diff options
author | Sam Bingner <sam@bingner.com> | 2019-12-26 15:19:05 -1000 |
---|---|---|
committer | Sam Bingner <sam@bingner.com> | 2019-12-26 15:24:16 -1000 |
commit | 713b65be84830af1a57148b44dc1d1d4010ece3e (patch) | |
tree | 7656452774b4ce333d514cc0d1ce303a7f9ac997 /apt-pkg | |
parent | 8d1277b777045f45ffae210edea608c27587d7a2 (diff) |
Revert "Treat SHA1 as Weak rather than untrusted. Add hardcoded exceptions for Modmyi/Zodttd/Bigboss to silence errors"
This reverts commit 0a4d0898091e9a6ff584f14d310a13f61fb3d9a3.
Diffstat (limited to 'apt-pkg')
-rw-r--r-- | apt-pkg/acquire-item.cc | 10 | ||||
-rw-r--r-- | apt-pkg/contrib/hashes.cc | 2 | ||||
-rw-r--r-- | apt-pkg/deb/debmetaindex.cc | 5 |
3 files changed, 6 insertions, 11 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index fb47bc676..bb3bc1b56 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -257,7 +257,7 @@ static bool APT_NONNULL(3, 4, 5) AllowInsecureRepositories(InsecureType const ms if (TargetIsAllowedToBe(TransactionManager->Target, msg) == true) { - //MessageInsecureRepository(false, msgstr, repo); + MessageInsecureRepository(false, msgstr, repo); return true; } @@ -1608,7 +1608,7 @@ void pkgAcqMetaClearSig::QueueIndexes(bool const verify) /*{{{*/ } // optional targets that we do not have in the Release file are skipped - if (Target.IsOptional) + if (hasHashes == true && Target.IsOptional) { new CleanupItem(Owner, TransactionManager, Target); continue; @@ -1724,12 +1724,6 @@ void pkgAcqMetaClearSig::QueueIndexes(bool const verify) /*{{{*/ } else { - - if (Target.IsOptional){ - new CleanupItem(Owner, TransactionManager, Target); - continue; - } - // if we have no file to patch, no point in trying trypdiff &= (GetExistingFilename(GetFinalFileNameFromURI(Target.URI)).empty() == false); } diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc index fd8b12355..98b92cc81 100644 --- a/apt-pkg/contrib/hashes.cc +++ b/apt-pkg/contrib/hashes.cc @@ -140,6 +140,8 @@ APT_PURE bool HashString::usable() const /*{{{*/ { return ( (Type != "Checksum-FileSize") && + (Type != "MD5Sum") && + (Type != "SHA1") && !IsConfigured(Type.c_str(), "Untrusted") ); } diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc index 2039f8308..98bac7a70 100644 --- a/apt-pkg/deb/debmetaindex.cc +++ b/apt-pkg/deb/debmetaindex.cc @@ -523,12 +523,11 @@ bool debReleaseIndex::Load(std::string const &Filename, std::string * const Erro } bool AuthPossible = false; - /*if(FoundHashSum == false) + if(FoundHashSum == false) _error->Warning(_("No Hash entry in Release file %s"), Filename.c_str()); else if(FoundStrongHashSum == false) _error->Warning(_("No Hash entry in Release file %s which is considered strong enough for security purposes"), Filename.c_str()); - else*/ - if (FoundHashSum && FoundStrongHashSum) + else AuthPossible = true; std::string const StrDate = Section.FindS("Date"); |