summaryrefslogtreecommitdiff
path: root/test/integration
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-06-20 20:50:43 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2016-06-22 14:05:01 +0200
commitd03b947b0ce4f87d7d5cc48d4d274ab3bd0b289a (patch)
tree36b17da3040ffc4181e20e4b1c254671c2b24e3a /test/integration
parent5da51e0e2da3f055306562d38103b06a23d81719 (diff)
add insecure (and weak) allow-options for sources.list
Weak had no dedicated option before and Insecure and Downgrade were both global options, which given the effect they all have on security is rather bad. Setting them for individual repositories only isn't great but at least slightly better and also more consistent with other settings for repositories.
Diffstat (limited to 'test/integration')
-rwxr-xr-xtest/integration/test-apt-update-nofallback10
-rwxr-xr-xtest/integration/test-apt-update-weak-hashes29
-rwxr-xr-xtest/integration/test-releasefile-verification5
3 files changed, 35 insertions, 9 deletions
diff --git a/test/integration/test-apt-update-nofallback b/test/integration/test-apt-update-nofallback
index 40fbae560..60f329a4a 100755
--- a/test/integration/test-apt-update-nofallback
+++ b/test/integration/test-apt-update-nofallback
@@ -93,10 +93,16 @@ test_from_inrelease_to_unsigned_with_override()
find "$APTARCHIVE" -name '*Packages*' -exec touch -d '+2 hours' {} \;
# and ensure we can update to it (with enough force)
+ testfailure apt update
testfailure aptget update
testfailure aptget update --allow-insecure-repositories
- testwarning aptget update --allow-insecure-repositories \
- -o Acquire::AllowDowngradeToInsecureRepositories=1 -o Debug::pkgAcquire::Worker=1 -o Debug::pkgAcquire::Auth=1
+ testfailure aptget update --no-allow-insecure-repositories
+ sed -i 's#^deb\(-src\)\? #deb\1 [allow-downgrade-to-insecure=yes] #' rootdir/etc/apt/sources.list.d/*
+ testfailure aptget update --no-allow-insecure-repositories
+ testfailure apt update
+ testwarning apt update --allow-insecure-repositories \
+ -o Debug::pkgAcquire::Worker=1 -o Debug::pkgAcquire::Auth=1
+ sed -i 's#^deb\(-src\)\? \[allow-downgrade-to-insecure=yes\] #deb\1 #' rootdir/etc/apt/sources.list.d/*
# but that the individual packages are still considered untrusted
testfailureequal "WARNING: The following packages cannot be authenticated!
evil
diff --git a/test/integration/test-apt-update-weak-hashes b/test/integration/test-apt-update-weak-hashes
index 29343565f..b07dba6a2 100755
--- a/test/integration/test-apt-update-weak-hashes
+++ b/test/integration/test-apt-update-weak-hashes
@@ -58,6 +58,16 @@ N: See apt-secure(8) manpage for repository creation and user configuration deta
testbadpkg 'foo'
fi
+ msgmsg "$TYPE contains only weak hashes, but source allows weak"
+ sed -i 's#^deb\(-src\)\? #deb\1 [allow-weak=yes] #' rootdir/etc/apt/sources.list.d/*
+ genericprepare
+ testwarningmsg "W: No Hash entry in Release file ${MANGLED} which is considered strong enough for security purposes
+W: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
+N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
+N: See apt-secure(8) manpage for repository creation and user configuration details." apt update "$@"
+ testbadpkg 'foo'
+ sed -i 's#^deb\(-src\)\? \[allow-weak=yes\] #deb\1 #' rootdir/etc/apt/sources.list.d/*
+
msgmsg "$TYPE contains no hashes"
generatereleasefiles
sed -i -e '/^ / d' -e '/^MD5Sum:/ d' "$APTARCHIVE/dists/unstable/Release"
@@ -85,10 +95,15 @@ N: See apt-secure(8) manpage for repository creation and user configuration deta
sed -i '/^ [0-9a-fA-Z]\{64\} .*Sources$/d' "$APTARCHIVE/dists/unstable/Release"
signreleasefiles
preparetest
- # trust is a repository property, so individual files can't be insecure
- testwarningmsg "W: Skipping acquire of configured file 'main/source/Sources' as repository 'file:${APTARCHIVE} unstable InRelease' provides only weak security information for it" apt update "$@"
+ if [ -z "$1" ]; then
+ testwarningmsg "W: Skipping acquire of configured file 'main/source/Sources' as repository 'file:${APTARCHIVE} unstable InRelease' provides only weak security information for it" apt update
+ testnosrcpackage foo
+ else
+ rm -f rootdir/var/lib/apt/lists/partial/*
+ testsuccess apt update "$@"
+ testnotempty apt showsrc foo
+ fi
testsuccess apt show foo
- testnosrcpackage foo
}
genericprepare() {
@@ -107,14 +122,14 @@ preparetest() {
genericprepare
}
testrun 'InRelease' "${APTARCHIVE}/dists/unstable/InRelease"
-testrun 'InRelease' "${APTARCHIVE}/dists/unstable/InRelease" --allow-insecure-repositories -o APT::Get::List-Cleanup=0
+testrun 'InRelease' "${APTARCHIVE}/dists/unstable/InRelease" --allow-weak-repositories -o APT::Get::List-Cleanup=0
preparetest() {
rm -f "${APTARCHIVE}/dists/unstable/InRelease"
genericprepare
}
testrun 'Release+Release.gpg' "${APTARCHIVE}/dists/unstable/Release"
-testrun 'Release+Release.gpg' "${APTARCHIVE}/dists/unstable/Release" --allow-insecure-repositories -o APT::Get::List-Cleanup=0
+testrun 'Release+Release.gpg' "${APTARCHIVE}/dists/unstable/Release" --allow-weak-repositories -o APT::Get::List-Cleanup=0
preparetest() {
rm -f "${APTARCHIVE}/dists/unstable/InRelease" "${APTARCHIVE}/dists/unstable/Release.gpg"
@@ -128,7 +143,7 @@ generatereleasefiles 'now - 7 days'
signreleasefiles
testfailure apt update
testnopkg 'foo'
-testwarning apt update --allow-insecure-repositories
+testwarning apt update --allow-weak-repositories
testbadpkg 'foo'
confighashes 'MD5' 'SHA256'
@@ -153,7 +168,7 @@ testnopkg foo3
testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*InRelease' -o -name '*Release.gpg'
testnotempty apt show foo2
testnotempty apt showsrc foo2
-testwarning apt update --allow-insecure-repositories
+testwarning apt update --allow-weak-repositories
testnopkg foo2
testbadpkg foo3
diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification
index 217319cab..500c7b0bd 100755
--- a/test/integration/test-releasefile-verification
+++ b/test/integration/test-releasefile-verification
@@ -414,6 +414,11 @@ runfailure() {
testnopackage 'apt'
testwarning aptget update --allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
failaptold
+ rm -rf rootdir/var/lib/apt/lists
+ sed -i 's#^deb\(-src\)\? #deb\1 [allow-insecure=yes] #' rootdir/etc/apt/sources.list.d/*
+ testwarning aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+ failaptold
+ sed -i 's#^deb\(-src\)\? \[allow-insecure=yes\] #deb\1 #' rootdir/etc/apt/sources.list.d/*
msgmsg 'Cold archive signed by' 'Marvin Paranoid'
prepare "${PKGFILE}"