]> git.saurik.com Git - apt.git/blobdiff - apt-pkg/acquire-item.cc
French translation *comp-ple-ted*!
[apt.git] / apt-pkg / acquire-item.cc
index 5dc9413a9cdb05e355a8584668e89b14a89aae23..afb3daad391347e8cef3586ccb67e25b26dcd810 100644 (file)
@@ -1,6 +1,6 @@
 // -*- mode: cpp; mode: fold -*-
 // Description                                                         /*{{{*/
 // -*- mode: cpp; mode: fold -*-
 // Description                                                         /*{{{*/
-// $Id: acquire-item.cc,v 1.36 1999/08/28 03:22:34 jgg Exp $
+// $Id: acquire-item.cc,v 1.46.2.9 2004/01/16 18:51:11 mdz Exp $
 /* ######################################################################
 
    Acquire Item - Item to acquire
 /* ######################################################################
 
    Acquire Item - Item to acquire
    ##################################################################### */
                                                                        /*}}}*/
 // Include Files                                                       /*{{{*/
    ##################################################################### */
                                                                        /*}}}*/
 // Include Files                                                       /*{{{*/
-#ifdef __GNUG__
-#pragma implementation "apt-pkg/acquire-item.h"
-#endif
 #include <apt-pkg/acquire-item.h>
 #include <apt-pkg/configuration.h>
 #include <apt-pkg/acquire-item.h>
 #include <apt-pkg/configuration.h>
+#include <apt-pkg/aptconfiguration.h>
+#include <apt-pkg/sourcelist.h>
+#include <apt-pkg/vendorlist.h>
 #include <apt-pkg/error.h>
 #include <apt-pkg/strutl.h>
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/error.h>
 #include <apt-pkg/strutl.h>
 #include <apt-pkg/fileutl.h>
+#include <apt-pkg/md5.h>
+#include <apt-pkg/sha1.h>
+#include <apt-pkg/tagfile.h>
 
 
+#include <apti18n.h>
+    
 #include <sys/stat.h>
 #include <unistd.h>
 #include <errno.h>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <errno.h>
-#include <string.h>
+#include <string>
+#include <sstream>
 #include <stdio.h>
                                                                        /*}}}*/
 
 #include <stdio.h>
                                                                        /*}}}*/
 
+using namespace std;
+
 // Acquire::Item::Item - Constructor                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 // Acquire::Item::Item - Constructor                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* */
@@ -88,11 +96,13 @@ void pkgAcquire::Item::Start(string /*Message*/,unsigned long Size)
 // Acquire::Item::Done - Item downloaded OK                            /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 // Acquire::Item::Done - Item downloaded OK                            /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcquire::Item::Done(string Message,unsigned long Size,string)
+void pkgAcquire::Item::Done(string Message,unsigned long Size,string Hash,
+                           pkgAcquire::MethodConfig *Cnf)
 {
    // We just downloaded something..
    string FileName = LookupTag(Message,"Filename");
 {
    // We just downloaded something..
    string FileName = LookupTag(Message,"Filename");
-   if (Complete == false && FileName == DestFile)
+   // we only inform the Log class if it was actually not a local thing
+   if (Complete == false && !Local && FileName == DestFile)
    {
       if (Owner->Log != 0)
         Owner->Log->Fetched(Size,atoi(LookupTag(Message,"Resume-Point","0").c_str()));
    {
       if (Owner->Log != 0)
         Owner->Log->Fetched(Size,atoi(LookupTag(Message,"Resume-Point","0").c_str()));
@@ -115,42 +125,448 @@ void pkgAcquire::Item::Rename(string From,string To)
    if (rename(From.c_str(),To.c_str()) != 0)
    {
       char S[300];
    if (rename(From.c_str(),To.c_str()) != 0)
    {
       char S[300];
-      sprintf(S,"rename failed, %s (%s -> %s).",strerror(errno),
+      snprintf(S,sizeof(S),_("rename failed, %s (%s -> %s)."),strerror(errno),
              From.c_str(),To.c_str());
       Status = StatError;
       ErrorText = S;
              From.c_str(),To.c_str());
       Status = StatError;
       ErrorText = S;
-   }      
+   }   
+}
+                                                                       /*}}}*/
+// AcqDiffIndex::AcqDiffIndex - Constructor                            /*{{{*/
+// ---------------------------------------------------------------------
+/* Get the DiffIndex file first and see if there are patches availabe 
+ * If so, create a pkgAcqIndexDiffs fetcher that will get and apply the
+ * patches. If anything goes wrong in that process, it will fall back to
+ * the original packages file
+ */
+pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire *Owner,
+                                string URI,string URIDesc,string ShortDesc,
+                                HashString ExpectedHash)
+   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash),
+     Description(URIDesc)
+{
+   
+   Debug = _config->FindB("Debug::pkgAcquire::Diffs",false);
+
+   Desc.Description = URIDesc + "/DiffIndex";
+   Desc.Owner = this;
+   Desc.ShortDesc = ShortDesc;
+   Desc.URI = URI + ".diff/Index";
+
+   DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+   DestFile += URItoFileName(URI) + string(".DiffIndex");
+
+   if(Debug)
+      std::clog << "pkgAcqDiffIndex: " << Desc.URI << std::endl;
+
+   // look for the current package file
+   CurrentPackagesFile = _config->FindDir("Dir::State::lists");
+   CurrentPackagesFile += URItoFileName(RealURI);
+
+   // FIXME: this file:/ check is a hack to prevent fetching
+   //        from local sources. this is really silly, and
+   //        should be fixed cleanly as soon as possible
+   if(!FileExists(CurrentPackagesFile) || 
+      Desc.URI.substr(0,strlen("file:/")) == "file:/")
+   {
+      // we don't have a pkg file or we don't want to queue
+      if(Debug)
+        std::clog << "No index file, local or canceld by user" << std::endl;
+      Failed("", NULL);
+      return;
+   }
+
+   if(Debug) 
+      std::clog << "pkgAcqIndexDiffs::pkgAcqIndexDiffs(): " 
+               << CurrentPackagesFile << std::endl;
+   
+   QueueURI(Desc);
+
+}
+                                                                       /*}}}*/
+// AcqIndex::Custom600Headers - Insert custom request headers          /*{{{*/
+// ---------------------------------------------------------------------
+/* The only header we use is the last-modified header. */
+string pkgAcqDiffIndex::Custom600Headers()
+{
+   string Final = _config->FindDir("Dir::State::lists");
+   Final += URItoFileName(RealURI) + string(".IndexDiff");
+   
+   if(Debug)
+      std::clog << "Custom600Header-IMS: " << Final << std::endl;
+
+   struct stat Buf;
+   if (stat(Final.c_str(),&Buf) != 0)
+      return "\nIndex-File: true";
+   
+   return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
+}
+                                                                       /*}}}*/
+bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)             /*{{{*/
+{
+   if(Debug)
+      std::clog << "pkgAcqIndexDiffs::ParseIndexDiff() " << IndexDiffFile 
+               << std::endl;
+
+   pkgTagSection Tags;
+   string ServerSha1;
+   vector<DiffInfo> available_patches;
+   
+   FileFd Fd(IndexDiffFile,FileFd::ReadOnly);
+   pkgTagFile TF(&Fd);
+   if (_error->PendingError() == true)
+      return false;
+
+   if(TF.Step(Tags) == true)
+   {
+      string local_sha1;
+      bool found = false;
+      DiffInfo d;
+      string size;
+
+      string tmp = Tags.FindS("SHA1-Current");
+      std::stringstream ss(tmp);
+      ss >> ServerSha1;
+
+      FileFd fd(CurrentPackagesFile, FileFd::ReadOnly);
+      SHA1Summation SHA1;
+      SHA1.AddFD(fd.Fd(), fd.Size());
+      local_sha1 = string(SHA1.Result());
+
+      if(local_sha1 == ServerSha1) 
+      {
+        // we have the same sha1 as the server
+        if(Debug)
+           std::clog << "Package file is up-to-date" << std::endl;
+        // set found to true, this will queue a pkgAcqIndexDiffs with
+        // a empty availabe_patches
+        found = true;
+      } 
+      else 
+      {
+        if(Debug)
+           std::clog << "SHA1-Current: " << ServerSha1 << std::endl;
+
+        // check the historie and see what patches we need
+        string history = Tags.FindS("SHA1-History");     
+        std::stringstream hist(history);
+        while(hist >> d.sha1 >> size >> d.file) 
+        {
+           d.size = atoi(size.c_str());
+           // read until the first match is found
+           if(d.sha1 == local_sha1) 
+              found=true;
+           // from that point on, we probably need all diffs
+           if(found) 
+           {
+              if(Debug)
+                 std::clog << "Need to get diff: " << d.file << std::endl;
+              available_patches.push_back(d);
+           }
+        }
+      }
+
+      // we have something, queue the next diff
+      if(found) 
+      {
+        // queue the diffs
+        string::size_type last_space = Description.rfind(" ");
+        if(last_space != string::npos)
+           Description.erase(last_space, Description.size()-last_space);
+        new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
+                             ExpectedHash, available_patches);
+        Complete = false;
+        Status = StatDone;
+        Dequeue();
+        return true;
+      }
+   }
+   
+   // Nothing found, report and return false
+   // Failing here is ok, if we return false later, the full
+   // IndexFile is queued
+   if(Debug)
+      std::clog << "Can't find a patch in the index file" << std::endl;
+   return false;
+}
+                                                                       /*}}}*/
+void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)     /*{{{*/
+{
+   if(Debug)
+      std::clog << "pkgAcqDiffIndex failed: " << Desc.URI << std::endl
+               << "Falling back to normal index file aquire" << std::endl;
+
+   new pkgAcqIndex(Owner, RealURI, Description, Desc.ShortDesc, 
+                  ExpectedHash);
+
+   Complete = false;
+   Status = StatDone;
+   Dequeue();
+}
+                                                                       /*}}}*/
+void pkgAcqDiffIndex::Done(string Message,unsigned long Size,string Md5Hash,   /*{{{*/
+                          pkgAcquire::MethodConfig *Cnf)
+{
+   if(Debug)
+      std::clog << "pkgAcqDiffIndex::Done(): " << Desc.URI << std::endl;
+
+   Item::Done(Message,Size,Md5Hash,Cnf);
+
+   string FinalFile;
+   FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(RealURI);
+
+   // sucess in downloading the index
+   // rename the index
+   FinalFile += string(".IndexDiff");
+   if(Debug)
+      std::clog << "Renaming: " << DestFile << " -> " << FinalFile 
+               << std::endl;
+   Rename(DestFile,FinalFile);
+   chmod(FinalFile.c_str(),0644);
+   DestFile = FinalFile;
+
+   if(!ParseDiffIndex(DestFile))
+      return Failed("", NULL);
+
+   Complete = true;
+   Status = StatDone;
+   Dequeue();
+   return;
 }
                                                                        /*}}}*/
 }
                                                                        /*}}}*/
+// AcqIndexDiffs::AcqIndexDiffs - Constructor                          /*{{{*/
+// ---------------------------------------------------------------------
+/* The package diff is added to the queue. one object is constructed
+ * for each diff and the index
+ */
+pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
+                                  string URI,string URIDesc,string ShortDesc,
+                                  HashString ExpectedHash, 
+                                  vector<DiffInfo> diffs)
+   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash), 
+     available_patches(diffs)
+{
+   
+   DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+   DestFile += URItoFileName(URI);
+
+   Debug = _config->FindB("Debug::pkgAcquire::Diffs",false);
 
