blob: 29343565f51e3918e8a964cdda8804f6a34bab53 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
|
#!/bin/sh
set -e
TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"
setupenvironment
configarchitecture 'i386'
confighashes 'MD5'
export APT_DONT_SIGN=''
insertpackage 'unstable' 'foo' 'i386' '1.0'
insertsource 'unstable' 'foo' 'any' '1.0'
setupaptarchive --no-update
APTARCHIVE="$(readlink -f ./aptarchive)"
testnopkg() {
testnopackage "$@"
testnosrcpackage "$@"
}
testbadpkg() {
testempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*InRelease' -o -name '*Release.gpg'
testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*Release'
testnotempty apt show "$@"
testnotempty apt showsrc "$@"
testfailureequal "WARNING: The following packages cannot be authenticated!
$*
E: There were unauthenticated packages and -y was used without --allow-unauthenticated" aptget install -qq -y "$@"
testfailureequal "WARNING: The following packages cannot be authenticated!
$*
E: Some packages could not be authenticated" aptget source -qq "$@"
}
testrun() {
local TYPE="$1"
local FILENAME="$2"
shift 2
local MANGLED="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "$FILENAME" | sed 's#/#_#g')"
msgmsg "$TYPE contains only weak hashes"
confighashes 'MD5'
generatereleasefiles
signreleasefiles
preparetest
if [ -z "$1" ]; then
listcurrentlistsdirectory > lists.before
testfailuremsg "W: No Hash entry in Release file ${MANGLED} which is considered strong enough for security purposes
E: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details." apt update
testfileequal lists.before "$(listcurrentlistsdirectory)"
testnopkg 'foo'
else
testwarningmsg "W: No Hash entry in Release file ${MANGLED} which is considered strong enough for security purposes
W: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details." apt update "$@"
testbadpkg 'foo'
fi
msgmsg "$TYPE contains no hashes"
generatereleasefiles
sed -i -e '/^ / d' -e '/^MD5Sum:/ d' "$APTARCHIVE/dists/unstable/Release"
signreleasefiles
preparetest
if [ -z "$1" ]; then
listcurrentlistsdirectory > lists.before
testfailuremsg "W: No Hash entry in Release file ${MANGLED}
E: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details." apt update
testfileequal lists.before "$(listcurrentlistsdirectory)"
testnopkg 'foo'
else
testwarningmsg "W: No Hash entry in Release file ${MANGLED}
W: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details." apt update "$@"
testbadpkg 'foo'
fi
msgmsg "$TYPE contains only weak hashes for some files"
confighashes 'MD5' 'SHA256'
generatereleasefiles
sed -i '/^ [0-9a-fA-Z]\{64\} .*Sources$/d' "$APTARCHIVE/dists/unstable/Release"
signreleasefiles
preparetest
# trust is a repository property, so individual files can't be insecure
testwarningmsg "W: Skipping acquire of configured file 'main/source/Sources' as repository 'file:${APTARCHIVE} unstable InRelease' provides only weak security information for it" apt update "$@"
testsuccess apt show foo
testnosrcpackage foo
}
genericprepare() {
rm -rf rootdir/var/lib/apt/lists
mkdir -p rootdir/var/lib/apt/lists/partial
touch rootdir/var/lib/apt/lists/lock
local RELEASEGPG="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "${APTARCHIVE}/dists/unstable/Release.gpg" | sed 's#/#_#g')"
touch "$RELEASEGPG"
chmod 644 "$RELEASEGPG"
local INRELEASE="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "${APTARCHIVE}/dists/unstable/InRelease" | sed 's#/#_#g')"
touch "$INRELEASE"
chmod 644 "$INRELEASE"
}
preparetest() {
rm -f "${APTARCHIVE}/dists/unstable/Release" "${APTARCHIVE}/dists/unstable/Release.gpg"
genericprepare
}
testrun 'InRelease' "${APTARCHIVE}/dists/unstable/InRelease"
testrun 'InRelease' "${APTARCHIVE}/dists/unstable/InRelease" --allow-insecure-repositories -o APT::Get::List-Cleanup=0
preparetest() {
rm -f "${APTARCHIVE}/dists/unstable/InRelease"
genericprepare
}
testrun 'Release+Release.gpg' "${APTARCHIVE}/dists/unstable/Release"
testrun 'Release+Release.gpg' "${APTARCHIVE}/dists/unstable/Release" --allow-insecure-repositories -o APT::Get::List-Cleanup=0
preparetest() {
rm -f "${APTARCHIVE}/dists/unstable/InRelease" "${APTARCHIVE}/dists/unstable/Release.gpg"
genericprepare
}
msgmsg 'Moving between Release files with good and bad hashes'
rm -rf rootdir/var/lib/apt/lists
confighashes 'MD5'
generatereleasefiles 'now - 7 days'
signreleasefiles
testfailure apt update
testnopkg 'foo'
testwarning apt update --allow-insecure-repositories
testbadpkg 'foo'
confighashes 'MD5' 'SHA256'
rm -rf aptarchive/dists
insertpackage 'unstable' 'foo2' 'i386' '1.0'
insertsource 'unstable' 'foo2' 'any' '1.0'
setupaptarchive --no-update 'now - 5 days'
testsuccess apt update
testnopkg foo
testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*InRelease' -o -name '*Release.gpg'
testnotempty apt show foo2
testnotempty apt showsrc foo2
confighashes 'MD5'
rm -rf aptarchive/dists
insertpackage 'unstable' 'foo3' 'i386' '1.0'
insertsource 'unstable' 'foo3' 'any' '1.0'
setupaptarchive --no-update 'now - 3 days'
testfailure apt update
testnopkg foo
testnopkg foo3
testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*InRelease' -o -name '*Release.gpg'
testnotempty apt show foo2
testnotempty apt showsrc foo2
testwarning apt update --allow-insecure-repositories
testnopkg foo2
testbadpkg foo3
msgmsg 'Working with packages guarded only by weak hashes'
confighashes 'MD5'
rm -rf aptarchive/dists
buildsimplenativepackage 'foo4' 'i386' '1' 'unstable'
setupaptarchive --no-update
testfailure apt update
confighashes 'SHA256'
generatereleasefiles 'now - 1 day'
signreleasefiles
testsuccess apt update
cd downloaded
testfailure apt download foo4
cp ../rootdir/tmp/testfailure.output download.output
testfailure grep 'Hash Sum mismatch' download.output
testsuccess grep 'Insufficient information' download.output
testsuccess apt install foo4 -s
testfailure apt install foo4 -dy
cp ../rootdir/tmp/testfailure.output install.output
testfailure grep 'Hash Sum mismatch' install.output
testsuccess grep 'Insufficient information' download.output
testsuccess apt source foo4
cp ../rootdir/tmp/testsuccess.output source.output
testsuccess grep 'Skipping download of file' source.output
testfailure test -e foo4_1.dsc
testsuccess test -e foo4_1.tar.*
cd ..
|