From 23397c9d7d4d455461176600bb45c81185493504 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Thu, 23 Oct 2014 16:54:00 +0200 Subject: promote filesize to a hashstring It is a very simple hashstring, which is why it isn't contributing to the usability of a list of them, but it is also trivial to check and calculate, so it doesn't hurt checking it either as it can combined even with the simplest other hashes greatly complicate attacks on them as you suddenly need a same-size hash collision, which is usually a lot harder to achieve. --- test/integration/test-apt-update-hashsum-mismatch | 49 +++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100755 test/integration/test-apt-update-hashsum-mismatch (limited to 'test/integration/test-apt-update-hashsum-mismatch') diff --git a/test/integration/test-apt-update-hashsum-mismatch b/test/integration/test-apt-update-hashsum-mismatch new file mode 100755 index 000000000..747418c53 --- /dev/null +++ b/test/integration/test-apt-update-hashsum-mismatch @@ -0,0 +1,49 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'i386' +configcompression 'gz' + +insertpackage 'testing' 'foo' 'all' '1' +insertpackage 'testing' 'foo2' 'all' '1' +insertsource 'testing' 'foo' 'all' '1' +insertsource 'testing' 'foo2' 'all' '1' + +setupaptarchive --no-update +changetowebserver + +echo 'Package: bar +Maintainer: Doctor Evil +Description: come to the dark side +' > aptarchive/DoctorEvil +compressfile aptarchive/DoctorEvil + +find aptarchive \( -name 'Packages' -o -name 'Sources' -o -name 'Translation-en' \) -delete + +testsuccess aptget update +testsuccess aptcache show foo +testsuccess aptget install foo -s + +for get in $(sed -n 's#^GET /\([^ ]\+\.gz\) HTTP.\+$#\1#p' aptarchive/webserver.log); do + msgmsg 'Test hashsum mismatch with file' "$get" + rm -rf rootdir/var/lib/apt/lists + webserverconfig 'aptwebserver::overwrite' '' + webserverconfig "aptwebserver::overwrite::$(printf '%s' "${get}" | sed 's#/#%2F#g' )::filename" '%2FDoctorEvil.gz' + + TEST='testfailure' + if expr match "$get" '^.*Translation-.*$' >/dev/null; then + TEST='testsuccess' + unset get + fi + $TEST aptget update + cp rootdir/tmp/${TEST}.output rootdir/tmp/update.output + testsuccess grep -E "$(basename -s '.gz' "$get").*Hash Sum mismatch" rootdir/tmp/update.output + $TEST aptcache show foo + $TEST aptget install foo -s + + testfailure aptcache show bar + testfailure aptget install bar -s +done -- cgit v1.2.3