X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/b7080ced608f012aee2566afc724c3727e75fc1b..f7f0d6c7560a8f71707e7852a512469147aa9f84:/apt-pkg/indexcopy.cc diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc index c2ee1c347..b262e21c4 100644 --- a/apt-pkg/indexcopy.cc +++ b/apt-pkg/indexcopy.cc @@ -43,7 +43,7 @@ bool IndexCopy::CopyPackages(string CDROM,string Name,vector &List, pkgCdromStatus *log) { OpProgress *Progress = NULL; - if (List.size() == 0) + if (List.empty() == true) return true; if(log) @@ -54,7 +54,7 @@ bool IndexCopy::CopyPackages(string CDROM,string Name,vector &List, // Prepare the progress indicator unsigned long TotalSize = 0; - for (vector::iterator I = List.begin(); I != List.end(); I++) + for (vector::iterator I = List.begin(); I != List.end(); ++I) { struct stat Buf; if (stat(string(*I + GetFileName()).c_str(),&Buf) != 0 && @@ -68,14 +68,14 @@ bool IndexCopy::CopyPackages(string CDROM,string Name,vector &List, unsigned int NotFound = 0; unsigned int WrongSize = 0; unsigned int Packages = 0; - for (vector::iterator I = List.begin(); I != List.end(); I++) + for (vector::iterator I = List.begin(); I != List.end(); ++I) { string OrigPath = string(*I,CDROM.length()); unsigned long FileSize = 0; // Open the package file FileFd Pkg; - if (FileExists(*I + GetFileName()) == true) + if (RealFileExists(*I + GetFileName()) == true) { Pkg.Open(*I + GetFileName(),FileFd::ReadOnly); FileSize = Pkg.Size(); @@ -532,7 +532,7 @@ bool SigVerify::Verify(string prefix, string file, indexRecords *MetaIndex) // we skip non-existing files in the verifcation to support a cdrom // with no Packages file (just a Package.gz), see LP: #255545 // (non-existing files are not considered a error) - if(!FileExists(prefix+file)) + if(!RealFileExists(prefix+file)) { _error->Warning(_("Skipping nonexistent file %s"), string(prefix+file).c_str()); return true; @@ -583,13 +583,13 @@ bool SigVerify::CopyMetaIndex(string CDROM, string CDName, /*{{{*/ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, /*{{{*/ vector PkgList,vector SrcList) { - if (SigList.size() == 0) + if (SigList.empty() == true) return true; bool Debug = _config->FindB("Debug::aptcdrom",false); // Read all Release files - for (vector::iterator I = SigList.begin(); I != SigList.end(); I++) + for (vector::iterator I = SigList.begin(); I != SigList.end(); ++I) { if(Debug) cout << "Signature verify for: " << *I << endl; @@ -601,7 +601,7 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, string const release = *I+"Release"; // a Release.gpg without a Release should never happen - if(FileExists(release) == false) + if(RealFileExists(release) == false) { delete MetaIndex; continue; @@ -633,7 +633,7 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, // go over the Indexfiles and see if they verify // if so, remove them from our copy of the lists vector keys = MetaIndex->MetaKeys(); - for (vector::iterator I = keys.begin(); I != keys.end(); I++) + for (vector::iterator I = keys.begin(); I != keys.end(); ++I) { if(!Verify(prefix,*I, MetaIndex)) { // something went wrong, don't copy the Release.gpg @@ -664,6 +664,21 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, int const &statusfd, int fd[2]) { + if (File == FileGPG) + { + #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n" + char buffer[sizeof(SIGMSG)]; + FILE* gpg = fopen(File.c_str(), "r"); + if (gpg == NULL) + return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str()); + char const * const test = fgets(buffer, sizeof(buffer), gpg); + fclose(gpg); + if (test == NULL || strcmp(buffer, SIGMSG) != 0) + return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str()); + #undef SIGMSG + } + + string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); // FIXME: remove support for deprecated APT::GPGV setting string const trustedFile = _config->Find("APT::GPGV::TrustedKeyring", _config->FindFile("Dir::Etc::Trusted")); @@ -681,14 +696,18 @@ bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, std::vector keyrings; if (DirectoryExists(trustedPath)) keyrings = GetListOfFilesInDir(trustedPath, "gpg", false, true); - if (FileExists(trustedFile) == true) + if (RealFileExists(trustedFile) == true) keyrings.push_back(trustedFile); std::vector Args; Args.reserve(30); if (keyrings.empty() == true) - return false; + { + // TRANSLATOR: %s is the trusted keyring parts directory + return _error->Error(_("No keyring installed in %s."), + _config->FindDir("Dir::Etc::TrustedParts").c_str()); + } Args.push_back(gpgvpath.c_str()); Args.push_back("--ignore-time-conflict"); @@ -757,7 +776,7 @@ bool TranslationsCopy::CopyTranslations(string CDROM,string Name, /*{{{*/ vector &List, pkgCdromStatus *log) { OpProgress *Progress = NULL; - if (List.size() == 0) + if (List.empty() == true) return true; if(log) @@ -767,7 +786,7 @@ bool TranslationsCopy::CopyTranslations(string CDROM,string Name, /*{{{*/ // Prepare the progress indicator unsigned long TotalSize = 0; - for (vector::iterator I = List.begin(); I != List.end(); I++) + for (vector::iterator I = List.begin(); I != List.end(); ++I) { struct stat Buf; if (stat(string(*I).c_str(),&Buf) != 0 && @@ -781,14 +800,14 @@ bool TranslationsCopy::CopyTranslations(string CDROM,string Name, /*{{{*/ unsigned int NotFound = 0; unsigned int WrongSize = 0; unsigned int Packages = 0; - for (vector::iterator I = List.begin(); I != List.end(); I++) + for (vector::iterator I = List.begin(); I != List.end(); ++I) { string OrigPath = string(*I,CDROM.length()); unsigned long FileSize = 0; // Open the package file FileFd Pkg; - if (FileExists(*I) == true) + if (RealFileExists(*I) == true) { Pkg.Open(*I,FileFd::ReadOnly); FileSize = Pkg.Size();