##################################################################### */
/*}}}*/
// Include Files /*{{{*/
+#include <config.h>
+
#include <apt-pkg/acquire-item.h>
#include <apt-pkg/configuration.h>
#include <apt-pkg/aptconfiguration.h>
#include <apt-pkg/md5.h>
#include <apt-pkg/sha1.h>
#include <apt-pkg/tagfile.h>
+#include <apt-pkg/indexrecords.h>
+#include <apt-pkg/metaindex.h>
-#include <apti18n.h>
-
#include <sys/stat.h>
#include <unistd.h>
#include <errno.h>
#include <sstream>
#include <stdio.h>
#include <ctime>
+
+#include <apti18n.h>
/*}}}*/
using namespace std;
/*}}}*/
// AcqSubIndex::AcqSubIndex - Constructor /*{{{*/
// ---------------------------------------------------------------------
-/* Get the Index file first and see if there are languages available
- * If so, create a pkgAcqIndexTrans for the found language(s).
- */
+/* Get a sub-index file based on checksums from a 'master' file and
+ possibly query additional files */
pkgAcqSubIndex::pkgAcqSubIndex(pkgAcquire *Owner, string const &URI,
string const &URIDesc, string const &ShortDesc,
HashString const &ExpectedHash)
: Item(Owner), ExpectedHash(ExpectedHash)
{
+ /* XXX: Beware: Currently this class does nothing (of value) anymore ! */
Debug = _config->FindB("Debug::pkgAcquire::SubIndex",false);
DestFile = _config->FindDir("Dir::State::lists") + "partial/";
Status = StatDone;
Dequeue();
- // No good Index is provided, so try guessing
- std::vector<std::string> langs = APT::Configuration::getLanguages(true);
- for (std::vector<std::string>::const_iterator l = langs.begin();
- l != langs.end(); ++l)
- {
- if (*l == "none") continue;
- string const file = "Translation-" + *l;
- new pkgAcqIndexTrans(Owner, Desc.URI.substr(0, Desc.URI.rfind('/')+1).append(file),
- Desc.Description.erase(Desc.Description.rfind(' ')+1).append(file),
- file);
- }
+ // No good Index is provided
}
/*}}}*/
void pkgAcqSubIndex::Done(string Message,unsigned long long Size,string Md5Hash, /*{{{*/
indexRecords SubIndexParser;
if (FileExists(IndexFile) == false || SubIndexParser.Load(IndexFile) == false)
return false;
-
- std::vector<std::string> lang = APT::Configuration::getLanguages(true);
- for (std::vector<std::string>::const_iterator l = lang.begin();
- l != lang.end(); ++l)
- {
- if (*l == "none")
- continue;
-
- string file = "Translation-" + *l;
- indexRecords::checkSum const *Record = SubIndexParser.Lookup(file);
- HashString expected;
- if (Record == NULL)
- {
- // FIXME: the Index file provided by debian currently only includes bz2 records
- Record = SubIndexParser.Lookup(file + ".bz2");
- if (Record == NULL)
- continue;
- }
- else
- {
- expected = Record->Hash;
- if (expected.empty() == true)
- continue;
- }
-
- IndexTarget target;
- target.Description = Desc.Description.erase(Desc.Description.rfind(' ')+1).append(file);
- target.MetaKey = file;
- target.ShortDesc = file;
- target.URI = Desc.URI.substr(0, Desc.URI.rfind('/')+1).append(file);
- new pkgAcqIndexTrans(Owner, &target, expected, &SubIndexParser);
- }
+ // so something with the downloaded index
return true;
}
/*}}}*/
FileFd fd(CurrentPackagesFile, FileFd::ReadOnly);
SHA1Summation SHA1;
- SHA1.AddFD(fd.Fd(), fd.Size());
+ SHA1.AddFD(fd);
string const local_sha1 = SHA1.Result();
if(local_sha1 == ServerSha1)
FileFd fd(FinalFile, FileFd::ReadOnly);
SHA1Summation SHA1;
- SHA1.AddFD(fd.Fd(), fd.Size());
+ SHA1.AddFD(fd);
string local_sha1 = string(SHA1.Result());
if(Debug)
std::clog << "QueueNextDiff: "
if (SigFile == "")
{
// There was no signature file, so we are finished. Download
- // the indexes and do only hashsum verification
+ // the indexes and do only hashsum verification if possible
MetaIndexParser->Load(DestFile);
- QueueIndexes(true);
+ QueueIndexes(false);
}
else
{
+ // FIXME: move this into pkgAcqMetaClearSig::Done on the next
+ // ABI break
+
+ // if we expect a ClearTextSignature (InRelase), ensure that
+ // this is what we get and if not fail to queue a
+ // Release/Release.gpg, see #346386
+ if (SigFile == DestFile && !StartsWithGPGClearTextSignature(DestFile))
+ {
+ Failed(Message, Cfg);
+ return;
+ }
+
