summaryrefslogtreecommitdiff
path: root/test/integration/test-cve-2018-0501-mirror-alternatives
blob: f154547653c58725e86de1ace8880787b0457c62 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#!/bin/sh
set -e
TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"

setupenvironment
configarchitecture "i386"

buildsimplenativepackage 'foo' 'all' '1' 'stable'
setupaptarchive --no-update
changetohttpswebserver

# User has mirror method configured in apt >= 1.6~alpha6 &
# Eve has enough MITM control over the network to
# a) have the mirror file include at least two mirrors and
# b) can send her bad InRelease files for both mirrors
sed -i -e 's# https:# mirror+https:#' -e 's#/ stable#/mirror.txt stable#' rootdir/etc/apt/sources.list.d/*-stable-*
echo "http://localhost:${APTHTTPPORT}
https://localhost:${APTHTTPSPORT}" > aptarchive/mirror.txt

# real Eve would do something worse…
sed -i "/^Date: / a\
Evil: yes" $(find ./aptarchive -name 'Release' -o -name 'InRelease')

# progress display shows that the InRelease file was bad,
# but it is used anyhow as the bad file causes a fallback to
# a request to the second mirror which completes successful
# causing apt to believe the verify completed successfully…
testfailure apt update
testfailure grep '^Evil:' rootdir/var/lib/apt/lists/*Release
testfailure apt show foo