[apt.git] / test / integration / test-apt-update-weak-hashes

#!/bin/sh
set -e

TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"

setupenvironment
configarchitecture 'i386'
confighashes 'MD5'
export APT_DONT_SIGN=''

insertpackage 'unstable' 'foo' 'i386' '1.0'
insertsource 'unstable' 'foo' 'any' '1.0'

setupaptarchive --no-update
APTARCHIVE="$(readlink -f ./aptarchive)"

testnopkg() {
	testnopackage "$@"
	testnosrcpackage "$@"
}
testbadpkg() {
	testempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*InRelease' -o -name '*Release.gpg'
	testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*Release'
	testnotempty apt show "$@"
	testnotempty apt showsrc "$@"
	testfailureequal "WARNING: The following packages cannot be authenticated!
  $*
E: There were unauthenticated packages and -y was used without --allow-unauthenticated" aptget install -qq -y "$@"
	testfailureequal "WARNING: The following packages cannot be authenticated!
  $*
E: Some packages could not be authenticated" aptget source -qq "$@"
}

testrun() {
	local TYPE="$1"
	local FILENAME="$2"
	shift 2
	local MANGLED="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "$FILENAME" | sed 's#/#_#g')"
	msgmsg "$TYPE contains only weak hashes"
	confighashes 'MD5'
	generatereleasefiles
	signreleasefiles
	preparetest
	if [ -z "$1" ]; then
		listcurrentlistsdirectory > lists.before
		testfailuremsg "W: No Hash entry in Release file ${MANGLED} which is considered strong enough for security purposes
E: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details." apt update
		testfileequal lists.before "$(listcurrentlistsdirectory)"
		testnopkg 'foo'
	else
		testwarningmsg "W: No Hash entry in Release file ${MANGLED} which is considered strong enough for security purposes
W: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details." apt update "$@"
		testbadpkg 'foo'
	fi

	msgmsg "$TYPE contains only weak hashes, but source allows weak"
	sed -i 's#^deb\(-src\)\? #deb\1 [allow-weak=yes] #' rootdir/etc/apt/sources.list.d/*
	genericprepare
	testwarningmsg "W: No Hash entry in Release file ${MANGLED} which is considered strong enough for security purposes
W: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details." apt update "$@"
	testbadpkg 'foo'
	sed -i 's#^deb\(-src\)\? \[allow-weak=yes\] #deb\1 #' rootdir/etc/apt/sources.list.d/*

	msgmsg "$TYPE contains no hashes"
	generatereleasefiles
	sed -i -e '/^ / d' -e '/^MD5Sum:/ d' "$APTARCHIVE/dists/unstable/Release"
	signreleasefiles
	preparetest
	if [ -z "$1" ]; then
		listcurrentlistsdirectory > lists.before
		testfailuremsg "W: No Hash entry in Release file ${MANGLED}
E: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details." apt update
		testfileequal lists.before "$(listcurrentlistsdirectory)"
		testnopkg 'foo'
	else
		testwarningmsg "W: No Hash entry in Release file ${MANGLED}
W: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details." apt update "$@"
		testbadpkg 'foo'
	fi

	msgmsg "$TYPE contains only weak hashes for some files"
	confighashes 'MD5' 'SHA256'
	generatereleasefiles
	sed -i '/^ [0-9a-fA-Z]\{64\} .*Sources$/d' "$APTARCHIVE/dists/unstable/Release"
	signreleasefiles
	preparetest
	if [ -z "$1" ]; then
		testwarningmsg "W: Skipping acquire of configured file 'main/source/Sources' as repository 'file:${APTARCHIVE} unstable InRelease' provides only weak security information for it" apt update
		testnosrcpackage foo
	else
		rm -f rootdir/var/lib/apt/lists/partial/*
		testsuccess apt update "$@"
		testnotempty apt showsrc foo
	fi
	testsuccess apt show foo
}

genericprepare() {
	rm -rf rootdir/var/lib/apt/lists
	mkdir -p rootdir/var/lib/apt/lists/partial
	touch rootdir/var/lib/apt/lists/lock
	local RELEASEGPG="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "${APTARCHIVE}/dists/unstable/Release.gpg" | sed 's#/#_#g')"
	touch "$RELEASEGPG"
	chmod 644 "$RELEASEGPG"
	local INRELEASE="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "${APTARCHIVE}/dists/unstable/InRelease" | sed 's#/#_#g')"
	touch "$INRELEASE"
	chmod 644 "$INRELEASE"
}
preparetest() {
	rm -f "${APTARCHIVE}/dists/unstable/Release" "${APTARCHIVE}/dists/unstable/Release.gpg"
	genericprepare
}
testrun 'InRelease' "${APTARCHIVE}/dists/unstable/InRelease"
testrun 'InRelease' "${APTARCHIVE}/dists/unstable/InRelease" --allow-weak-repositories -o APT::Get::List-Cleanup=0

