Browse Source

Normalize Signed-By values by removing trailing commas everywhere

This fixes comparisons where either the stored or the input string
have a trailing comma.
tags/debian/1.3_exp2
Julian Andres Klode 5 years ago
parent
commit
71203dbf00
2 changed files with 36 additions and 4 deletions
  1. +11
    -4
      apt-pkg/deb/debmetaindex.cc
  2. +25
    -0
      test/integration/test-releasefile-verification-noflat

+ 11
- 4
apt-pkg/deb/debmetaindex.cc View File

@@ -687,12 +687,19 @@ bool debReleaseIndex::SetSignedBy(std::string const &pSignedBy)
std::stringstream os;
std::copy(fingers.begin(), fingers.end(), std::ostream_iterator<std::string>(os, ","));
SignedBy = os.str();
while (SignedBy[SignedBy.size() - 1] == ',')
SignedBy.resize(SignedBy.size() - 1);
}
// Normalize the string: Remove trailing commas
while (SignedBy[SignedBy.size() - 1] == ',')
SignedBy.resize(SignedBy.size() - 1);
}
else {
// Only compare normalized strings
auto pSignedByView = APT::StringView(pSignedBy);
while (pSignedByView[pSignedByView.size() - 1] == ',')
pSignedByView = pSignedByView.substr(0, pSignedByView.size() - 1);
if (pSignedByView != SignedBy)
return _error->Error(_("Conflicting values set for option %s regarding source %s %s: %s != %s"), "Signed-By", URI.c_str(), Dist.c_str(), SignedBy.c_str(), pSignedByView.to_string().c_str());
}
else if (SignedBy != pSignedBy)
return _error->Error(_("Conflicting values set for option %s regarding source %s %s: %s != %s"), "Signed-By", URI.c_str(), Dist.c_str(), SignedBy.c_str(), pSignedBy.c_str());
return true;
}
/*}}}*/


+ 25
- 0
test/integration/test-releasefile-verification-noflat View File

@@ -0,0 +1,25 @@
#!/bin/sh
set -e

TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"

setupenvironment
configarchitecture "i386"

export APT_DONT_SIGN='Release.gpg'
insertpackage 'unstable' 'foo' 'i386' '1.0'
setupaptarchive "now" "now + 1 year"
changetowebserver

SIXPACK="$(aptkey --keyring keys/joesixpack.pub finger | grep 'Key fingerprint' | cut -d'=' -f 2 | tr -d ' ')"

testsuccess aptget update

msgmsg 'Warm archive with signed-by' 'Joe Sixpack'
sed -i "/^Valid-Until: / a\
Signed-By: ${SIXPACK}" rootdir/var/lib/apt/lists/*Release
touch -d 'now - 1 year' rootdir/var/lib/apt/lists/*Release
testsuccessequal "Get:1 http://localhost:${APTHTTPPORT} unstable InRelease [$(stat -c '%s' 'aptarchive/dists/unstable/InRelease') B]
Reading package lists..." aptget update
testsuccess aptcache show foo

Loading…
Cancel
Save