From 713b65be84830af1a57148b44dc1d1d4010ece3e Mon Sep 17 00:00:00 2001 From: Sam Bingner Date: Thu, 26 Dec 2019 15:19:05 -1000 Subject: Revert "Treat SHA1 as Weak rather than untrusted. Add hardcoded exceptions for Modmyi/Zodttd/Bigboss to silence errors" This reverts commit 0a4d0898091e9a6ff584f14d310a13f61fb3d9a3. --- apt-pkg/acquire-item.cc | 10 ++-------- apt-pkg/contrib/hashes.cc | 2 ++ apt-pkg/deb/debmetaindex.cc | 5 ++--- 3 files changed, 6 insertions(+), 11 deletions(-) (limited to 'apt-pkg') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index fb47bc676..bb3bc1b56 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -257,7 +257,7 @@ static bool APT_NONNULL(3, 4, 5) AllowInsecureRepositories(InsecureType const ms if (TargetIsAllowedToBe(TransactionManager->Target, msg) == true) { - //MessageInsecureRepository(false, msgstr, repo); + MessageInsecureRepository(false, msgstr, repo); return true; } @@ -1608,7 +1608,7 @@ void pkgAcqMetaClearSig::QueueIndexes(bool const verify) /*{{{*/ } // optional targets that we do not have in the Release file are skipped - if (Target.IsOptional) + if (hasHashes == true && Target.IsOptional) { new CleanupItem(Owner, TransactionManager, Target); continue; @@ -1724,12 +1724,6 @@ void pkgAcqMetaClearSig::QueueIndexes(bool const verify) /*{{{*/ } else { - - if (Target.IsOptional){ - new CleanupItem(Owner, TransactionManager, Target); - continue; - } - // if we have no file to patch, no point in trying trypdiff &= (GetExistingFilename(GetFinalFileNameFromURI(Target.URI)).empty() == false); } diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc index fd8b12355..98b92cc81 100644 --- a/apt-pkg/contrib/hashes.cc +++ b/apt-pkg/contrib/hashes.cc @@ -140,6 +140,8 @@ APT_PURE bool HashString::usable() const /*{{{*/ { return ( (Type != "Checksum-FileSize") && + (Type != "MD5Sum") && + (Type != "SHA1") && !IsConfigured(Type.c_str(), "Untrusted") ); } diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc index 2039f8308..98bac7a70 100644 --- a/apt-pkg/deb/debmetaindex.cc +++ b/apt-pkg/deb/debmetaindex.cc @@ -523,12 +523,11 @@ bool debReleaseIndex::Load(std::string const &Filename, std::string * const Erro } bool AuthPossible = false; - /*if(FoundHashSum == false) + if(FoundHashSum == false) _error->Warning(_("No Hash entry in Release file %s"), Filename.c_str()); else if(FoundStrongHashSum == false) _error->Warning(_("No Hash entry in Release file %s which is considered strong enough for security purposes"), Filename.c_str()); - else*/ - if (FoundHashSum && FoundStrongHashSum) + else AuthPossible = true; std::string const StrDate = Section.FindS("Date"); -- cgit v1.2.3