Allow lowering trust level of a hash via config

Introduces APT::Hashes::<NAME> with entries Untrusted and Weak
which can be set to true to cause the hash to be treated as
untrusted and/or weak.

diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc
index f2b91501e5a5aed23e2cab77ad666eec1485ea1b..755ad20351443d321a6372ad614f2e1e2218e0fe 100644 (file)
--- a/apt-pkg/contrib/hashes.cc
+++ b/apt-pkg/contrib/hashes.cc
@@ -129,12 +129,21 @@ APT_PURE bool HashString::empty() const                                   /*{{{*/
    return (Type.empty() || Hash.empty());
 }
                                                                        /*}}}*/
+
+APT_PURE static bool IsConfigured(const char *name, const char *what)
+{
+   std::string option;
+   strprintf(option, "APT::Hashes::%s::%s", name, what);
+   return _config->FindB(option, false);
+}
+
 APT_PURE bool HashString::usable() const                               /*{{{*/
 {
    return (
       (Type != "Checksum-FileSize") &&
       (Type != "MD5Sum") &&
-      (Type != "SHA1")
+      (Type != "SHA1") &&
+      !IsConfigured(Type.c_str(), "Untrusted")
    );
 }
                                                                        /*}}}*/

diff --git a/methods/gpgv.cc b/methods/gpgv.cc
index 43f1df878a49efa84a6b0623cf29c8b15d9c33be..60a7d4719a07ee43ec75bd2dfae8cc6e2d6a54f0 100644 (file)
--- a/methods/gpgv.cc
+++ b/methods/gpgv.cc
@@ -45,19 +45,20 @@ struct Digest {
       Untrusted,
       Weak,
       Trusted,
-      Configureable
    } state;
    char name[32];
 
    State getState() const {
-      if (state != Digest::State::Configureable)
-        return state;
-      std::string const digestconfig = _config->Find("Debug::Acquire::gpgv::configdigest::truststate", "trusted");
-      if (digestconfig == "weak")
-        return State::Weak;
-      else if (digestconfig == "untrusted")
+      std::string optionUntrusted;
+      std::string optionWeak;
+      strprintf(optionUntrusted, "APT::Hashes::%s::Untrusted", name);
+      strprintf(optionWeak, "APT::Hashes::%s::Weak", name);
+      if (_config->FindB(optionUntrusted, state == State::Untrusted) == true)
         return State::Untrusted;
-      return State::Trusted;
+      if (_config->FindB(optionWeak, state == State::Weak) == true)
+        return State::Weak;
+
+      return state;
    }
 };
 
@@ -73,9 +74,8 @@ static constexpr Digest Digests[] = {
    {Digest::State::Trusted, "SHA256"},
    {Digest::State::Trusted, "SHA384"},
    {Digest::State::Trusted, "SHA512"},
-   {Digest::State::Configureable, "SHA224"},
+   {Digest::State::Trusted, "SHA224"},
 };
-static_assert(Digests[_count(Digests) - 1].state == Digest::State::Configureable, "the last digest algo isn't the configurable one which we expect for tests");
 
 static Digest FindDigest(std::string const & Digest)
 {
@@ -234,8 +234,8 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
            if (Debug == true)
               std::clog << "Got untrusted VALIDSIG, key ID: " << sig << std::endl;
             break;
-        case Digest::State::Configureable:
-         case Digest::State::Trusted:
+
+        case Digest::State::Trusted:
            if (Debug == true)
               std::clog << "Got trusted VALIDSIG, key ID: " << sig << std::endl;
             break;

diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification
index ffb5073b6ad886388af8c1edc1f65cc4d5c9b2b2..c349c44283b5de8d434c01b1face6b8a4ff0ee93 100755 (executable)
--- a/test/integration/test-releasefile-verification
+++ b/test/integration/test-releasefile-verification
@@ -258,7 +258,7 @@ runtest2() {
 }
 
 runtest3() {
-       echo "Debug::Acquire::gpgv::configdigest::truststate \"$1\";" > rootdir/etc/apt/apt.conf.d/truststate
+       echo "APT::Hashes::$APT_TESTS_DIGEST_ALGO::$1 \"yes\";" > rootdir/etc/apt/apt.conf.d/truststate
        msgmsg "Running base test with $1 digest"
        runtest2
 
@@ -280,16 +280,16 @@ export APT_TESTS_DIGEST_ALGO='SHA224'
 successfulaptgetupdate() {
        testsuccess aptget update -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
 }
-runtest3 'trusted'
+runtest3 'Trusted'
 
 successfulaptgetupdate() {
        testwarning aptget update -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
        testsuccess grep 'uses weak digest algorithm' rootdir/tmp/testwarning.output
 }
-runtest3 'weak'
+runtest3 'Weak'
 
 msgmsg "Running test with apt-untrusted digest"
-echo "Debug::Acquire::gpgv::configdigest::truststate \"untrusted\";" > rootdir/etc/apt/apt.conf.d/truststate
+echo "APT::Hashes::$APT_TESTS_DIGEST_ALGO::Untrusted \"yes\";" > rootdir/etc/apt/apt.conf.d/truststate
 runfailure() {
        for DELETEFILE in 'InRelease' 'Release.gpg'; do
                msgmsg 'Cold archive signed by' 'Joe Sixpack'