 
+   Description = URIDesc;
+   Desc.Owner = this;
+   Desc.ShortDesc = ShortDesc;
+
+   if(available_patches.size() == 0) 
+   {
+      // we are done (yeah!)
+      Finish(true);
+   }
+   else
+   {
+      // get the next diff
+      State = StateFetchDiff;
+      QueueNextDiff();
+   }
+}
+                                                                       /*}}}*/
+void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig *Cnf)    /*{{{*/
+{
+   if(Debug)
+      std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << std::endl
+               << "Falling back to normal index file aquire" << std::endl;
+   new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc, 
+                  ExpectedHash);
+   Finish();
+}
+                                                                       /*}}}*/
+// Finish - helper that cleans the item out of the fetcher queue       /*{{{*/
+void pkgAcqIndexDiffs::Finish(bool allDone)
+{
+   // we restore the original name, this is required, otherwise
+   // the file will be cleaned
+   if(allDone) 
+   {
+      DestFile = _config->FindDir("Dir::State::lists");
+      DestFile += URItoFileName(RealURI);
+
+      if(!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
+      {
+        Status = StatAuthError;
+        ErrorText = _("MD5Sum mismatch");
+        Rename(DestFile,DestFile + ".FAILED");
+        Dequeue();
+        return;
+      }
+
+      // this is for the "real" finish
+      Complete = true;
+      Status = StatDone;
+      Dequeue();
+      if(Debug)
+        std::clog << "\n\nallDone: " << DestFile << "\n" << std::endl;
+      return;
+   }
+
+   if(Debug)
+      std::clog << "Finishing: " << Desc.URI << std::endl;
+   Complete = false;
+   Status = StatDone;
+   Dequeue();
+   return;
+}
+                                                                       /*}}}*/
+bool pkgAcqIndexDiffs::QueueNextDiff()                                 /*{{{*/
+{
+
+   // calc sha1 of the just patched file
+   string FinalFile = _config->FindDir("Dir::State::lists");
+   FinalFile += URItoFileName(RealURI);
+
+   FileFd fd(FinalFile, FileFd::ReadOnly);
+   SHA1Summation SHA1;
+   SHA1.AddFD(fd.Fd(), fd.Size());
+   string local_sha1 = string(SHA1.Result());
+   if(Debug)
+      std::clog << "QueueNextDiff: " 
+               << FinalFile << " (" << local_sha1 << ")"<<std::endl;
+
+   // remove all patches until the next matching patch is found
+   // this requires the Index file to be ordered
+   for(vector<DiffInfo>::iterator I=available_patches.begin();
+       available_patches.size() > 0 && 
+         I != available_patches.end() &&
+         (*I).sha1 != local_sha1; 
+       I++) 
+   {
+      available_patches.erase(I);
+   }
+
+   // error checking and falling back if no patch was found
+   if(available_patches.size() == 0) 
+   { 
+      Failed("", NULL);
+      return false;
+   }
+
+   // queue the right diff
+   Desc.URI = string(RealURI) + ".diff/" + available_patches[0].file + ".gz";
+   Desc.Description = Description + " " + available_patches[0].file + string(".pdiff");
+   DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+   DestFile += URItoFileName(RealURI + ".diff/" + available_patches[0].file);
+
+   if(Debug)
+      std::clog << "pkgAcqIndexDiffs::QueueNextDiff(): " << Desc.URI << std::endl;
+   
+   QueueURI(Desc);
+
+   return true;
+}
+                                                                       /*}}}*/
+void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,  /*{{{*/
+                           pkgAcquire::MethodConfig *Cnf)
+{
+   if(Debug)
+      std::clog << "pkgAcqIndexDiffs::Done(): " << Desc.URI << std::endl;
+
+   Item::Done(Message,Size,Md5Hash,Cnf);
+
+   string FinalFile;
+   FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(RealURI);
+
+   // sucess in downloading a diff, enter ApplyDiff state
+   if(State == StateFetchDiff) 
+   {
+
+      if(Debug)
+        std::clog << "Sending to gzip method: " << FinalFile << std::endl;
+
+      string FileName = LookupTag(Message,"Filename");
+      State = StateUnzipDiff;
+      Local = true;
+      Desc.URI = "gzip:" + FileName;
+      DestFile += ".decomp";
+      QueueURI(Desc);
+      Mode = "gzip";
+      return;
+   } 
+
+   // sucess in downloading a diff, enter ApplyDiff state
+   if(State == StateUnzipDiff) 
+   {
+
+      // rred excepts the patch as $FinalFile.ed
+      Rename(DestFile,FinalFile+".ed");
+
+      if(Debug)
+        std::clog << "Sending to rred method: " << FinalFile << std::endl;
+
+      State = StateApplyDiff;
+      Local = true;
+      Desc.URI = "rred:" + FinalFile;
+      QueueURI(Desc);
+      Mode = "rred";
+      return;
+   } 
+
+
+   // success in download/apply a diff, queue next (if needed)
+   if(State == StateApplyDiff)
+   {
+      // remove the just applied patch
+      available_patches.erase(available_patches.begin());
+
+      // move into place
+      if(Debug) 
+      {
+        std::clog << "Moving patched file in place: " << std::endl
+                  << DestFile << " -> " << FinalFile << std::endl;
+      }
+      Rename(DestFile,FinalFile);
+      chmod(FinalFile.c_str(),0644);
+
+      // see if there is more to download
+      if(available_patches.size() > 0) {
+        new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
+                             ExpectedHash, available_patches);
+        return Finish();
+      } else 
+        return Finish(true);
+   }
+}
+                                                                       /*}}}*/
 // AcqIndex::AcqIndex - Constructor                                    /*{{{*/
 // ---------------------------------------------------------------------
 /* The package file is added to the queue and a second class is 
 // AcqIndex::AcqIndex - Constructor                                    /*{{{*/
 // ---------------------------------------------------------------------
 /* The package file is added to the queue and a second class is 
-   instantiated to fetch the revision file */
-pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,const pkgSourceList::Item *Location) :
-             Item(Owner), Location(Location)
+   instantiated to fetch the revision file */   
+pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
+                        string URI,string URIDesc,string ShortDesc,
+                        HashString ExpectedHash, string comprExt)
+   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash)
 {
    Decompression = false;
    Erase = false;
 {
    Decompression = false;
    Erase = false;
-   
+
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-   DestFile += URItoFileName(Location->PackagesURI());
+   DestFile += URItoFileName(URI);
 
