From 63d609985eb7eefa5f2332bfe4fab96f017760a1 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Tue, 1 Sep 2015 13:58:00 +0200 Subject: use unusable-for-security hashes for integrity checks We want to declare some hashes as not enough for security, so that a user will need --allow-unauthenticated or similar to get data secured only by those hashes, but we can still us these hashes for integrity checks if we got them. --- apt-pkg/acquire-worker.cc | 6 ++++++ apt-pkg/contrib/hashes.cc | 1 + 2 files changed, 7 insertions(+) (limited to 'apt-pkg') diff --git a/apt-pkg/acquire-worker.cc b/apt-pkg/acquire-worker.cc index 176772dde..889768030 100644 --- a/apt-pkg/acquire-worker.cc +++ b/apt-pkg/acquire-worker.cc @@ -407,7 +407,13 @@ bool pkgAcquire::Worker::RunMessages() else if (Owner->HashesRequired() == true) consideredOkay = false; else + { consideredOkay = true; + // even if the hashes aren't usable to declare something secure + // we can at least use them to declare it an integrity failure + if (ExpectedHashes.empty() == false && ReceivedHashes != ExpectedHashes && _config->Find("Acquire::ForceHash").empty()) + consideredOkay = false; + } if (consideredOkay == true) consideredOkay = Owner->VerifyDone(Message, Config); diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc index 41a0037cd..5c0023dc7 100644 --- a/apt-pkg/contrib/hashes.cc +++ b/apt-pkg/contrib/hashes.cc @@ -136,6 +136,7 @@ APT_PURE bool HashString::usable() const /*{{{*/ (Type != "MD5Sum") ); } + /*}}}*/ std::string HashString::toStr() const /*{{{*/ { return Type + ":" + Hash; -- cgit v1.2.3-70-g09d2