $FAKE_ANDROID_HOME
|
|
KEYSTORE=$REPOROOT/keystore.jks
|
|
cd $REPOROOT
|
|
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
|
|
set +e
|
|
grep $FAKE_ANDROID_HOME $REPOROOT/config.py
|
|
if [ $? -ne 0 ]; then
|
|
echo "the value set in --android-home '$FAKE_ANDROID_HOME' should override ANDROID_HOME '$ANDROID_HOME'"
|
|
exit 1
|
|
fi
|
|
set -e
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
# In this case, ANDROID_HOME is set to a fake, non-working version that will
|
|
# be detected by fdroid as an Android SDK install. It should use the path set
|
|
# by --android-home over the one in ANDROID_HOME, therefore if it uses the one
|
|
# in ANDROID_HOME, it won't work because it is a fake one. Only
|
|
# --android-home provides a working one.
|
|
if [ -z "$ANDROID_HOME" ]; then
|
|
echo_header "SKIP setup a new repo from scratch with keystore and android-home set on cmd line"
|
|
else
|
|
echo_header "setup a new repo from scratch with keystore and android-home set on cmd line"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
KEYSTORE=$REPOROOT/keystore.jks
|
|
FAKE_ANDROID_HOME=`create_test_dir`
|
|
create_fake_android_home $FAKE_ANDROID_HOME
|
|
STORED_ANDROID_HOME=$ANDROID_HOME
|
|
unset ANDROID_HOME
|
|
echo "ANDROID_HOME: $ANDROID_HOME"
|
|
cd $REPOROOT
|
|
$fdroid init --keystore $KEYSTORE --android-home $STORED_ANDROID_HOME --no-prompt
|
|
test -e $KEYSTORE
|
|
copy_apks_into_repo $REPOROOT
|
|
$fdroid update --create-metadata --verbose
|
|
$fdroid readmeta
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
test -e repo/index.xml
|
|
test -e repo/index.jar
|
|
test -e repo/index-v1.jar
|
|
test -e tmp/apkcache.json
|
|
! test -z tmp/apkcache.json
|
|
export ANDROID_HOME=$STORED_ANDROID_HOME
|
|
fi
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "check duplicate files are properly handled by fdroid update"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
mkdir $REPOROOT/metadata
|
|
cp -a $WORKSPACE/tests/metadata/obb.mainpatch.current.txt $REPOROOT/metadata
|
|
echo "accepted_formats = ['txt']" >> config.py
|
|
cp $WORKSPACE/tests/repo/obb.mainpatch.current_1619.apk $REPOROOT/repo/
|
|
cp $WORKSPACE/tests/repo/obb.mainpatch.current_1619_another-release-key.apk $REPOROOT/repo/
|
|
$fdroid update --pretty
|
|
grep -F 'obb.mainpatch.current_1619.apk' repo/index.xml repo/index-v1.json
|
|
grep -F 'obb.mainpatch.current_1619_another-release-key.apk' repo/index-v1.json
|
|
! grep -F 'obb.mainpatch.current_1619_another-release-key.apk' repo/index.xml
|
|
# die if there are exact duplicates
|
|
cp $WORKSPACE/tests/repo/obb.mainpatch.current_1619.apk $REPOROOT/repo/duplicate.apk
|
|
! $fdroid update
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "setup new repo from scratch using ANDROID_HOME, putting APKs in repo first"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
mkdir repo
|
|
copy_apks_into_repo $REPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
$fdroid update --create-metadata --verbose
|
|
$fdroid readmeta
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "setup a new repo from scratch and generate a keystore"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
KEYSTORE=$REPOROOT/keystore.jks
|
|
cd $REPOROOT
|
|
$fdroid init --keystore $KEYSTORE
|
|
test -e $KEYSTORE
|
|
copy_apks_into_repo $REPOROOT
|
|
$fdroid update --create-metadata --verbose
|
|
$fdroid readmeta
|
|
test -e repo/index.xml
|
|
test -e repo/index.jar
|
|
test -e repo/index-v1.jar
|
|
test -e tmp/apkcache.json
|
|
! test -z tmp/apkcache.json
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "setup a new repo manually and generate a keystore"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
KEYSTORE=$REPOROOT/keystore.jks
|
|
cd $REPOROOT
|
|
cp $WORKSPACE/examples/fdroid-icon.png $REPOROOT/
|
|
! test -e $KEYSTORE
|
|
set +e
|
|
$fdroid update
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because this repo has no keystore!"
