| 1234567891011121314151617181920212223242526272829303132333435363738394041 |
- #!/bin/sh
- set -e
- TESTDIR="$(readlink -f "$(dirname "$0")")"
- . "$TESTDIR/framework"
- setupenvironment
- configarchitecture 'i386'
- confighashes 'MD5'
- insertpackage 'unstable' 'foo' 'i386' '1.0'
- insertsource 'unstable' 'foo' 'any' '1.0'
- setupaptarchive --no-update
- APTARCHIVE="$(readlink -f ./aptarchive)"
- msgmsg 'Release contains only weak hashes'
- FILENAME="${APTARCHIVE}/dists/unstable/InRelease"
- MANGLED="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "$FILENAME" | sed 's#/#_#g')"
- testfailuremsg "W: Failed to fetch file:${FILENAME} No Hash entry in Release file ${MANGLED}, which is considered strong enough for security purposes
- E: Some index files failed to download. They have been ignored, or old ones used instead." apt update
- testnopackage foo
- testnosrcpackage foo
- msgmsg 'Release contains no hashes'
- sed -i -e '/^ / d' -e '/^MD5Sum:/ d' "$APTARCHIVE/dists/unstable/Release"
- signreleasefiles
- testfailuremsg "W: Failed to fetch file:${FILENAME} No Hash entry in Release file ${MANGLED}
- E: Some index files failed to download. They have been ignored, or old ones used instead." apt update
- testnopackage foo
- testnosrcpackage foo
- msgmsg 'Release contains only weak hashes for some files'
- confighashes 'MD5' 'SHA256'
- generatereleasefiles
- sed -i '/^ [0-9a-fA-Z]\{64\} .*Sources$/d' "$APTARCHIVE/dists/unstable/Release"
- signreleasefiles
- testwarningmsg "W: Skipping acquire of configured file 'main/source/Sources' as repository 'file:${APTARCHIVE} unstable InRelease' provides only weak security information for it" apt update
- testsuccess apt show foo
- testnosrcpackage foo
|