 
-   // Create the item 
-   Desc.URI = Location->PackagesURI() + ".gz";
-   Desc.Description = Location->PackagesInfo();
-   Desc.Owner = this;
+   if(comprExt.empty()) 
+   {
+      // autoselect the compression method
+      std::vector<std::string> types = APT::Configuration::getCompressionTypes();
+      if (types.empty() == true)
+        comprExt = "plain";
+      else
+        comprExt = "." + types[0];
+   }
+   CompressionExtension = ((comprExt == "plain" || comprExt == ".") ? "" : comprExt);
 
 
-   // Set the short description to the archive component
-   if (Location->Dist[Location->Dist.size() - 1] == '/')
-      Desc.ShortDesc = Location->Dist;
-   else
-      Desc.ShortDesc = Location->Dist + '/' + Location->Section;  
+   Desc.URI = URI + CompressionExtension;
+
+   Desc.Description = URIDesc;
+   Desc.Owner = this;
+   Desc.ShortDesc = ShortDesc;
       
    QueueURI(Desc);
       
    QueueURI(Desc);
-   
-   // Create the Release fetch class
-   new pkgAcqIndexRel(Owner,Location);
 }
                                                                        /*}}}*/
 // AcqIndex::Custom600Headers - Insert custom request headers          /*{{{*/
 }
                                                                        /*}}}*/
 // AcqIndex::Custom600Headers - Insert custom request headers          /*{{{*/
@@ -159,7 +575,7 @@ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,const pkgSourceList::Item *Location)
 string pkgAcqIndex::Custom600Headers()
 {
    string Final = _config->FindDir("Dir::State::lists");
 string pkgAcqIndex::Custom600Headers()
 {
    string Final = _config->FindDir("Dir::State::lists");
-   Final += URItoFileName(Location->PackagesURI());
+   Final += URItoFileName(RealURI);
    
    struct stat Buf;
    if (stat(Final.c_str(),&Buf) != 0)
    
    struct stat Buf;
    if (stat(Final.c_str(),&Buf) != 0)
@@ -168,6 +584,45 @@ string pkgAcqIndex::Custom600Headers()
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
                                                                        /*}}}*/
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
                                                                        /*}}}*/
+void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) /*{{{*/
+{
+   std::vector<std::string> types = APT::Configuration::getCompressionTypes();
+
+   for (std::vector<std::string>::const_iterator t = types.begin();
+       t != types.end(); t++)
+   {
+      // jump over all already tried compression types
+      const unsigned int nameLen = Desc.URI.size() - (*t).size();
+      if(Desc.URI.substr(nameLen) != *t)
+        continue;
+
+      // we want to try it with the next extension (and make sure to 
+      // not skip over the end)
+      t++;
+      if (t == types.end())
+        break;
+
+      // queue new download
+      Desc.URI = Desc.URI.substr(0, nameLen) + *t;
+      new pkgAcqIndex(Owner, RealURI, Desc.Description, Desc.ShortDesc,
+      ExpectedHash, string(".").append(*t));
+      
+      Status = StatDone;
+      Complete = false;
+      Dequeue();
+      return;
+   }
+
+   // on decompression failure, remove bad versions in partial/
+   if(Decompression && Erase) {
+      string s = _config->FindDir("Dir::State::lists") + "partial/";
+      s += URItoFileName(RealURI);
+      unlink(s.c_str());
+   }
+
+   Item::Failed(Message,Cnf);
+}
+                                                                       /*}}}*/
 // AcqIndex::Done - Finished a fetch                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* This goes through a number of states.. On the initial fetch the
 // AcqIndex::Done - Finished a fetch                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* This goes through a number of states.. On the initial fetch the
@@ -175,21 +630,36 @@ string pkgAcqIndex::Custom600Headers()
    to the uncompressed version of the file. If this is so the file
    is copied into the partial directory. In all other cases the file
    is decompressed with a gzip uri. */
    to the uncompressed version of the file. If this is so the file
    is copied into the partial directory. In all other cases the file
    is decompressed with a gzip uri. */
-void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5)
+void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash,
+                      pkgAcquire::MethodConfig *Cfg)
 {
 {
-   Item::Done(Message,Size,MD5);
+   Item::Done(Message,Size,Hash,Cfg);
 
