summaryrefslogtreecommitdiff
path: root/apt-pkg
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-06-18 15:15:27 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2016-06-22 14:05:01 +0200
commitd30036922c6963846db4ab633b13fb87c1b5b462 (patch)
treeea50d539fd9aa974e3a53b83022b177ddb5cbcad /apt-pkg
parent562f0774f8f04d978c7cea69a29c131a0e0ec75f (diff)
add [weak] tag to hash errors to indicate insufficiency
For "Hash Sum mismatch" that info doesn't make a whole lot of difference, but for the new insufficient info message an indicator that while this hashes are there and even match, they aren't enough from a security standpoint.
Diffstat (limited to 'apt-pkg')
-rw-r--r--apt-pkg/acquire-item.cc15
1 files changed, 13 insertions, 2 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 862867932..63b3c9a1f 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -762,7 +762,12 @@ void pkgAcquire::Item::Failed(string const &Message,pkgAcquire::MethodConfig con
{
out << "Hashes of expected file:" << std::endl;
for (auto const &hs: ExpectedHashes)
- out << " - " << hs.toStr() << std::endl;
+ {
+ out << " - " << hs.toStr();
+ if (hs.usable() == false)
+ out << " [weak]";
+ out << std::endl;
+ }
}
if (failreason == HASHSUM_MISMATCH)
{
@@ -772,7 +777,13 @@ void pkgAcquire::Item::Failed(string const &Message,pkgAcquire::MethodConfig con
std::string const tagname = std::string(*type) + "-Hash";
std::string const hashsum = LookupTag(Message, tagname.c_str());
if (hashsum.empty() == false)
- out << " - " << HashString(*type, hashsum).toStr() << std::endl;
+ {
+ auto const hs = HashString(*type, hashsum);
+ out << " - " << hs.toStr();
+ if (hs.usable() == false)
+ out << " [weak]";
+ out << std::endl;
+ }
}
out << "Last modification reported: " << LookupTag(Message, "Last-Modified", "<none>") << std::endl;
}