|
|
exit 1
|
|
else
|
|
echo '`fdroid update` prompted to add keystore'
|
|
fi
|
|
set -e
|
|
$fdroid update --create-key
|
|
test -e $KEYSTORE
|
|
copy_apks_into_repo $REPOROOT
|
|
$fdroid update --create-metadata --verbose
|
|
$fdroid readmeta
|
|
test -e repo/index.xml
|
|
test -e repo/index.jar
|
|
test -e repo/index-v1.jar
|
|
test -e tmp/apkcache.json
|
|
! test -z tmp/apkcache.json
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "setup a new repo from scratch, generate a keystore, then add APK and update"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
KEYSTORE=$REPOROOT/keystore.jks
|
|
cd $REPOROOT
|
|
$fdroid init --keystore $KEYSTORE
|
|
test -e $KEYSTORE
|
|
copy_apks_into_repo $REPOROOT
|
|
$fdroid update --create-metadata --verbose
|
|
$fdroid readmeta
|
|
test -e repo/index.xml
|
|
test -e repo/index.jar
|
|
test -e repo/index-v1.jar
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
test -e $REPOROOT/repo/info.guardianproject.urzip_100.apk || \
|
|
cp $WORKSPACE/tests/urzip.apk $REPOROOT/repo/
|
|
$fdroid update --create-metadata --verbose
|
|
$fdroid readmeta
|
|
test -e repo/index.xml
|
|
test -e repo/index.jar
|
|
test -e repo/index-v1.jar
|
|
test -e tmp/apkcache.json
|
|
! test -z tmp/apkcache.json
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "setup a new repo from scratch with a HSM/smartcard"
|
|
REPOROOT=`create_test_dir`
|
|
cd $REPOROOT
|
|
$fdroid init --keystore NONE
|
|
test -e opensc-fdroid.cfg
|
|
test ! -e NONE
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "setup a new repo with no keystore, add APK, and update"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
KEYSTORE=$REPOROOT/keystore.jks
|
|
cd $REPOROOT
|
|
touch fdroid-icon.png
|
|
mkdir repo
|
|
cp $WORKSPACE/tests/urzip.apk $REPOROOT/repo/
|
|
set +e
|
|
$fdroid update --create-metadata --verbose
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because this repo has no keystore!"
|
|
exit 1
|
|
else
|
|
echo '`fdroid update` prompted to add keystore'
|
|
fi
|
|
set -e
|
|
|
|
# now set up fake, non-working keystore setup
|
|
touch $KEYSTORE
|
|
echo "keystore = \"$KEYSTORE\"" >> config.py
|
|
echo 'repo_keyalias = "foo"' >> config.py
|
|
echo 'keystorepass = "foo"' >> config.py
|
|
echo 'keypass = "foo"' >> config.py
|
|
set +e
|
|
$fdroid update --create-metadata --verbose
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because this repo has a bad/fake keystore!"
|
|
exit 1
|
|
else
|
|
echo '`fdroid update` prompted to add keystore'
|
|
fi
|
|
set -e
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "copy tests/repo, update with binary transparency log"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
GIT_REMOTE=`create_test_dir`
|
|
GNUPGHOME=$REPOROOT/gnupghome
|
|
cd $REPOROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
cp -a $WORKSPACE/tests/metadata $WORKSPACE/tests/repo $WORKSPACE/tests/stats $REPOROOT/
|
|
echo "binary_transparency_remote = '$GIT_REMOTE'" >> config.py
|
|
echo "accepted_formats = ['json', 'txt', 'yml']" >> config.py
|
|
$fdroid update --verbose
|
|
if have_git_2_3; then
|
|
$fdroid server update --verbose
|
|
test -e repo/index.xml
|
|
test -e repo/index.jar
|
|
test -e repo/index-v1.jar
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
cd binary_transparency
|
|
[ `git rev-list --count HEAD` == "2" ]
|
|
cd $GIT_REMOTE
|
|
[ `git rev-list --count HEAD` == "2" ]
|
|
else
|
|
echo "Skipping test, `git --version` older than 2.3"
|
|
fi
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "setup a new repo with keystore with APK, update, then without key"
|
|
|
|
REPOROOT=`create_test_dir`
|
|
KEYSTORE=$REPOROOT/keystore.jks
|
|
cd $REPOROOT
|
|
cp $WORKSPACE/tests/keystore.jks $KEYSTORE
|
|
fdroid_init_with_prebuilt_keystore $KEYSTORE
|
|
test -e $KEYSTORE
|
|
cp $WORKSPACE/tests/urzip.apk $REPOROOT/repo/
|
|
$fdroid update --create-metadata --verbose
|
|
$fdroid readmeta
|
|
test -e repo/index.xml
|
|
test -e repo/index.jar
|
|
test -e repo/index-v1.jar
|
|
test -e tmp/apkcache.json
|
|
! test -z tmp/apkcache.json
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
|
|
# now set fake repo_keyalias
|
|
$sed -i.tmp 's,^ *repo_keyalias.*,repo_keyalias = "fake",' $REPOROOT/config.py
|
|
set +e
|
|
$fdroid update
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because this repo has a bad repo_keyalias!"