preparetest() {
	rm -f "${APTARCHIVE}/dists/unstable/InRelease"
	genericprepare
}
testrun 'Release+Release.gpg' "${APTARCHIVE}/dists/unstable/Release"
testrun 'Release+Release.gpg' "${APTARCHIVE}/dists/unstable/Release" --allow-weak-repositories -o APT::Get::List-Cleanup=0

preparetest() {
	rm -f "${APTARCHIVE}/dists/unstable/InRelease" "${APTARCHIVE}/dists/unstable/Release.gpg"
	genericprepare
}

msgmsg 'Moving between Release files with good and bad hashes'
rm -rf rootdir/var/lib/apt/lists
confighashes 'MD5'
generatereleasefiles 'now - 7 days'
signreleasefiles
testfailure apt update
testnopkg 'foo'
testwarning apt update --allow-weak-repositories
testbadpkg 'foo'

confighashes 'MD5' 'SHA256'
rm -rf aptarchive/dists
insertpackage 'unstable' 'foo2' 'i386' '1.0'
insertsource 'unstable' 'foo2' 'any' '1.0'
setupaptarchive --no-update 'now - 5 days'
testsuccess apt update
testnopkg foo
testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*InRelease' -o -name '*Release.gpg'
testnotempty apt show foo2
testnotempty apt showsrc foo2

confighashes 'MD5'
rm -rf aptarchive/dists
insertpackage 'unstable' 'foo3' 'i386' '1.0'
insertsource 'unstable' 'foo3' 'any' '1.0'
setupaptarchive --no-update 'now - 3 days'
testfailure apt update
testnopkg foo
testnopkg foo3
testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*InRelease' -o -name '*Release.gpg'
testnotempty apt show foo2
testnotempty apt showsrc foo2
testwarning apt update --allow-weak-repositories
testnopkg foo2
testbadpkg foo3

msgmsg 'Working with packages guarded only by weak hashes'
confighashes 'MD5'
rm -rf aptarchive/dists
buildsimplenativepackage 'foo4' 'i386' '1' 'unstable'
setupaptarchive --no-update
testfailure apt update
confighashes 'SHA256'
generatereleasefiles 'now - 1 day'
signreleasefiles
testsuccess apt update
cd downloaded
testfailure apt download foo4
cp ../rootdir/tmp/testfailure.output download.output
testfailure grep 'Hash Sum mismatch' download.output
testsuccess grep 'Insufficient information' download.output

testsuccess apt install foo4 -s
testfailure apt install foo4 -dy
cp ../rootdir/tmp/testfailure.output install.output
testfailure grep 'Hash Sum mismatch' install.output
testsuccess grep 'Insufficient information' download.output