    if (Decompression == true)
    {
 
    if (Decompression == true)
    {
+      if (_config->FindB("Debug::pkgAcquire::Auth", false))
+      {
+         std::cerr << std::endl << RealURI << ": Computed Hash: " << Hash;
+         std::cerr << "  Expected Hash: " << ExpectedHash.toStr() << std::endl;
+      }
+
+      if (!ExpectedHash.empty() && ExpectedHash.toStr() != Hash)
+      {
+         Status = StatAuthError;
+         ErrorText = _("Hash Sum mismatch");
+         Rename(DestFile,DestFile + ".FAILED");
+         return;
+      }
       // Done, move it into position
       string FinalFile = _config->FindDir("Dir::State::lists");
       // Done, move it into position
       string FinalFile = _config->FindDir("Dir::State::lists");
-      FinalFile += URItoFileName(Location->PackagesURI());
+      FinalFile += URItoFileName(RealURI);
       Rename(DestFile,FinalFile);
       Rename(DestFile,FinalFile);
+      chmod(FinalFile.c_str(),0644);
       
       /* We restore the original name to DestFile so that the clean operation
          will work OK */
       DestFile = _config->FindDir("Dir::State::lists") + "partial/";
       
       /* We restore the original name to DestFile so that the clean operation
          will work OK */
       DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-      DestFile += URItoFileName(Location->PackagesURI());
+      DestFile += URItoFileName(RealURI);
       
       // Remove the compressed version.
       if (Erase == true)
       
       // Remove the compressed version.
       if (Erase == true)
@@ -207,7 +677,6 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5)
       // The files timestamp matches
       if (StringToBool(LookupTag(Message,"Alt-IMS-Hit"),false) == true)
         return;
       // The files timestamp matches
       if (StringToBool(LookupTag(Message,"Alt-IMS-Hit"),false) == true)
         return;
-      
       Decompression = true;
       Local = true;
       DestFile += ".decomp";
       Decompression = true;
       Local = true;
       DestFile += ".decomp";
@@ -233,61 +702,115 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5)
    else
       Local = true;
    
    else
       Local = true;
    
+   string compExt = flExtension(flNotDir(URI(Desc.URI).Path));
+   string decompProg;
+
+   // get the binary name for your used compression type
+   decompProg = _config->Find(string("Acquire::CompressionTypes::").append(compExt),"");
+   if(decompProg.empty() == false);
+   // flExtensions returns the full name if no extension is found
+   // this is why we have this complicated compare operation here
+   // FIMXE: add a new flJustExtension() that return "" if no
+   //        extension is found and use that above so that it can
+   //        be tested against ""
+   else if(compExt == flNotDir(URI(Desc.URI).Path))
+      decompProg = "copy";
+   else {
+      _error->Error("Unsupported extension: %s", compExt.c_str());
+      return;
+   }
+
    Decompression = true;
    DestFile += ".decomp";
    Decompression = true;
    DestFile += ".decomp";
-   Desc.URI = "gzip:" + FileName,Location->PackagesInfo();
+   Desc.URI = decompProg + ":" + FileName;
    QueueURI(Desc);
    QueueURI(Desc);
-   Mode = "gzip";
+   Mode = decompProg.c_str();
 }
                                                                        /*}}}*/
 }
                                                                        /*}}}*/
-
-// AcqIndexRel::pkgAcqIndexRel - Constructor                           /*{{{*/
+// AcqIndexTrans::pkgAcqIndexTrans - Constructor                       /*{{{*/
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
-/* The Release file is added to the queue */
-pkgAcqIndexRel::pkgAcqIndexRel(pkgAcquire *Owner,
-                              const pkgSourceList::Item *Location) :
-                Item(Owner), Location(Location)
+/* The Translation file is added to the queue */
+pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner,
+                           string URI,string URIDesc,string ShortDesc) 
+  : pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, HashString(), "")
 {
 {
-   DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-   DestFile += URItoFileName(Location->ReleaseURI());
+}
+                                                                       /*}}}*/
+// AcqIndexTrans::Failed - Silence failure messages for missing files  /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+void pkgAcqIndexTrans::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
+{
+   if (Cnf->LocalOnly == true || 
+       StringToBool(LookupTag(Message,"Transient-Failure"),false) == false)
+   {      
+      // Ignore this
+      Status = StatDone;
+      Complete = false;
+      Dequeue();
+      return;
+   }
    
    
+   Item::Failed(Message,Cnf);
+}
+                                                                       /*}}}*/
+pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,                                /*{{{*/
+                            string URI,string URIDesc,string ShortDesc,
+                            string MetaIndexURI, string MetaIndexURIDesc,
+                            string MetaIndexShortDesc,
+                            const vector<IndexTarget*>* IndexTargets,
+                            indexRecords* MetaIndexParser) :
+   Item(Owner), RealURI(URI), MetaIndexURI(MetaIndexURI),
+   MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc),
+   MetaIndexParser(MetaIndexParser), IndexTargets(IndexTargets)
+{
+   DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+   DestFile += URItoFileName(URI);
+
+   // remove any partial downloaded sig-file in partial/. 
+   // it may confuse proxies and is too small to warrant a 
+   // partial download anyway
+   unlink(DestFile.c_str());
+
    // Create the item
    // Create the item
-   Desc.URI = Location->ReleaseURI();
-   Desc.Description = Location->ReleaseInfo();
+   Desc.Description = URIDesc;
    Desc.Owner = this;
    Desc.Owner = this;
-
-   // Set the short description to the archive component
-   if (Location->Dist[Location->Dist.size() - 1] == '/')
-      Desc.ShortDesc = Location->Dist;
-   else
-      Desc.ShortDesc = Location->Dist + '/' + Location->Section;  
+   Desc.ShortDesc = ShortDesc;
+   Desc.URI = URI;
       
       
+   string Final = _config->FindDir("Dir::State::lists");
+   Final += URItoFileName(RealURI);
+   struct stat Buf;
+   if (stat(Final.c_str(),&Buf) == 0)
+   {
+      // File was already in place.  It needs to be re-downloaded/verified
+      // because Release might have changed, we do give it a differnt
+      // name than DestFile because otherwise the http method will
+      // send If-Range requests and there are too many broken servers
+      // out there that do not understand them
+      LastGoodSig = DestFile+".reverify";
+      Rename(Final,LastGoodSig);
+   }
+
    QueueURI(Desc);
 }
                                                                        /*}}}*/
    QueueURI(Desc);
 }
                                                                        /*}}}*/
-// AcqIndexRel::Custom600Headers - Insert custom request headers       /*{{{*/
+// pkgAcqMetaSig::Custom600Headers - Insert custom request headers     /*{{{*/
 // ---------------------------------------------------------------------
 /* The only header we use is the last-modified header. */
 // ---------------------------------------------------------------------
 /* The only header we use is the last-modified header. */
-string pkgAcqIndexRel::Custom600Headers()
+string pkgAcqMetaSig::Custom600Headers()
 {
 {
-   string Final = _config->FindDir("Dir::State::lists");
-   Final += URItoFileName(Location->ReleaseURI());
-   
    struct stat Buf;
    struct stat Buf;
-   if (stat(Final.c_str(),&Buf) != 0)
+   if (stat(LastGoodSig.c_str(),&Buf) != 0)
       return "\nIndex-File: true";
       return "\nIndex-File: true";
-   
+
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
-                                                                       /*}}}*/
-// AcqIndexRel::Done - Item downloaded OK                              /*{{{*/
-// ---------------------------------------------------------------------
-/* The release file was not placed into the download directory then
-   a copy URI is generated and it is copied there otherwise the file
-   in the partial directory is moved into .. and the URI is finished. */
-void pkgAcqIndexRel::Done(string Message,unsigned long Size,string MD5)
+
+void pkgAcqMetaSig::Done(string Message,unsigned long Size,string MD5,
+                        pkgAcquire::MethodConfig *Cfg)
 {
 {
-   Item::Done(Message,Size,MD5);
+   Item::Done(Message,Size,MD5,Cfg);
 
