This commit deals with the following cases:
- First section of index file (Packages,Sources,Translation) without Package field
- Signed release files without GPG data (NODATA)
- i18n/Index files without hash sums
Handling unsigned Release files is more complicated, and the example code
using indexRecords is disabled as it can reject correct Release files
without hashes. How we can reliably check unsigned Release files is
another question, and not urgent anyway, as it should have no
dramatic effect (we could check that it is a valid RFC-822 section,
but that's a bit too long to write)
string FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(Desc.URI);
string FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(Desc.URI);
+ /* Downloaded invalid transindex => Error (LP: #346386) (Closes: #195301) */
+ indexRecords SubIndexParser;
+ if (FileExists(DestFile) == true && !SubIndexParser.Load(DestFile)) {
+ Status = StatError;
+ ErrorText = SubIndexParser.ErrorText;
+ return;
+ }
+
// sucess in downloading the index
// rename the index
if(Debug)
// sucess in downloading the index
// rename the index
if(Debug)
ReportMirrorFailure("HashChecksumFailure");
return;
}
ReportMirrorFailure("HashChecksumFailure");
return;
}
+
+ /* Verify the index file for correctness (all indexes must
+ * have a Package field) (LP: #346386) (Closes: #195301) */
+ {
+ FileFd fd(DestFile, FileFd::ReadOnly);
+ pkgTagSection sec;
+ pkgTagFile tag(&fd);
+
+ if (_error->PendingError() || !tag.Step(sec)) {
+ Status = StatError;
+ _error->DumpErrors();
+ Rename(DestFile,DestFile + ".FAILED");
+ return;
+ } else if (!sec.Exists("Package")) {
+ Status = StatError;
+ ErrorText = ("Encountered a section with no Package: header");
+ Rename(DestFile,DestFile + ".FAILED");
+ return;
+ }
+ }
+
// Done, move it into position
string FinalFile = _config->FindDir("Dir::State::lists");
FinalFile += URItoFileName(RealURI);
// Done, move it into position
string FinalFile = _config->FindDir("Dir::State::lists");
FinalFile += URItoFileName(RealURI);
/*}}}*/
void pkgAcqMetaIndex::QueueIndexes(bool verify) /*{{{*/
{
/*}}}*/
void pkgAcqMetaIndex::QueueIndexes(bool verify) /*{{{*/
{
+#if 0
+ /* Reject invalid, existing Release files (LP: #346386) (Closes: #195301)
+ * FIXME: Disabled; it breaks unsigned repositories without hashes */
+ if (!verify && FileExists(DestFile) && !MetaIndexParser->Load(DestFile))
+ {
+ Status = StatError;
+ ErrorText = MetaIndexParser->ErrorText;
+ return;
+ }
+#endif
for (vector <struct IndexTarget*>::const_iterator Target = IndexTargets->begin();
Target != IndexTargets->end();
Target++)
for (vector <struct IndexTarget*>::const_iterator Target = IndexTargets->begin();
Target != IndexTargets->end();
Target++)
LookupTag(Message,"Message").c_str());
RunScripts("APT::Update::Auth-Failure");
return;
LookupTag(Message,"Message").c_str());
RunScripts("APT::Update::Auth-Failure");
return;
+ } else if (LookupTag(Message,"Message").find("NODATA") != string::npos) {
+ /* Invalid signature file, reject (LP: #346386) (Closes: #195301) */
+ _error->Error(_("GPG error: %s: %s"),
+ Desc.Description.c_str(),
+ LookupTag(Message,"Message").c_str());
+ return;
} else {
_error->Warning(_("GPG error: %s: %s"),
Desc.Description.c_str(),
} else {
_error->Warning(_("GPG error: %s: %s"),
Desc.Description.c_str(),
* apt-pkg/depcache.cc:
- Really release action groups only once (Closes: #622744)
- Make purge work again for config-files (LP: #244598) (Closes: #150831)
* apt-pkg/depcache.cc:
- Really release action groups only once (Closes: #622744)
- Make purge work again for config-files (LP: #244598) (Closes: #150831)
+ * apt-pkg/acquire-item.cc:
+ - Reject files known to be invalid (LP: #346386) (Closes: #195301)
* debian/apt.cron.daily:
- Check power after wait, patch by manuel-soto (LP: #705269)
* debian/control:
* debian/apt.cron.daily:
- Check power after wait, patch by manuel-soto (LP: #705269)
* debian/control:
projects / apt.git / commitdiff
