X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/a9c2517e9ce961a761022dfa8eb0b62f68f5df9e..cc0a4c82b3c132abba9b9ec35fd61bc8b45a1b80:/apt-pkg/acquire-worker.cc diff --git a/apt-pkg/acquire-worker.cc b/apt-pkg/acquire-worker.cc index 2ad0eda7f..9ed7b5b28 100644 --- a/apt-pkg/acquire-worker.cc +++ b/apt-pkg/acquire-worker.cc @@ -378,6 +378,7 @@ bool pkgAcquire::Worker::RunMessages() bool const isIMSHit = StringToBool(LookupTag(Message,"IMS-Hit"),false) || StringToBool(LookupTag(Message,"Alt-IMS-Hit"),false); + auto const forcedHash = _config->Find("Acquire::ForceHash"); for (auto const Owner: ItmOwners) { HashStringList const ExpectedHashes = Owner->GetExpectedHashes(); @@ -395,9 +396,10 @@ bool pkgAcquire::Worker::RunMessages() // decide if what we got is what we expected bool consideredOkay = false; - if (ExpectedHashes.usable()) + if ((forcedHash.empty() && ExpectedHashes.empty() == false) || + (forcedHash.empty() == false && ExpectedHashes.usable())) { - if (ReceivedHashes.usable() == false) + if (ReceivedHashes.empty()) { /* IMS-Hits can't be checked here as we will have uncompressed file, but the hashes for the compressed file. What we have was good through @@ -410,16 +412,8 @@ bool pkgAcquire::Worker::RunMessages() consideredOkay = false; } - else if (Owner->HashesRequired() == true) - consideredOkay = false; else - { - consideredOkay = true; - // even if the hashes aren't usable to declare something secure - // we can at least use them to declare it an integrity failure - if (ExpectedHashes.empty() == false && ReceivedHashes != ExpectedHashes && _config->Find("Acquire::ForceHash").empty()) - consideredOkay = false; - } + consideredOkay = !Owner->HashesRequired(); if (consideredOkay == true) consideredOkay = Owner->VerifyDone(Message, Config); @@ -443,7 +437,13 @@ bool pkgAcquire::Worker::RunMessages() { if (isDoomedItem(Owner) == false) { - Message.append("\nFailReason: HashSumMismatch"); + if (Message.find("\nFailReason:") == std::string::npos) + { + if (ReceivedHashes != ExpectedHashes) + Message.append("\nFailReason: HashSumMismatch"); + else + Message.append("\nFailReason: WeakHashSums"); + } Owner->Failed(Message,Config); } if (Log != nullptr) @@ -484,7 +484,7 @@ bool pkgAcquire::Worker::RunMessages() } if (errTransient == false) { - auto const reasons = { "HashSumMismatch", "MaximumSizeExceeded" }; + auto const reasons = { "HashSumMismatch", "WeakHashSums", "MaximumSizeExceeded" }; errAuthErr = std::find(std::begin(reasons), std::end(reasons), failReason) != std::end(reasons); } } @@ -631,12 +631,36 @@ bool pkgAcquire::Worker::QueueItem(pkgAcquire::Queue::QItem *Item) if (OutFd == -1) return false; + HashStringList const hsl = Item->GetExpectedHashes(); + + if (isDoomedItem(Item->Owner)) + return true; + + if (hsl.usable() == false && Item->Owner->HashesRequired() && + _config->Exists("Acquire::ForceHash") == false) + { + std::string const Message = "400 URI Failure" + "\nURI: " + Item->URI + + "\nFilename: " + Item->Owner->DestFile + + "\nFailReason: WeakHashSums"; + + auto const ItmOwners = Item->Owners; + for (auto &O: ItmOwners) + { + O->Status = pkgAcquire::Item::StatAuthError; + O->Failed(Message, Config); + if (Log != nullptr) + Log->Fail(O->GetItemDesc()); + } + // "queued" successfully, the item just instantly failed + return true; + } + string Message = "600 URI Acquire\n"; Message.reserve(300); Message += "URI: " + Item->URI; Message += "\nFilename: " + Item->Owner->DestFile; - HashStringList const hsl = Item->GetExpectedHashes(); for (HashStringList::const_iterator hs = hsl.begin(); hs != hsl.end(); ++hs) Message += "\nExpected-" + hs->HashType() + ": " + hs->HashValue();