diff options
author | Zac Medico <zmedico@gentoo.org> | 2013-01-18 22:19:25 -0800 |
---|---|---|
committer | Zac Medico <zmedico@gentoo.org> | 2013-01-18 22:19:25 -0800 |
commit | 62fdab8136893c69d65a7ab6f9fa8acfc449ea5f (patch) | |
tree | 9f187a71e8675837df366cbbf1cfeac9b891a29a | |
parent | 91aeef92a207cbe6bcc70a6420fe4e78c7c5dc9e (diff) | |
download | portage-62fdab8136893c69d65a7ab6f9fa8acfc449ea5f.tar.gz portage-62fdab8136893c69d65a7ab6f9fa8acfc449ea5f.tar.bz2 portage-62fdab8136893c69d65a7ab6f9fa8acfc449ea5f.zip |
Enable glsa @security set for stable, and test.
-rw-r--r-- | pym/portage/_sets/__init__.py | 4 | ||||
-rw-r--r-- | pym/portage/tests/glsa/__init__.py | 2 | ||||
-rw-r--r-- | pym/portage/tests/glsa/__test__ | 0 | ||||
-rw-r--r-- | pym/portage/tests/glsa/test_security_set.py | 131 |
4 files changed, 137 insertions, 0 deletions
diff --git a/pym/portage/_sets/__init__.py b/pym/portage/_sets/__init__.py index de3e8e45e..c196a7071 100644 --- a/pym/portage/_sets/__init__.py +++ b/pym/portage/_sets/__init__.py @@ -124,6 +124,10 @@ class SetConfig(object): parser.add_section("system") parser.set("system", "class", "portage.sets.profiles.PackagesSystemSet") + parser.remove_section("security") + parser.add_section("security") + parser.set("security", "class", "portage.sets.security.NewAffectedSet") + parser.remove_section("usersets") parser.add_section("usersets") parser.set("usersets", "class", "portage.sets.files.StaticFileSet") diff --git a/pym/portage/tests/glsa/__init__.py b/pym/portage/tests/glsa/__init__.py new file mode 100644 index 000000000..6cde9320b --- /dev/null +++ b/pym/portage/tests/glsa/__init__.py @@ -0,0 +1,2 @@ +# Copyright 2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 diff --git a/pym/portage/tests/glsa/__test__ b/pym/portage/tests/glsa/__test__ new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/pym/portage/tests/glsa/__test__ diff --git a/pym/portage/tests/glsa/test_security_set.py b/pym/portage/tests/glsa/test_security_set.py new file mode 100644 index 000000000..7b209f429 --- /dev/null +++ b/pym/portage/tests/glsa/test_security_set.py @@ -0,0 +1,131 @@ +# Copyright 2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +from __future__ import unicode_literals + +import io + +import portage +from portage import os, _encodings +from portage.tests import TestCase +from portage.tests.resolver.ResolverPlayground import (ResolverPlayground, + ResolverPlaygroundTestCase) + +class SecuritySetTestCase(TestCase): + + glsa_template = """\ +<?xml version="1.0" encoding="UTF-8"?> +<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?> +<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="%(glsa_id)s"> + <title>%(pkgname)s: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been found in %(pkgname)s. + </synopsis> + <product type="ebuild">%(pkgname)s</product> + <announced>January 18, 2013</announced> + <revised>January 18, 2013: 1</revised> + <bug>55555</bug> + <access>remote</access> + <affected> + <package name="%(cp)s" auto="yes" arch="*"> + <unaffected range="ge">%(unaffected_version)s</unaffected> + <vulnerable range="lt">%(unaffected_version)s</vulnerable> + </package> + </affected> + <background> + <p>%(pkgname)s is software package.</p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in %(pkgname)s. + </p> + </description> + <impact type="normal"> + <p>A remote attacker could exploit these vulnerabilities.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All %(pkgname)s users should upgrade to the latest version:</p> + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=%(cp)s-%(unaffected_version)s" + </code> + </resolution> + <references> + </references> +</glsa> +""" + + def testSecuritySet(self): + + ebuilds = { + "cat/A-vulnerable-2.2": { + "KEYWORDS": "x86" + }, + "cat/B-not-vulnerable-4.5": { + "KEYWORDS": "x86" + }, + } + + installed = { + "cat/A-vulnerable-2.1": { + "KEYWORDS": "x86" + }, + "cat/B-not-vulnerable-4.4": { + "KEYWORDS": "x86" + }, + } + + glsas = ( + { + "glsa_id": "201301-01", + "pkgname": "A-vulnerable", + "cp": "cat/A-vulnerable", + "unaffected_version": "2.2" + }, + { + "glsa_id": "201301-02", + "pkgname": "B-not-vulnerable", + "cp": "cat/B-not-vulnerable", + "unaffected_version": "4.4" + }, + { + "glsa_id": "201301-03", + "pkgname": "NotInstalled", + "cp": "cat/NotInstalled", + "unaffected_version": "3.5" + }, + ) + + world = ["cat/A"] + + test_cases = ( + + ResolverPlaygroundTestCase( + ["@security"], + options = {}, + success = True, + mergelist = ["cat/A-vulnerable-2.2"]), + ) + + playground = ResolverPlayground(ebuilds=ebuilds, + installed=installed, world=world, debug=False) + + try: + + portdb = playground.trees[playground.eroot]["porttree"].dbapi + glsa_dir = os.path.join(portdb.porttree_root, 'metadata', 'glsa') + portage.util.ensure_dirs(glsa_dir) + for glsa in glsas: + with io.open(os.path.join(glsa_dir, + 'glsa-' + glsa["glsa_id"] + '.xml'), + encoding=_encodings['repo.content'], mode='w') as f: + f.write(self.glsa_template % glsa) + + for test_case in test_cases: + playground.run_TestCase(test_case) + self.assertEqual(test_case.test_success, True, test_case.fail_msg) + finally: + playground.cleanup() |