}
string const FailReason = LookupTag(Message, "FailReason");
- enum { MAXIMUM_SIZE_EXCEEDED, HASHSUM_MISMATCH, OTHER } failreason = OTHER;
+ enum { MAXIMUM_SIZE_EXCEEDED, HASHSUM_MISMATCH, WEAK_HASHSUMS, OTHER } failreason = OTHER;
if ( FailReason == "MaximumSizeExceeded")
failreason = MAXIMUM_SIZE_EXCEEDED;
+ else if ( FailReason == "WeakHashSums")
+ failreason = WEAK_HASHSUMS;
else if (Status == StatAuthError)
failreason = HASHSUM_MISMATCH;
case HASHSUM_MISMATCH:
out << _("Hash Sum mismatch") << std::endl;
break;
+ case WEAK_HASHSUMS:
+ out << _("Insufficient information available to perform this download securely") << std::endl;
+ break;
case MAXIMUM_SIZE_EXCEEDED:
case OTHER:
out << LookupTag(Message, "Message") << std::endl;
{
case MAXIMUM_SIZE_EXCEEDED: RenameOnError(MaximumSizeExceeded); break;
case HASHSUM_MISMATCH: RenameOnError(HashSumMismatch); break;
+ case WEAK_HASHSUMS: break;
case OTHER: break;
}
{
if (isDoomedItem(Owner) == false)
{
- Message.append("\nFailReason: HashSumMismatch");
+ if (Message.find("\nFailReason:") == std::string::npos)
+ {
+ if (ReceivedHashes != ExpectedHashes)
+ Message.append("\nFailReason: HashSumMismatch");
+ else
+ Message.append("\nFailReason: WeakHashSums");
+ }
Owner->Failed(Message,Config);
}
if (Log != nullptr)
}
if (errTransient == false)
{
- auto const reasons = { "HashSumMismatch", "MaximumSizeExceeded" };
+ auto const reasons = { "HashSumMismatch", "WeakHashSums", "MaximumSizeExceeded" };
errAuthErr = std::find(std::begin(reasons), std::end(reasons), failReason) != std::end(reasons);
}
}
if (OutFd == -1)
return false;
+ HashStringList const hsl = Item->GetExpectedHashes();
+
+ if (isDoomedItem(Item->Owner))
+ return true;
+
+ if (hsl.usable() == false && Item->Owner->HashesRequired() &&
+ _config->Exists("Acquire::ForceHash") == false)
+ {
+ std::string const Message = "400 URI Failure"
+ "\nURI: " + Item->URI +
+ "\nFilename: " + Item->Owner->DestFile +
+ "\nFailReason: WeakHashSums";
+
+ auto const ItmOwners = Item->Owners;
+ for (auto &O: ItmOwners)
+ {
+ O->Status = pkgAcquire::Item::StatAuthError;
+ O->Failed(Message, Config);
+ if (Log != nullptr)
+ Log->Fail(O->GetItemDesc());
+ }
+ // "queued" successfully, the item just instantly failed
+ return true;
+ }
+
string Message = "600 URI Acquire\n";
Message.reserve(300);
Message += "URI: " + Item->URI;
Message += "\nFilename: " + Item->Owner->DestFile;
- HashStringList const hsl = Item->GetExpectedHashes();
for (HashStringList::const_iterator hs = hsl.begin(); hs != hsl.end(); ++hs)
Message += "\nExpected-" + hs->HashType() + ": " + hs->HashValue();
msgmsg 'Moving between Release files with good and bad hashes'
rm -rf rootdir/var/lib/apt/lists
confighashes 'MD5'
-generatereleasefiles 'now - 1 day'
+generatereleasefiles 'now - 7 days'
signreleasefiles
testfailure apt update
testnopkg 'foo'
rm -rf aptarchive/dists
insertpackage 'unstable' 'foo2' 'i386' '1.0'
insertsource 'unstable' 'foo2' 'any' '1.0'
-setupaptarchive --no-update 'now - 12 hours'
+setupaptarchive --no-update 'now - 5 days'
testsuccess apt update
testnopkg foo
testnotempty find rootdir/var/lib/apt/lists -maxdepth 1 -name '*InRelease' -o -name '*Release.gpg'
rm -rf aptarchive/dists
insertpackage 'unstable' 'foo3' 'i386' '1.0'
insertsource 'unstable' 'foo3' 'any' '1.0'
-setupaptarchive --no-update
+setupaptarchive --no-update 'now - 3 days'
testfailure apt update
testnopkg foo
testnopkg foo3
testwarning apt update --allow-insecure-repositories
testnopkg foo2
testbadpkg foo3
+
+msgmsg 'Working with packages guarded only by weak hashes'
+confighashes 'MD5'
+rm -rf aptarchive/dists
+buildsimplenativepackage 'foo4' 'i386' '1' 'unstable'
+setupaptarchive --no-update
+testfailure apt update
+confighashes 'SHA256'
+generatereleasefiles 'now - 1 day'
+signreleasefiles
+testsuccess apt update
+cd downloaded
+testfailure apt download foo4
+cp ../rootdir/tmp/testfailure.output download.output
+testfailure grep 'Hash Sum mismatch' download.output
+testsuccess grep 'Insufficient information' download.output
+
+testsuccess apt install foo4 -s
+testfailure apt install foo4 -dy
+cp ../rootdir/tmp/testfailure.output install.output
+testfailure grep 'Hash Sum mismatch' install.output
+testsuccess grep 'Insufficient information' download.output
+
+testsuccess apt source foo4
+cp ../rootdir/tmp/testsuccess.output source.output
+testsuccess grep 'Skipping download of file' source.output
+testfailure test -e foo4_1.dsc
+testsuccess test -e foo4_1.tar.*
+cd ..
projects / apt.git / commitdiff
