From 23397c9d7d4d455461176600bb45c81185493504 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Thu, 23 Oct 2014 16:54:00 +0200 Subject: promote filesize to a hashstring It is a very simple hashstring, which is why it isn't contributing to the usability of a list of them, but it is also trivial to check and calculate, so it doesn't hurt checking it either as it can combined even with the simplest other hashes greatly complicate attacks on them as you suddenly need a same-size hash collision, which is usually a lot harder to achieve. --- test/integration/test-apt-update-filesize-mismatch | 55 ++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100755 test/integration/test-apt-update-filesize-mismatch (limited to 'test/integration/test-apt-update-filesize-mismatch') diff --git a/test/integration/test-apt-update-filesize-mismatch b/test/integration/test-apt-update-filesize-mismatch new file mode 100755 index 000000000..8c73c059e --- /dev/null +++ b/test/integration/test-apt-update-filesize-mismatch @@ -0,0 +1,55 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'i386' +configcompression 'gz' + +insertpackage 'testing' 'foo' 'all' '1' +insertpackage 'testing' 'foo2' 'all' '1' +insertsource 'testing' 'foo' 'all' '1' +insertsource 'testing' 'foo2' 'all' '1' + +setupaptarchive --no-update +changetowebserver + +find aptarchive \( -name 'Packages' -o -name 'Sources' -o -name 'Translation-en' \) -delete +for release in $(find aptarchive -name 'Release'); do + cp "$release" "${release}.backup" +done + +testsuccess aptget update +testsuccess aptcache show foo +testsuccess aptget install foo -s + +for get in $(sed -n 's#^GET /\([^ ]\+\.gz\) HTTP.\+$#\1#p' aptarchive/webserver.log); do + for ext in '' '.gz'; do + COMPRESSFILE="$get" + get="${get}${ext}" + FILE="$(basename -s '.gz' "$get")" + msgmsg 'Test filesize mismatch with file' "$FILE" + rm -rf rootdir/var/lib/apt/lists + + for release in $(find aptarchive -name 'Release'); do + SIZE="$(awk "/$FILE\$/ { print \$2; exit }" "${release}.backup")" + sed "s# $SIZE # $(($SIZE + 111)) #" "${release}.backup" > "$release" + done + signreleasefiles + + TEST='testfailure' + if expr match "$COMPRESSFILE" '^.*Translation-.*$' >/dev/null; then + TEST='testsuccess' + unset COMPRESSFILE + fi + $TEST aptget update -o Debug::pkgAcquire::Worker=1 + cp rootdir/tmp/${TEST}.output rootdir/tmp/update.output + testsuccess grep -E "$(basename -s '.gz' "$COMPRESSFILE").*Hash Sum mismatch" rootdir/tmp/update.output + $TEST aptcache show foo + $TEST aptget install foo -s + + testfailure aptcache show bar + testfailure aptget install bar -s + done +done -- cgit v1.2.3 From 6e2261d0f250406058d66b360080aa986953ae19 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 4 Nov 2014 22:01:59 +0100 Subject: test/integration/test-apt-update-filesize-mismatch: use "basename file suffix" instead of -s for compatibility with older systems --- test/integration/test-apt-update-filesize-mismatch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/integration/test-apt-update-filesize-mismatch') diff --git a/test/integration/test-apt-update-filesize-mismatch b/test/integration/test-apt-update-filesize-mismatch index 8c73c059e..b484c5161 100755 --- a/test/integration/test-apt-update-filesize-mismatch +++ b/test/integration/test-apt-update-filesize-mismatch @@ -28,7 +28,7 @@ for get in $(sed -n 's#^GET /\([^ ]\+\.gz\) HTTP.\+$#\1#p' aptarchive/webserver. for ext in '' '.gz'; do COMPRESSFILE="$get" get="${get}${ext}" - FILE="$(basename -s '.gz' "$get")" + FILE="$(basename "$get" '.gz')" msgmsg 'Test filesize mismatch with file' "$FILE" rm -rf rootdir/var/lib/apt/lists -- cgit v1.2.3