    string FileName = LookupTag(Message,"Filename");
    if (FileName.empty() == true)
 
    string FileName = LookupTag(Message,"Filename");
    if (FileName.empty() == true)
@@ -297,32 +820,53 @@ void pkgAcqIndexRel::Done(string Message,unsigned long Size,string MD5)
       return;
    }
 
       return;
    }
 
-   Complete = true;
-   
-   // The files timestamp matches
-   if (StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
-      return;
-   
-   // We have to copy it into place
    if (FileName != DestFile)
    {
    if (FileName != DestFile)
    {
+      // We have to copy it into place
       Local = true;
       Desc.URI = "copy:" + FileName;
       QueueURI(Desc);
       return;
    }
       Local = true;
       Desc.URI = "copy:" + FileName;
       QueueURI(Desc);
       return;
    }
-   
-   // Done, move it into position
-   string FinalFile = _config->FindDir("Dir::State::lists");
-   FinalFile += URItoFileName(Location->ReleaseURI());
-   Rename(DestFile,FinalFile);
+
+   Complete = true;
+
+   // put the last known good file back on i-m-s hit (it will
+   // be re-verified again)
+   // Else do nothing, we have the new file in DestFile then
+   if(StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
+      Rename(LastGoodSig, DestFile);
+
+   // queue a pkgAcqMetaIndex to be verified against the sig we just retrieved
+   new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc,
+                      DestFile, IndexTargets, MetaIndexParser);
+
 }
                                                                        /*}}}*/
 }
                                                                        /*}}}*/
-// AcqIndexRel::Failed - Silence failure messages for missing rel files        /*{{{*/
-// ---------------------------------------------------------------------
-/* */
-void pkgAcqIndexRel::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
+void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
 {
 {
+   string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+
+   // if we get a network error we fail gracefully
+   if(Status == StatTransientNetworkError)
+   {
+      Item::Failed(Message,Cnf);
+      // move the sigfile back on transient network failures 
+      if(FileExists(DestFile))
+        Rename(LastGoodSig,Final);
+
+      // set the status back to , Item::Failed likes to reset it
+      Status = pkgAcquire::Item::StatTransientNetworkError;
+      return;
+   }
+
+   // Delete any existing sigfile when the acquire failed
+   unlink(Final.c_str());
+
+   // queue a pkgAcqMetaIndex with no sigfile
+   new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc,
+                      "", IndexTargets, MetaIndexParser);
+
    if (Cnf->LocalOnly == true || 
        StringToBool(LookupTag(Message,"Transient-Failure"),false) == false)
    {      
    if (Cnf->LocalOnly == true || 
        StringToBool(LookupTag(Message,"Transient-Failure"),false) == false)
    {      
@@ -336,7 +880,324 @@ void pkgAcqIndexRel::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    Item::Failed(Message,Cnf);
 }
                                                                        /*}}}*/
    Item::Failed(Message,Cnf);
 }
                                                                        /*}}}*/
+pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire *Owner,                    /*{{{*/
+                                string URI,string URIDesc,string ShortDesc,
+                                string SigFile,
+                                const vector<struct IndexTarget*>* IndexTargets,
+                                indexRecords* MetaIndexParser) :
+   Item(Owner), RealURI(URI), SigFile(SigFile), IndexTargets(IndexTargets),
+   MetaIndexParser(MetaIndexParser), AuthPass(false), IMSHit(false)
+{
+   DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+   DestFile += URItoFileName(URI);
+
+   // Create the item
+   Desc.Description = URIDesc;
+   Desc.Owner = this;
+   Desc.ShortDesc = ShortDesc;
+   Desc.URI = URI;
+
+   QueueURI(Desc);
+}
+                                                                       /*}}}*/
+// pkgAcqMetaIndex::Custom600Headers - Insert custom request headers   /*{{{*/
+// ---------------------------------------------------------------------
+/* The only header we use is the last-modified header. */
+string pkgAcqMetaIndex::Custom600Headers()
+{
+   string Final = _config->FindDir("Dir::State::lists");
+   Final += URItoFileName(RealURI);
+   
+   struct stat Buf;
+   if (stat(Final.c_str(),&Buf) != 0)
+      return "\nIndex-File: true";
+   
+   return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
+}
+                                                                       /*}}}*/
+void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash,      /*{{{*/
+                          pkgAcquire::MethodConfig *Cfg)
+{
+   Item::Done(Message,Size,Hash,Cfg);
+
+   // MetaIndexes are done in two passes: one to download the
+   // metaindex with an appropriate method, and a second to verify it
+   // with the gpgv method
+
+   if (AuthPass == true)
+   {
+      AuthDone(Message);
+   }
+   else
+   {
+      RetrievalDone(Message);
+      if (!Complete)
+         // Still more retrieving to do
+         return;
+
+      if (SigFile == "")
+      {
+         // There was no signature file, so we are finished.  Download
+         // the indexes without verification.
+         QueueIndexes(false);
+      }
+      else
+      {
+         // There was a signature file, so pass it to gpgv for
+         // verification
+
+         if (_config->FindB("Debug::pkgAcquire::Auth", false))
+            std::cerr << "Metaindex acquired, queueing gpg verification ("
+                      << SigFile << "," << DestFile << ")\n";
+         AuthPass = true;
+         Desc.URI = "gpgv:" + SigFile;
+         QueueURI(Desc);
+         Mode = "gpgv";
+      }
+   }
+}
+                                                                       /*}}}*/
+void pkgAcqMetaIndex::RetrievalDone(string Message)                    /*{{{*/
+{
+   // We have just finished downloading a Release file (it is not
+   // verified yet)
+
+   string FileName = LookupTag(Message,"Filename");
+   if (FileName.empty() == true)
+   {
+      Status = StatError;
+      ErrorText = "Method gave a blank filename";
+      return;
+   }
+
+   if (FileName != DestFile)
+   {
+      Local = true;
+      Desc.URI = "copy:" + FileName;
+      QueueURI(Desc);
+      return;
+   }
+
+   // see if the download was a IMSHit
+   IMSHit = StringToBool(LookupTag(Message,"IMS-Hit"),false);
+   Complete = true;
+
+   string FinalFile = _config->FindDir("Dir::State::lists");
+   FinalFile += URItoFileName(RealURI);
+
+   // If we get a IMS hit we can remove the empty file in partial
+   // othersie we move the file in place
+   if (IMSHit)
+      unlink(DestFile.c_str());
+   else
+      Rename(DestFile,FinalFile);
+
+   chmod(FinalFile.c_str(),0644);
+   DestFile = FinalFile;
+}
+                                                                       /*}}}*/
+void pkgAcqMetaIndex::AuthDone(string Message)                         /*{{{*/
+{
+   // At this point, the gpgv method has succeeded, so there is a
+   // valid signature from a key in the trusted keyring.  We
+   // perform additional verification of its contents, and use them
+   // to verify the indexes we are about to download
+
+   if (!MetaIndexParser->Load(DestFile))
+   {
+      Status = StatAuthError;
+      ErrorText = MetaIndexParser->ErrorText;
+      return;
+   }
+
+   if (!VerifyVendor(Message))
+   {
+      return;
+   }
+
+   if (_config->FindB("Debug::pkgAcquire::Auth", false))
+      std::cerr << "Signature verification succeeded: "
+                << DestFile << std::endl;
+
+   // Download further indexes with verification
+   QueueIndexes(true);
+
+   // Done, move signature file into position
+
+   string VerifiedSigFile = _config->FindDir("Dir::State::lists") +
+      URItoFileName(RealURI) + ".gpg";
+   Rename(SigFile,VerifiedSigFile);
+   chmod(VerifiedSigFile.c_str(),0644);
+}
+                                                                       /*}}}*/
+void pkgAcqMetaIndex::QueueIndexes(bool verify)                                /*{{{*/
+{
+   for (vector <struct IndexTarget*>::const_iterator Target = IndexTargets->begin();
+        Target != IndexTargets->end();
+        Target++)
+   {
+      HashString ExpectedIndexHash;
+      if (verify)
+      {
+         const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
+         if (!Record)
+         {
+            Status = StatAuthError;
+            ErrorText = "Unable to find expected entry  "
+               + (*Target)->MetaKey + " in Meta-index file (malformed Release file?)";
+            return;
+         }
+         ExpectedIndexHash = Record->Hash;
+         if (_config->FindB("Debug::pkgAcquire::Auth", false))
+         {
+            std::cerr << "Queueing: " << (*Target)->URI << std::endl;
+            std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
+         }
+         if (ExpectedIndexHash.empty())
+         {
+            Status = StatAuthError;
+            ErrorText = "Unable to find hash sum for "
+               + (*Target)->MetaKey + " in Meta-index file";
+            return;
+         }
+      }
+      
+      // Queue Packages file (either diff or full packages files, depending
+      // on the users option)
+      if(_config->FindB("Acquire::PDiffs",true) == true) 
+        new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
+                            (*Target)->ShortDesc, ExpectedIndexHash);
+      else 
+        new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description,
+                           (*Target)->ShortDesc, ExpectedIndexHash);
+   }
+}
+                                                                       /*}}}*/
+bool pkgAcqMetaIndex::VerifyVendor(string Message)                     /*{{{*/
+{
+//    // Maybe this should be made available from above so we don't have
+//    // to read and parse it every time?
+//    pkgVendorList List;
+//    List.ReadMainList();
+
+//    const Vendor* Vndr = NULL;
+//    for (std::vector<string>::const_iterator I = GPGVOutput.begin(); I != GPGVOutput.end(); I++)
+//    {
+//       string::size_type pos = (*I).find("VALIDSIG ");
+//       if (_config->FindB("Debug::Vendor", false))
+//          std::cerr << "Looking for VALIDSIG in \"" << (*I) << "\": pos " << pos 
+//                    << std::endl;
+//       if (pos != std::string::npos)
+//       {
+//          string Fingerprint = (*I).substr(pos+sizeof("VALIDSIG"));
+//          if (_config->FindB("Debug::Vendor", false))
+//             std::cerr << "Looking for \"" << Fingerprint << "\" in vendor..." <<
+//                std::endl;
+//          Vndr = List.FindVendor(Fingerprint) != "";
+//          if (Vndr != NULL);
+//          break;
+//       }
+//    }
+   string::size_type pos;
+
+   // check for missing sigs (that where not fatal because otherwise we had
+   // bombed earlier)
+   string missingkeys;
+   string msg = _("There is no public key available for the "
+                 "following key IDs:\n");
+   pos = Message.find("NO_PUBKEY ");
+   if (pos != std::string::npos)
+   {
+      string::size_type start = pos+strlen("NO_PUBKEY ");
+      string Fingerprint = Message.substr(start, Message.find("\n")-start);
+      missingkeys += (Fingerprint);
+   }
+   if(!missingkeys.empty())
+      _error->Warning("%s", string(msg+missingkeys).c_str());
+
+   string Transformed = MetaIndexParser->GetExpectedDist();
+
+   if (Transformed == "../project/experimental")
+   {
+      Transformed = "experimental";
+   }
+
+   pos = Transformed.rfind('/');
+   if (pos != string::npos)
+   {
+      Transformed = Transformed.substr(0, pos);
+   }
+
+   if (Transformed == ".")
+   {
+      Transformed = "";
+   }
+
+   if (_config->FindB("Debug::pkgAcquire::Auth", false)) 
+   {
+      std::cerr << "Got Codename: " << MetaIndexParser->GetDist() << std::endl;
+      std::cerr << "Expecting Dist: " << MetaIndexParser->GetExpectedDist() << std::endl;
+      std::cerr << "Transformed Dist: " << Transformed << std::endl;
+   }
 
