Item::Done(Message, Size, Hashes, Cnf);
// verify the index target
- if(Target && Target->MetaKey != "" && MetaIndexParser && Hashes.size() > 0)
+ if(Target && Target->MetaKey != "" && MetaIndexParser && Hashes.usable())
{
std::string IndexMetaKey = Target->MetaKey + ".diff/Index";
indexRecords::checkSum *Record = MetaIndexParser->Lookup(IndexMetaKey);
// AcqBaseIndex::VerifyHashByMetaKey - verify hash for the given metakey /*{{{*/
bool pkgAcqBaseIndex::VerifyHashByMetaKey(HashStringList const &Hashes)
{
- if(MetaKey != "" && Hashes.size() > 0)
+ if(MetaKey != "" && Hashes.usable())
{
indexRecords::checkSum *Record = MetaIndexParser->Lookup(MetaKey);
if(Record && Record->Hashes.usable() && Hashes != Record->Hashes)
DestFile = _config->FindDir("Dir::State::lists") + "partial/";
DestFile += URItoFileName(URI);
- ComprExt = CompressionExtensions.substr(0, CompressionExtensions.find(' '));
- if (ComprExt == "uncompressed")
+ CurrentCompressionExtension = CompressionExtensions.substr(0, CompressionExtensions.find(' '));
+ if (CurrentCompressionExtension == "uncompressed")
{
Desc.URI = URI;
if(Target)
}
else
{
- Desc.URI = URI + '.' + ComprExt;
- DestFile = DestFile + '.' + ComprExt;
+ Desc.URI = URI + '.' + CurrentCompressionExtension;
+ DestFile = DestFile + '.' + CurrentCompressionExtension;
if(Target)
- MetaKey = string(Target->MetaKey) + '.' + ComprExt;
+ MetaKey = string(Target->MetaKey) + '.' + CurrentCompressionExtension;
}
// load the filesize
// on decompression failure, remove bad versions in partial/
if (Stage == STAGE_DECOMPRESS_AND_VERIFY)
{
- string s = _config->FindDir("Dir::State::lists") + "partial/";
- s += URItoFileName(RealURI) + '.' + ComprExt;
- unlink(s.c_str());
+ unlink(EraseFileName.c_str());
}
Item::Failed(Message,Cnf);
std::string FinalFile = _config->FindDir("Dir::State::lists");
FinalFile += URItoFileName(RealURI);
if (_config->FindB("Acquire::GzipIndexes",false) == true)
- FinalFile += '.' + ComprExt;
+ FinalFile += '.' + CurrentCompressionExtension;
return FinalFile;
}
/*}}}*/
// adjust DestFile if its compressed on disk
if (_config->FindB("Acquire::GzipIndexes",false) == true)
- DestFile += '.' + ComprExt;
+ DestFile += '.' + CurrentCompressionExtension;
// copy FinalFile into partial/ so that we check the hash again
string FinalFile = GetFinalFilename();
// not the "DestFile" we set, in this case we uncompress from the local file
if (FileName != DestFile)
Local = true;
+ else
+ EraseFileName = FileName;
// we need to verify the file against the current Release file again
// on if-modfied-since hit to avoid a stale attack against us
return;
// The files timestamp matches, reverify by copy into partial/
+ EraseFileName = "";
ReverifyAfterIMS();
return;
}
if (_config->FindB("Acquire::GzipIndexes",false))
{
DestFile = _config->FindDir("Dir::State::lists") + "partial/";
- DestFile += URItoFileName(RealURI) + '.' + ComprExt;
-
+ DestFile += URItoFileName(RealURI) + '.' + CurrentCompressionExtension;
+ EraseFileName = "";
Stage = STAGE_DECOMPRESS_AND_VERIFY;
Desc.URI = "copy:" + FileName;
QueueURI(Desc);
// get the binary name for your used compression type
string decompProg;
- if(ComprExt == "uncompressed")
+ if(CurrentCompressionExtension == "uncompressed")
decompProg = "copy";
else
- decompProg = _config->Find(string("Acquire::CompressionTypes::").append(ComprExt),"");