testsuccess apt source foo4
cp ../rootdir/tmp/testsuccess.output source.output
testsuccess grep 'Skipping download of file' source.output
testfailure test -e foo4_1.dsc
testsuccess test -e foo4_1.tar.*
cd ..
Commit	Line	Data
bd4a8f51 DK	1	#!/bin/sh
	2	set -e
	3
	4	TESTDIR="$(readlink -f "$(dirname "$0")")"
	5	. "$TESTDIR/framework"
	6
	7	setupenvironment
	8	configarchitecture 'i386'
	9	confighashes 'MD5'
ab94dcec	10	export APT_DONT_SIGN=''
bd4a8f51 DK	11
	12	insertpackage 'unstable' 'foo' 'i386' '1.0'
	13	insertsource 'unstable' 'foo' 'any' '1.0'
	14
	15	setupaptarchive --no-update
	16	APTARCHIVE="$(readlink -f ./aptarchive)"
	17
ab94dcec DK	18	testnopkg() {
	19	testnopackage "$@"
	20	testnosrcpackage "$@"
	21	}
	22	testbadpkg() {
	23	testempty find rootdir/var/lib/apt/lists -maxdepth 1 -name 'InRelease' -o -name 'Release.gpg'
	24	testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*Release'
	25	testnotempty apt show "$@"
	26	testnotempty apt showsrc "$@"
	27	testfailureequal "WARNING: The following packages cannot be authenticated!
	28	$*
	29	E: There were unauthenticated packages and -y was used without --allow-unauthenticated" aptget install -qq -y "$@"
	30	testfailureequal "WARNING: The following packages cannot be authenticated!
	31	$*
	32	E: Some packages could not be authenticated" aptget source -qq "$@"
	33	}
bd4a8f51	34
ab94dcec DK	35	testrun() {
	36	local TYPE="$1"
	37	local FILENAME="$2"
	38	shift 2
	39	local MANGLED="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "$FILENAME" \| sed 's#/#_#g')"
	40	msgmsg "$TYPE contains only weak hashes"
	41	confighashes 'MD5'
	42	generatereleasefiles
	43	signreleasefiles
	44	preparetest
	45	if [ -z "$1" ]; then
	46	listcurrentlistsdirectory > lists.before
	47	testfailuremsg "W: No Hash entry in Release file ${MANGLED} which is considered strong enough for security purposes
	48	E: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
	49	N: Updating from such a repository can't be done securely, and is therefore disabled by default.
	50	N: See apt-secure(8) manpage for repository creation and user configuration details." apt update
	51	testfileequal lists.before "$(listcurrentlistsdirectory)"
	52	testnopkg 'foo'
	53	else
	54	testwarningmsg "W: No Hash entry in Release file ${MANGLED} which is considered strong enough for security purposes
	55	W: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
	56	N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
	57	N: See apt-secure(8) manpage for repository creation and user configuration details." apt update "$@"
	58	testbadpkg 'foo'
	59	fi
	60
d03b947b DK	61	msgmsg "$TYPE contains only weak hashes, but source allows weak"
	62	sed -i 's#^deb\(-src\)\? #deb\1 [allow-weak=yes] #' rootdir/etc/apt/sources.list.d/*
	63	genericprepare
	64	testwarningmsg "W: No Hash entry in Release file ${MANGLED} which is considered strong enough for security purposes
	65	W: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
	66	N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
	67	N: See apt-secure(8) manpage for repository creation and user configuration details." apt update "$@"
	68	testbadpkg 'foo'
	69	sed -i 's#^deb\(-src\)\? \[allow-weak=yes\] #deb\1 #' rootdir/etc/apt/sources.list.d/*
	70
ab94dcec DK	71	msgmsg "$TYPE contains no hashes"
	72	generatereleasefiles
	73	sed -i -e '/^ / d' -e '/^MD5Sum:/ d' "$APTARCHIVE/dists/unstable/Release"
	74	signreleasefiles
	75	preparetest
	76	if [ -z "$1" ]; then
	77	listcurrentlistsdirectory > lists.before
	78	testfailuremsg "W: No Hash entry in Release file ${MANGLED}
	79	E: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
	80	N: Updating from such a repository can't be done securely, and is therefore disabled by default.
	81	N: See apt-secure(8) manpage for repository creation and user configuration details." apt update
	82	testfileequal lists.before "$(listcurrentlistsdirectory)"
	83	testnopkg 'foo'
	84	else
	85	testwarningmsg "W: No Hash entry in Release file ${MANGLED}
	86	W: The repository 'file:${APTARCHIVE} unstable $(basename "$FILENAME")' provides only weak security information.
	87	N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
	88	N: See apt-secure(8) manpage for repository creation and user configuration details." apt update "$@"
	89	testbadpkg 'foo'
	90	fi
	91
	92	msgmsg "$TYPE contains only weak hashes for some files"
	93	confighashes 'MD5' 'SHA256'
	94	generatereleasefiles