 
+   if (MetaIndexParser->CheckDist(Transformed) == false)
+   {
+      // This might become fatal one day
+//       Status = StatAuthError;
+//       ErrorText = "Conflicting distribution; expected "
+//          + MetaIndexParser->GetExpectedDist() + " but got "
+//          + MetaIndexParser->GetDist();
+//       return false;
+      if (!Transformed.empty())
+      {
+         _error->Warning("Conflicting distribution: %s (expected %s but got %s)",
+                         Desc.Description.c_str(),
+                         Transformed.c_str(),
+                         MetaIndexParser->GetDist().c_str());
+      }
+   }
+
+   return true;
+}
+                                                                       /*}}}*/
+// pkgAcqMetaIndex::Failed - no Release file present or no signature file present      /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
+{
+   if (AuthPass == true)
+   {
+      // if we fail the authentication but got the file via a IMS-Hit 
+      // this means that the file wasn't downloaded and that it might be
+      // just stale (server problem, proxy etc). we delete what we have
+      // queue it again without i-m-s 
+      // alternatively we could just unlink the file and let the user try again
+      if (IMSHit)
+      {
+        Complete = false;
+        Local = false;
+        AuthPass = false;
+        unlink(DestFile.c_str());
+
+        DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+        DestFile += URItoFileName(RealURI);
+        Desc.URI = RealURI;
+        QueueURI(Desc);
+        return;
+      }
+
+      // gpgv method failed 
+      _error->Warning("GPG error: %s: %s",
+                      Desc.Description.c_str(),
+                      LookupTag(Message,"Message").c_str());
+
+   }
+
+   // No Release file was present, or verification failed, so fall
+   // back to queueing Packages files without verification
+   QueueIndexes(false);
+}
+                                                                       /*}}}*/
 // AcqArchive::AcqArchive - Constructor                                        /*{{{*/
 // ---------------------------------------------------------------------
 /* This just sets up the initial fetch environment and queues the first
 // AcqArchive::AcqArchive - Constructor                                        /*{{{*/
 // ---------------------------------------------------------------------
 /* This just sets up the initial fetch environment and queues the first
@@ -345,27 +1206,74 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources,
                             pkgRecords *Recs,pkgCache::VerIterator const &Version,
                             string &StoreFilename) :
                Item(Owner), Version(Version), Sources(Sources), Recs(Recs), 
                             pkgRecords *Recs,pkgCache::VerIterator const &Version,
                             string &StoreFilename) :
                Item(Owner), Version(Version), Sources(Sources), Recs(Recs), 
-               StoreFilename(StoreFilename), Vf(Version.FileList())
+               StoreFilename(StoreFilename), Vf(Version.FileList()), 
+              Trusted(false)
 {
    Retries = _config->FindI("Acquire::Retries",0);
 
    if (Version.Arch() == 0)
    {
 {
    Retries = _config->FindI("Acquire::Retries",0);
 
    if (Version.Arch() == 0)
    {
-      _error->Error("I wasn't able to locate file for the %s package. "
-                   "This might mean you need to manually fix this package. (due to missing arch)",
+      _error->Error(_("I wasn't able to locate a file for the %s package. "
+                     "This might mean you need to manually fix this package. "
+                     "(due to missing arch)"),
                    Version.ParentPkg().Name());
       return;
    }
    