+ decompProg = _config->Find(string("Acquire::CompressionTypes::").append(CurrentCompressionExtension),"");
if(decompProg.empty() == true)
{
- _error->Error("Unsupported extension: %s", ComprExt.c_str());
+ _error->Error("Unsupported extension: %s", CurrentCompressionExtension.c_str());
return;
}
return;
}
- // remove the compressed version of the file (if the file got uncompressed)
- URI Get = LookupTag(Message, "URI");
- if (Get.Access != "copy")
- {
- // To account for relative paths
- std::string CompressedFile = Get.Host + Get.Path;
- unlink(CompressedFile.c_str());
- }
+ // remove the compressed version of the file
+ unlink(EraseFileName.c_str());
// Done, queue for rename on transaction finished
TransactionManager->TransactionStageCopy(this, DestFile, GetFinalFilename());
Item::Failed(Message,Cnf);
}
/*}}}*/
-
+// AcqMetaBase::Add - Add a item to the current Transaction /*{{{*/
+// ---------------------------------------------------------------------
+/* */
void pkgAcqMetaBase::Add(Item *I)
{
Transaction.push_back(I);
}
-
+ /*}}}*/
+// AcqMetaBase::AbortTransaction - Abort the current Transaction /*{{{*/
+// ---------------------------------------------------------------------
+/* */
void pkgAcqMetaBase::AbortTransaction()
{
if(_config->FindB("Debug::Acquire::Transaction", false) == true)
}
}
/*}}}*/
+// AcqMetaBase::TransactionHasError - Check for errors in Transaction /*{{{*/
+// ---------------------------------------------------------------------
+/* */
bool pkgAcqMetaBase::TransactionHasError()
{
for (pkgAcquire::ItemIterator I = Transaction.begin();
return false;
}
-// Acquire::CommitTransaction - Commit a transaction /*{{{*/
+ /*}}}*/
+// AcqMetaBase::CommitTransaction - Commit a transaction /*{{{*/
+// ---------------------------------------------------------------------
+/* */
void pkgAcqMetaBase::CommitTransaction()
{
if(_config->FindB("Debug::Acquire::Transaction", false) == true)
(*I)->TransactionManager = 0;
}
}
-
+ /*}}}*/
+// AcqMetaBase::CommitTransaction - Commit a transaction /*{{{*/
+// ---------------------------------------------------------------------
+/* */
void pkgAcqMetaBase::TransactionStageCopy(Item *I,
const std::string &From,
const std::string &To)
I->PartialFile = From;
I->DestFile = To;
}
-
+ /*}}}*/
+// AcqMetaBase::CommitTransaction - Commit a transaction /*{{{*/
+// ---------------------------------------------------------------------
+/* */
void pkgAcqMetaBase::TransactionStageRemoval(Item *I,
const std::string &FinalFile)
{
I->PartialFile = "";
I->DestFile = FinalFile;
}
-
-
+ /*}}}*/
/*{{{*/
+// AcqMetaBase::GenerateAuthWarning - Check gpg authentication error /*{{{*/
+// ---------------------------------------------------------------------
+/* */
bool pkgAcqMetaBase::GenerateAuthWarning(const std::string &RealURI,
const std::string &Message)
{
return false;
}
/*}}}*/
-
-
-pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner, /*{{{*/
+// AcqMetaSig::AcqMetaSig - Constructor /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,
pkgAcqMetaBase *TransactionManager,
string URI,string URIDesc,string ShortDesc,
string MetaIndexFile,
ShortDesc(ShortDesc)
{
DestFile = _config->FindDir("Dir::State::lists") + "partial/";
- DestFile += URItoFileName(URI);
+ DestFile += URItoFileName(RealURI);
// remove any partial downloaded sig-file in partial/.