// There was a signature file, so pass it to gpgv for
// verification
-
if (_config->FindB("Debug::pkgAcquire::Auth", false))
std::cerr << "Metaindex acquired, queueing gpg verification ("
<< SigFile << "," << DestFile << ")\n";
return;
}
#endif
+ bool transInRelease = false;
+ {
+ std::vector<std::string> const keys = MetaIndexParser->MetaKeys();
+ for (std::vector<std::string>::const_iterator k = keys.begin(); k != keys.end(); ++k)
+ // FIXME: Feels wrong to check for hardcoded string here, but what should we do elseā¦
+ if (k->find("Translation-") != std::string::npos)
+ {
+ transInRelease = true;
+ break;
+ }
+ }
+
for (vector <struct IndexTarget*>::const_iterator Target = IndexTargets->begin();
Target != IndexTargets->end();
++Target)
{
HashString ExpectedIndexHash;
- if (verify)
+ const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
+ if (Record == NULL)
{
- const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
- if (Record == NULL)
+ if (verify == true && (*Target)->IsOptional() == false)
{
- if ((*Target)->IsOptional() == false)
- {
- Status = StatAuthError;
- strprintf(ErrorText, _("Unable to find expected entry '%s' in Release file (Wrong sources.list entry or malformed file)"), (*Target)->MetaKey.c_str());
- return;
- }
+ Status = StatAuthError;
+ strprintf(ErrorText, _("Unable to find expected entry '%s' in Release file (Wrong sources.list entry or malformed file)"), (*Target)->MetaKey.c_str());
+ return;
}
- else
+ }
+ else
+ {
+ ExpectedIndexHash = Record->Hash;
+ if (_config->FindB("Debug::pkgAcquire::Auth", false))
{
- ExpectedIndexHash = Record->Hash;
- if (_config->FindB("Debug::pkgAcquire::Auth", false))
- {
- std::cerr << "Queueing: " << (*Target)->URI << std::endl;
- std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
- std::cerr << "For: " << Record->MetaKeyFilename << std::endl;
- }
- if (ExpectedIndexHash.empty() == true && (*Target)->IsOptional() == false)
- {
- Status = StatAuthError;
- strprintf(ErrorText, _("Unable to find hash sum for '%s' in Release file"), (*Target)->MetaKey.c_str());
- return;
- }
+ std::cerr << "Queueing: " << (*Target)->URI << std::endl;
+ std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
+ std::cerr << "For: " << Record->MetaKeyFilename << std::endl;
+ }
+ if (verify == true && ExpectedIndexHash.empty() == true && (*Target)->IsOptional() == false)
+ {
+ Status = StatAuthError;
+ strprintf(ErrorText, _("Unable to find hash sum for '%s' in Release file"), (*Target)->MetaKey.c_str());
+ return;
}
}
if ((*Target)->IsSubIndex() == true)
new pkgAcqSubIndex(Owner, (*Target)->URI, (*Target)->Description,
(*Target)->ShortDesc, ExpectedIndexHash);
- else
- new pkgAcqIndexTrans(Owner, *Target, ExpectedIndexHash, MetaIndexParser);
+ else if (transInRelease == false || MetaIndexParser->Exists((*Target)->MetaKey) == true)
+ {
+ if (_config->FindB("Acquire::PDiffs",true) == true && transInRelease == true &&
+ MetaIndexParser->Exists(string((*Target)->MetaKey).append(".diff/Index")) == true)
+ new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
+ (*Target)->ShortDesc, ExpectedIndexHash);
+ else
+ new pkgAcqIndexTrans(Owner, *Target, ExpectedIndexHash, MetaIndexParser);
+ }
continue;
}
{
if (AuthPass == false)
{
+ // Remove the 'old' InRelease file if we try Release.gpg now as otherwise
+ // the file will stay around and gives a false-auth impression (CVE-2012-0214)
+ string FinalFile = _config->FindDir("Dir::State::lists");
+ FinalFile.append(URItoFileName(RealURI));
+ if (FileExists(FinalFile))
+ unlink(FinalFile.c_str());
+
new pkgAcqMetaSig(Owner,
MetaSigURI, MetaSigURIDesc, MetaSigShortDesc,
MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc,
else
PartialSize = Buf.st_size;
}
-
+
+ // Disables download of archives - useful if no real installation follows,
+ // e.g. if we are just interested in proposed installation order
+ if (_config->FindB("Debug::pkgAcqArchive::NoQueue", false) == true)
+ {
+ Complete = true;
+ Local = true;
+ Status = StatDone;
+ StoreFilename = DestFile = FinalFile;
+ return true;
+ }
+
// Create the item
Local = false;
Desc.URI = Index->ArchiveURI(PkgFile);