* apt-pkg/acquire-item.cc:

  - if no Release.gpg file is found try to verify with hashes,
    but do not fail if a hash can't be found

2 files changed, 26 insertions, 26 deletions

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 566f51606..39ce90dda 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1258,9 +1258,9 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash,	/*{{{*
       if (SigFile == "")
       {
          // There was no signature file, so we are finished.  Download
-         // the indexes and do only hashsum verification
+         // the indexes and do only hashsum verification if possible
          MetaIndexParser->Load(DestFile);
-         QueueIndexes(true);
+         QueueIndexes(false);
       }
       else
       {
@@ -1378,33 +1378,30 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)				/*{{{*/
         ++Target)
    {
       HashString ExpectedIndexHash;
-      if (verify)
+      const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
+      if (Record == NULL)
       {
-	 const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
-	 if (Record == NULL)
+	 if (verify == true && (*Target)->IsOptional() == false)
 	 {
-	    if ((*Target)->IsOptional() == false)
-	    {
-	       Status = StatAuthError;
-	       strprintf(ErrorText, _("Unable to find expected entry '%s' in Release file (Wrong sources.list entry or malformed file)"), (*Target)->MetaKey.c_str());
-	       return;
-	    }
+	    Status = StatAuthError;
+	    strprintf(ErrorText, _("Unable to find expected entry '%s' in Release file (Wrong sources.list entry or malformed file)"), (*Target)->MetaKey.c_str());
+	    return;
 	 }
-	 else
+      }
+      else
+      {
+	 ExpectedIndexHash = Record->Hash;
+	 if (_config->FindB("Debug::pkgAcquire::Auth", false))
 	 {
-	    ExpectedIndexHash = Record->Hash;
-	    if (_config->FindB("Debug::pkgAcquire::Auth", false))
-	    {
-	       std::cerr << "Queueing: " << (*Target)->URI << std::endl;
-	       std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
-	       std::cerr << "For: " << Record->MetaKeyFilename << std::endl;
-	    }
-	    if (ExpectedIndexHash.empty() == true && (*Target)->IsOptional() == false)
-	    {
-	       Status = StatAuthError;
-	       strprintf(ErrorText, _("Unable to find hash sum for '%s' in Release file"), (*Target)->MetaKey.c_str());
-	       return;
-	    }
+	    std::cerr << "Queueing: " << (*Target)->URI << std::endl;
+	    std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
+	    std::cerr << "For: " << Record->MetaKeyFilename << std::endl;
+	 }
+	 if (verify == true && ExpectedIndexHash.empty() == true && (*Target)->IsOptional() == false)
+	 {
+	    Status = StatAuthError;
+	    strprintf(ErrorText, _("Unable to find hash sum for '%s' in Release file"), (*Target)->MetaKey.c_str());
+	    return;
 	 }
       }
 
diff --git a/debian/changelog b/debian/changelog
index 137e3a740..eea258ccb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -14,8 +14,11 @@ apt (0.8.15.7) UNRELEASED; urgency=low
   * cmdline/apt-get.cc:
     - remove the binary caches in 'apt-get clean' as it is the first
       thing recommend by many supporters in case of APT segfaults
+  * apt-pkg/acquire-item.cc:
+    - if no Release.gpg file is found try to verify with hashes,
+      but do not fail if a hash can't be found
 
- -- David Kalnischkies <kalnischkies@gmail.com>  Thu, 18 Aug 2011 11:41:31 +0200
+ -- David Kalnischkies <kalnischkies@gmail.com>  Mon, 22 Aug 2011 22:50:44 +0200
 
 apt (0.8.15.6) unstable; urgency=low