X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/b5cabd30cc1be1c6c1ca675ceb359bab577c1905..1edc38abff0bffd56ad7a128f6243050d4064827:/apt-pkg/indexcopy.cc diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc index 621c18716..31c577705 100644 --- a/apt-pkg/indexcopy.cc +++ b/apt-pkg/indexcopy.cc @@ -75,7 +75,7 @@ bool IndexCopy::CopyPackages(string CDROM,string Name,vector &List, // Open the package file FileFd Pkg; - if (FileExists(*I + GetFileName()) == true) + if (RealFileExists(*I + GetFileName()) == true) { Pkg.Open(*I + GetFileName(),FileFd::ReadOnly); FileSize = Pkg.Size(); @@ -132,9 +132,14 @@ bool IndexCopy::CopyPackages(string CDROM,string Name,vector &List, (*I).c_str() + CDROM.length(),GetFileName()); string TargetF = _config->FindDir("Dir::State::lists") + "partial/"; TargetF += URItoFileName(S); + FileFd Target; if (_config->FindB("APT::CDROM::NoAct",false) == true) + { TargetF = "/dev/null"; - FileFd Target(TargetF,FileFd::WriteEmpty); + Target.Open(TargetF,FileFd::WriteExists); + } else { + Target.Open(TargetF,FileFd::WriteAtomic); + } FILE *TargetFl = fdopen(dup(Target.Fd()),"w"); if (_error->PendingError() == true) return false; @@ -527,7 +532,7 @@ bool SigVerify::Verify(string prefix, string file, indexRecords *MetaIndex) // we skip non-existing files in the verifcation to support a cdrom // with no Packages file (just a Package.gz), see LP: #255545 // (non-existing files are not considered a error) - if(!FileExists(prefix+file)) + if(!RealFileExists(prefix+file)) { _error->Warning(_("Skipping nonexistent file %s"), string(prefix+file).c_str()); return true; @@ -565,7 +570,7 @@ bool SigVerify::CopyMetaIndex(string CDROM, string CDName, /*{{{*/ FileFd Target; FileFd Rel; - Target.Open(TargetF,FileFd::WriteEmpty); + Target.Open(TargetF,FileFd::WriteAtomic); Rel.Open(prefix + file,FileFd::ReadOnly); if (_error->PendingError() == true) return false; @@ -596,7 +601,7 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, string const release = *I+"Release"; // a Release.gpg without a Release should never happen - if(FileExists(release) == false) + if(RealFileExists(release) == false) { delete MetaIndex; continue; @@ -659,11 +664,25 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, int const &statusfd, int fd[2]) { + if (File == FileGPG) + { + #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n" + char buffer[sizeof(SIGMSG)]; + FILE* gpg = fopen(File.c_str(), "r"); + if (gpg == NULL) + return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str()); + char const * const test = fgets(buffer, sizeof(buffer), gpg); + fclose(gpg); + if (test == NULL || strcmp(buffer, SIGMSG) != 0) + return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str()); + #undef SIGMSG + } + + string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); // FIXME: remove support for deprecated APT::GPGV setting - string const trustedFile = _config->FindFile("Dir::Etc::Trusted", - _config->Find("APT::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg").c_str()); - string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts", "/etc/apt/trusted.gpg.d"); + string const trustedFile = _config->Find("APT::GPGV::TrustedKeyring", _config->FindFile("Dir::Etc::Trusted")); + string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts"); bool const Debug = _config->FindB("Debug::Acquire::gpgv", false); @@ -674,15 +693,21 @@ bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, std::clog << "Keyring path: " << trustedPath << std::endl; } - std::vector keyrings = GetListOfFilesInDir(trustedPath, "gpg", false); - if (FileExists(trustedFile) == true) - keyrings.push_back(trustedFile); + std::vector keyrings; + if (DirectoryExists(trustedPath)) + keyrings = GetListOfFilesInDir(trustedPath, "gpg", false, true); + if (RealFileExists(trustedFile) == true) + keyrings.push_back(trustedFile); std::vector Args; Args.reserve(30); if (keyrings.empty() == true) - return false; + { + // TRANSLATOR: %s is the trusted keyring parts directory + return _error->Error(_("No keyring installed in %s."), + _config->FindDir("Dir::Etc::TrustedParts").c_str()); + } Args.push_back(gpgvpath.c_str()); Args.push_back("--ignore-time-conflict"); @@ -716,7 +741,8 @@ bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, } Args.push_back(FileGPG.c_str()); - Args.push_back(File.c_str()); + if (FileGPG != File) + Args.push_back(File.c_str()); Args.push_back(NULL); if (Debug == true) @@ -781,7 +807,7 @@ bool TranslationsCopy::CopyTranslations(string CDROM,string Name, /*{{{*/ // Open the package file FileFd Pkg; - if (FileExists(*I) == true) + if (RealFileExists(*I) == true) { Pkg.Open(*I,FileFd::ReadOnly); FileSize = Pkg.Size(); @@ -840,7 +866,7 @@ bool TranslationsCopy::CopyTranslations(string CDROM,string Name, /*{{{*/ TargetF += URItoFileName(S); if (_config->FindB("APT::CDROM::NoAct",false) == true) TargetF = "/dev/null"; - FileFd Target(TargetF,FileFd::WriteEmpty); + FileFd Target(TargetF,FileFd::WriteAtomic); FILE *TargetFl = fdopen(dup(Target.Fd()),"w"); if (_error->PendingError() == true) return false;