1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
#!/bin/sh
set -e
TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"
setupenvironment
configarchitecture 'i386'
insertpackage 'wheezy' 'apt' 'all' '0.8.15'
setupaptarchive --no-update
# we don't complain as the server could have just sent a 'Hit' here and this
# 'downgrade attack' is usually performed by out-of-sync mirrors. Valid-Until
# catches the 'real' downgrade attacks (expect that it finds stale mirrors).
# Scaring users with an error here serves hence no point.
msgmsg 'InRelease file is silently rejected if' 'new Date is before old Date'
rm -rf rootdir/var/lib/apt/lists
generatereleasefiles 'now' 'now + 7 days'
signreleasefiles
testsuccess aptget update
listcurrentlistsdirectory > listsdir.lst
redatereleasefiles 'now - 2 days'
testsuccess aptget update
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
msgmsg 'Release.gpg file is silently rejected if' 'new Date is before old Date'
export APT_DONT_SIGN='InRelease'
rm -rf rootdir/var/lib/apt/lists
generatereleasefiles 'now' 'now + 7 days'
signreleasefiles
testsuccess aptget update
listcurrentlistsdirectory > listsdir.lst
redatereleasefiles 'now - 2 days'
testsuccess aptget update
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
unset APT_DONT_SIGN
msgmsg 'Crisscross InRelease/Release.gpg file is silently rejected if' 'new Date is before old Date'
export APT_DONT_SIGN='Release.gpg'
rm -rf rootdir/var/lib/apt/lists
generatereleasefiles 'now' 'now + 7 days'
signreleasefiles
testsuccess aptget update
export APT_DONT_SIGN='InRelease'
listcurrentlistsdirectory > listsdir.lst
redatereleasefiles 'now - 2 days'
testsuccess aptget update
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
unset APT_DONT_SIGN
msgmsg 'Crisscross Release.gpg/InRelease file is silently rejected if' 'new Date is before old Date'
export APT_DONT_SIGN='InRelease'
rm -rf rootdir/var/lib/apt/lists
generatereleasefiles 'now' 'now + 7 days'
signreleasefiles
find aptarchive -name 'InRelease' -delete
testsuccess aptget update
export APT_DONT_SIGN='Release.gpg'
listcurrentlistsdirectory > listsdir.lst
redatereleasefiles 'now - 2 days'
testsuccess aptget update
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
unset APT_DONT_SIGN
msgmsg 'Release file has' 'no Date and no Valid-Until field'
rm -rf rootdir/var/lib/apt/lists
generatereleasefiles 'now'
sed -i '/^Date: / d' $(find ./aptarchive -name 'Release')
signreleasefiles
testwarning aptget update
listcurrentlistsdirectory > listsdir.lst
# have no effect as Date is unknown
testwarning aptget update -o Acquire::Min-ValidTime=$((3600*24*30))
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
testwarning aptget update -o Acquire::Max-ValidTime=1
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
sed -i '/^Codename: / a\
Another-Field: yes' $(find aptarchive/ -name 'Release')
touch -d 'now + 1 day' $(find aptarchive/ -name 'Release')
signreleasefiles "${2:-Joe Sixpack}"
testwarning aptget update
testsuccess cmp $(find aptarchive/ -name 'InRelease') $(find rootdir/var/lib/apt/ -name '*_InRelease')
msgmsg 'Release file has' 'no Date field, but Valid-Until expired'
rm -rf rootdir/var/lib/apt/lists
generatereleasefiles 'now' 'now - 2 days'
sed -i '/^Date: / d' $(find ./aptarchive -name 'Release')
signreleasefiles
testfailure aptget update
listcurrentlistsdirectory > listsdir.lst
# have no effect as Date is unknown
testfailure aptget update -o Acquire::Min-ValidTime=$((3600*24*30))
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
testfailure aptget update -o Acquire::Max-ValidTime=1
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
msgmsg 'Release file has' 'no Date field, but Valid-Until is good'
rm -rf rootdir/var/lib/apt/lists
generatereleasefiles 'now' 'now + 2 days'
sed -i '/^Date: / d' $(find ./aptarchive -name 'Release')
signreleasefiles
testwarning aptget update
# the repo is now signed by unknown key, but marked as trusted
rm -rf rootdir/etc/apt/trusted.gpg.d
sed -i -e 's#\(deb\(-src\)\?\) #\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
msgmsg 'Forgot to disable in follow-up' 'Check-Date'
rm -rf rootdir/var/lib/apt/lists
generatereleasefiles 'now + 3 days' 'now + 7 days'
signreleasefiles
testfailure aptget update
testwarning aptget update -o Acquire::Check-Date=no
listcurrentlistsdirectory > listsdir.lst
generatereleasefiles 'now + 5 days' 'now + 13 days'
signreleasefiles
testfailure aptget update
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
testwarning aptget update -o Acquire::Check-Date=no
testsuccess cmp "$(find aptarchive/ -name 'InRelease')" "$(find rootdir/var/lib/apt/ -name '*_Release')"
msgmsg 'Force-Trusted InRelease file is silently ignored' 'new Date is before old Date'
rm -rf rootdir/var/lib/apt/lists
generatereleasefiles 'now' 'now + 7 days'
signreleasefiles
testwarning aptget update
listcurrentlistsdirectory > listsdir.lst
redatereleasefiles 'now - 2 days'
testwarning aptget update
testfileequal 'listsdir.lst' "$(listcurrentlistsdirectory)"
|