                    Version.ParentPkg().Name());
       return;
    }
    
-   // Generate the final file name as: package_version_arch.deb
-   StoreFilename = QuoteString(Version.ParentPkg().Name(),"_:") + '_' +
-                   QuoteString(Version.VerStr(),"_:") + '_' +
-                   QuoteString(Version.Arch(),"_:.") + ".deb";
+   /* We need to find a filename to determine the extension. We make the
+      assumption here that all the available sources for this version share
+      the same extension.. */
+   // Skip not source sources, they do not have file fields.
+   for (; Vf.end() == false; Vf++)
+   {
+      if ((Vf.File()->Flags & pkgCache::Flag::NotSource) != 0)
+        continue;
+      break;
+   }
+   
+   // Does not really matter here.. we are going to fail out below
+   if (Vf.end() != true)
+   {     
+      // If this fails to get a file name we will bomb out below.
+      pkgRecords::Parser &Parse = Recs->Lookup(Vf);
+      if (_error->PendingError() == true)
+        return;
+            
+      // Generate the final file name as: package_version_arch.foo
+      StoreFilename = QuoteString(Version.ParentPkg().Name(),"_:") + '_' +
+                     QuoteString(Version.VerStr(),"_:") + '_' +
+                     QuoteString(Version.Arch(),"_:.") + 
+                     "." + flExtension(Parse.FileName());
+   }
+
+   // check if we have one trusted source for the package. if so, switch
+   // to "TrustedOnly" mode
+   for (pkgCache::VerFileIterator i = Version.FileList(); i.end() == false; i++)
+   {
+      pkgIndexFile *Index;
+      if (Sources->FindIndex(i.File(),Index) == false)
+         continue;
+      if (_config->FindB("Debug::pkgAcquire::Auth", false))
+      {
+         std::cerr << "Checking index: " << Index->Describe()
+                   << "(Trusted=" << Index->IsTrusted() << ")\n";
+      }
+      if (Index->IsTrusted()) {
+         Trusted = true;
+        break;
+      }
+   }
+
+   // "allow-unauthenticated" restores apts old fetching behaviour
+   // that means that e.g. unauthenticated file:// uris are higher
+   // priority than authenticated http:// uris
+   if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
+      Trusted = false;
 
    // Select a source
    if (QueueNext() == false && _error->PendingError() == false)
 
    // Select a source
    if (QueueNext() == false && _error->PendingError() == false)
-      _error->Error("I wasn't able to locate file for the %s package. "
-                   "This might mean you need to manually fix this package.",
+      _error->Error(_("I wasn't able to locate file for the %s package. "
+                   "This might mean you need to manually fix this package."),
                    Version.ParentPkg().Name());
 }
                                                                        /*}}}*/
                    Version.ParentPkg().Name());
 }
                                                                        /*}}}*/
@@ -375,7 +1283,7 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources,
    the archive is already available in the cache and stashs the MD5 for
    checking later. */
 bool pkgAcqArchive::QueueNext()
    the archive is already available in the cache and stashs the MD5 for
    checking later. */
 bool pkgAcqArchive::QueueNext()
-{
+{   
    for (; Vf.end() == false; Vf++)
    {
       // Ignore not source sources
    for (; Vf.end() == false; Vf++)
    {
       // Ignore not source sources
@@ -383,26 +1291,36 @@ bool pkgAcqArchive::QueueNext()
         continue;
 
       // Try to cross match against the source list
         continue;
 
       // Try to cross match against the source list
-      string PkgFile = flNotDir(Vf.File().FileName());
-      pkgSourceList::const_iterator Location;
-      for (Location = Sources->begin(); Location != Sources->end(); Location++)
-        if (PkgFile == URItoFileName(Location->PackagesURI()))
-           break;
-
-      if (Location == Sources->end())
-        continue;
+      pkgIndexFile *Index;
+      if (Sources->FindIndex(Vf.File(),Index) == false)
+           continue;
       
       
+      // only try to get a trusted package from another source if that source
+      // is also trusted
+      if(Trusted && !Index->IsTrusted()) 
+        continue;
+
       // Grab the text package record
       pkgRecords::Parser &Parse = Recs->Lookup(Vf);
       if (_error->PendingError() == true)
         return false;
       
       // Grab the text package record
       pkgRecords::Parser &Parse = Recs->Lookup(Vf);
       if (_error->PendingError() == true)
         return false;
       
-      PkgFile = Parse.FileName();
-      MD5 = Parse.MD5Hash();
+      string PkgFile = Parse.FileName();
+      if(Parse.SHA256Hash() != "")
+        ExpectedHash = HashString("SHA256", Parse.SHA256Hash());
+      else if (Parse.SHA1Hash() != "")
+        ExpectedHash = HashString("SHA1", Parse.SHA1Hash());
+      else 
+        ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());
       if (PkgFile.empty() == true)
       if (PkgFile.empty() == true)
-        return _error->Error("The package index files are corrupted. No Filename: "
-                             "field for package %s."
-                             ,Version.ParentPkg().Name());
+        return _error->Error(_("The package index files are corrupted. No Filename: "
+                             "field for package %s."),
+                             Version.ParentPkg().Name());
+
+      Desc.URI = Index->ArchiveURI(PkgFile);
+      Desc.Description = Index->ArchiveInfo(Version);
+      Desc.Owner = this;
+      Desc.ShortDesc = Version.ParentPkg().Name();
 
       // See if we already have the file. (Legacy filenames)
       FileSize = Version->Size;
 
       // See if we already have the file. (Legacy filenames)
       FileSize = Version->Size;
@@ -457,8 +1375,9 @@ bool pkgAcqArchive::QueueNext()
       }
       
       // Create the item
       }
       
       // Create the item
-      Desc.URI = Location->ArchiveURI(PkgFile);
-      Desc.Description = Location->ArchiveInfo(Version);
+      Local = false;
+      Desc.URI = Index->ArchiveURI(PkgFile);
+      Desc.Description = Index->ArchiveInfo(Version);
       Desc.Owner = this;
       Desc.ShortDesc = Version.ParentPkg().Name();
       QueueURI(Desc);
       Desc.Owner = this;
       Desc.ShortDesc = Version.ParentPkg().Name();
       QueueURI(Desc);
@@ -472,28 +1391,27 @@ bool pkgAcqArchive::QueueNext()
 // AcqArchive::Done - Finished fetching                                        /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 // AcqArchive::Done - Finished fetching                                        /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash)
+void pkgAcqArchive::Done(string Message,unsigned long Size,string CalcHash,
+                        pkgAcquire::MethodConfig *Cfg)
 {
 {
-   Item::Done(Message,Size,Md5Hash);
+   Item::Done(Message,Size,CalcHash,Cfg);
    
