From 89901946f936446f439b95f1a9a85ac942ac2c92 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 29 Apr 2016 16:48:16 +0200 Subject: [PATCH] support Signed-By in Release files as a sort of HPKP Users have the option since apt >= 1.1 to enforce that a Release file is signed with specific key(s) either via keyring filename or fingerprints. This commit adds an entry with the same name and value (except that it doesn't accept filenames for obvious reasons) to the Release file so that the repository owner can set a default value for this setting effecting the *next* Release file, not the current one, which provides a functionality similar "HTTP Public Key Pinning". The pinning is in effect as long as the (then old) Release file is considered valid, but it is also ignored if the Release file has no Valid-Until at all. --- apt-pkg/deb/debmetaindex.cc | 56 ++++++++++++++++++- doc/sources.list.5.xml | 6 +- po/apt-all.pot | 7 +-- po/ar.po | 7 +-- po/ast.po | 9 +-- po/bg.po | 9 +-- po/bs.po | 7 +-- po/ca.po | 9 +-- po/cs.po | 9 +-- po/cy.po | 8 +-- po/da.po | 9 +-- po/de.po | 9 +-- po/dz.po | 7 +-- po/el.po | 7 +-- po/es.po | 9 +-- po/eu.po | 7 +-- po/fi.po | 7 +-- po/fr.po | 9 +-- po/gl.po | 9 +-- po/hu.po | 9 +-- po/it.po | 9 +-- po/ja.po | 9 +-- po/ko.po | 9 +-- po/ku.po | 7 +-- po/lt.po | 7 +-- po/mr.po | 7 +-- po/nb.po | 9 +-- po/ne.po | 7 +-- po/nl.po | 9 +-- po/nn.po | 7 +-- po/pl.po | 9 +-- po/pt.po | 9 +-- po/pt_BR.po | 7 +-- po/ro.po | 7 +-- po/ru.po | 9 +-- po/sk.po | 9 +-- po/sl.po | 9 +-- po/sv.po | 9 +-- po/th.po | 9 +-- po/tl.po | 7 +-- po/tr.po | 9 +-- po/uk.po | 9 +-- po/vi.po | 10 +--- po/zh_CN.po | 9 +-- po/zh_TW.po | 7 +-- .../integration/test-releasefile-verification | 52 ++++++++++++++++- 46 files changed, 177 insertions(+), 292 deletions(-) diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc index 5b84ea5e8..d152eaf68 100644 --- a/apt-pkg/deb/debmetaindex.cc +++ b/apt-pkg/deb/debmetaindex.cc @@ -442,7 +442,7 @@ bool debReleaseIndex::Load(std::string const &Filename, std::string * const Erro std::string const StrDate = Section.FindS("Date"); if (RFC1123StrToTime(StrDate.c_str(), Date) == false) { - _error->Warning( _("Invalid 'Date' entry in Release file %s"), Filename.c_str()); + _error->Warning( _("Invalid '%s' entry in Release file %s"), "Date", Filename.c_str()); Date = 0; } @@ -463,7 +463,7 @@ bool debReleaseIndex::Load(std::string const &Filename, std::string * const Erro if(RFC1123StrToTime(StrValidUntil.c_str(), ValidUntil) == false) { if (ErrorText != NULL) - strprintf(*ErrorText, _("Invalid 'Valid-Until' entry in Release file %s"), Filename.c_str()); + strprintf(*ErrorText, _("Invalid '%s' entry in Release file %s"), "Valid-Until", Filename.c_str()); return false; } } @@ -498,6 +498,33 @@ bool debReleaseIndex::Load(std::string const &Filename, std::string * const Erro } } + /* as the Release file is parsed only after it was verified, the Signed-By field + does not effect the current, but the "next" Release file */ + auto Sign = Section.FindS("Signed-By"); + if (Sign.empty() == false) + { + std::transform(Sign.begin(), Sign.end(), Sign.begin(), [&](char const c) { + return (isspace(c) == 0) ? c : ','; + }); + auto fingers = VectorizeString(Sign, ','); + std::transform(fingers.begin(), fingers.end(), fingers.begin(), [&](std::string finger) { + std::transform(finger.begin(), finger.end(), finger.begin(), ::toupper); + if (finger.length() != 40 || finger.find_first_not_of("0123456789ABCDEF") != std::string::npos) + { + if (ErrorText != NULL) + strprintf(*ErrorText, _("Invalid '%s' entry in Release file %s"), "Signed-By", Filename.c_str()); + return std::string(); + } + return finger; + }); + if (fingers.empty() == false && std::find(fingers.begin(), fingers.end(), "") == fingers.end()) + { + std::stringstream os; + std::copy(fingers.begin(), fingers.end(), std::ostream_iterator(os, ",")); + SignedBy = os.str(); + } + } + LoadedSuccessfully = TRI_YES; return true; } @@ -956,7 +983,30 @@ class APT_HIDDEN debSLTypeDebian : public pkgSourceList::Type /*{{{*/ std::map::const_iterator const signedby = Options.find("signed-by"); if (signedby == Options.end()) { - if (Deb->SetSignedBy("") == false) + bool alreadySet = false; + std::string filename; + if (ReleaseFileName(Deb, filename)) + { + auto OldDeb = Deb->UnloadedClone(); + _error->PushToStack(); + OldDeb->Load(filename, nullptr); + bool