From d30036922c6963846db4ab633b13fb87c1b5b462 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Sat, 18 Jun 2016 15:15:27 +0200 Subject: add [weak] tag to hash errors to indicate insufficiency For "Hash Sum mismatch" that info doesn't make a whole lot of difference, but for the new insufficient info message an indicator that while this hashes are there and even match, they aren't enough from a security standpoint. --- .../test-ubuntu-bug-1098738-apt-get-source-md5sum | 108 ++++++++++----------- 1 file changed, 54 insertions(+), 54 deletions(-) (limited to 'test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum') diff --git a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum index ac5dd11b8..a60f0bd3a 100755 --- a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum +++ b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum @@ -219,28 +219,28 @@ Err:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) Writing more data than expected (3 > 2) Hashes of expected file: - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a - - Checksum-FileSize:2 + - Checksum-FileSize:2 [weak] Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [4 B] Err:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) Hash Sum mismatch Hashes of expected file: - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb - - Checksum-FileSize:4 + - Checksum-FileSize:4 [weak] Hashes of received file: - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb - - Checksum-FileSize:3 + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc") E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc Writing more data than expected (3 > 2) Hashes of expected file: - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a - - Checksum-FileSize:2 + - Checksum-FileSize:2 [weak] E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz Hash Sum mismatch Hashes of expected file: - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb - - Checksum-FileSize:4 + - Checksum-FileSize:4 [weak] Hashes of received file: - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb - - Checksum-FileSize:3 + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc") E: Failed to fetch some archives." elif [ "$1" = 'pkg-md5-bad' ]; then @@ -250,49 +250,49 @@ Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B] Err:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) Hash Sum mismatch Hashes of expected file: - - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa - - Checksum-FileSize:3 + - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [weak] + - Checksum-FileSize:3 [weak] Hashes of received file: - SHA512:e52b7bb395ea3f46974f1f65b7c5975839aad32d4e2ec0f458f735d5aa24d2bf36d7816ed1e01dc3c493e11879e9a8f66dfca42821608cfe993996929a6be18a - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a - - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 - - MD5Sum:9604ba9427a280db542279d9ed78400b - - Checksum-FileSize:3 + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc") Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B] Err:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) Hash Sum mismatch Hashes of expected file: - - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb - - Checksum-FileSize:3 + - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb [weak] + - Checksum-FileSize:3 [weak] Hashes of received file: - SHA512:5aa4cad81553320574eb72ee92bd45a1f0575528e257749dff298b2a33df9e7fc7f5c1c87fc1c8fde230f1234cca3a99bf8625a0ff7bb3238eb7e5473f9b43c0 - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb - - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a - - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 - - Checksum-FileSize:3 + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz") E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc Hash Sum mismatch Hashes of expected file: - - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa - - Checksum-FileSize:3 + - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [weak] + - Checksum-FileSize:3 [weak] Hashes of received file: - SHA512:e52b7bb395ea3f46974f1f65b7c5975839aad32d4e2ec0f458f735d5aa24d2bf36d7816ed1e01dc3c493e11879e9a8f66dfca42821608cfe993996929a6be18a - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a - - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 - - MD5Sum:9604ba9427a280db542279d9ed78400b - - Checksum-FileSize:3 + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc") E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz Hash Sum mismatch Hashes of expected file: - - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb - - Checksum-FileSize:3 + - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb [weak] + - Checksum-FileSize:3 [weak] Hashes of received file: - SHA512:5aa4cad81553320574eb72ee92bd45a1f0575528e257749dff298b2a33df9e7fc7f5c1c87fc1c8fde230f1234cca3a99bf8625a0ff7bb3238eb7e5473f9b43c0 - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb - - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a - - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 - - Checksum-FileSize:3 + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz") E: Failed to fetch some archives." else @@ -303,52 +303,52 @@ Err:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) Hash Sum mismatch Hashes of expected file: - SHA256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa - - Checksum-FileSize:3 - - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 - - MD5Sum:9604ba9427a280db542279d9ed78400b + - Checksum-FileSize:3 [weak] + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] Hashes of received file: - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a - - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 - - MD5Sum:9604ba9427a280db542279d9ed78400b - - Checksum-FileSize:3 + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc") Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B] Err:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) Hash Sum mismatch Hashes of expected file: - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb - - Checksum-FileSize:3 - - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a - - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 + - Checksum-FileSize:3 [weak] + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] Hashes of received file: - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb - - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a - - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 - - Checksum-FileSize:3 + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz") E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc Hash Sum mismatch Hashes of expected file: - SHA256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa - - Checksum-FileSize:3 - - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 - - MD5Sum:9604ba9427a280db542279d9ed78400b + - Checksum-FileSize:3 [weak] + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] Hashes of received file: - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a - - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 - - MD5Sum:9604ba9427a280db542279d9ed78400b - - Checksum-FileSize:3 + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc") E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz Hash Sum mismatch Hashes of expected file: - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb - - Checksum-FileSize:3 - - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a - - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 + - Checksum-FileSize:3 [weak] + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] Hashes of received file: - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb - - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a - - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 - - Checksum-FileSize:3 + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz") E: Failed to fetch some archives." fi @@ -429,18 +429,18 @@ Err:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar) Hash Sum mismatch Hashes of expected file: - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb - - Checksum-FileSize:3 + - Checksum-FileSize:3 [weak] Hashes of received file: - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb - - Checksum-FileSize:3 + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification 'aptarchive/pkg-mixed-sha2-bad_1.0.tar.gz') E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch Hashes of expected file: - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb - - Checksum-FileSize:3 + - Checksum-FileSize:3 [weak] Hashes of received file: - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb - - Checksum-FileSize:3 + - Checksum-FileSize:3 [weak] Last modification reported: $(lastmodification 'aptarchive/pkg-mixed-sha2-bad_1.0.tar.gz') E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad -- cgit v1.2.3