X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/d04e44ac8177fc5b70ae0189bb5e437c2502f910..0b29c72bdfc1466d47567cc3191b9661f81d3d3f:/apt-pkg/acquire-item.cc diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index ae10ed8f4..7f31d1449 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -153,7 +153,7 @@ static bool MessageInsecureRepository(bool const isError, std::string const &msg if (isError) { _error->Error("%s", msg.c_str()); - _error->Notice("%s", _("Updating such a repository securely is impossible and therefore disabled by default.")); + _error->Notice("%s", _("Updating from such a repository can't be done securely, and is therefore disabled by default.")); } else { @@ -1075,6 +1075,16 @@ void pkgAcqMetaBase::QueueIndexes(bool const verify) /*{{{*/ strprintf(ErrorText, _("Unable to find expected entry '%s' in Release file (Wrong sources.list entry or malformed file)"), Target->MetaKey.c_str()); return; } + else + { + auto const hashes = GetExpectedHashesFor(Target->MetaKey); + if (hashes.usable() == false && hashes.empty() == false) + { + _error->Warning(_("Skipping acquire of configured file '%s' as repository '%s' provides only weak security information for it"), + Target->MetaKey.c_str(), TransactionManager->Target.Description.c_str()); + continue; + } + } // autoselect the compression method std::vector types = VectorizeString(Target->Option(IndexTarget::COMPRESSIONTYPES), ' '); @@ -1837,10 +1847,18 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string const &IndexDiffFile) /*{{{*/ std::clog << "Server-Current: " << ServerHashes.find(NULL)->toStr() << " and we start at " << CurrentPackagesFile << " " << LocalHashes.FileSize() << " " << LocalHashes.find(NULL)->toStr() << std::endl; + // historically, older hashes have more info than newer ones, so start + // collecting with older ones first to avoid implementing complicated + // information merging techniques… a failure is after all always + // recoverable with a complete file and hashes aren't changed that often. + std::vector types; + for (char const * const * type = HashString::SupportedHashes(); *type != NULL; ++type) + types.push_back(*type); + // parse all of (provided) history vector available_patches; bool firstAcceptedHashes = true; - for (char const * const * type = HashString::SupportedHashes(); *type != NULL; ++type) + for (auto type = types.crbegin(); type != types.crend(); ++type) { if (LocalHashes.find(*type) == NULL) continue; @@ -1898,7 +1916,7 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string const &IndexDiffFile) /*{{{*/ return false; } - for (char const * const * type = HashString::SupportedHashes(); *type != NULL; ++type) + for (auto type = types.crbegin(); type != types.crend(); ++type) { if (LocalHashes.find(*type) == NULL) continue; @@ -1938,7 +1956,7 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string const &IndexDiffFile) /*{{{*/ } } - for (char const * const * type = HashString::SupportedHashes(); *type != NULL; ++type) + for (auto type = types.crbegin(); type != types.crend(); ++type) { std::string tagname = *type; tagname.append("-Download"); @@ -3178,7 +3196,7 @@ std::string pkgAcqChangelog::URI(std::string const &Template, char const * const Component, char const * const SrcName, char const * const SrcVersion) { - if (Template.find("CHANGEPATH") == std::string::npos) + if (Template.find("@CHANGEPATH@") == std::string::npos) return ""; // the path is: COMPONENT/SRC/SRCNAME/SRCNAME_SRCVER, e.g. main/a/apt/1.1 or contrib/liba/libapt/2.0 @@ -3190,7 +3208,7 @@ std::string pkgAcqChangelog::URI(std::string const &Template, if (Component != NULL && strlen(Component) != 0) path = std::string(Component) + "/" + path; - return SubstVar(Template, "CHANGEPATH", path); + return SubstVar(Template, "@CHANGEPATH@", path); } /*}}}*/ // AcqChangelog::Failed - Failure handler /*{{{*/