summaryrefslogtreecommitdiff
path: root/test/integration
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-03-22 01:26:29 +0100
committerDavid Kalnischkies <david@kalnischkies.de>2016-03-22 01:58:45 +0100
commit08b7761a251a36fa65cbe022a86c51d7f091a88d (patch)
tree9666c3f3582e88ae0ac748d7bccb2811f17f4c06 /test/integration
parent8fa99570816d3a644a9c4386c6a8f2ca21480329 (diff)
handle gpgv's weak-digests ERRSIG
Our own gpgv method can declare a digest algorithm as untrusted and handles these as worthless signatures. If gpgv comes with inbuilt untrusted (which is called weak in official terminology) which it e.g. does for MD5 in recent versions we should handle it in the same way. To check this we use the most uncommon still fully trusted hash as a configureable one via a hidden config option to toggle through all of the three states a hash can be in.
Diffstat (limited to 'test/integration')
-rwxr-xr-xtest/integration/test-releasefile-verification61
1 files changed, 45 insertions, 16 deletions
diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification
index 54483ba9a..ffb5073b6 100755
--- a/test/integration/test-releasefile-verification
+++ b/test/integration/test-releasefile-verification
@@ -97,6 +97,7 @@ updatewithwarnings() {
}
runtest() {
+ local DELETEFILE="$1"
msgmsg 'Cold archive signed by' 'Joe Sixpack'
prepare "${PKGFILE}"
rm -rf rootdir/var/lib/apt/lists
@@ -257,19 +258,14 @@ runtest2() {
}
runtest3() {
- export APT_TESTS_DIGEST_ALGO="$1"
- msgmsg "Running base test with digest $1"
+ echo "Debug::Acquire::gpgv::configdigest::truststate \"$1\";" > rootdir/etc/apt/apt.conf.d/truststate
+ msgmsg "Running base test with $1 digest"
runtest2
- DELETEFILE="InRelease"
- msgmsg "Running test with deletion of $DELETEFILE and digest $1"
- runtest
-
- DELETEFILE="Release.gpg"
- msgmsg "Running test with deletion of $DELETEFILE and digest $1"
- runtest
-
- unset APT_TESTS_DIGEST_ALGO
+ for DELETEFILE in 'InRelease' 'Release.gpg'; do
+ msgmsg "Running test with deletion of $DELETEFILE and $1 digest"
+ runtest "$DELETEFILE"
+ done
}
# diable some protection by default and ensure we still do the verification
@@ -278,17 +274,50 @@ cat > rootdir/etc/apt/apt.conf.d/weaken-security <<EOF
Acquire::AllowInsecureRepositories "1";
Acquire::AllowDowngradeToInsecureRepositories "1";
EOF
+# the hash marked as configureable in our gpgv method
+export APT_TESTS_DIGEST_ALGO='SHA224'
-# an all-round good hash
successfulaptgetupdate() {
testsuccess aptget update -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
}
-runtest3 'SHA512'
+runtest3 'trusted'
-# a hash we consider weak and therefore warn about
-rm -f rootdir/etc/apt/apt.conf.d/no-sha1
successfulaptgetupdate() {
testwarning aptget update -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
testsuccess grep 'uses weak digest algorithm' rootdir/tmp/testwarning.output
}
-runtest3 'SHA1'
+runtest3 'weak'
+
+msgmsg "Running test with apt-untrusted digest"
+echo "Debug::Acquire::gpgv::configdigest::truststate \"untrusted\";" > rootdir/etc/apt/apt.conf.d/truststate
+runfailure() {
+ for DELETEFILE in 'InRelease' 'Release.gpg'; do
+ msgmsg 'Cold archive signed by' 'Joe Sixpack'
+ prepare "${PKGFILE}"
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Joe Sixpack'
+ find aptarchive/ -name "$DELETEFILE" -delete
+ testfailure aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+ testsuccess grep 'The following signatures were invalid' rootdir/tmp/testfailure.output
+ testnopackage 'apt'
+ testwarning aptget update --allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+ failaptold
+
+ msgmsg 'Cold archive signed by' 'Marvin Paranoid'
+ prepare "${PKGFILE}"
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Marvin Paranoid'
+ find aptarchive/ -name "$DELETEFILE" -delete
+ testfailure aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+ testnopackage 'apt'
+ updatewithwarnings '^W: .* NO_PUBKEY'
+ testsuccessequal "$(cat "${PKGFILE}")
+" aptcache show apt
+ failaptold
+ done
+}
+runfailure
+
+msgmsg "Running test with gpgv-untrusted digest"
+export APT_TESTS_DIGEST_ALGO='MD5'
+runfailure