X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/a975773b97214620c750cb2465e01f811a33831d..c63dd53856e58ccde7d1ec89302d2af0e8787b7e:/apt-pkg/acquire-item.cc diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 3b683df63..c22a31058 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -103,7 +103,7 @@ void pkgAcquire::Item::Start(string /*Message*/,unsigned long Size) // Acquire::Item::Done - Item downloaded OK /*{{{*/ // --------------------------------------------------------------------- /* */ -void pkgAcquire::Item::Done(string Message,unsigned long Size,string, +void pkgAcquire::Item::Done(string Message,unsigned long Size,string Hash, pkgAcquire::MethodConfig *Cnf) { // We just downloaded something.. @@ -192,8 +192,9 @@ void pkgAcquire::Item::ReportMirrorFailure(string FailCode) */ pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire *Owner, string URI,string URIDesc,string ShortDesc, - string ExpectedMD5) - : Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5), Description(URIDesc) + HashString ExpectedHash) + : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash), + Description(URIDesc) { Debug = _config->FindB("Debug::pkgAcquire::Diffs",false); @@ -321,11 +322,11 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile) if(found) { // queue the diffs - unsigned int last_space = Description.rfind(" "); + string::size_type last_space = Description.rfind(" "); if(last_space != string::npos) Description.erase(last_space, Description.size()-last_space); new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc, - ExpectedMD5, available_patches); + ExpectedHash, available_patches); Complete = false; Status = StatDone; Dequeue(); @@ -348,7 +349,7 @@ void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) << "Falling back to normal index file aquire" << std::endl; new pkgAcqIndex(Owner, RealURI, Description, Desc.ShortDesc, - ExpectedMD5); + ExpectedHash); Complete = false; Status = StatDone; @@ -394,8 +395,9 @@ void pkgAcqDiffIndex::Done(string Message,unsigned long Size,string Md5Hash, */ pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner, string URI,string URIDesc,string ShortDesc, - string ExpectedMD5, vector diffs) - : Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5), + HashString ExpectedHash, + vector diffs) + : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash), available_patches(diffs) { @@ -428,7 +430,7 @@ void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig *Cnf) std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << std::endl << "Falling back to normal index file aquire" << std::endl; new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc, - ExpectedMD5); + ExpectedHash); Finish(); } @@ -443,14 +445,7 @@ void pkgAcqIndexDiffs::Finish(bool allDone) DestFile = _config->FindDir("Dir::State::lists"); DestFile += URItoFileName(RealURI); - // do the final md5sum checking - MD5Summation sum; - FileFd Fd(DestFile, FileFd::ReadOnly); - sum.AddFD(Fd.Fd(), Fd.Size()); - Fd.Close(); - string MD5 = (string)sum.Result(); - - if (!ExpectedMD5.empty() && MD5 != ExpectedMD5) + if(!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile)) { Status = StatAuthError; ErrorText = _("MD5Sum mismatch"); @@ -592,7 +587,7 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash, // see if there is more to download if(available_patches.size() > 0) { new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc, - ExpectedMD5, available_patches); + ExpectedHash, available_patches); return Finish(); } else return Finish(true); @@ -606,8 +601,8 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash, instantiated to fetch the revision file */ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner, string URI,string URIDesc,string ShortDesc, - string ExpectedMD5, string comprExt) - : Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5) + HashString ExpectedHash, string comprExt) + : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash) { Decompression = false; Erase = false; @@ -657,7 +652,7 @@ void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) // retry with a gzip one new pkgAcqIndex(Owner, RealURI, Desc.Description,Desc.ShortDesc, - ExpectedMD5, string(".gz")); + ExpectedHash, string(".gz")); Status = StatDone; Complete = false; Dequeue(); @@ -682,32 +677,23 @@ void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) to the uncompressed version of the file. If this is so the file is copied into the partial directory. In all other cases the file is decompressed with a gzip uri. */ -void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5, +void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash, pkgAcquire::MethodConfig *Cfg) { - Item::Done(Message,Size,MD5,Cfg); + Item::Done(Message,Size,Hash,Cfg); if (Decompression == true) { if (_config->FindB("Debug::pkgAcquire::Auth", false)) { - std::cerr << std::endl << RealURI << ": Computed MD5: " << MD5; - std::cerr << " Expected MD5: " << ExpectedMD5 << std::endl; + std::cerr << std::endl << RealURI << ": Computed Hash: " << Hash; + std::cerr << " Expected Hash: " << ExpectedHash.toStr() << std::endl; } - if (MD5.empty()) - { - MD5Summation sum; - FileFd Fd(DestFile, FileFd::ReadOnly); - sum.AddFD(Fd.Fd(), Fd.Size()); - Fd.Close(); - MD5 = (string)sum.Result(); - } - - if (!ExpectedMD5.empty() && MD5 != ExpectedMD5) + if (!ExpectedHash.empty() && ExpectedHash.toStr() != Hash) { Status = StatAuthError; - ErrorText = _("MD5Sum mismatch"); + ErrorText = _("Hash Sum mismatch"); Rename(DestFile,DestFile + ".FAILED"); ReportMirrorFailure("HashChecksumFailure"); return; @@ -739,7 +725,6 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5, // The files timestamp matches if (StringToBool(LookupTag(Message,"Alt-IMS-Hit"),false) == true) return; - Decompression = true; Local = true; DestFile += ".decomp"; @@ -766,7 +751,7 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5, Local = true; string compExt = Desc.URI.substr(Desc.URI.size()-3); - char *decompProg; + const char *decompProg; if(compExt == "bz2") decompProg = "bzip2"; else if(compExt == ".gz") @@ -787,8 +772,8 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5, // --------------------------------------------------------------------- /* The Translation file is added to the queue */ pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner, - string URI,string URIDesc,string ShortDesc) : - pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, "", "") + string URI,string URIDesc,string ShortDesc) + : pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, HashString(), "") { } @@ -835,16 +820,19 @@ pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner, Desc.Owner = this; Desc.ShortDesc = ShortDesc; Desc.URI = URI; - string Final = _config->FindDir("Dir::State::lists"); Final += URItoFileName(RealURI); struct stat Buf; if (stat(Final.c_str(),&Buf) == 0) { - // File was already in place. It needs to be re-verified - // because Release might have changed, so Move it into partial - Rename(Final,DestFile); + // File was already in place. It needs to be re-downloaded/verified + // because Release might have changed, we do give it a differnt + // name than DestFile because otherwise the http method will + // send If-Range requests and there are too many broken servers + // out there that do not understand them + LastGoodSig = DestFile+".reverify"; + Rename(Final,LastGoodSig); } QueueURI(Desc); @@ -856,7 +844,7 @@ pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner, string pkgAcqMetaSig::Custom600Headers() { struct stat Buf; - if (stat(DestFile.c_str(),&Buf) != 0) + if (stat(LastGoodSig.c_str(),&Buf) != 0) return "\nIndex-File: true"; return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime); @@ -886,9 +874,16 @@ void pkgAcqMetaSig::Done(string Message,unsigned long Size,string MD5, Complete = true; + // put the last known good file back on i-m-s hit (it will + // be re-verified again) + // Else do nothing, we have the new file in DestFile then + if(StringToBool(LookupTag(Message,"IMS-Hit"),false) == true) + Rename(LastGoodSig, DestFile); + // queue a pkgAcqMetaIndex to be verified against the sig we just retrieved - new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc, - DestFile, IndexTargets, MetaIndexParser); + new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, + MetaIndexShortDesc, DestFile, IndexTargets, + MetaIndexParser); } /*}}}*/ @@ -902,7 +897,7 @@ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf) Item::Failed(Message,Cnf); // move the sigfile back on transient network failures if(FileExists(DestFile)) - Rename(DestFile,Final); + Rename(LastGoodSig,Final); // set the status back to , Item::Failed likes to reset it Status = pkgAcquire::Item::StatTransientNetworkError; @@ -965,10 +960,10 @@ string pkgAcqMetaIndex::Custom600Headers() return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime); } -void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string MD5, +void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash, pkgAcquire::MethodConfig *Cfg) { - Item::Done(Message,Size,MD5,Cfg); + Item::Done(Message,Size,Hash,Cfg); // MetaIndexes are done in two passes: one to download the // metaindex with an appropriate method, and a second to verify it @@ -977,6 +972,15 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string MD5, if (AuthPass == true) { AuthDone(Message); + + // all cool, move Release file into place + Complete = true; + + string FinalFile = _config->FindDir("Dir::State::lists"); + FinalFile += URItoFileName(RealURI); + Rename(DestFile,FinalFile); + chmod(FinalFile.c_str(),0644); + DestFile = FinalFile; } else { @@ -1028,22 +1032,15 @@ void pkgAcqMetaIndex::RetrievalDone(string Message) return; } - // see if the download was a IMSHit + // make sure to verify against the right file on I-M-S hit IMSHit = StringToBool(LookupTag(Message,"IMS-Hit"),false); - - Complete = true; - - string FinalFile = _config->FindDir("Dir::State::lists"); - FinalFile += URItoFileName(RealURI); - - // The files timestamp matches - if (StringToBool(LookupTag(Message,"IMS-Hit"),false) == false) + if(IMSHit) { - // Move it into position - Rename(DestFile,FinalFile); + string FinalFile = _config->FindDir("Dir::State::lists"); + FinalFile += URItoFileName(RealURI); + DestFile = FinalFile; } - chmod(FinalFile.c_str(),0644); - DestFile = FinalFile; + Complete = true; } void pkgAcqMetaIndex::AuthDone(string Message) @@ -1073,7 +1070,6 @@ void pkgAcqMetaIndex::AuthDone(string Message) QueueIndexes(true); // Done, move signature file into position - string VerifiedSigFile = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI) + ".gpg"; Rename(SigFile,VerifiedSigFile); @@ -1086,7 +1082,7 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify) Target != IndexTargets->end(); Target++) { - string ExpectedIndexMD5; + HashString ExpectedIndexHash; if (verify) { const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey); @@ -1097,16 +1093,16 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify) + (*Target)->MetaKey + " in Meta-index file (malformed Release file?)"; return; } - ExpectedIndexMD5 = Record->MD5Hash; + ExpectedIndexHash = Record->Hash; if (_config->FindB("Debug::pkgAcquire::Auth", false)) { std::cerr << "Queueing: " << (*Target)->URI << std::endl; - std::cerr << "Expected MD5: " << ExpectedIndexMD5 << std::endl; + std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl; } - if (ExpectedIndexMD5.empty()) + if (ExpectedIndexHash.empty()) { Status = StatAuthError; - ErrorText = "Unable to find MD5 sum for " + ErrorText = "Unable to find hash sum for " + (*Target)->MetaKey + " in Meta-index file"; return; } @@ -1116,10 +1112,10 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify) // on the users option) if(_config->FindB("Acquire::PDiffs",false) == true) new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description, - (*Target)->ShortDesc, ExpectedIndexMD5); + (*Target)->ShortDesc, ExpectedIndexHash); else new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description, - (*Target)->ShortDesc, ExpectedIndexMD5); + (*Target)->ShortDesc, ExpectedIndexHash); } } @@ -1218,31 +1214,29 @@ void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) { if (AuthPass == true) { - // if we fail the authentication but got the file via a IMS-Hit - // this means that the file wasn't downloaded and that it might be - // just stale (server problem, proxy etc). we delete what we have - // queue it again without i-m-s - // alternatively we could just unlink the file and let the user try again - if (IMSHit) + // gpgv method failed, if we have a good signature + string LastGoodSigFile = _config->FindDir("Dir::State::lists") + + "partial/" + URItoFileName(RealURI) + ".gpg.reverify"; + if(FileExists(LastGoodSigFile)) { - Complete = false; - Local = false; - AuthPass = false; - unlink(DestFile.c_str()); - - DestFile = _config->FindDir("Dir::State::lists") + "partial/"; - DestFile += URItoFileName(RealURI); - Desc.URI = RealURI; - QueueURI(Desc); + string VerifiedSigFile = _config->FindDir("Dir::State::lists") + + URItoFileName(RealURI) + ".gpg"; + Rename(LastGoodSigFile,VerifiedSigFile); + Status = StatTransientNetworkError; + _error->Warning(_("A error occurred during the signature " + "verification. The repository is not updated " + "and the previous index files will be used." + "GPG error: %s: %s\n"), + Desc.Description.c_str(), + LookupTag(Message,"Message").c_str()); return; + } else { + _error->Warning(_("GPG error: %s: %s"), + Desc.Description.c_str(), + LookupTag(Message,"Message").c_str()); } - // gpgv method failed ReportMirrorFailure("GPGFailure"); - _error->Warning("GPG error: %s: %s", - Desc.Description.c_str(), - LookupTag(Message,"Message").c_str()); - } // No Release file was present, or verification failed, so fall @@ -1360,7 +1354,12 @@ bool pkgAcqArchive::QueueNext() return false; string PkgFile = Parse.FileName(); - MD5 = Parse.MD5Hash(); + if(Parse.SHA256Hash() != "") + ExpectedHash = HashString("SHA256", Parse.SHA256Hash()); + else if (Parse.SHA1Hash() != "") + ExpectedHash = HashString("SHA1", Parse.SHA1Hash()); + else + ExpectedHash = HashString("MD5Sum", Parse.MD5Hash()); if (PkgFile.empty() == true) return _error->Error(_("The package index files are corrupted. No Filename: " "field for package %s."), @@ -1440,10 +1439,10 @@ bool pkgAcqArchive::QueueNext() // AcqArchive::Done - Finished fetching /*{{{*/ // --------------------------------------------------------------------- /* */ -void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash, +void pkgAcqArchive::Done(string Message,unsigned long Size,string CalcHash, pkgAcquire::MethodConfig *Cfg) { - Item::Done(Message,Size,Md5Hash,Cfg); + Item::Done(Message,Size,CalcHash,Cfg); // Check the size if (Size != Version->Size) @@ -1453,17 +1452,14 @@ void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash, return; } - // Check the md5 - if (Md5Hash.empty() == false && MD5.empty() == false) + // Check the hash + if(ExpectedHash.toStr() != CalcHash) { - if (Md5Hash != MD5) - { - Status = StatError; - ErrorText = _("MD5Sum mismatch"); - if(FileExists(DestFile)) - Rename(DestFile,DestFile + ".FAILED"); - return; - } + Status = StatError; + ErrorText = _("Hash Sum mismatch"); + if(FileExists(DestFile)) + Rename(DestFile,DestFile + ".FAILED"); + return; } // Grab the output filename @@ -1555,10 +1551,10 @@ void pkgAcqArchive::Finished() // AcqFile::pkgAcqFile - Constructor /*{{{*/ // --------------------------------------------------------------------- /* The file is added to the queue */ -pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5, +pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash, unsigned long Size,string Dsc,string ShortDesc, const string &DestDir, const string &DestFilename) : - Item(Owner), Md5Hash(MD5) + Item(Owner), ExpectedHash(Hash) { Retries = _config->FindI("Acquire::Retries",0); @@ -1595,23 +1591,20 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5, // AcqFile::Done - Item downloaded OK /*{{{*/ // --------------------------------------------------------------------- /* */ -void pkgAcqFile::Done(string Message,unsigned long Size,string MD5, +void pkgAcqFile::Done(string Message,unsigned long Size,string CalcHash, pkgAcquire::MethodConfig *Cnf) { - // Check the md5 - if (Md5Hash.empty() == false && MD5.empty() == false) + Item::Done(Message,Size,CalcHash,Cnf); + + // Check the hash + if(!ExpectedHash.empty() && ExpectedHash.toStr() != CalcHash) { - if (Md5Hash != MD5) - { - Status = StatError; - ErrorText = "MD5Sum mismatch"; - Rename(DestFile,DestFile + ".FAILED"); - return; - } + Status = StatError; + ErrorText = "Hash Sum mismatch"; + Rename(DestFile,DestFile + ".FAILED"); + return; } - Item::Done(Message,Size,MD5,Cnf); - string FileName = LookupTag(Message,"Filename"); if (FileName.empty() == true) {