]> git.saurik.com Git - apt.git/commitdiff
projects / apt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 22b2ef9)
cleanup pkgAcq*::Failed()
authorMichael Vogt <mvo@ubuntu.com>
Mon, 6 Oct 2014 12:34:38 +0000 (14:34 +0200)
committerMichael Vogt <mvo@ubuntu.com>
Mon, 6 Oct 2014 12:36:30 +0000 (14:36 +0200)
apt-pkg/acquire-item.cc patch | blob | blame | history
apt-pkg/acquire-item.h patch | blob | blame | history
test/integration/test-apt-get-update-unauth-warning patch | blob | blame | history

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 975965e46d01048a1e08db427d6d053450c4115e..401566cfcbccb03f92390d6e0f2e30b5ce29c0db 100644 (file)
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1502,8 +1502,8 @@ void pkgAcqMetaBase::TransactionStageRemoval(Item *I,
 // AcqMetaBase::GenerateAuthWarning - Check gpg authentication error   /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 // AcqMetaBase::GenerateAuthWarning - Check gpg authentication error   /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-bool pkgAcqMetaBase::GenerateAuthWarning(const std::string &RealURI,
-                                         const std::string &Message)
+bool pkgAcqMetaBase::StopAuthentication(const std::string &RealURI,
+                                        const std::string &Message)
 {
    string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
    
 {
    string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
    
@@ -1626,13 +1626,9 @@ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
 {
    string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
 
 {
    string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
 
-   // FIXME: duplicated code from pkgAcqMetaIndex
-   if (AuthPass == true)
-   {
-      bool Stop = GenerateAuthWarning(RealURI, Message);
-      if(Stop)
+   // check if we need to fail at this point 
+   if (AuthPass == true && StopAuthentication(RealURI, Message))
          return;
          return;
-   }
 
    // FIXME: meh, this is not really elegant
    string InReleaseURI = RealURI.replace(RealURI.rfind("Release.gpg"), 12,
 
    // FIXME: meh, this is not really elegant
    string InReleaseURI = RealURI.replace(RealURI.rfind("Release.gpg"), 12,
@@ -2021,50 +2017,28 @@ bool pkgAcqMetaBase::VerifyVendor(string Message, const string &RealURI)/*{{{*/
    return true;
 }
                                                                        /*}}}*/
    return true;
 }
                                                                        /*}}}*/
-// pkgAcqMetaIndex::Failed - no Release file present or no signature file present      /*{{{*/
+// pkgAcqMetaIndex::Failed - no Release file present                   /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 void pkgAcqMetaIndex::Failed(string Message,
                              pkgAcquire::MethodConfig * /*Cnf*/)
 {
 // ---------------------------------------------------------------------
 /* */
 void pkgAcqMetaIndex::Failed(string Message,
                              pkgAcquire::MethodConfig * /*Cnf*/)
 {
-   string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+   string FinalFile = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
 
 
-   if (AuthPass == true)
-   {
-      bool Stop = GenerateAuthWarning(RealURI, Message);
-      if(Stop)
-         return;
-   }
+   _error->Warning(_("The repository '%s' does not have a Release file. "
+                     "This is deprecated, please contact the owner of the "
+                     "repository."), URIDesc.c_str());
 
 
-   _error->Warning(_("The data from '%s' is not signed. Packages "
-                     "from that repository can not be authenticated."),
-                   URIDesc.c_str());
-
-   // No Release file was present, or verification failed, so fall
+   // No Release file was present so fall
    // back to queueing Packages files without verification
    // only allow going further if the users explicitely wants it
    if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
    {
    // back to queueing Packages files without verification
    // only allow going further if the users explicitely wants it
    if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
    {
-      /* Always move the meta index, even if gpgv failed. This ensures
-       * that PackageFile objects are correctly filled in */
+      // Done, queue for rename on transaction finished
       if (FileExists(DestFile)) 
       if (FileExists(DestFile)) 
-      {
-         string FinalFile = _config->FindDir("Dir::State::lists");
-         FinalFile += URItoFileName(RealURI);
-         /* InRelease files become Release files, otherwise
-          * they would be considered as trusted later on */
-         if (SigFile == DestFile) {
-            RealURI = RealURI.replace(RealURI.rfind("InRelease"), 9,
-                                      "Release");
-            FinalFile = FinalFile.replace(FinalFile.rfind("InRelease"), 9,
-                                          "Release");
-            SigFile = FinalFile;
-         }
-
-         // Done, queue for rename on transaction finished
          TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
          TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
-      }
 