    // Check the size
    if (Size != Version->Size)
    {
       Status = StatError;
    
    // Check the size
    if (Size != Version->Size)
    {
       Status = StatError;
-      ErrorText = "Size mismatch";
+      ErrorText = _("Size mismatch");
       return;
    }
    
       return;
    }
    
-   // Check the md5
-   if (Md5Hash.empty() == false && MD5.empty() == false)
+   // Check the hash
+   if(ExpectedHash.toStr() != CalcHash)
    {
    {
-      if (Md5Hash != MD5)
-      {
-        Status = StatError;
-        ErrorText = "MD5Sum mismatch";
+      Status = StatError;
+      ErrorText = _("Hash Sum mismatch");
+      if(FileExists(DestFile))
         Rename(DestFile,DestFile + ".FAILED");
         Rename(DestFile,DestFile + ".FAILED");
-        return;
-      }
+      return;
    }
 
    // Grab the output filename
    }
 
    // Grab the output filename
@@ -530,6 +1448,20 @@ void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash)
 void pkgAcqArchive::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
 {
    ErrorText = LookupTag(Message,"Message");
 void pkgAcqArchive::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
 {
    ErrorText = LookupTag(Message,"Message");
+   
+   /* We don't really want to retry on failed media swaps, this prevents 
+      that. An interesting observation is that permanent failures are not
+      recorded. */
+   if (Cnf->Removable == true && 
+       StringToBool(LookupTag(Message,"Transient-Failure"),false) == true)
+   {
+      // Vf = Version.FileList();
+      while (Vf.end() == false) Vf++;
+      StoreFilename = string();
+      Item::Failed(Message,Cnf);
+      return;
+   }
+   
    if (QueueNext() == false)
    {
       // This is the retry counter
    if (QueueNext() == false)
    {
       // This is the retry counter
@@ -548,6 +1480,13 @@ void pkgAcqArchive::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    }
 }
                                                                        /*}}}*/
    }
 }
                                                                        /*}}}*/
+// AcqArchive::IsTrusted - Determine whether this archive comes from a trusted source /*{{{*/
+// ---------------------------------------------------------------------
+bool pkgAcqArchive::IsTrusted()
+{
+   return Trusted;
+}
+                                                                       /*}}}*/
 // AcqArchive::Finished - Fetching has finished, tidy up               /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 // AcqArchive::Finished - Fetching has finished, tidy up               /*{{{*/
 // ---------------------------------------------------------------------
 /* */
@@ -559,16 +1498,23 @@ void pkgAcqArchive::Finished()
    StoreFilename = string();
 }
                                                                        /*}}}*/
    StoreFilename = string();
 }
                                                                        /*}}}*/
-
 // AcqFile::pkgAcqFile - Constructor                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* The file is added to the queue */
 // AcqFile::pkgAcqFile - Constructor                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* The file is added to the queue */
-pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5,
-                      unsigned long Size,string Dsc,string ShortDesc) :
-                       Item(Owner), MD5(MD5)
+pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash,
+                      unsigned long Size,string Dsc,string ShortDesc,
+                      const string &DestDir, const string &DestFilename) :
+                       Item(Owner), ExpectedHash(Hash)
 {
 {
-   DestFile = flNotDir(URI);
+   Retries = _config->FindI("Acquire::Retries",0);
    
    
+   if(!DestFilename.empty())
+      DestFile = DestFilename;
+   else if(!DestDir.empty())
+      DestFile = DestDir + "/" + flNotDir(URI);
+   else
+      DestFile = flNotDir(URI);
+
    // Create the item
    Desc.URI = URI;
    Desc.Description = Dsc;
    // Create the item
    Desc.URI = URI;
    Desc.Description = Dsc;
@@ -588,17 +1534,27 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5,
       else
         PartialSize = Buf.st_size;
    }
       else
         PartialSize = Buf.st_size;
    }
-   
+
    QueueURI(Desc);
 }
                                                                        /*}}}*/
 // AcqFile::Done - Item downloaded OK                                  /*{{{*/
 // ---------------------------------------------------------------------
 /* */
    QueueURI(Desc);
 }
                                                                        /*}}}*/
 // AcqFile::Done - Item downloaded OK                                  /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcqFile::Done(string Message,unsigned long Size,string MD5)
+void pkgAcqFile::Done(string Message,unsigned long Size,string CalcHash,
+                     pkgAcquire::MethodConfig *Cnf)
 {
 {
-   Item::Done(Message,Size,MD5);
+   Item::Done(Message,Size,CalcHash,Cnf);
 
 
+   // Check the hash
+   if(!ExpectedHash.empty() && ExpectedHash.toStr() != CalcHash)
+   {
+      Status = StatError;
+      ErrorText = "Hash Sum mismatch";
+      Rename(DestFile,DestFile + ".FAILED");
+      return;
+   }
+   
    string FileName = LookupTag(Message,"Filename");
    if (FileName.empty() == true)
    {
    string FileName = LookupTag(Message,"Filename");
    if (FileName.empty() == true)
    {
@@ -617,19 +1573,49 @@ void pkgAcqFile::Done(string Message,unsigned long Size,string MD5)
    if (FileName != DestFile)
    {
       Local = true;
    if (FileName != DestFile)
    {
       Local = true;
-      if (_config->FindB("Acquire::Source-Symlinks",true) == false)
+      if (_config->FindB("Acquire::Source-Symlinks",true) == false ||
+         Cnf->Removable == true)
       {
         Desc.URI = "copy:" + FileName;
         QueueURI(Desc);
         return;
       }
       
       {
         Desc.URI = "copy:" + FileName;
         QueueURI(Desc);
         return;
       }
       
+      // Erase the file if it is a symlink so we can overwrite it
+      struct stat St;
+      if (lstat(DestFile.c_str(),&St) == 0)
+      {
+        if (S_ISLNK(St.st_mode) != 0)
+           unlink(DestFile.c_str());
+      }
+      
+      // Symlink the file
       if (symlink(FileName.c_str(),DestFile.c_str()) != 0)
       {
       if (symlink(FileName.c_str(),DestFile.c_str()) != 0)
       {
-        ErrorText = "Link to " + DestFile + "failure ";
+        ErrorText = "Link to " + DestFile + " failure ";
         Status = StatError;
         Complete = false;
       }      
    }
 }
                                                                        /*}}}*/
         Status = StatError;
         Complete = false;
       }      
    }
 }
                                                                        /*}}}*/
+// AcqFile::Failed - Failure handler                                   /*{{{*/
+// ---------------------------------------------------------------------
+/* Here we try other sources */
+void pkgAcqFile::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
+{
+   ErrorText = LookupTag(Message,"Message");
+   
+   // This is the retry counter
+   if (Retries != 0 &&
+       Cnf->LocalOnly == false &&
+       StringToBool(LookupTag(Message,"Transient-Failure"),false) == true)
+   {
+      Retries--;
+      QueueURI(Desc);
+      return;
+   }
+   
+   Item::Failed(Message,Cnf);
+}
+                                                                       /*}}}*/