const goodLoad = _error->PendingError() == false; + _error->RevertToStack(); + if (goodLoad) + { + if (OldDeb->GetValidUntil() > 0) + { + time_t const invalid_since = time(NULL) - OldDeb->GetValidUntil(); + if (invalid_since <= 0) + { + Deb->SetSignedBy(OldDeb->GetSignedBy()); + alreadySet = true; + } + } + } + delete OldDeb; + } + if (alreadySet == false && Deb->SetSignedBy("") == false) return false; } else diff --git a/doc/sources.list.5.xml b/doc/sources.list.5.xml index 07455735f..e8d88921d 100644 --- a/doc/sources.list.5.xml +++ b/doc/sources.list.5.xml @@ -291,8 +291,10 @@ deb-src [ option1=value1 option2=value2 ] uri suite [component1] [component2] [. (see apt-key fingerprint). If the option is set, only the key(s) in this keyring or only the keys with these fingerprints are used for the &apt-secure; verification of this - repository. Otherwise all keys in the trusted keyrings are - considered valid signers for this repository. + repository. Defaults to the value of the option with the same name + if set in the previously acquired Release file. + Otherwise all keys in the trusted keyrings are considered valid + signers for this repository. () diff --git a/po/apt-all.pot b/po/apt-all.pot index 0b3760793..f4b480e64 100644 --- a/po/apt-all.pot +++ b/po/apt-all.pot @@ -3006,12 +3006,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/ar.po b/po/ar.po index 05a62bc68..ebe747ebb 100644 --- a/po/ar.po +++ b/po/ar.po @@ -3067,12 +3067,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "تعذر فتح ملف قاعدة البيانات %s: %s" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "لاحظ، تحديد %s بدلاً من %s\n" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/ast.po b/po/ast.po index f3a65f7b3..739759eaa 100644 --- a/po/ast.po +++ b/po/ast.po @@ -3194,13 +3194,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Entrada inválida pa 'Date' nel ficheru release %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Entrada inválida pa 'Valid-Until' nel ficheru release %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Entrada inválida pa '%s' nel ficheru release %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/bg.po b/po/bg.po index cb3cd96d7..22962cb8f 100644 --- a/po/bg.po +++ b/po/bg.po @@ -3231,13 +3231,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Неправилна стойност за „Date“ във файла Release %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Неправилна стойност за „Valid-Until“ във файла Release %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Неправилна стойност за „%s“ във файла Release %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/bs.po b/po/bs.po index 974518689..f83a12d03 100644 --- a/po/bs.po +++ b/po/bs.po @@ -3047,14 +3047,9 @@ msgid "" "security purposes" msgstr "" -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Ne mogu otvoriti DB datoteku %s" - #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/ca.po b/po/ca.po index e86b8ea7e..34f3476db 100644 --- a/po/ca.po +++ b/po/ca.po @@ -3234,13 +3234,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "El camp «Date» al fitxer Release %s és invàlid" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "El camp «Valid-Until» al fitxer Release %s és invàlid" +msgid "Invalid '%s' entry in Release file %s" +msgstr "El camp «%s» al fitxer Release %s és invàlid" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/cs.po b/po/cs.po index b0c165b7e..85fc8d25b 100644 --- a/po/cs.po +++ b/po/cs.po @@ -3200,13 +3200,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Neplatná položka „Date“ v Release souboru %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Neplatná položka „Valid-Until“ v Release souboru %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Neplatná položka „%s“ v Release souboru %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/cy.po b/po/cy.po index 0ea21f927..d7b6e709a 100644 --- a/po/cy.po +++ b/po/cy.po @@ -3229,15 +3229,9 @@ msgid "" "security purposes" msgstr "" -# FIXME: number? -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Ni ellir gramadegu ffeil becynnau %s (1)" - #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "Llinell annilys yn y ffeil dargyfeirio: %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/da.po b/po/da.po index 7cd4effb0..b3958c3b6 100644 --- a/po/da.po +++ b/po/da.po @@ -3214,13 +3214,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Ugyldigt punkt »Date« i udgivelsesfil %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Ugyldigt punkt »Valid-Until« i udgivelsesfil %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Ugyldigt punkt »%s« i udgivelsesfil %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/de.po b/po/de.po index cbabbc130..dbf48aa75 100644 --- a/po/de.po +++ b/po/de.po @@ -3303,13 +3303,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Ungültiger »Date«-Eintrag in Release-Datei %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Ungültiger »Valid-Until«-Eintrag in Release-Datei %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Ungültiger »%s«-Eintrag in Release-Datei %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/dz.po b/po/dz.po index 08362218b..9b31d7b32 100644 --- a/po/dz.po +++ b/po/dz.po @@ -3183,12 +3183,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "%s (༡་)་ཐུམ་སྒྲིལ་ཡིག་སྣོད་འདི་མིང་དཔྱད་འབད་མ་ཚུགས།" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "%s་ཁ་ཕྱོགས་ཡིག་སྣོད་ནང་ནུས་མེད་གྲལ་ཐིག" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/el.po b/po/el.po index c2b37f24d..589eea0ed 100644 --- a/po/el.po +++ b/po/el.po @@ -3212,12 +3212,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Αδύνατη η ανάλυση του αρχείου πακέτου %s (1)" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "Μη έγκυρη γραμμή στο αρχείο παρακάμψεων: %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/es.po b/po/es.po index 119c57624..e50e5b02e 100644 --- a/po/es.po +++ b/po/es.po @@ -3368,13 +3368,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Entrada «Date» inválida en el archivo «Release» %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Entrada «Valid-Until» inválida en el archivo «Release» %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Entrada «%s» inválida en el archivo «Release» %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/eu.po b/po/eu.po index 3425a3a74..cdf682370 100644 --- a/po/eu.po +++ b/po/eu.po @@ -3183,12 +3183,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Ezin da %s pakete fitxategia analizatu (1)" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "Lerro baliogabea desbideratze fitxategian: %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/fi.po b/po/fi.po index f4d2bb054..5a2dc57bb 100644 --- a/po/fi.po +++ b/po/fi.po @@ -3174,12 +3174,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Pakettitiedostoa %s (1) ei voi jäsentää" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "Virheellinen rivi korvautustiedostossa: %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/fr.po b/po/fr.po index f26a63388..534c187cf 100644 --- a/po/fr.po +++ b/po/fr.po @@ -3287,13 +3287,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Entrée « Date » non valable dans le fichier Release %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Entrée « Valid-Until » non valable dans le fichier Release %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Entrée « %s » non valable dans le fichier Release %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/gl.po b/po/gl.po index 132ac77ce..f578b154e 100644 --- a/po/gl.po +++ b/po/gl.po @@ -3228,13 +3228,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "A entrada «Date» no ficheiro de publicación %s non é válida" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "A entrada «Valid-Until» no ficheiro de publicación %s non é válida" +msgid "Invalid '%s' entry in Release file %s" +msgstr "A entrada «%s» no ficheiro de publicación %s non é válida" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/hu.po b/po/hu.po index efde6d6a6..5a01d37eb 100644 --- a/po/hu.po +++ b/po/hu.po @@ -3273,13 +3273,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Érvénytelen „Date” bejegyzés a(z) %s Release fájlban" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Érvénytelen „Valid-Until” bejegyzés a(z) %s Release fájlban" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Érvénytelen „%s” bejegyzés a(z) %s Release fájlban" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/it.po b/po/it.po index 3b0eb4c67..1b6160e9e 100644 --- a/po/it.po +++ b/po/it.po @@ -3270,13 +3270,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Voce \"Date\" nel file Release %s non valida" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Voce \"Valid-Until\" nel file Release %s non valida" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Voce \"%s\" nel file Release %s non valida" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/ja.po b/po/ja.po index 4107bd51d..a1706a6d3 100644 --- a/po/ja.po +++ b/po/ja.po @@ -3265,13 +3265,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Release ファイル %s に無効な 'Date' エントリがあります" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Release ファイル %s に無効な 'Valid-Until' エントリがあります" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Release ファイル %s に無効な '%s' エントリがあります" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/ko.po b/po/ko.po index 9fa5ed445..5ac58b2ac 100644 --- a/po/ko.po +++ b/po/ko.po @@ -3162,13 +3162,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Release 파일 %s에 'Date' 항목이 잘못되었습니다" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Release 파일 %s에 'Valid-Until' 항목이 잘못되었습니다" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Release 파일 %s에 '%s' 항목이 잘못되었습니다" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/ku.po b/po/ku.po index f09cb16ed..60303c6e5 100644 --- a/po/ku.po +++ b/po/ku.po @@ -3062,14 +3062,9 @@ msgid "" "security purposes" msgstr "" -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Pakêt nehate dîtin %s" - #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/lt.po b/po/lt.po index 6ebf6c769..cf5208dbe 100644 --- a/po/lt.po +++ b/po/lt.po @@ -3155,12 +3155,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Nepavyko atverti DB failo %s: %s" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "Pastaba: pažymimas %s vietoje %s\n" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/mr.po b/po/mr.po index 11cdacb43..c7d10f744 100644 --- a/po/mr.po +++ b/po/mr.po @@ -3156,12 +3156,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "%s (1) पॅकेज फाईल पार्स करण्यात असमर्थ" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "%s डायव्हर्जन फाईलमध्ये अवैध ओळ आहे:" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/nb.po b/po/nb.po index 1b1801e22..70dbe3bec 100644 --- a/po/nb.po +++ b/po/nb.po @@ -3198,13 +3198,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Ugyldig «Date»-oppføring i Release-fila %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Ugyldig «Valid-Until»-oppføring i Release-fila %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Ugyldig «%s»-oppføring i Release-fila %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/ne.po b/po/ne.po index ff2896312..aabb3bdd1 100644 --- a/po/ne.po +++ b/po/ne.po @@ -3156,12 +3156,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "प्याकेज फाइल पद वर्णन गर्न असक्षम %s (१)" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "घुमाउरो फाइलमा अवैध लाइन:%s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/nl.po b/po/nl.po index 202fa5705..f65806713 100644 --- a/po/nl.po +++ b/po/nl.po @@ -3320,13 +3320,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Ongeldige 'Date'-vermelding in Release-bestand %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Ongeldige 'Valid-Until'-vermelding in Release-bestand %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Ongeldige '%s'-vermelding in Release-bestand %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/nn.po b/po/nn.po index 4c22ef947..28d4ca1f9 100644 --- a/po/nn.po +++ b/po/nn.po @@ -3171,12 +3171,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Klarte ikkje tolka pakkefila %s (1)" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "Ugyldig linje i avleiingsfila: %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/pl.po b/po/pl.po index f3517fc7f..ab4226754 100644 --- a/po/pl.po +++ b/po/pl.po @@ -3262,13 +3262,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Nieprawidłowy wpis Date w pliku Release %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Nieprawidłowy wpis Valid-Until w pliku Release %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Nieprawidłowy wpis %s w pliku Release %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/pt.po b/po/pt.po index a73f4d12e..1a2f96591 100644 --- a/po/pt.po +++ b/po/pt.po @@ -3238,13 +3238,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Entrada, 'Date', inválida no ficheiro Release %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Entrada inválida, 'Valid-until', no ficheiro de Release: %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Entrada