diff --git a/.travis.yml b/.travis.yml index 58b28ebe..80ce86a7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,42 +3,81 @@ language: java matrix: - allow_failures: - - os: linux # this is really about OSX, Ubuntu is just bonus include: - os: linux language: android - sudo: required - # this doesn't actually work yet https://github.com/travis-ci/travis-ci/issues/5337 - dist: trusty - os: osx - osx_image: xcode8 - env: ANDROID_HOME=/usr/local/opt/android-sdk + osx_image: xcode9 + env: ANDROID_SDK_ROOT=/usr/local/share/android-sdk + env: ANDROID_HOME=/usr/local/share/android-sdk + - os: osx + osx_image: xcode7.3 + env: ANDROID_SDK_ROOT=/usr/local/share/android-sdk + env: ANDROID_HOME=/usr/local/share/android-sdk + - os: osx + osx_image: xcode6.4 + env: ANDROID_SDK_ROOT=/usr/local/share/android-sdk + env: ANDROID_HOME=/usr/local/share/android-sdk -licenses: - - 'android-sdk-preview-license-52d11cd2' - - 'android-sdk-license-.+' +addons: + apt: + sources: + - sourceline: 'ppa:fdroid/fdroidserver' + packages: + - bash + - dash + - pylint + - pep8 + - python3-dev + - python3-pip + - python3-ruamel.yaml + - python3-setuptools + - python3.4-venv + - libjpeg-dev + - zlib1g-dev + - fdroidserver + +android: + components: + - android-23 # required for `fdroid build` test + - build-tools-25.0.3 # required for `fdroid build` test + licenses: + - 'android-sdk-preview-.+' + - 'android-sdk-license-.+' # the PPA is needed on Ubuntu 14.04 precise, and with python3, trusty too # the pip thing is a hack that can go away with trusty install: - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update > /dev/null; - brew install android-sdk dash gnu-sed jpeg python3; - sudo pip3 install pep8 pyflakes pylint; + brew install dash bash python3 gradle jenv; + brew install gnu-sed --with-default-names; + brew cask reinstall java; + brew cask install android-sdk; + + mkdir -p "$ANDROID_HOME/licenses"; + echo -e "\n8933bad161af4178b1185d1a37fbf41ea5269c55" > "$ANDROID_HOME/licenses/android-sdk-license"; + echo -e "\n84831b9409646a918e30573bab4c9c91346d8abd" > "$ANDROID_HOME/licenses/android-sdk-preview-license"; + echo y | $ANDROID_HOME/tools/bin/sdkmanager "platform-tools"; + echo y | $ANDROID_HOME/tools/bin/sdkmanager "build-tools;25.0.2"; + echo y | $ANDROID_HOME/tools/bin/sdkmanager "platforms;android-23"; + sudo pip3 install -e .; sudo rm -rf fdroidserver.egg-info; - echo y | android --verbose update sdk --no-ui --all --filter platform-tools,build-tools-25.0.2; - elif [[ "$TRAVIS_OS_NAME" == "linux" ]]; then - sudo add-apt-repository ppa:guardianproject/fdroidserver -y; - sudo apt-get -q update -y; - sudo apt-get -q install -y --no-install-recommends python3 python3-dev - python3-git python3-pil python3-libcloud python3-logilab-astng - python3-paramiko python3-pip python3-pyasn1 python3-pyasn1-modules - python3-requests python3-venv python3-yaml rsync - pyflakes pylint3 pep8 dash bash ruby libjpeg-dev zlib1g-dev; - sudo pip3 install pylint; - fi + + echo $PATH; + echo $JAVA_HOME; + jenv versions; + /usr/libexec/java_home; + java -version; + which java; + javac -version; + which javac; + jarsigner -help; + which jarsigner; + keytool -help; + which keytool; + fi script: - cd tests @@ -46,5 +85,4 @@ script: after_failure: - cd $TRAVIS_BUILD_DIR - - ls -lRa env - ls -lR | curl -F 'clbin=<-' https://clbin.com