summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--apt-pkg/acquire-item.cc5
-rwxr-xr-xtest/integration/test-apt-update-file7
2 files changed, 10 insertions, 2 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 2ced65aa2..5df43726b 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1141,13 +1141,14 @@ void pkgAcqIndex::Done(string Message,unsigned long long Size,string Hash,
else
Local = true;
- // The files timestamp matches
+ // The files timestamp matches, for non-local URLs reverify the local
+ // file, for local file, uncompress again to ensure the hashsum is still
+ // matching the Release file
if (!Local && StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
{
ReverifyAfterIMS(FileName);
return;
}
-
string decompProg;
// If we enable compressed indexes, queue for hash verification
diff --git a/test/integration/test-apt-update-file b/test/integration/test-apt-update-file
index 069f8ba2f..e267c71da 100755
--- a/test/integration/test-apt-update-file
+++ b/test/integration/test-apt-update-file
@@ -22,6 +22,13 @@ chmod 550 aptarchive/dists/unstable/main/binary-amd64
testsuccess aptget update -qq
testsuccess aptget update -qq
+aptget update -qq -o Debug::pkgAcquire::Auth=1 2> output.log
+
+# ensure that the hash of the uncompressed file was verified even on a local
+# ims hit
+canary="SHA512:$(bzcat aptarchive/dists/unstable/main/binary-amd64/Packages.bz2 | sha512sum |cut -f1 -d' ')"
+grep -q "RecivedHash: $canary" output.log
+
# the cleanup should still work
chmod 750 aptarchive/dists/unstable/main/binary-amd64