]> git.saurik.com Git - apt.git/blobdiff - apt-pkg/acquire-worker.cc
close server if parsing of header field failed
[apt.git] / apt-pkg / acquire-worker.cc
index 2ad0eda7f581308828843129670b059ec4e42417..9ed7b5b28fb0d5cc3d42b09cdf14089134f5a63a 100644 (file)
@@ -378,6 +378,7 @@ bool pkgAcquire::Worker::RunMessages()
 
            bool const isIMSHit = StringToBool(LookupTag(Message,"IMS-Hit"),false) ||
               StringToBool(LookupTag(Message,"Alt-IMS-Hit"),false);
 
            bool const isIMSHit = StringToBool(LookupTag(Message,"IMS-Hit"),false) ||
               StringToBool(LookupTag(Message,"Alt-IMS-Hit"),false);
+           auto const forcedHash = _config->Find("Acquire::ForceHash");
            for (auto const Owner: ItmOwners)
            {
               HashStringList const ExpectedHashes = Owner->GetExpectedHashes();
            for (auto const Owner: ItmOwners)
            {
               HashStringList const ExpectedHashes = Owner->GetExpectedHashes();
@@ -395,9 +396,10 @@ bool pkgAcquire::Worker::RunMessages()
 
               // decide if what we got is what we expected
               bool consideredOkay = false;
 
               // decide if what we got is what we expected
               bool consideredOkay = false;
-              if (ExpectedHashes.usable())
+              if ((forcedHash.empty() && ExpectedHashes.empty() == false) ||
+                    (forcedHash.empty() == false && ExpectedHashes.usable()))
               {
               {
-                 if (ReceivedHashes.usable() == false)
+                 if (ReceivedHashes.empty())
                  {
                     /* IMS-Hits can't be checked here as we will have uncompressed file,
                        but the hashes for the compressed file. What we have was good through
                  {
                     /* IMS-Hits can't be checked here as we will have uncompressed file,
                        but the hashes for the compressed file. What we have was good through
@@ -410,16 +412,8 @@ bool pkgAcquire::Worker::RunMessages()
                     consideredOkay = false;
 
               }
                     consideredOkay = false;
 
               }
-              else if (Owner->HashesRequired() == true)
-                 consideredOkay = false;
               else
               else
-              {
-                 consideredOkay = true;
-                 // even if the hashes aren't usable to declare something secure
-                 // we can at least use them to declare it an integrity failure
-                 if (ExpectedHashes.empty() == false && ReceivedHashes != ExpectedHashes && _config->Find("Acquire::ForceHash").empty())
-                    consideredOkay = false;
-              }
+                 consideredOkay = !Owner->HashesRequired();
 
               if (consideredOkay == true)
                  consideredOkay = Owner->VerifyDone(Message, Config);
 
               if (consideredOkay == true)
                  consideredOkay = Owner->VerifyDone(Message, Config);
@@ -443,7 +437,13 @@ bool pkgAcquire::Worker::RunMessages()
               {
                  if (isDoomedItem(Owner) == false)
                  {
               {
                  if (isDoomedItem(Owner) == false)
                  {
-                    Message.append("\nFailReason: HashSumMismatch");
+                    if (Message.find("\nFailReason:") == std::string::npos)
+                    {
+                       if (ReceivedHashes != ExpectedHashes)
+                          Message.append("\nFailReason: HashSumMismatch");
+                       else
+                          Message.append("\nFailReason: WeakHashSums");
+                    }
                     Owner->Failed(Message,Config);
                  }
                  if (Log != nullptr)
                     Owner->Failed(Message,Config);
                  }
                  if (Log != nullptr)
@@ -484,7 +484,7 @@ bool pkgAcquire::Worker::RunMessages()
               }
               if (errTransient == false)
               {
               }
               if (errTransient == false)
               {
-                 auto const reasons = { "HashSumMismatch", "MaximumSizeExceeded" };
+                 auto const reasons = { "HashSumMismatch", "WeakHashSums", "MaximumSizeExceeded" };
                  errAuthErr = std::find(std::begin(reasons), std::end(reasons), failReason) != std::end(reasons);
               }
            }
                  errAuthErr = std::find(std::begin(reasons), std::end(reasons), failReason) != std::end(reasons);
               }
            }
@@ -631,12 +631,36 @@ bool pkgAcquire::Worker::QueueItem(pkgAcquire::Queue::QItem *Item)
    if (OutFd == -1)
       return false;
 
    if (OutFd == -1)
       return false;
 
+   HashStringList const hsl = Item->GetExpectedHashes();
+
+   if (isDoomedItem(Item->Owner))
+      return true;
+
+   if (hsl.usable() == false && Item->Owner->HashesRequired() &&
+        _config->Exists("Acquire::ForceHash") == false)
+   {
+      std::string const Message = "400 URI Failure"
+        "\nURI: " + Item->URI +
+        "\nFilename: " + Item->Owner->DestFile +
+        "\nFailReason: WeakHashSums";
+
+      auto const ItmOwners = Item->Owners;
+      for (auto &O: ItmOwners)
+      {
+        O->Status = pkgAcquire::Item::StatAuthError;
+        O->Failed(Message, Config);
+        if (Log != nullptr)
+           Log->Fail(O->GetItemDesc());
+      }
+      // "queued" successfully, the item just instantly failed
+      return true;
+   }
+
    string Message = "600 URI Acquire\n";
    Message.reserve(300);
    Message += "URI: " + Item->URI;
    Message += "\nFilename: " + Item->Owner->DestFile;
 
    string Message = "600 URI Acquire\n";
    Message.reserve(300);
    Message += "URI: " + Item->URI;
    Message += "\nFilename: " + Item->Owner->DestFile;
 
-   HashStringList const hsl = Item->GetExpectedHashes();
    for (HashStringList::const_iterator hs = hsl.begin(); hs != hsl.end(); ++hs)
       Message += "\nExpected-" + hs->HashType() + ": " + hs->HashValue();
 
    for (HashStringList::const_iterator hs = hsl.begin(); hs != hsl.end(); ++hs)
       Message += "\nExpected-" + hs->HashType() + ": " + hs->HashValue();