// it may confuse proxies and is too small to warrant a
return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
}
-
-void pkgAcqMetaSig::Done(string Message,unsigned long long Size, HashStringList const &Hashes,
+ /*}}}*/
+// pkgAcqMetaSig::Done - The signature was downloaded/verified /*{{{*/
+// ---------------------------------------------------------------------
+/* The only header we use is the last-modified header. */
+void pkgAcqMetaSig::Done(string Message,unsigned long long Size,
+ HashStringList const &Hashes,
pkgAcquire::MethodConfig *Cfg)
{
Item::Done(Message, Size, Hashes, Cfg);
- string FileName = LookupTag(Message,"Filename");
- if (FileName.empty() == true)
+ if(AuthPass == false)
{
- Status = StatError;
- ErrorText = "Method gave a blank filename";
- return;
- }
+ // queue for verify, note that we change DestFile here to point to
+ // the file we want to verify (needed to make gpgv work)
- if (FileName != DestFile)
- {
- // We have to copy it into place
- Local = true;
- Desc.URI = "copy:" + FileName;
- QueueURI(Desc);
- return;
- }
+ string FileName = LookupTag(Message,"Filename");
+ if (FileName.empty() == true)
+ {
+ Status = StatError;
+ ErrorText = "Method gave a blank filename";
+ return;
+ }
- if(StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
- IMSHit = true;
+ if (FileName != DestFile)
+ {
+ // We have to copy it into place
+ Local = true;
+ Desc.URI = "copy:" + FileName;
+ QueueURI(Desc);
+ return;
+ }
- // adjust paths if its a ims-hit
- if(IMSHit)
- {
- string FinalFile = _config->FindDir("Dir::State::lists");
- FinalFile += URItoFileName(RealURI);
-
- TransactionManager->TransactionStageCopy(this, FinalFile, FinalFile);
- }
+ if(StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
+ {
+ IMSHit = true;
+ // adjust DestFile on i-m-s hit to the one we already have on disk
+ DestFile = _config->FindDir("Dir::State::lists");
+ DestFile += URItoFileName(RealURI);
+ }
+
+ // this is the file we verify from
+ MetaIndexFileSignature = DestFile;
- // queue for verify
- if(AuthPass == false)
- {
AuthPass = true;
- Desc.URI = "gpgv:" + DestFile;
+ Desc.URI = "gpgv:" + MetaIndexFileSignature;
DestFile = MetaIndexFile;
QueueURI(Desc);
+ ActiveSubprocess = "gpgv";
return;
}
-
- // queue to copy the file in place if it was not a ims hit, on ims
- // hit the file is already at the right place
- if(IMSHit == false)
+ else
{
- PartialFile = _config->FindDir("Dir::State::lists") + "partial/";
- PartialFile += URItoFileName(RealURI);
-
- std::string FinalFile = _config->FindDir("Dir::State::lists");
- FinalFile += URItoFileName(RealURI);
-
- TransactionManager->TransactionStageCopy(this, PartialFile, FinalFile);
- }
+ // verify was successful
- // we parse the MetaIndexFile here because at this point we can
- // trust the data
- if(AuthPass == true)
- {
+ // we parse the MetaIndexFile here (and not right after getting
+ // the pkgAcqMetaIndex) because at this point we can trust the data
+ //
// load indexes and queue further downloads
MetaIndexParser->Load(MetaIndexFile);
QueueIndexes(true);
- }
- Complete = true;
+ // DestFile points to the the MetaIndeFile at this point, make it
+ // point back to the Release.gpg file
+ std::string FinalFile = _config->FindDir("Dir::State::lists");
+ FinalFile += URItoFileName(RealURI);
+ TransactionManager->TransactionStageCopy(this, MetaIndexFileSignature, FinalFile);
+
+ Complete = true;
+ }
}
/*}}}*/
void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
return;
}
- /* Always move the meta index, even if gpgv failed. This ensures
- * that PackageFile objects are correctly filled in */
- if (FileExists(DestFile))
- {
- string FinalFile = _config->FindDir("Dir::State::lists");
- FinalFile += URItoFileName(RealURI);
- /* InRelease files become Release files, otherwise
- * they would be considered as trusted later on */
- if (SigFile == DestFile) {
- RealURI = RealURI.replace(RealURI.rfind("InRelease"), 9,
- "Release");
- FinalFile = FinalFile.replace(FinalFile.rfind("InRelease"), 9,
- "Release");
- SigFile = FinalFile;
- }
-
- // Done, queue for rename on transaction finished
- TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
- }
-
_error->Warning(_("The data from '%s' is not signed. Packages "
"from that repository can not be authenticated."),
URIDesc.c_str());
// only allow going further if the users explicitely wants it
if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
{
+ /* Always move the meta index, even if gpgv failed. This ensures
+ * that PackageFile objects are correctly filled in */
+ if (FileExists(DestFile))
+ {
+ string FinalFile = _config->FindDir("Dir::State::lists");
+ FinalFile += URItoFileName(RealURI);
+ /* InRelease files become Release files, otherwise
+ * they would be considered as trusted later on */
+ if (SigFile == DestFile) {
+ RealURI = RealURI.replace(RealURI.rfind("InRelease"), 9,
+ "Release");
+ FinalFile = FinalFile.replace(FinalFile.rfind("InRelease"), 9,
+ "Release");
+ SigFile = FinalFile;
+ }
+
+ // Done, queue for rename on transaction finished
+ TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
+ }
+
QueueIndexes(false);
} else {
// warn if the repository is unsinged
_error->Warning("Use --allow-insecure-repositories to force the update");
+ TransactionManager->AbortTransaction();
+ Status = StatError;
+ return;
}
+
}
/*}}}*/
projects / apt.git / blobdiff