 
+      // queue without any kind of hashsum support
       QueueIndexes(false);
    } else {
       // warn if the repository is unsinged
       QueueIndexes(false);
    } else {
       // warn if the repository is unsinged
@@ -2073,7 +2047,6 @@ void pkgAcqMetaIndex::Failed(string Message,
       Status = StatError;
       return;
    } 
       Status = StatError;
       return;
    } 
-
 }
                                                                        /*}}}*/
 
 }
                                                                        /*}}}*/
 
@@ -2097,39 +2070,17 @@ pkgAcqMetaClearSig::pkgAcqMetaClearSig(pkgAcquire *Owner,               /*{{{*/
        MetaIndexURI(MetaIndexURI), MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc),
        MetaSigURI(MetaSigURI), MetaSigURIDesc(MetaSigURIDesc), MetaSigShortDesc(MetaSigShortDesc)
 {
        MetaIndexURI(MetaIndexURI), MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc),
        MetaSigURI(MetaSigURI), MetaSigURIDesc(MetaSigURIDesc), MetaSigShortDesc(MetaSigShortDesc)
 {
-   SigFile = DestFile;
-
    // index targets + (worst case:) Release/Release.gpg
    ExpectedAdditionalItems = IndexTargets->size() + 2;
 
    // index targets + (worst case:) Release/Release.gpg
    ExpectedAdditionalItems = IndexTargets->size() + 2;
 
-#if 0
-   // keep the old InRelease around in case of transistent network errors
-   string const Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
-   if (RealFileExists(Final) == true)
-   {
-      string const LastGoodSig = DestFile + ".reverify";
-      Rename(Final,LastGoodSig);
-   }
-#endif
 }
                                                                        /*}}}*/
 pkgAcqMetaClearSig::~pkgAcqMetaClearSig()                              /*{{{*/
 {
 }
                                                                        /*}}}*/
 pkgAcqMetaClearSig::~pkgAcqMetaClearSig()                              /*{{{*/
 {
-#if 0
-   // if the file was never queued undo file-changes done in the constructor
-   if (QueueCounter == 1 && Status == StatIdle && FileSize == 0 && Complete == false)
-   {
-      string const Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
-      string const LastGoodSig = DestFile + ".reverify";
-      if (RealFileExists(Final) == false && RealFileExists(LastGoodSig) == true)
-        Rename(LastGoodSig, Final);
-   }
-#endif
 }
                                                                        /*}}}*/
 // pkgAcqMetaClearSig::Custom600Headers - Insert custom request headers        /*{{{*/
 // ---------------------------------------------------------------------
 }
                                                                        /*}}}*/
 // pkgAcqMetaClearSig::Custom600Headers - Insert custom request headers        /*{{{*/
 // ---------------------------------------------------------------------
-// FIXME: this can go away once the InRelease file is used widely
 string pkgAcqMetaClearSig::Custom600Headers() const
 {
    string Final = _config->FindDir("Dir::State::lists");
 string pkgAcqMetaClearSig::Custom600Headers() const
 {
    string Final = _config->FindDir("Dir::State::lists");
@@ -2204,7 +2155,45 @@ void pkgAcqMetaClearSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf) /*
         Dequeue();
    }
    else
         Dequeue();
    }
    else
-      pkgAcqMetaIndex::Failed(Message, Cnf);
+   {
+      if(StopAuthentication(RealURI, Message))
+         return;
+
+      _error->Warning(_("The data from '%s' is not signed. Packages "
+                        "from that repository can not be authenticated."),
+                      URIDesc.c_str());
+
+      // No Release file was present, or verification failed, so fall
+      // back to queueing Packages files without verification
+      // only allow going further if the users explicitely wants it
+      if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
+      {
+         /* Always move the meta index, even if gpgv failed. This ensures
+          * that PackageFile objects are correctly filled in */
+         if (FileExists(DestFile)) 
+         {
+            string FinalFile = _config->FindDir("Dir::State::lists");
+            FinalFile += URItoFileName(RealURI);
+            /* InRelease files become Release files, otherwise
+             * they would be considered as trusted later on */
+            RealURI = RealURI.replace(RealURI.rfind("InRelease"), 9,
+                                      "Release");
+            FinalFile = FinalFile.replace(FinalFile.rfind("InRelease"), 9,
+                                          "Release");
+            
+            
+            // Done, queue for rename on transaction finished
+            TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
+         }
+         QueueIndexes(false);
+      } else {
+         // warn if the repository is unsinged
+         _error->Warning("Use --allow-insecure-repositories to force the update");
+         TransactionManager->AbortTransaction();
+         Status = StatError;
+         return;
+      } 
+   }
 }
                                                                        /*}}}*/
 // AcqArchive::AcqArchive - Constructor                                        /*{{{*/
 }
                                                                        /*}}}*/
 // AcqArchive::AcqArchive - Constructor                                        /*{{{*/
diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h
index f12f5726263ff4e514b5d33e07a86be2c87712b3..e0739dcd2de6dc8c8c6af52a86c227da0f83acda 100644 (file)
--- a/apt-pkg/acquire-item.h
+++ b/apt-pkg/acquire-item.h
@@ -436,9 +436,9 @@ class pkgAcqMetaBase  : public pkgAcquire::Item
     */
    void TransactionStageRemoval(Item *I, const std::string &FinalFile);
 