diff --git a/fdroidserver/common.py b/fdroidserver/common.py index 98aab209..c8442d5e 100644 --- a/fdroidserver/common.py +++ b/fdroidserver/common.py @@ -50,7 +50,7 @@ from distutils.util import strtobool import fdroidserver.metadata from fdroidserver import _ -from fdroidserver.exception import FDroidException, VCSException, BuildException +from fdroidserver.exception import FDroidException, VCSException, BuildException, VerificationException from .asynchronousfilereader import AsynchronousFileReader @@ -1599,6 +1599,13 @@ class KnownApks: """ def __init__(self): + '''Load filename/date info about previously seen APKs + + Since the appid and date strings both will never have spaces, + this is parsed as a list from the end to allow the filename to + have any combo of spaces. + ''' + self.path = os.path.join('stats', 'known_apks.txt') self.apks = {} if os.path.isfile(self.path): @@ -1608,7 +1615,10 @@ class KnownApks: if len(t) == 2: self.apks[t[0]] = (t[1], None) else: - self.apks[t[0]] = (t[1], datetime.strptime(t[2], '%Y-%m-%d')) + appid = t[-2] + date = datetime.strptime(t[-1], '%Y-%m-%d') + filename = line[0:line.rfind(appid) - 1] + self.apks[filename] = (appid, date) self.changed = False def writeifchanged(self): @@ -2077,24 +2087,41 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir): return None -def verify_apk_signature(apk, jar=False): +def verify_jar_signature(jar): + """Verifies the signature of a given JAR file. + + jarsigner is very shitty: unsigned JARs pass as "verified"! So + this has to turn on -strict then check for result 4, since this + does not expect the signature to be from a CA-signed certificate. + + :raises: VerificationException() if the JAR's signature could not be verified + + """ + + if subprocess.call([config['jarsigner'], '-strict', '-verify', jar]) != 4: + raise VerificationException(_("The repository's index could not be verified.")) + + +def verify_apk_signature(apk, min_sdk_version=None): """verify the signature on an APK Try to use apksigner whenever possible since jarsigner is very - shitty: unsigned APKs pass as "verified"! So this has to turn on - -strict then check for result 4. - - You can set :param: jar to True if you want to use this method - to verify jar signatures. + shitty: unsigned APKs pass as "verified"! Warning, this does + not work on JARs with apksigner >= 0.7 (build-tools 26.0.1) """ if set_command_in_config('apksigner'): args = [config['apksigner'], 'verify'] - if jar: - args += ['--min-sdk-version=1'] + if min_sdk_version: + args += ['--min-sdk-version=' + min_sdk_version] return subprocess.call(args + [apk]) == 0 else: logging.warning("Using Java's jarsigner, not recommended for verifying APKs! Use apksigner") - return subprocess.call([config['jarsigner'], '-strict', '-verify', apk]) == 4 + try: + verify_jar_signature(apk) + return True + except: + pass + return False def verify_old_apk_signature(apk): @@ -2325,7 +2352,7 @@ def write_to_config(thisconfig, key, value=None, config_file=None): # load config file, create one if it doesn't exist if not os.path.exists(cfg): - os.mknod(cfg) + open(cfg, 'a').close() logging.info("Creating empty " + cfg) with open(cfg, 'r', encoding="utf-8") as f: lines = f.readlines() diff --git a/fdroidserver/index.py b/fdroidserver/index.py index 59139e17..79322d55 100644 --- a/fdroidserver/index.py +++ b/fdroidserver/index.py @@ -632,7 +632,7 @@ def download_repo_index(url_str, etag=None, verify_fingerprint=True): jar = zipfile.ZipFile(fp) # verify that the JAR signature is valid - verify_jar_signature(fp.name) + common.verify_jar_signature(fp.name) # get public key and its fingerprint from JAR public_key, public_key_fingerprint = get_public_key_from_jar(jar) @@ -652,16 +652,6 @@ def download_repo_index(url_str, etag=None, verify_fingerprint=True): return index, new_etag -def verify_jar_signature(file): - """ - Verifies the signature of a given JAR file. - - :raises: VerificationException() if the JAR's signature could not be verified - """ - if not common.verify_apk_signature(file, jar=True): - raise VerificationException(_("The repository's index could not be verified.")) - - def get_public_key_from_jar(jar): """ Get the public key and its fingerprint from a JAR file. diff --git a/fdroidserver/init.py b/fdroidserver/init.py index 0067ffcd..3aa0b61a 100644 --- a/fdroidserver/init.py +++ b/fdroidserver/init.py @@ -100,11 +100,21 @@ def main(): # make sure at least aapt is found, since this can't do anything without it test_config['aapt'] = common.find_sdk_tools_cmd('aapt') else: - # if neither --android-home nor the default sdk_path exist, prompt the user + # if neither --android-home nor the default sdk_path + # exist, prompt the user using platform-specific default default_sdk_path = '/opt/android-sdk' if sys.platform == 'win32' or sys.platform == 'cygwin': - default_sdk_path = os.path.join(os.getenv('USERPROFILE'), - 'AppData', 'Local', 'Android', 'android-sdk') + p = os.path.join(os.getenv('USERPROFILE'), + 'AppData', 'Local', 'Android', 'android-sdk') + elif sys.platform == 'darwin': + # on OSX, Homebrew is common and has an easy path to detect + p = '/usr/local/opt/android-sdk' + else: + # if the Debian packages are installed, suggest them + p = '/usr/lib/android-sdk' + if os.path.exists(p): + default_sdk_path = p + while not options.no_prompt: try: s = input(_('Enter the path to the Android SDK (%s) here:\n> ') % default_sdk_path) diff --git a/fdroidserver/update.py b/fdroidserver/update.py index 65379276..99fb80e5 100644 --- a/fdroidserver/update.py +++ b/fdroidserver/update.py @@ -1197,16 +1197,6 @@ def process_apk(apkcache, apkfilename, repodir, knownapks, use_date_from_apk=Fal apk is the scanned apk information, and cachechanged is True if the apkcache got changed. """ - if ' ' in apkfilename: - if options.rename_apks: - newfilename = apkfilename.replace(' ', '_') - os.rename(os.path.join(repodir, apkfilename), - os.path.join(repodir, newfilename)) - apkfilename = newfilename - else: - logging.critical("Spaces in filenames are not allowed.") - return True, None, False - apk = {} apkfile = os.path.join(repodir, apkfilename) diff --git a/tests/IsMD5Disabled.java b/tests/IsMD5Disabled.java new file mode 100644 index 00000000..4844619f --- /dev/null +++ b/tests/IsMD5Disabled.java @@ -0,0 +1,22 @@ + +import java.security.Security; +import java.util.Locale; + +public class IsMD5Disabled { + public static void main(String[] args) throws Exception { + String daString = Security.getProperty("jdk.jar.disabledAlgorithms"); + String[] algorithms = daString.trim().split(","); + boolean isMD5Disabled = true; + for (String alg : algorithms) { + if (alg.trim().toLowerCase(Locale.US).startsWith("md5")) { + isMD5Disabled = false; + } + } + if (isMD5Disabled) { + System.out.println("MD5 in jdk.jar.disabledAlgorithms: " + daString); + } else { + System.out.println("MD5 allowed for JAR signatures: " + daString); + System.exit(1); + } + } +} diff --git a/tests/repo/urzip-πÇÇπÇÇ现代汉语通用字-български-عربي1234.apk b/tests/bad-unicode-πÇÇπÇÇ现代汉语通用字-български-عربي1234.apk similarity index 100% rename from tests/repo/urzip-πÇÇπÇÇ现代汉语通用字-български-عربي1234.apk rename to tests/bad-unicode-πÇÇπÇÇ现代汉语通用字-български-عربي1234.apk diff --git a/tests/complete-ci-tests b/tests/complete-ci-tests index b09e111d..9792b5bf 100755 --- a/tests/complete-ci-tests +++ b/tests/complete-ci-tests @@ -47,6 +47,18 @@ export PATH=/usr/lib/jvm/java-8-openjdk-amd64/bin:$PATH cd $WORKSPACE/tests ./run-tests $apksource +#------------------------------------------------------------------------------# +# find pyvenv, to support Ubuntu/trusty's python3.4-venv + +if which pyvenv; then + pyvenv=pyvenv +elif which pyvenv-3.4; then + pyvenv=pyvenv-3.4 +else + echo "pyvenv required to run this test suite!" + exit 1 +fi + #------------------------------------------------------------------------------# # test building the source tarball, then installing it @@ -54,7 +66,7 @@ cd $WORKSPACE python3 setup.py sdist rm -rf $WORKSPACE/env -pyvenv $WORKSPACE/env +$pyvenv $WORKSPACE/env . $WORKSPACE/env/bin/activate # workaround https://github.com/pypa/setuptools/issues/937 pip3 install setuptools==33.1.1 @@ -68,7 +80,7 @@ fdroid=$WORKSPACE/env/bin/fdroid $WORKSPACE/tests/run-tests $apksource # test install using install direct from git repo cd $WORKSPACE rm -rf $WORKSPACE/env -pyvenv $WORKSPACE/env +$pyvenv $WORKSPACE/env . $WORKSPACE/env/bin/activate # workaround https://github.com/pypa/setuptools/issues/937 pip3 install setuptools==33.1.1 diff --git a/tests/index.TestCase b/tests/index.TestCase index 2798e781..31593523 100755 --- a/tests/index.TestCase +++ b/tests/index.TestCase @@ -39,14 +39,14 @@ class IndexTest(unittest.TestCase): source_dir = os.path.join(basedir, 'signindex') for f in ('testy.jar', 'guardianproject.jar'): testfile = os.path.join(source_dir, f) - fdroidserver.index.verify_jar_signature(testfile) + fdroidserver.common.verify_jar_signature(testfile) def test_verify_jar_signature_fails(self): basedir = os.path.dirname(__file__) source_dir = os.path.join(basedir, 'signindex') testfile = os.path.join(source_dir, 'unsigned.jar') with self.assertRaises(fdroidserver.index.VerificationException): - fdroidserver.index.verify_jar_signature(testfile) + fdroidserver.common.verify_jar_signature(testfile) def test_get_public_key_from_jar_succeeds(self): basedir = os.path.dirname(__file__) diff --git a/tests/repo/index.xml b/tests/repo/index.xml index 9836fc3e..a2eb17e3 100644 --- a/tests/repo/index.xml +++ b/tests/repo/index.xml @@ -244,7 +244,7 @@ 0.1 100 - urzip-πÇÇπÇÇ现代汉语通用字-български-عربي1234.apk + urzip-Sergey Vasilyevich Rakhmaninov; Серге́й Васи́льевич Рахма́нинов, IPA: [sʲɪrˈɡʲej rɐxˈmanʲɪnəf] سيرجي_رخمانينوف 谢尔盖·瓦西里耶维奇·拉赫玛.apk尼诺夫 .apk 15c0ec72c74a3791f42cdb43c57df0fb11a4dbb656851bbb8cf05b26a8372789 11471 4 diff --git a/tests/repo/urzip-Sergey Vasilyevich Rakhmaninov; Серге́й Васи́льевич Рахма́нинов, IPA: [sʲɪrˈɡʲej rɐxˈmanʲɪnəf] سيرجي_رخمانينوف 谢尔盖·瓦西里耶维奇·拉赫玛.apk尼诺夫 .apk b/tests/repo/urzip-Sergey Vasilyevich Rakhmaninov; Серге́й Васи́льевич Рахма́нинов, IPA: [sʲɪrˈɡʲej rɐxˈmanʲɪnəf] سيرجي_رخمانينوف 谢尔盖·瓦西里耶维奇·拉赫玛.apk尼诺夫 .apk new file mode 100644 index 00000000..0851e066 Binary files /dev/null and b/tests/repo/urzip-Sergey Vasilyevich Rakhmaninov; Серге́й Васи́льевич Рахма́нинов, IPA: [sʲɪrˈɡʲej rɐxˈmanʲɪnəf] سيرجي_رخمانينوف 谢尔盖·瓦西里耶维奇·拉赫玛.apk尼诺夫 .apk differ diff --git a/tests/run-tests b/tests/run-tests index 608c1e2e..b33fa319 100755 --- a/tests/run-tests +++ b/tests/run-tests @@ -8,14 +8,14 @@ echo_header() { copy_apks_into_repo() { set +x - for f in `find $APKDIR -name '*.apk' | grep -F -v -e unaligned -e unsigned -e badsig -e badcert`; do - name=$(basename $(dirname `dirname $f`)) + find $APKDIR -type f -name '*.apk' -print0 | while IFS= read -r -d '' f; do + echo $f | grep -F -v -e unaligned -e unsigned -e badsig -e badcert -e bad-unicode || continue apk=`$aapt dump badging "$f" | sed -n "s,^package: name='\(.*\)' versionCode='\([0-9][0-9]*\)' .*,\1_\2.apk,p"` - test $f -nt repo/$apk && rm -f repo/$apk # delete existing if $f is newer + test "$f" -nt repo/$apk && rm -f repo/$apk # delete existing if $f is newer if [ ! -e repo/$apk ] && [ ! -e archive/$apk ]; then echo "$f --> repo/$apk" - ln $f $1/repo/$apk || \ - rsync -axv $f $1/repo/$apk # rsync if hard link is not possible + ln "$f" $1/repo/$apk || \ + rsync -axv "$f" $1/repo/$apk # rsync if hard link is not possible fi done set -x @@ -46,6 +46,11 @@ have_git_2_3() { python3 -c "import sys; from distutils.version import LooseVersion as V; sys.exit(V(sys.argv[3]) < V('2.3'))" `git --version` } +is_MD5_disabled() { + javac $WORKSPACE/tests/IsMD5Disabled.java && java -cp $WORKSPACE/tests IsMD5Disabled + return $? +} + #------------------------------------------------------------------------------# # "main" @@ -91,6 +96,13 @@ if [ -z $python ]; then python=python3 fi +# try to use GNU sed on OSX/BSD cuz BSD sed sucks +if which gsed; then + sed=gsed +else + sed=sed +fi + set -x # show each command as it is executed #------------------------------------------------------------------------------# @@ -154,10 +166,10 @@ REPOROOT=`create_test_dir` cd $REPOROOT $fdroid init -sed -i.tmp 's,^ *repo_description.*,repo_description = """获取已安装在您的设备上的应用的,' config.py +$sed -i.tmp 's,^ *repo_description.*,repo_description = """获取已安装在您的设备上的应用的,' config.py echo "mirrors = ('https://foo.bar/fdroid', 'http://secret.onion/fdroid')" >> config.py mkdir metadata -cp $WORKSPACE/tests/urzip.apk repo/ +cp $WORKSPACE/tests/urzip.apk $WORKSPACE/tests/bad-unicode*.apk repo/ cp $WORKSPACE/tests/metadata/info.guardianproject.urzip.yml metadata/ $fdroid readmeta @@ -165,23 +177,23 @@ $fdroid update #------------------------------------------------------------------------------# -echo_header 'run `fdroid build` in fresh git checkout from import.TestCase' +echo_header 'run "fdroid build" in fresh git checkout from import.TestCase' cd $WORKSPACE/tests/tmp/importer git remote update -p git clean -fdx # stick with known working commit, in case future commits break things for this code -git reset --hard cecf00c08aec56ae7a5eba444150c4d1ae868814 +git reset --hard 985aa135524ab7dd1e70335fd47b22fa628b81b3 if [ -d $ANDROID_HOME/platforms/android-23 ]; then echo "build_tools = '`ls -1 $ANDROID_HOME/build-tools/ | sort -n | tail -1`'" > config.py echo "force_build_tools = True" >> config.py $fdroid build --verbose org.fdroid.ci.test.app:300 else - echo 'WARNING: Skipping `fdroid build` test since android-23 is missing!' + echo 'WARNING: Skipping "fdroid build" test since android-23 is missing!' fi #------------------------------------------------------------------------------# -echo_header 'copy git import and run `fdroid scanner` on it' +echo_header 'copy git import and run "fdroid scanner" on it' REPOROOT=`create_test_dir` cd $REPOROOT @@ -228,16 +240,19 @@ test -e repo/index-v1.jar grep -F '> config.py echo 'keypass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py echo "accepted_formats = ['txt']" >> config.py -sed -i '/allow_disabled_algorithms/d' config.py +$sed -i.tmp '/allow_disabled_algorithms/d' config.py test -d metadata || mkdir metadata cp $WORKSPACE/tests/metadata/*.txt metadata/ echo 'Summary:good test version of urzip' > metadata/info.guardianproject.urzip.txt echo 'Summary:good MD5 sig, which is disabled algorithm' > metadata/org.bitbucket.tickytacky.mirrormirror.txt -sed -i '/Archive Policy:/d' metadata/*.txt +$sed -i.tmp '/Archive Policy:/d' metadata/*.txt test -d repo || mkdir repo cp $WORKSPACE/tests/urzip.apk \ $WORKSPACE/tests/org.bitbucket.tickytacky.mirrormirror_[0-9].apk \ $WORKSPACE/tests/repo/com.politedroid_[0-9].apk \ $WORKSPACE/tests/repo/obb.main.twoversions_110161[357].apk \ repo/ -sed -i 's,archive_older = [0-9],archive_older = 3,' config.py +$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py $fdroid update --pretty --nosign +echo "This will fail when jarsigner allows MD5 for APK signatures" test `grep '' archive/index.xml | wc -l` -eq 5 test `grep '' repo/index.xml | wc -l` -eq 7 @@ -284,7 +300,7 @@ test -d metadata || mkdir metadata cp $WORKSPACE/tests/metadata/com.politedroid.txt metadata/ test -d repo || mkdir repo cp $WORKSPACE/tests/repo/com.politedroid_[0-9].apk repo/ -sed -i 's,archive_older = [0-9],archive_older = 3,' config.py +$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py $fdroid update --pretty --nosign test `grep '' archive/index.xml | wc -l` -eq 0 @@ -299,7 +315,7 @@ test -e repo/com.politedroid_5.apk test -e repo/com.politedroid_6.apk echo "enable one app in the repo" -sed -i 's,^Archive Policy:4,Archive Policy:1,' metadata/com.politedroid.txt +$sed -i.tmp 's,^Archive Policy:4,Archive Policy:1,' metadata/com.politedroid.txt $fdroid update --pretty --nosign test `grep '' archive/index.xml | wc -l` -eq 3 test `grep '' repo/index.xml | wc -l` -eq 1 @@ -313,7 +329,7 @@ test -e archive/com.politedroid_5.apk test -e repo/com.politedroid_6.apk echo "remove all apps from the repo" -sed -i 's,^Archive Policy:1,Archive Policy:0,' metadata/com.politedroid.txt +$sed -i.tmp 's,^Archive Policy:1,Archive Policy:0,' metadata/com.politedroid.txt $fdroid update --pretty --nosign test `grep '' archive/index.xml | wc -l` -eq 4 test `grep '' repo/index.xml | wc -l` -eq 0 @@ -328,7 +344,7 @@ test -e archive/com.politedroid_6.apk ! test -e repo/com.politedroid_6.apk echo "move back one from archive to the repo" -sed -i 's,^Archive Policy:0,Archive Policy:1,' metadata/com.politedroid.txt +$sed -i.tmp 's,^Archive Policy:0,Archive Policy:1,' metadata/com.politedroid.txt $fdroid update --pretty --nosign test `grep '' archive/index.xml | wc -l` -eq 3 test `grep '' repo/index.xml | wc -l` -eq 1 @@ -356,10 +372,10 @@ echo 'keypass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py echo "accepted_formats = ['txt']" >> config.py test -d metadata || mkdir metadata cp $WORKSPACE/tests/metadata/com.politedroid.txt metadata/ -sed -i '/Archive Policy:/d' metadata/com.politedroid.txt +$sed -i.tmp '/Archive Policy:/d' metadata/com.politedroid.txt test -d repo || mkdir repo cp $WORKSPACE/tests/repo/com.politedroid_[0-9].apk repo/ -sed -i 's,archive_older = [0-9],archive_older = 3,' config.py +$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py $fdroid update --pretty --nosign test `grep '' archive/index.xml | wc -l` -eq 1 @@ -373,7 +389,7 @@ test -e repo/com.politedroid_4.apk test -e repo/com.politedroid_5.apk test -e repo/com.politedroid_6.apk -sed -i 's,archive_older = 3,archive_older = 1,' config.py +$sed -i.tmp 's,archive_older = 3,archive_older = 1,' config.py $fdroid update --pretty --nosign test `grep '' archive/index.xml | wc -l` -eq 3 test `grep '' repo/index.xml | wc -l` -eq 1 @@ -387,7 +403,7 @@ test -e archive/com.politedroid_5.apk test -e repo/com.politedroid_6.apk # disabling deletes from the archive -sed -i 's/Build:1.3,4/Build:1.3,4\n disable=testing deletion/' metadata/com.politedroid.txt +$sed -i.tmp 's/Build:1.3,4/Build:1.3,4\n disable=testing deletion/' metadata/com.politedroid.txt $fdroid update --pretty --nosign test `grep '' archive/index.xml | wc -l` -eq 2 test `grep '' repo/index.xml | wc -l` -eq 1 @@ -401,7 +417,7 @@ test -e archive/com.politedroid_5.apk test -e repo/com.politedroid_6.apk # disabling deletes from the repo, and promotes one from the archive -sed -i 's/Build:1.5,6/Build:1.5,6\n disable=testing deletion/' metadata/com.politedroid.txt +$sed -i.tmp 's/Build:1.5,6/Build:1.5,6\n disable=testing deletion/' metadata/com.politedroid.txt $fdroid update --pretty --nosign test `grep '' archive/index.xml | wc -l` -eq 1 test `grep '' repo/index.xml | wc -l` -eq 1 @@ -424,12 +440,12 @@ echo 'keystorepass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.p echo 'keypass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py echo "accepted_formats = ['txt']" >> config.py echo 'allow_disabled_algorithms = True' >> config.py -sed -i 's,archive_older = [0-9],archive_older = 3,' config.py +$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py test -d metadata || mkdir metadata cp $WORKSPACE/tests/metadata/com.politedroid.txt metadata/ echo 'Summary:good test version of urzip' > metadata/info.guardianproject.urzip.txt echo 'Summary:good MD5 sig, disabled algorithm' > metadata/org.bitbucket.tickytacky.mirrormirror.txt -sed -i '/Archive Policy:/d' metadata/*.txt +$sed -i.tmp '/Archive Policy:/d' metadata/*.txt test -d repo || mkdir repo cp $WORKSPACE/tests/repo/com.politedroid_[0-9].apk \ $WORKSPACE/tests/org.bitbucket.tickytacky.mirrormirror_[0-9].apk \ @@ -459,7 +475,7 @@ test -e repo/org.bitbucket.tickytacky.mirrormirror_3.apk test -e repo/org.bitbucket.tickytacky.mirrormirror_4.apk test -e archive/urzip-badsig.apk -sed -i '/allow_disabled_algorithms/d' config.py +$sed -i.tmp '/allow_disabled_algorithms/d' config.py $fdroid update --pretty --nosign test `grep '' archive/index.xml | wc -l` -eq 5 test `grep '' repo/index.xml | wc -l` -eq 3 @@ -971,7 +987,7 @@ test -e tmp/apkcache grep -F '