From 51c04562559d0924aa52cc8c9b69901bc8a5c945 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Sun, 13 Mar 2016 12:21:09 +0100 Subject: Do not consider SHA1 usable SHA1 is not reasonably secure anymore, so we should not consider it usable anymore. The test suite is adjusted to account for this. --- apt-pkg/contrib/hashes.cc | 3 +- test/integration/framework | 2 +- test/integration/test-apt-ftparchive-by-hash | 4 +-- test/integration/test-partial-file-support | 2 +- .../test-ubuntu-bug-1098738-apt-get-source-md5sum | 37 ++++++++++++++-------- test/libapt/hashsums_test.cc | 9 +++++- 6 files changed, 37 insertions(+), 20 deletions(-) diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc index 5c0023dc7..f2b91501e 100644 --- a/apt-pkg/contrib/hashes.cc +++ b/apt-pkg/contrib/hashes.cc @@ -133,7 +133,8 @@ APT_PURE bool HashString::usable() const /*{{{*/ { return ( (Type != "Checksum-FileSize") && - (Type != "MD5Sum") + (Type != "MD5Sum") && + (Type != "SHA1") ); } /*}}}*/ diff --git a/test/integration/framework b/test/integration/framework index a0eeb6d45..ffec06641 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -390,7 +390,7 @@ EOF echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary echo 'Acquire::Connect::AddrConfig "false";' > rootdir/etc/apt/apt.conf.d/connect-addrconfig configcompression '.' 'gz' #'bz2' 'lzma' 'xz' - confighashes 'SHA1' # these are tests, not security best-practices + confighashes 'SHA256' # these are tests, not security best-practices # create some files in /tmp and look at user/group to get what this means TEST_DEFAULT_USER="$(id -un)" diff --git a/test/integration/test-apt-ftparchive-by-hash b/test/integration/test-apt-ftparchive-by-hash index c7aeea0f9..d08b94290 100755 --- a/test/integration/test-apt-ftparchive-by-hash +++ b/test/integration/test-apt-ftparchive-by-hash @@ -2,7 +2,7 @@ set -e verify_by_hash() { - for hash_gen in SHA1:sha1sum SHA256:sha256sum SHA512:sha512sum; do + for hash_gen in SHA256:sha256sum SHA512:sha512sum; do hash=$(echo ${hash_gen} | cut -f1 -d:) gen=$(echo ${hash_gen} | cut -f2 -d:) testsuccess stat aptarchive/dists/unstable/main/binary-i386/by-hash/$hash/$($gen aptarchive/dists/unstable/main/binary-i386/Packages | cut -f1 -d' ') @@ -18,7 +18,7 @@ TESTDIR="$(readlink -f "$(dirname "$0")")" setupenvironment configarchitecture 'i386' configcompression 'gz' '.' -confighashes 'SHA1' 'SHA256' 'SHA512' +confighashes 'SHA256' 'SHA512' # enable by-hash in apt-ftparchive echo 'APT::FTPArchive::DoByHash "1";' >> aptconfig.conf diff --git a/test/integration/test-partial-file-support b/test/integration/test-partial-file-support index 8cfc3f2d3..e2d2743b3 100755 --- a/test/integration/test-partial-file-support +++ b/test/integration/test-partial-file-support @@ -80,7 +80,7 @@ followuprequest() { webserverconfig 'aptwebserver::support::content-range' 'false' copysource $TESTFILE 1M $DOWN - testdownloadfile 'completely downloaded file' "${1}/testfile" "$DOWN" '=' "SHA1:$(sha1sum "$TESTFILE" | cut -d' ' -f 1)" + testdownloadfile 'completely downloaded file' "${1}/testfile" "$DOWN" '=' "SHA256:$(sha256sum "$TESTFILE" | cut -d' ' -f 1)" testwebserverlaststatuscode '416' "$DOWNLOADLOG" webserverconfig 'aptwebserver::support::content-range' 'true' diff --git a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum index 015a803bc..7ac993d39 100755 --- a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum +++ b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum @@ -17,6 +17,15 @@ Files: 9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz +Package: pkg-sha1-ok +Binary: pkg-sha1-ok +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Files: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha1-ok_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha1-ok_1.0.tar.gz + Package: pkg-sha256-ok Binary: pkg-sha256-ok Version: 1.0 @@ -139,7 +148,7 @@ Checksums-Sha256: EOF # create fetchable files -for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \ +for x in 'pkg-md5-ok' 'pkg-sha1-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \ 'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \ 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \ 'pkg-md5-bad'; do @@ -230,6 +239,7 @@ Download complete and in download only mode" aptget source --allow-unauthenticat } testnohash pkg-md5-ok +testnohash pkg-sha1-ok testok pkg-sha256-ok testkeep pkg-sha256-ok @@ -255,29 +265,28 @@ testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz # deal with cases in which we haven't for all files the same checksum type # mostly pathologic as this shouldn't happen, but just to be sure -testok pkg-mixed-ok -testfailureequal "Reading package lists... -Need to get 6 B of source archives. +testsuccessequal "Reading package lists... +Skipping download of file 'pkg-mixed-ok_1.0.tar.gz' as requested hashsum is not available for authentication +Need to get 3 B of source archives. +Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-ok 1.0 (dsc) [3 B] +Download complete and in download only mode" aptget source -d pkg-mixed-ok + +testsuccessequal "Reading package lists... +Skipping download of file 'pkg-mixed-sha1-bad_1.0.dsc' as requested hashsum is not available for authentication +Need to get 3 B of source archives. Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (tar) [3 B] -Get:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (dsc) [3 B] -Err:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (dsc) - Hash Sum mismatch -E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch - -E: Failed to fetch some archives." aptget source -d pkg-mixed-sha1-bad +Download complete and in download only mode" aptget source -d pkg-mixed-sha1-bad msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad' testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz testfailureequal "Reading package lists... -Need to get 6 B of source archives. +Skipping download of file 'pkg-mixed-sha2-bad_1.0.dsc' as requested hashsum is not available for authentication +Need to get 3 B of source archives. Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar) [3 B] Err:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar) Hash Sum mismatch -Get:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (dsc) [3 B] E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad -msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad' -testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz # it gets even more pathologic: multiple entries for one file, some even disagreeing! testnohash pkg-md5-agree diff --git a/test/libapt/hashsums_test.cc b/test/libapt/hashsums_test.cc index 033493f84..705c0297d 100644 --- a/test/libapt/hashsums_test.cc +++ b/test/libapt/hashsums_test.cc @@ -328,11 +328,18 @@ TEST(HashSumsTest, HashStringList) EXPECT_EQ(29, list.FileSize()); EXPECT_TRUE(NULL != list.find("MD5Sum")); list.push_back(HashString("SHA1", "cacecbd74968bc90ea3342767e6b94f46ddbcafc")); - EXPECT_TRUE(list.usable()); + EXPECT_FALSE(list.usable()); EXPECT_EQ(3, list.size()); EXPECT_EQ(29, list.FileSize()); EXPECT_TRUE(NULL != list.find("MD5Sum")); EXPECT_TRUE(NULL != list.find("SHA1")); + list.push_back(HashString("SHA256", "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")); + EXPECT_TRUE(list.usable()); + EXPECT_EQ(4, list.size()); + EXPECT_EQ(29, list.FileSize()); + EXPECT_TRUE(NULL != list.find("MD5Sum")); + EXPECT_TRUE(NULL != list.find("SHA1")); + EXPECT_TRUE(NULL != list.find("SHA256")); Hashes hashes; hashes.Add("The quick brown fox jumps over the lazy dog"); -- cgit v1.2.3