summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--apt-pkg/acquire-item.cc23
-rwxr-xr-xtest/integration/test-bug-596498-trusted-unsigned-repo9
-rwxr-xr-xtest/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted52
3 files changed, 76 insertions, 8 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 97b2d1e29..222b78671 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1719,27 +1719,34 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources,
}
// check if we have one trusted source for the package. if so, switch
- // to "TrustedOnly" mode
+ // to "TrustedOnly" mode - but only if not in AllowUnauthenticated mode
+ bool const allowUnauth = _config->FindB("APT::Get::AllowUnauthenticated", false);
+ bool const debugAuth = _config->FindB("Debug::pkgAcquire::Auth", false);
+ bool seenUntrusted = false;
for (pkgCache::VerFileIterator i = Version.FileList(); i.end() == false; ++i)
{
pkgIndexFile *Index;
if (Sources->FindIndex(i.File(),Index) == false)
continue;
- if (_config->FindB("Debug::pkgAcquire::Auth", false))
- {
+
+ if (debugAuth == true)
std::cerr << "Checking index: " << Index->Describe()
- << "(Trusted=" << Index->IsTrusted() << ")\n";
- }
- if (Index->IsTrusted()) {
+ << "(Trusted=" << Index->IsTrusted() << ")" << std::endl;
+
+ if (Index->IsTrusted() == true)
+ {
Trusted = true;
- break;
+ if (allowUnauth == false)
+ break;
}
+ else
+ seenUntrusted = true;
}
// "allow-unauthenticated" restores apts old fetching behaviour
// that means that e.g. unauthenticated file:// uris are higher
// priority than authenticated http:// uris
- if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
+ if (allowUnauth == true && seenUntrusted == true)
Trusted = false;
// Select a source
diff --git a/test/integration/test-bug-596498-trusted-unsigned-repo b/test/integration/test-bug-596498-trusted-unsigned-repo
index 5c643c40e..06c9c8285 100755
--- a/test/integration/test-bug-596498-trusted-unsigned-repo
+++ b/test/integration/test-bug-596498-trusted-unsigned-repo
@@ -21,6 +21,9 @@ DEBFILE='rootdir/etc/apt/sources.list.d/apt-test-unstable-deb.list'
testequal "$PKGTEXT
Download complete and in download only mode" aptget install cool --assume-no -d
+testequal "$PKGTEXT
+Download complete and in download only mode" aptget install cool --assume-no -d --allow-unauthenticated
+
sed -i -e 's#deb#deb [trusted=no]#' $DEBFILE
aptgetupdate
@@ -40,6 +43,12 @@ WARNING: The following packages cannot be authenticated!
Install these packages without verification? [y/N] N
E: Some packages could not be authenticated" aptget install cool --assume-no -d
+testequal "$PKGTEXT
+WARNING: The following packages cannot be authenticated!
+ cool
+Authentication warning overridden.
+Download complete and in download only mode" aptget install cool --assume-no -d --allow-unauthenticated
+
sed -i -e 's#deb#deb [trusted=yes]#' $DEBFILE
aptgetupdate
diff --git a/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted
new file mode 100755
index 000000000..1c2514938
--- /dev/null
+++ b/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted
@@ -0,0 +1,52 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture 'i386'
+
+buildsimplenativepackage 'cool' 'i386' '1.0' 'unstable'
+
+setupaptarchive --no-update
+
+testfileexists() {
+ msgtest 'Test for existance of file' "$1"
+ test -e "$1" && msgpass || msgfail
+ rm -f "$1"
+}
+
+testfilemissing() {
+ msgtest 'Test for non-existance of file' "$1"
+ test -e "$1" && msgfail || msgpass
+ rm -f "$1"
+}
+
+testrun() {
+ rm -rf rootdir/var/lib/apt
+ testsuccess aptget update
+
+ testsuccess aptget download cool
+ testfileexists 'cool_1.0_i386.deb'
+
+ mv aptarchive/pool/cool_1.0_i386.deb aptarchive/pool/cool_1.0_i386.deb.bak
+ echo 'this is not a good package' > aptarchive/pool/cool_1.0_i386.deb
+ # FIXME: apt-get download should exit non-zero if download fails
+ aptget download cool
+ testfilemissing cool_1.0_i386.deb
+
+ # FIXME: apt-get download should exit non-zero if download fails
+ aptget download cool --allow-unauthenticated # unauthenticated doesn't mean unchecked
+ testfilemissing cool_1.0_i386.deb
+
+ rm -f aptarchive/pool/cool_1.0_i386.deb
+ mv aptarchive/pool/cool_1.0_i386.deb.bak aptarchive/pool/cool_1.0_i386.deb
+ testsuccess aptget download cool --allow-unauthenticated
+ testfileexists 'cool_1.0_i386.deb'
+}
+
+testrun
+
+find aptarchive/ \( -name 'Release.gpg' -o -name 'InRelease' \) -delete
+# FIXME: apt-get download should warn about untrusted downloads
+testrun