inválida, '%s', no ficheiro de Release: %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/pt_BR.po b/po/pt_BR.po index 72999ca98..0dcce7983 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -3195,12 +3195,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Impossível analisar arquivo de pacote %s (1)" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "Linha inválida no arquivo de desvios: %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/ro.po b/po/ro.po index cc887e72e..ab86ba421 100644 --- a/po/ro.po +++ b/po/ro.po @@ -3211,12 +3211,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Nu s-a putut analiza fișierul pachet %s (1)" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "Linie necorespunzătoare în fișierul-redirectare: %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/ru.po b/po/ru.po index 0f2d58dff..d831a6728 100644 --- a/po/ru.po +++ b/po/ru.po @@ -3258,13 +3258,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Неправильный элемент «Date» в файле Release %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Неправильный элемент «Valid-Until» в файле Release %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Неправильный элемент «%s» в файле Release %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/sk.po b/po/sk.po index 88c9ad6ae..7646a62d6 100644 --- a/po/sk.po +++ b/po/sk.po @@ -3212,13 +3212,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Chýba položka „Date“ v súbore Release %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Chýba položka „Valid-Until“ v súbore Release %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Chýba položka „%s“ v súbore Release %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/sl.po b/po/sl.po index b6d621152..f3500e38f 100644 --- a/po/sl.po +++ b/po/sl.po @@ -3215,13 +3215,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Neveljavne vnos 'Datum' v Release datoteki %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Neveljaven vnos 'Veljavno-do' v Release datoteki %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Neveljaven vnos '%s' v Release datoteki %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/sv.po b/po/sv.po index 3580937c2..2582689aa 100644 --- a/po/sv.po +++ b/po/sv.po @@ -3238,13 +3238,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Ogiltig ”Date”-post i Release-filen %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Ogiltig ”Valid-Until”-post i Release-filen %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Ogiltig ”%s”-post i Release-filen %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/th.po b/po/th.po index 45680fbc5..ab13fedbd 100644 --- a/po/th.po +++ b/po/th.po @@ -3142,13 +3142,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "รายการ 'Date' ไม่ถูกต้องในแฟ้ม Release %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "รายการ 'Valid-Until' ไม่ถูกต้องในแฟ้ม Release %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "รายการ '%s' ไม่ถูกต้องในแฟ้ม Release %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/tl.po b/po/tl.po index a0801808e..b7fe79ba0 100644 --- a/po/tl.po +++ b/po/tl.po @@ -3191,12 +3191,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Hindi ma-parse ang talaksang pakete %s (1)" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "Di tanggap na linya sa talaksang diversion: %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/tr.po b/po/tr.po index dc002e2cb..05154f1cf 100644 --- a/po/tr.po +++ b/po/tr.po @@ -3238,13 +3238,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "'Release' dosyasında (%s) geçersiz 'Date' girdisi" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "'Release' dosyasında (%s) geçersiz 'Valid-Until' girdisi" +msgid "Invalid '%s' entry in Release file %s" +msgstr "'Release' dosyasında (%2$s) geçersiz '%1$s' girdisi" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/uk.po b/po/uk.po index b89010177..6f3141c05 100644 --- a/po/uk.po +++ b/po/uk.po @@ -3259,13 +3259,8 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "Невірний запис 'Date' у 'Release' файлі %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "Невірний запис 'Valid-Until' у 'Release' файлі %s" +msgid "Invalid '%s' entry in Release file %s" +msgstr "Невірний запис '%s' у 'Release' файлі %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/vi.po b/po/vi.po index 48ce7e966..b8bc451d8 100644 --- a/po/vi.po +++ b/po/vi.po @@ -3233,15 +3233,9 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "" -"Gặp mục tin “Date” (ngày tháng) không hợp lệ trong tập tin Phát hành %s" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "" -"Gặp mục tin “Valid-Until” (hợp lệ đến khi) không hợp lệ trong tập tin Phát " +"Gặp mục tin “%s” (hợp lệ đến khi) không hợp lệ trong tập tin Phát " "hành %s" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/po/zh_CN.po b/po/zh_CN.po index a1fc57f42..db479f521 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -3153,13 +3153,8 @@ msgstr "Release 文件 %s 中不含散列项,该文件用于保证足够的安 #: apt-pkg/deb/debmetaindex.cc #, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "软件包仓库 Release 文件 %s 内 Date 条目无效" - -#: apt-pkg/deb/debmetaindex.cc -#, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" -msgstr "软件包仓库 Release 文件 %s 内 Valid-Until 条目无效" +msgid "Invalid '%s' entry in Release file %s" +msgstr "软件包仓库 Release 文件 %2$s 内 %1$s 条目无效" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite #: apt-pkg/deb/debmetaindex.cc diff --git a/po/zh_TW.po b/po/zh_TW.po index b311eacc8..4d9af1bbb 100644 --- a/po/zh_TW.po +++ b/po/zh_TW.po @@ -3140,12 +3140,7 @@ msgstr "" #: apt-pkg/deb/debmetaindex.cc #, fuzzy, c-format -msgid "Invalid 'Date' entry in Release file %s" -msgstr "在 Release 檔 %s 裡沒有 Hash 項目" - -#: apt-pkg/deb/debmetaindex.cc -#, fuzzy, c-format -msgid "Invalid 'Valid-Until' entry in Release file %s" +msgid "Invalid '%s' entry in Release file %s" msgstr "在 Release 檔 %s 裡沒有 Hash 項目" #. TRANSLATOR: The first is an option name from sources.list manpage, the other two URI and Suite diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index e2e1b5b76..24e7830aa 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -29,7 +29,7 @@ prepare() { cp "$1" aptarchive/Packages find aptarchive -name 'Release' -delete compressfile 'aptarchive/Packages' "$DATE" - generatereleasefiles "$DATE" + generatereleasefiles "$DATE" 'now + 1 month' } installaptold() { @@ -47,6 +47,7 @@ Download complete and in download only mode" aptget install apt -dy } installaptnew() { + rm -rf rootdir/var/cache/apt/archives testsuccessequal "Reading package lists... Building dependency tree... Suggested packages: @@ -301,6 +302,55 @@ runtest() { rm -f rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg sed -i "s#^\(deb\(-src\)\?\) \[signed-by=${MARVIN},${SIXPACK}\] #\1 #" rootdir/etc/apt/sources.list.d/* + rm -rf rootdir/var/lib/apt/lists-bak + cp -a rootdir/var/lib/apt/lists rootdir/var/lib/apt/lists-bak + prepare "${PKGFILE}-new" + signreleasefiles 'Joe Sixpack' + find aptarchive/ -name "$DELETEFILE" -delete + + msgmsg 'Warm archive with signed-by' 'Joe Sixpack' + sed -i "/^Valid-Until: / a\ +Signed-By: ${SIXPACK}" rootdir/var/lib/apt/lists/*Release + touch -d 'now - 1 year' rootdir/var/lib/apt/lists/*Release + successfulaptgetupdate + testsuccessequal "$(cat "${PKGFILE}-new") +" aptcache show apt + installaptnew + + msgmsg 'Warm archive with signed-by' 'Marvin Paranoid' + rm -rf rootdir/var/lib/apt/lists + cp -a rootdir/var/lib/apt/lists-bak rootdir/var/lib/apt/lists + sed -i "/^Valid-Until: / a\ +Signed-By: ${MARVIN}" rootdir/var/lib/apt/lists/*Release + touch -d 'now - 1 year' rootdir/var/lib/apt/lists/*Release + updatewithwarnings 'W: .* public key is not available: GOODSIG' + testsuccessequal "$(cat "${PKGFILE}") +" aptcache show apt + installaptold + + msgmsg 'Warm archive with outdated signed-by' 'Marvin Paranoid' + rm -rf rootdir/var/lib/apt/lists + cp -a rootdir/var/lib/apt/lists-bak rootdir/var/lib/apt/lists + sed -i "/^Valid-Until: / a\ +Valid-Until: $(date -u -d "now - 2min" '+%a, %d %b %Y %H:%M:%S %Z') \\ +Signed-By: ${MARVIN}" rootdir/var/lib/apt/lists/*Release + touch -d 'now - 1 year' rootdir/var/lib/apt/lists/*Release + successfulaptgetupdate + testsuccessequal "$(cat "${PKGFILE}-new") +" aptcache show apt + installaptnew + + msgmsg 'Warm archive with two signed-bys' 'Joe Sixpack' + rm -rf rootdir/var/lib/apt/lists + cp -a rootdir/var/lib/apt/lists-bak rootdir/var/lib/apt/lists + sed -i "/^Valid-Until: / a\ +Signed-By: ${MARVIN} ${MARVIN}, \\ + ${SIXPACK}" rootdir/var/lib/apt/lists/*Release + touch -d 'now - 1 year' rootdir/var/lib/apt/lists/*Release + successfulaptgetupdate + testsuccessequal "$(cat "${PKGFILE}-new") +" aptcache show apt + installaptnew } runtest2() { -- 2.45.2