|
|
exit 1
|
|
else
|
|
echo '`fdroid update` prompted to add keystore'
|
|
fi
|
|
set -e
|
|
|
|
# try creating a new keystore, but fail because the old one is there
|
|
test -e $KEYSTORE
|
|
set +e
|
|
$fdroid update --create-key
|
|
if [ $? -eq 0 ]; then
|
|
echo "This should have failed because a keystore is already there!"
|
|
exit 1
|
|
else
|
|
echo '`fdroid update` complained about existing keystore'
|
|
fi
|
|
set -e
|
|
|
|
# now actually create the key with the existing settings
|
|
rm -f $KEYSTORE
|
|
! test -e $KEYSTORE
|
|
$fdroid update --create-key
|
|
test -e $KEYSTORE
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
echo_header "sign binary repo in offline box, then publishing from online box"
|
|
|
|
if have_git_2_3; then
|
|
OFFLINE_ROOT=`create_test_dir`
|
|
KEYSTORE=$WORKSPACE/tests/keystore.jks
|
|
LOCAL_COPY_DIR=`create_test_dir`/fdroid
|
|
mkdir $LOCAL_COPY_DIR
|
|
ONLINE_ROOT=`create_test_dir`
|
|
SERVERWEBROOT=`create_test_dir`
|
|
|
|
# create offline binary transparency log
|
|
cd $OFFLINE_ROOT
|
|
mkdir binary_transparency
|
|
cd binary_transparency
|
|
git init
|
|
|
|
# fake git remote server for binary transparency log
|
|
BINARY_TRANSPARENCY_REMOTE=`create_test_dir`
|
|
|
|
# fake git remote server for repo mirror
|
|
SERVER_GIT_MIRROR=`create_test_dir`
|
|
cd $SERVER_GIT_MIRROR
|
|
git init
|
|
git config receive.denyCurrentBranch updateInstead
|
|
|
|
cd $OFFLINE_ROOT
|
|
fdroid_init_with_prebuilt_keystore
|
|
cp -a $WORKSPACE/tests/metadata $WORKSPACE/tests/repo $WORKSPACE/tests/stats $OFFLINE_ROOT/
|
|
|
|
echo "mirrors = ['http://foo.bar/fdroid', 'http://asdflkdsfjafdsdfhkjh.onion/fdroid']" >> config.py
|
|
echo "servergitmirrors = '$SERVER_GIT_MIRROR'" >> config.py
|
|
echo "local_copy_dir = '$LOCAL_COPY_DIR'" >> config.py
|
|
echo "accepted_formats = ['json', 'txt', 'yml']" >> config.py
|
|
$fdroid update --pretty
|
|
grep -F '<application id=' repo/index.xml > /dev/null
|
|
grep -F '/fdroid/repo</mirror>' repo/index.xml
|
|
grep -F '/fdroid/archive</mirror>' archive/index.xml
|
|
test `grep '<mirror>' repo/index.xml | wc -l` -eq 2
|
|
test `grep '<mirror>' archive/index.xml | wc -l` -eq 2
|
|
cd binary_transparency
|
|
[ `git rev-list --count HEAD` == "1" ]
|
|
cd ..
|
|
$fdroid server update --verbose
|
|
grep -F '<application id=' $LOCAL_COPY_DIR/repo/index.xml > /dev/null
|
|
cd $ONLINE_ROOT
|
|
echo "local_copy_dir = '$LOCAL_COPY_DIR'" >> config.py
|
|
echo "sync_from_local_copy_dir = True" >> config.py
|
|
echo "serverwebroots = '$SERVERWEBROOT'" >> config.py
|
|
echo "servergitmirrors = '$SERVER_GIT_MIRROR'" >> config.py
|
|
echo "local_copy_dir = '$LOCAL_COPY_DIR'" >> config.py
|
|
echo "binary_transparency_remote = '$BINARY_TRANSPARENCY_REMOTE'" >> config.py
|
|
$fdroid server update --verbose
|
|
cd $BINARY_TRANSPARENCY_REMOTE
|
|
[ `git rev-list --count HEAD` == "1" ]
|
|
cd $SERVER_GIT_MIRROR
|
|
[ `git rev-list --count HEAD` == "1" ]
|
|
fi
|
|
|
|
|
|
#------------------------------------------------------------------------------#
|
|
|
|
# remove this to prevent git conflicts and complaining
|
|
rm -rf $WORKSPACE/fdroidserver.egg-info/
|
|
|
|
echo SUCCESS
|