diff options
| author | David Kalnischkies <kalnischkies@gmail.com> | 2013-08-18 23:27:24 +0200 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2014-05-09 13:06:27 +0200 |
| commit | 1262d35895c930f3fa49d7b4182cdd7a4a841f74 (patch) | |
| tree | 3d9874d4d7768273af4ee0907eb36d79295ab257 /test/integration/test-debsrc-hashes | |
| parent | f4c3850ea335545e297504941dc8c7a8f1c83358 (diff) | |
use 'best' hash for source authentication
Collect all hashes we can get from the source record and put them into a
HashStringList so that 'apt-get source' can use it instead of using
always the MD5sum.
We therefore also deprecate the MD5 struct member in favor of the list.
While at it, the parsing of the Files is enhanced so that records which
miss "Files" (aka MD5 checksums) are still searched for other checksums
as they include just as much data, just not with a nice and catchy name.
LP: 1098738
Diffstat (limited to 'test/integration/test-debsrc-hashes')
| -rwxr-xr-x | test/integration/test-debsrc-hashes | 77 |
1 files changed, 0 insertions, 77 deletions
diff --git a/test/integration/test-debsrc-hashes b/test/integration/test-debsrc-hashes deleted file mode 100755 index 5e917232b..000000000 --- a/test/integration/test-debsrc-hashes +++ /dev/null @@ -1,77 +0,0 @@ -#!/bin/sh -set -e - -TESTDIR=$(readlink -f $(dirname $0)) -. $TESTDIR/framework - -setupenvironment -configarchitecture "i386" - -# pkg-sha256-bad has a bad SHA sum, but good MD5 sum. If apt is -# checking the best available hash (as it should), this will trigger -# a hash mismatch. - -cat > aptarchive/Sources <<EOF -Package: pkg-md5-ok -Binary: pkg-md5-ok -Version: 1.0 -Maintainer: Joe Sixpack <joe@example.org> -Architecture: i386 -Files: - d41d8cd98f00b204e9800998ecf8427e 0 pkg-md5-ok_1.0.dsc - d41d8cd98f00b204e9800998ecf8427e 0 pkg-md5-ok_1.0.tar.gz - -Package: pkg-sha256-ok -Binary: pkg-sha256-ok -Version: 1.0 -Maintainer: Joe Sixpack <joe@example.org> -Architecture: i386 -Files: - d41d8cd98f00b204e9800998ecf8427e 0 pkg-sha256-ok_1.0.dsc - d41d8cd98f00b204e9800998ecf8427e 0 pkg-sha256-ok_1.0.tar.gz -Checksums-Sha1: - da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-sha256-ok_1.0.dsc - da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-sha256-ok_1.0.tar.gz -Checksums-Sha256: - e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 pkg-sha256-ok_1.0.dsc - e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 pkg-sha256-ok_1.0.tar.gz - -Package: pkg-sha256-bad -Binary: pkg-sha256-bad -Version: 1.0 -Maintainer: Joe Sixpack <joe@example.org> -Architecture: i386 -Files: - d41d8cd98f00b204e9800998ecf8427e 0 pkg-sha256-bad_1.0.dsc - d41d8cd98f00b204e9800998ecf8427e 0 pkg-sha256-bad_1.0.tar.gz -Checksums-Sha1: - da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-sha256-bad_1.0.dsc - da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-sha256-bad_1.0.tar.gz -Checksums-Sha256: - xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 0 pkg-sha256-bad_1.0.dsc - xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 0 pkg-sha256-bad_1.0.tar.gz -EOF - -# create fetchable files -for x in "pkg-md5-ok" "pkg-sha256-ok" "pkg-sha256-bad"; do - touch aptarchive/${x}_1.0.dsc - touch aptarchive/${x}_1.0.tar.gz -done - -testok() { - msgtest "Test for hash ok of" "$*" - $* 2>&1 | grep "Download complete" > /dev/null && msgpass || msgfail -} - -testmismatch() { - msgtest "Test for hash mismatch of" "$*" - $* 2>&1 | grep "Hash Sum mismatch" > /dev/null && msgpass || msgfail -} - -setupaptarchive -changetowebserver -aptget update -qq - -testok aptget source -d pkg-md5-ok -testok aptget source -d pkg-sha256-ok -testmismatch aptget source -d pkg-sha256-bad |