diff options
| -rwxr-xr-x | cmdline/apt-key | 11 | ||||
| -rw-r--r-- | test/integration/exploid-keyring-with-dupe-keys.pub | bin | 0 -> 3986 bytes | |||
| -rwxr-xr-x | test/integration/test-apt-key-net-update | 47 |
3 files changed, 58 insertions, 0 deletions
diff --git a/cmdline/apt-key b/cmdline/apt-key index 4d2b7c49f..8a3f5ba54 100755 --- a/cmdline/apt-key +++ b/cmdline/apt-key @@ -50,6 +50,17 @@ add_keys_with_verify_against_master_keyring() { # from a key in the $distro-master-keyring add_keys=`$GPG_CMD --keyring $ADD_KEYRING --with-colons --list-keys | grep ^pub | cut -d: -f5` master_keys=`$GPG_CMD --keyring $MASTER --with-colons --list-keys | grep ^pub | cut -d: -f5` + # verify to ensure that there are no key id duplications that may be + # used to attack the system, see LP: #857472 + for add_key in $add_keys; do + for master_key in $master_keys; do + if [ "$add_key" = "$master_key" ]; then + echo >&2 "Keyid collision for '$add_key' detected, operation aborted" + return 1 + fi + done + done + # add all keys signed with any of the master key(s) for add_key in $add_keys; do ADDED=0 for master_key in $master_keys; do diff --git a/test/integration/exploid-keyring-with-dupe-keys.pub b/test/integration/exploid-keyring-with-dupe-keys.pub Binary files differnew file mode 100644 index 000000000..642952a40 --- /dev/null +++ b/test/integration/exploid-keyring-with-dupe-keys.pub diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update new file mode 100755 index 000000000..66aafbbc4 --- /dev/null +++ b/test/integration/test-apt-key-net-update @@ -0,0 +1,47 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# mock +requires_root() { + return 0 +} + +# extract net_update() and import it +func=$( sed -n -e '/^add_keys_with_verify_against_master_keyring/,/^}/p' ${BUILDDIRECTORY}/apt-key ) +eval "$func" + +mkdir -p ./etc/apt +TRUSTEDFILE=./etc/apt/trusted.gpg +GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring" +GPG="$GPG_CMD --keyring $TRUSTEDFILE" +MASTER_KEYRING=/usr/share/keyrings/ubuntu-master-keyring.gpg + +msgtest "add_keys_with_verify_against_master_keyring" +if [ ! -e $MASTER_KEYRING ]; then + echo -n "No $MASTER_KEYRING found" + msgskip + exit 0 +fi + +# test bad keyring and ensure its not added (LP: #857472) +ADD_KEYRING=./keys/exploid-keyring-with-dupe-keys.pub +if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then + msgfail +else + msgpass +fi + +# test good keyring and ensure we get no errors +ADD_KEYRING=/usr/share/keyrings/ubuntu-archive-keyring.gpg +if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then + msgpass +else + msgfail +fi + |