From: Michael Vogt <mvo@ubuntu.com>
Date: Thu, 8 May 2014 07:48:51 +0000 (+0200)
Subject: Merge remote-tracking branch 'mvo/bugfix/update-progress-reporting' into debian/exper... 
X-Git-Tag: 1.1.exp1~28
X-Git-Url: https://git.saurik.com/apt.git/commitdiff_plain/864a3375f7bf0b3772f4f2ae212b802f6cab5ff9?hp=-c

Merge remote-tracking branch 'mvo/bugfix/update-progress-reporting' into debian/experimental
---

864a3375f7bf0b3772f4f2ae212b802f6cab5ff9
diff --combined apt-pkg/acquire-item.cc
index 07be72124,d347efa54..913764f64
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@@ -936,6 -936,8 +936,8 @@@ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Ow
     }
     CompressionExtension = comprExt;
  
+    Verify = true;
+ 
     Init(URI, URIDesc, ShortDesc);
  }
  pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner, IndexTarget const *Target,
@@@ -1468,20 -1470,9 +1470,20 @@@ void pkgAcqMetaIndex::Done(string Messa
        }
        else
        {
 +         // FIXME: move this into pkgAcqMetaClearSig::Done on the next
 +         //        ABI break
 +
 +         // if we expect a ClearTextSignature (InRelase), ensure that
 +         // this is what we get and if not fail to queue a 
 +         // Release/Release.gpg, see #346386
 +         if (SigFile == DestFile && !StartsWithGPGClearTextSignature(DestFile))
 +         {
 +            Failed(Message, Cfg);
 +            return;
 +         }
 +
           // There was a signature file, so pass it to gpgv for
           // verification
 -
           if (_config->FindB("Debug::pkgAcquire::Auth", false))
              std::cerr << "Metaindex acquired, queueing gpg verification ("
                        << SigFile << "," << DestFile << ")\n";
@@@ -2145,8 -2136,7 +2147,8 @@@ void pkgAcqArchive::Done(string Message
     }
     
     // Check the hash
 -   if(ExpectedHash.toStr() != CalcHash)
 +   // FIXME: could this empty() check impose *any* sort of security issue?
 +   if(ExpectedHash.empty() == false && ExpectedHash.toStr() != CalcHash)
     {
        RenameOnError(HashSumMismatch);
        return;
diff --combined test/integration/framework
index 7c5da3694,eda3cebad..ab1274d9c
--- a/test/integration/framework
+++ b/test/integration/framework
@@@ -128,7 -128,10 +128,10 @@@ dpkgcheckbuilddeps() 
  }
  gdb() {
  	echo "gdb: run »$*«"
- 	APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${LIBRARYPATH} command gdb ${BUILDDIRECTORY}/$1 --args "$@"
+ 	CMD="$1"
+ 	shift
+ 
+ 	APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${LIBRARYPATH} command gdb ${BUILDDIRECTORY}/$CMD --args ${BUILDDIRECTORY}/$CMD "$@"
  }
  gpg() {
  	# see apt-key for the whole trickery. Setup is done in setupenvironment
@@@ -241,8 -244,7 +244,8 @@@ setupenvironment() 
  	gpg --quiet --check-trustdb --secret-keyring $SECRETKEYRING --keyring $SECRETKEYRING >/dev/null 2>&1
  
  	# cleanup the environment a bit
 -	export PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
 +        # prefer our apt binaries over the system apt binaries
 +	export PATH="${BUILDDIRECTORY}:${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
  	export LC_ALL=C.UTF-8
  	unset LANGUAGE APT_CONFIG
  	unset GREP_OPTIONS DEB_BUILD_PROFILES