Browse Source

Do not consider SHA1 usable

SHA1 is not reasonably secure anymore, so we should not consider it
usable anymore. The test suite is adjusted to account for this.
tags/debian/1.2.7
Julian Andres Klode 5 years ago
parent
commit
51c0456255
6 changed files with 37 additions and 20 deletions
  1. +2
    -1
      apt-pkg/contrib/hashes.cc
  2. +1
    -1
      test/integration/framework
  3. +2
    -2
      test/integration/test-apt-ftparchive-by-hash
  4. +1
    -1
      test/integration/test-partial-file-support
  5. +23
    -14
      test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum
  6. +8
    -1
      test/libapt/hashsums_test.cc

+ 2
- 1
apt-pkg/contrib/hashes.cc View File

@@ -133,7 +133,8 @@ APT_PURE bool HashString::usable() const /*{{{*/
{
return (
(Type != "Checksum-FileSize") &&
(Type != "MD5Sum")
(Type != "MD5Sum") &&
(Type != "SHA1")
);
}
/*}}}*/


+ 1
- 1
test/integration/framework View File

@@ -390,7 +390,7 @@ EOF
echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
echo 'Acquire::Connect::AddrConfig "false";' > rootdir/etc/apt/apt.conf.d/connect-addrconfig
configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
confighashes 'SHA1' # these are tests, not security best-practices
confighashes 'SHA256' # these are tests, not security best-practices

# create some files in /tmp and look at user/group to get what this means
TEST_DEFAULT_USER="$(id -un)"


+ 2
- 2
test/integration/test-apt-ftparchive-by-hash View File

@@ -2,7 +2,7 @@
set -e

verify_by_hash() {
for hash_gen in SHA1:sha1sum SHA256:sha256sum SHA512:sha512sum; do
for hash_gen in SHA256:sha256sum SHA512:sha512sum; do
hash=$(echo ${hash_gen} | cut -f1 -d:)
gen=$(echo ${hash_gen} | cut -f2 -d:)
testsuccess stat aptarchive/dists/unstable/main/binary-i386/by-hash/$hash/$($gen aptarchive/dists/unstable/main/binary-i386/Packages | cut -f1 -d' ')
@@ -18,7 +18,7 @@ TESTDIR="$(readlink -f "$(dirname "$0")")"
setupenvironment
configarchitecture 'i386'
configcompression 'gz' '.'
confighashes 'SHA1' 'SHA256' 'SHA512'
confighashes 'SHA256' 'SHA512'

# enable by-hash in apt-ftparchive
echo 'APT::FTPArchive::DoByHash "1";' >> aptconfig.conf


+ 1
- 1
test/integration/test-partial-file-support View File

@@ -80,7 +80,7 @@ followuprequest() {

webserverconfig 'aptwebserver::support::content-range' 'false'
copysource $TESTFILE 1M $DOWN
testdownloadfile 'completely downloaded file' "${1}/testfile" "$DOWN" '=' "SHA1:$(sha1sum "$TESTFILE" | cut -d' ' -f 1)"
testdownloadfile 'completely downloaded file' "${1}/testfile" "$DOWN" '=' "SHA256:$(sha256sum "$TESTFILE" | cut -d' ' -f 1)"
testwebserverlaststatuscode '416' "$DOWNLOADLOG"
webserverconfig 'aptwebserver::support::content-range' 'true'



+ 23
- 14
test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum View File

@@ -17,6 +17,15 @@ Files:
9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc
db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz

Package: pkg-sha1-ok
Binary: pkg-sha1-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha1-ok_1.0.dsc
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha1-ok_1.0.tar.gz

Package: pkg-sha256-ok
Binary: pkg-sha256-ok
Version: 1.0
@@ -139,7 +148,7 @@ Checksums-Sha256:
EOF

# create fetchable files
for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
for x in 'pkg-md5-ok' 'pkg-sha1-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \
'pkg-md5-bad'; do
@@ -230,6 +239,7 @@ Download complete and in download only mode" aptget source --allow-unauthenticat
}

testnohash pkg-md5-ok
testnohash pkg-sha1-ok
testok pkg-sha256-ok
testkeep pkg-sha256-ok

@@ -255,29 +265,28 @@ testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz

# deal with cases in which we haven't for all files the same checksum type
# mostly pathologic as this shouldn't happen, but just to be sure
testok pkg-mixed-ok
testfailureequal "Reading package lists...
Need to get 6 B of source archives.
testsuccessequal "Reading package lists...
Skipping download of file 'pkg-mixed-ok_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 3 B of source archives.
Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-ok 1.0 (dsc) [3 B]
Download complete and in download only mode" aptget source -d pkg-mixed-ok

testsuccessequal "Reading package lists...
Skipping download of file 'pkg-mixed-sha1-bad_1.0.dsc' as requested hashsum is not available for authentication
Need to get 3 B of source archives.
Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (tar) [3 B]
Get:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (dsc) [3 B]
Err:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (dsc)
Hash Sum mismatch
E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch

E: Failed to fetch some archives." aptget source -d pkg-mixed-sha1-bad
Download complete and in download only mode" aptget source -d pkg-mixed-sha1-bad
msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
testfailureequal "Reading package lists...
Need to get 6 B of source archives.
Skipping download of file 'pkg-mixed-sha2-bad_1.0.dsc' as requested hashsum is not available for authentication
Need to get 3 B of source archives.
Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar) [3 B]
Err:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar)
Hash Sum mismatch
Get:2 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (dsc) [3 B]
E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch

E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad
msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad'
testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz

# it gets even more pathologic: multiple entries for one file, some even disagreeing!
testnohash pkg-md5-agree


+ 8
- 1
test/libapt/hashsums_test.cc View File

@@ -328,11 +328,18 @@ TEST(HashSumsTest, HashStringList)
EXPECT_EQ(29, list.FileSize());
EXPECT_TRUE(NULL != list.find("MD5Sum"));
list.push_back(HashString("SHA1", "cacecbd74968bc90ea3342767e6b94f46ddbcafc"));
EXPECT_TRUE(list.usable());
EXPECT_FALSE(list.usable());
EXPECT_EQ(3, list.size());
EXPECT_EQ(29, list.FileSize());
EXPECT_TRUE(NULL != list.find("MD5Sum"));
EXPECT_TRUE(NULL != list.find("SHA1"));
list.push_back(HashString("SHA256", "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"));
EXPECT_TRUE(list.usable());
EXPECT_EQ(4, list.size());
EXPECT_EQ(29, list.FileSize());
EXPECT_TRUE(NULL != list.find("MD5Sum"));
EXPECT_TRUE(NULL != list.find("SHA1"));
EXPECT_TRUE(NULL != list.find("SHA256"));

Hashes hashes;
hashes.Add("The quick brown fox jumps over the lazy dog");


Loading…
Cancel
Save