+ // Specialized action members
+ virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
+ virtual void Done(string Message,unsigned long Size,string Md5Hash,
+ pkgAcquire::MethodConfig *Cnf);
+ virtual string Custom600Headers();
+ virtual string DescURI() {return RealURI; };
+
+ /** \brief Create a new pkgAcqMetaSig. */
+ pkgAcqMetaSig(pkgAcquire *Owner,string URI,string URIDesc, string ShortDesc,
+ string MetaIndexURI, string MetaIndexURIDesc, string MetaIndexShortDesc,
+ const vector<struct IndexTarget*>* IndexTargets,
+ indexRecords* MetaIndexParser);
+};
+
+/** \brief An item that is responsible for downloading the meta-index
+ * file (i.e., Release) itself and verifying its signature.
+ *
+ * Once the download and verification are complete, the downloads of
+ * the individual index files are queued up using pkgAcqDiffIndex.
+ * If the meta-index file had a valid signature, the expected hashsums
+ * of the index files will be the md5sums listed in the meta-index;
+ * otherwise, the expected hashsums will be "" (causing the
+ * authentication of the index files to be bypassed).
+ */
+class pkgAcqMetaIndex : public pkgAcquire::Item
+{
+ protected:
+ /** \brief The fetch command that is currently being processed. */
+ pkgAcquire::ItemDesc Desc;
+
+ /** \brief The URI that is actually being downloaded; never
+ * modified by pkgAcqMetaIndex.
+ */
+ string RealURI;
+
+ /** \brief The file in which the signature for this index was stored.
+ *
+ * If empty, the signature and the md5sums of the individual
+ * indices will not be checked.
+ */
+ string SigFile;
+
+ /** \brief The index files to download. */
+ const vector<struct IndexTarget*>* IndexTargets;
+
+ /** \brief The parser for the meta-index file. */
+ indexRecords* MetaIndexParser;
+
+ /** \brief If \b true, the index's signature is currently being verified.
+ */
+ bool AuthPass;
+ // required to deal gracefully with problems caused by incorrect ims hits
+ bool IMSHit;
+
+ /** \brief Check that the release file is a release file for the
+ * correct distribution.
+ *
+ * \return \b true if no fatal errors were encountered.
+ */
+ bool VerifyVendor(string Message);
+
+ /** \brief Called when a file is finished being retrieved.
+ *
+ * If the file was not downloaded to DestFile, a copy process is
+ * set up to copy it to DestFile; otherwise, Complete is set to \b
+ * true and the file is moved to its final location.
+ *
+ * \param Message The message block received from the fetch
+ * subprocess.
+ */
+ void RetrievalDone(string Message);
+
+ /** \brief Called when authentication succeeded.
+ *
+ * Sanity-checks the authenticated file, queues up the individual
+ * index files for download, and saves the signature in the lists
+ * directory next to the authenticated list file.
+ *
+ * \param Message The message block received from the fetch
+ * subprocess.
+ */
+ void AuthDone(string Message);
+
+ /** \brief Starts downloading the individual index files.
+ *
+ * \param verify If \b true, only indices whose expected hashsum
+ * can be determined from the meta-index will be downloaded, and
+ * the hashsums of indices will be checked (reporting
+ * #StatAuthError if there is a mismatch). If verify is \b false,
+ * no hashsum checking will be performed.
+ */
+ void QueueIndexes(bool verify);