summaryrefslogtreecommitdiff
path: root/apt-pkg/deb/debmetaindex.cc
diff options
context:
space:
mode:
Diffstat (limited to 'apt-pkg/deb/debmetaindex.cc')
-rw-r--r--apt-pkg/deb/debmetaindex.cc19
1 files changed, 15 insertions, 4 deletions
diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc
index 930286a41..c8026aedf 100644
--- a/apt-pkg/deb/debmetaindex.cc
+++ b/apt-pkg/deb/debmetaindex.cc
@@ -348,9 +348,11 @@ bool debReleaseIndex::Load(std::string const &Filename, std::string * const Erro
}
bool FoundHashSum = false;
- for (int i=0;HashString::SupportedHashes()[i] != NULL; i++)
+ bool FoundStrongHashSum = false;
+ auto const SupportedHashes = HashString::SupportedHashes();
+ for (int i=0; SupportedHashes[i] != NULL; i++)
{
- if (!Section.Find(HashString::SupportedHashes()[i], Start, End))
+ if (!Section.Find(SupportedHashes[i], Start, End))
continue;
std::string Name;
@@ -361,17 +363,20 @@ bool debReleaseIndex::Load(std::string const &Filename, std::string * const Erro
if (!parseSumData(Start, End, Name, Hash, Size))
return false;
+ HashString const hs(SupportedHashes[i], Hash);
if (Entries.find(Name) == Entries.end())
{
metaIndex::checkSum *Sum = new metaIndex::checkSum;
Sum->MetaKeyFilename = Name;
Sum->Size = Size;
Sum->Hashes.FileSize(Size);
- APT_IGNORE_DEPRECATED(Sum->Hash = HashString(HashString::SupportedHashes()[i],Hash);)
+ APT_IGNORE_DEPRECATED(Sum->Hash = hs;)
Entries[Name] = Sum;
}
- Entries[Name]->Hashes.push_back(HashString(HashString::SupportedHashes()[i],Hash));
+ Entries[Name]->Hashes.push_back(hs);
FoundHashSum = true;
+ if (FoundStrongHashSum == false && hs.usable() == true)
+ FoundStrongHashSum = true;
}
}
@@ -381,6 +386,12 @@ bool debReleaseIndex::Load(std::string const &Filename, std::string * const Erro
strprintf(*ErrorText, _("No Hash entry in Release file %s"), Filename.c_str());
return false;
}
+ if(FoundStrongHashSum == false)
+ {
+ if (ErrorText != NULL)
+ strprintf(*ErrorText, _("No Hash entry in Release file %s, which is considered strong enough for security purposes"), Filename.c_str());
+ return false;
+ }
std::string const StrDate = Section.FindS("Date");
if (RFC1123StrToTime(StrDate.c_str(), Date) == false)
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 02:39:58 +0000