// Open the package file
FileFd Pkg;
- if (FileExists(*I + GetFileName()) == true)
+ if (RealFileExists(*I + GetFileName()) == true)
{
Pkg.Open(*I + GetFileName(),FileFd::ReadOnly);
FileSize = Pkg.Size();
(*I).c_str() + CDROM.length(),GetFileName());
string TargetF = _config->FindDir("Dir::State::lists") + "partial/";
TargetF += URItoFileName(S);
+ FileFd Target;
if (_config->FindB("APT::CDROM::NoAct",false) == true)
+ {
TargetF = "/dev/null";
- FileFd Target(TargetF,FileFd::WriteAtomic);
+ Target.Open(TargetF,FileFd::WriteExists);
+ } else {
+ Target.Open(TargetF,FileFd::WriteAtomic);
+ }
FILE *TargetFl = fdopen(dup(Target.Fd()),"w");
if (_error->PendingError() == true)
return false;
// we skip non-existing files in the verifcation to support a cdrom
// with no Packages file (just a Package.gz), see LP: #255545
// (non-existing files are not considered a error)
- if(!FileExists(prefix+file))
+ if(!RealFileExists(prefix+file))
{
_error->Warning(_("Skipping nonexistent file %s"), string(prefix+file).c_str());
return true;
string const release = *I+"Release";
// a Release.gpg without a Release should never happen
- if(FileExists(release) == false)
+ if(RealFileExists(release) == false)
{
delete MetaIndex;
continue;
bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG,
int const &statusfd, int fd[2])
{
+ if (File == FileGPG)
+ {
+ #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n"
+ char buffer[sizeof(SIGMSG)];
+ FILE* gpg = fopen(File.c_str(), "r");
+ if (gpg == NULL)
+ return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str());
+ char const * const test = fgets(buffer, sizeof(buffer), gpg);
+ fclose(gpg);
+ if (test == NULL || strcmp(buffer, SIGMSG) != 0)
+ return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str());
+ #undef SIGMSG
+ }
+
+
string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
// FIXME: remove support for deprecated APT::GPGV setting
- string const trustedFile = _config->FindFile("Dir::Etc::Trusted");
+ string const trustedFile = _config->Find("APT::GPGV::TrustedKeyring", _config->FindFile("Dir::Etc::Trusted"));
string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts");
bool const Debug = _config->FindB("Debug::Acquire::gpgv", false);
std::clog << "Keyring path: " << trustedPath << std::endl;
}
- std::vector<string> keyrings = GetListOfFilesInDir(trustedPath, "gpg", false);
- if (FileExists(trustedFile) == true)
- keyrings.push_back(trustedFile);
+ std::vector<string> keyrings;
+ if (DirectoryExists(trustedPath))
+ keyrings = GetListOfFilesInDir(trustedPath, "gpg", false, true);
+ if (RealFileExists(trustedFile) == true)
+ keyrings.push_back(trustedFile);
std::vector<const char *> Args;
Args.reserve(30);
if (keyrings.empty() == true)
- return false;
+ {
+ // TRANSLATOR: %s is the trusted keyring parts directory
+ return _error->Error(_("No keyring installed in %s."),
+ _config->FindDir("Dir::Etc::TrustedParts").c_str());
+ }
Args.push_back(gpgvpath.c_str());
Args.push_back("--ignore-time-conflict");
}
Args.push_back(FileGPG.c_str());
- Args.push_back(File.c_str());
+ if (FileGPG != File)
+ Args.push_back(File.c_str());
Args.push_back(NULL);
if (Debug == true)
// Open the package file
FileFd Pkg;
- if (FileExists(*I) == true)
+ if (RealFileExists(*I) == true)
{
Pkg.Open(*I,FileFd::ReadOnly);
FileSize = Pkg.Size();