]> git.saurik.com Git - apt.git/commit - apt-pkg/deb/debmetaindex.cc
projects / apt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 58702f8) | patch
rework hashsum verification in the acquire system
authorDavid Kalnischkies <david@kalnischkies.de>
Sat, 6 Jun 2015 10:28:00 +0000 (12:28 +0200)
committerDavid Kalnischkies <david@kalnischkies.de>
Tue, 9 Jun 2015 10:57:35 +0000 (12:57 +0200)
commit448c38bdcd72b52f11ec5f326f822cf57653f81c
tree98f26e9d477e720c3448773f398e6b13e0e431c7tree | snapshot
parent58702f8563a443a7c6e66253b259c2488b877290commit | diff
rework hashsum verification in the acquire system

Having every item having its own code to verify the file(s) it handles
is an errorprune process and easy to break, especially if items move
through various stages (download, uncompress, patching, …). With a giant
rework we centralize (most of) the verification to have a better
enforcement rate and (hopefully) less chance for bugs, but it breaks the
ABI bigtime in exchange – and as we break it anyway, it is broken even
harder.

It shouldn't effect most frontends as they don't deal with the acquire
system at all or implement their own items, but some do and will need to
be patched (might be an opportunity to use apt on-board material).

The theory is simple: Items implement methods to decide if hashes need to
be checked (in this stage) and to return the expected hashes for this
item (in this stage). The verification itself is done in worker message
passing which has the benefit that a hashsum error is now a proper error
for the acquire system rather than a Done() which is later revised to a
Failed().
22 files changed:
apt-pkg/acquire-item.cc diff | blob | blame | history
apt-pkg/acquire-item.h diff | blob | blame | history
apt-pkg/acquire-method.cc diff | blob | blame | history
apt-pkg/acquire-worker.cc diff | blob | blame | history
apt-pkg/contrib/hashes.cc diff | blob | blame | history
apt-pkg/contrib/hashes.h diff | blob | blame | history
apt-pkg/deb/debindexfile.cc diff | blob | blame | history
apt-pkg/deb/debmetaindex.cc diff | blob | blame | history
apt-pkg/indexrecords.cc diff | blob | blame | history
apt-pkg/pkgcache.h diff | blob | blame | history
methods/file.cc diff | blob | blame | history
test/integration/test-apt-get-source-authenticated diff | blob | blame | history
test/integration/test-apt-sources-deb822 diff | blob | blame | history
test/integration/test-apt-update-expected-size diff | blob | blame | history
test/integration/test-apt-update-file diff | blob | blame | history
test/integration/test-apt-update-nofallback diff | blob | blame | history
test/integration/test-apt-update-not-modified diff | blob | blame | history
test/integration/test-apt-update-stale diff | blob | blame | history
test/integration/test-bug-595691-empty-and-broken-archive-files diff | blob | blame | history
test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum diff | blob | blame | history
test/libapt/acqprogress_test.cc diff | blob | blame | history
test/libapt/hashsums_test.cc diff | blob | blame | history
APT (for Cydia)