test-apt-update-weak-hashes 1.6 KB

1234567891011121314151617181920212223242526272829303132333435363738394041
  1. #!/bin/sh
  2. set -e
  3. TESTDIR="$(readlink -f "$(dirname "$0")")"
  4. . "$TESTDIR/framework"
  5. setupenvironment
  6. configarchitecture 'i386'
  7. confighashes 'MD5'
  8. insertpackage 'unstable' 'foo' 'i386' '1.0'
  9. insertsource 'unstable' 'foo' 'any' '1.0'
  10. setupaptarchive --no-update
  11. APTARCHIVE="$(readlink -f ./aptarchive)"
  12. msgmsg 'Release contains only weak hashes'
  13. FILENAME="${APTARCHIVE}/dists/unstable/InRelease"
  14. MANGLED="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "$FILENAME" | sed 's#/#_#g')"
  15. testfailuremsg "W: Failed to fetch file:${FILENAME} No Hash entry in Release file ${MANGLED}, which is considered strong enough for security purposes
  16. E: Some index files failed to download. They have been ignored, or old ones used instead." apt update
  17. testnopackage foo
  18. testnosrcpackage foo
  19. msgmsg 'Release contains no hashes'
  20. sed -i -e '/^ / d' -e '/^MD5Sum:/ d' "$APTARCHIVE/dists/unstable/Release"
  21. signreleasefiles
  22. testfailuremsg "W: Failed to fetch file:${FILENAME} No Hash entry in Release file ${MANGLED}
  23. E: Some index files failed to download. They have been ignored, or old ones used instead." apt update
  24. testnopackage foo
  25. testnosrcpackage foo
  26. msgmsg 'Release contains only weak hashes for some files'
  27. confighashes 'MD5' 'SHA256'
  28. generatereleasefiles
  29. sed -i '/^ [0-9a-fA-Z]\{64\} .*Sources$/d' "$APTARCHIVE/dists/unstable/Release"
  30. signreleasefiles
  31. testwarningmsg "W: Skipping acquire of configured file 'main/source/Sources' as repository 'file:${APTARCHIVE} unstable InRelease' provides only weak security information for it" apt update
  32. testsuccess apt show foo
  33. testnosrcpackage foo