     */
    void TransactionStageRemoval(Item *I, const std::string &FinalFile);
 
-   // helper for the signature warning
-   bool GenerateAuthWarning(const std::string &RealURI,
-                            const std::string &Message);
+   /** Check if the current item should fail at this point */
+   bool StopAuthentication(const std::string &RealURI,
+                           const std::string &Message);
 
 
    pkgAcqMetaBase(pkgAcquire *Owner,
 
 
    pkgAcqMetaBase(pkgAcquire *Owner,
@@ -524,13 +524,6 @@ class pkgAcqMetaIndex : public pkgAcqMetaBase
     */
    std::string RealURI;
 
     */
    std::string RealURI;
 
-   /** \brief The file in which the signature for this index was stored.
-    *
-    *  If empty, the signature and the md5sums of the individual
-    *  indices will not be checked.
-    */
-   std::string SigFile;
-
    std::string URIDesc;
    std::string ShortDesc;
 
    std::string URIDesc;
    std::string ShortDesc;
 
diff --git a/test/integration/test-apt-get-update-unauth-warning b/test/integration/test-apt-get-update-unauth-warning
index 75863615e0a6f94f49ca19e4b13016f0a3a46d37..37bcea623a94e22a8785e0ad1ac03a29ebae1848 100755 (executable)
--- a/test/integration/test-apt-get-update-unauth-warning
+++ b/test/integration/test-apt-get-update-unauth-warning
@@ -22,7 +22,7 @@ rm -f $APTARCHIVE/dists/unstable/*Release*
 testequal "Ign file: unstable InRelease
 Err file: unstable Release
   
 testequal "Ign file: unstable InRelease
 Err file: unstable Release
   
-W: The data from 'file: unstable Release' is not signed. Packages from that repository can not be authenticated.
+W: The repository 'file: unstable Release' does not have a Release file. This is deprecated, please contact the owner of the repository.
 W: Use --allow-insecure-repositories to force the update
 W: Failed to fetch file:$APTARCHIVE/dists/unstable/Release  
 
 W: Use --allow-insecure-repositories to force the update
 W: Failed to fetch file:$APTARCHIVE/dists/unstable/Release  
 
APT (for Cydia)