	95	sed -i '/^ [0-9a-fA-Z]\{64\} .*Sources$/d' "$APTARCHIVE/dists/unstable/Release"
	96	signreleasefiles
	97	preparetest
d03b947b DK	98	if [ -z "$1" ]; then
	99	testwarningmsg "W: Skipping acquire of configured file 'main/source/Sources' as repository 'file:${APTARCHIVE} unstable InRelease' provides only weak security information for it" apt update
	100	testnosrcpackage foo
	101	else
	102	rm -f rootdir/var/lib/apt/lists/partial/*
	103	testsuccess apt update "$@"
	104	testnotempty apt showsrc foo
	105	fi
ab94dcec	106	testsuccess apt show foo
ab94dcec DK	107	}
	108
	109	genericprepare() {
	110	rm -rf rootdir/var/lib/apt/lists
	111	mkdir -p rootdir/var/lib/apt/lists/partial
	112	touch rootdir/var/lib/apt/lists/lock
	113	local RELEASEGPG="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "${APTARCHIVE}/dists/unstable/Release.gpg" \| sed 's#/#_#g')"
	114	touch "$RELEASEGPG"
	115	chmod 644 "$RELEASEGPG"
	116	local INRELEASE="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "${APTARCHIVE}/dists/unstable/InRelease" \| sed 's#/#_#g')"
	117	touch "$INRELEASE"
	118	chmod 644 "$INRELEASE"
	119	}
	120	preparetest() {
	121	rm -f "${APTARCHIVE}/dists/unstable/Release" "${APTARCHIVE}/dists/unstable/Release.gpg"
	122	genericprepare
	123	}
	124	testrun 'InRelease' "${APTARCHIVE}/dists/unstable/InRelease"
d03b947b	125	testrun 'InRelease' "${APTARCHIVE}/dists/unstable/InRelease" --allow-weak-repositories -o APT::Get::List-Cleanup=0
ab94dcec DK	126
	127	preparetest() {
	128	rm -f "${APTARCHIVE}/dists/unstable/InRelease"
	129	genericprepare
	130	}
	131	testrun 'Release+Release.gpg' "${APTARCHIVE}/dists/unstable/Release"
d03b947b	132	testrun 'Release+Release.gpg' "${APTARCHIVE}/dists/unstable/Release" --allow-weak-repositories -o APT::Get::List-Cleanup=0
ab94dcec DK	133
	134	preparetest() {
	135	rm -f "${APTARCHIVE}/dists/unstable/InRelease" "${APTARCHIVE}/dists/unstable/Release.gpg"
	136	genericprepare
	137	}
	138
	139	msgmsg 'Moving between Release files with good and bad hashes'
	140	rm -rf rootdir/var/lib/apt/lists
	141	confighashes 'MD5'
562f0774	142	generatereleasefiles 'now - 7 days'
bd4a8f51	143	signreleasefiles
ab94dcec DK	144	testfailure apt update
ab94dcec DK	145	testnopkg 'foo'
d03b947b	146	testwarning apt update --allow-weak-repositories
ab94dcec	147	testbadpkg 'foo'
bd4a8f51	148
bd4a8f51	149	confighashes 'MD5' 'SHA256'
ab94dcec DK	150	rm -rf aptarchive/dists
	151	insertpackage 'unstable' 'foo2' 'i386' '1.0'
	152	insertsource 'unstable' 'foo2' 'any' '1.0'
562f0774	153	setupaptarchive --no-update 'now - 5 days'
ab94dcec DK	154	testsuccess apt update
	155	testnopkg foo
	156	testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name 'InRelease' -o -name 'Release.gpg'
	157	testnotempty apt show foo2
	158	testnotempty apt showsrc foo2
	159
	160	confighashes 'MD5'
	161	rm -rf aptarchive/dists
	162	insertpackage 'unstable' 'foo3' 'i386' '1.0'
	163	insertsource 'unstable' 'foo3' 'any' '1.0'
562f0774	164	setupaptarchive --no-update 'now - 3 days'
ab94dcec DK	165	testfailure apt update
	166	testnopkg foo
	167	testnopkg foo3
	168	testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name 'InRelease' -o -name 'Release.gpg'
	169	testnotempty apt show foo2
	170	testnotempty apt showsrc foo2
d03b947b	171	testwarning apt update --allow-weak-repositories
ab94dcec DK	172	testnopkg foo2
ab94dcec DK	173	testbadpkg foo3
562f0774 DK	174
	175	msgmsg 'Working with packages guarded only by weak hashes'
	176	confighashes 'MD5'
	177	rm -rf aptarchive/dists
	178	buildsimplenativepackage 'foo4' 'i386' '1' 'unstable'
	179	setupaptarchive --no-update
	180	testfailure apt update
	181	confighashes 'SHA256'
	182	generatereleasefiles 'now - 1 day'
	183	signreleasefiles
	184	testsuccess apt update
	185	cd downloaded
	186	testfailure apt download foo4
	187	cp ../rootdir/tmp/testfailure.output download.output
	188	testfailure grep 'Hash Sum mismatch' download.output
	189	testsuccess grep 'Insufficient information' download.output
	190
	191	testsuccess apt install foo4 -s
	192	testfailure apt install foo4 -dy
	193	cp ../rootdir/tmp/testfailure.output install.output
	194	testfailure grep 'Hash Sum mismatch' install.output
	195	testsuccess grep 'Insufficient information' download.output
	196
	197	testsuccess apt source foo4
	198	cp ../rootdir/tmp/testsuccess.output source.output
	199	testsuccess grep 'Skipping download of file' source.output
	200	testfailure test -e foo4_1.dsc
	201	testsuccess test -e foo4_1.tar.*
	202	cd ..