fail early (again) on gpg sig failures

3 files changed, 20 insertions, 40 deletions

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 2d9328b6b..da8402ffc 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -954,32 +954,16 @@ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
 			 HashStringList const  &ExpectedHash, string comprExt)
    : pkgAcqBaseIndex(Owner, 0, NULL, ExpectedHash, NULL), RealURI(URI)
 {
-   if(comprExt.empty() == true)
-   {
-      // autoselect the compression method
-      std::vector<std::string> types = APT::Configuration::getCompressionTypes();
-      for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
-	 comprExt.append(*t).append(" ");
-      if (comprExt.empty() == false)
-	 comprExt.erase(comprExt.end()-1);
-   }
-   CompressionExtension = comprExt;
-
-   Init(URI, URIDesc, ShortDesc);
-}
-#if 0
-pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner, IndexTarget const *Target,
-			 HashStringList const &ExpectedHash, 
-                         indexRecords *MetaIndexParser)
-   : pkgAcqBaseIndex(Owner, Target, ExpectedHash, MetaIndexParser), 
-     RealURI(Target->URI)
-{
-   // autoselect the compression method
    AutoSelectCompression();
-   Init(Target->URI, Target->Description, Target->ShortDesc);
+   Init(URI, URIDesc, ShortDesc);
+
+   if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+      std::clog << "New pkgIndex with TransactionID "
+                << TransactionID << std::endl;
 }
-#endif
 									/*}}}*/
+// AcqIndex::AcqIndex - Constructor					/*{{{*/
+// ---------------------------------------------------------------------
 pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
                          unsigned long TransactionID,
                          IndexTarget const *Target,
@@ -997,6 +981,8 @@ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
                 << TransactionID << std::endl;
 }
 									/*}}}*/
+// AcqIndex::AutoSelectCompression - Select compression			/*{{{*/
+// ---------------------------------------------------------------------
 void pkgAcqIndex::AutoSelectCompression()
 {
    std::vector<std::string> types = APT::Configuration::getCompressionTypes();
@@ -1846,24 +1832,19 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message)			/*{{{*/
 // pkgAcqMetaIndex::Failed - no Release file present or no signature file present	/*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcqMetaIndex::Failed(string /*Message*/,
+void pkgAcqMetaIndex::Failed(string Message,
                              pkgAcquire::MethodConfig * /*Cnf*/)
 {
-#if 0
    if (AuthPass == true)
    {
       // gpgv method failed, if we have a good signature 
-      string LastGoodSigFile = _config->FindDir("Dir::State::lists").append("partial/").append(URItoFileName(RealURI));
+      string LastGoodSigFile = _config->FindDir("Dir::State::lists");
+      LastGoodSigFile += URItoFileName(RealURI);
       if (DestFile != SigFile)
 	 LastGoodSigFile.append(".gpg");
-      LastGoodSigFile.append(".reverify");
 
       if(FileExists(LastGoodSigFile))
       {
-	 string VerifiedSigFile = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
-	 if (DestFile != SigFile)
-	    VerifiedSigFile.append(".gpg");
-	 Rename(LastGoodSigFile, VerifiedSigFile);
 	 Status = StatTransientNetworkError;
 	 _error->Warning(_("An error occurred during the signature "
 			   "verification. The repository is not updated "
@@ -1878,6 +1859,7 @@ void pkgAcqMetaIndex::Failed(string /*Message*/,
 	 _error->Error(_("GPG error: %s: %s"),
 			 Desc.Description.c_str(),
 			 LookupTag(Message,"Message").c_str());
+         Status = StatError;
 	 return;
       } else {
 	 _error->Warning(_("GPG error: %s: %s"),
@@ -1887,7 +1869,6 @@ void pkgAcqMetaIndex::Failed(string /*Message*/,
       // gpgv method failed 
       ReportMirrorFailure("GPGFailure");
    }
-#endif
 
    /* Always move the meta index, even if gpgv failed. This ensures
     * that PackageFile objects are correctly filled in */
diff --git a/apt-pkg/acquire.cc b/apt-pkg/acquire.cc
index 33afd8f1f..15af5d6bd 100644
--- a/apt-pkg/acquire.cc
+++ b/apt-pkg/acquire.cc
@@ -195,8 +195,8 @@ bool pkgAcquire::TransactionHasError(unsigned long TransactionID)
    std::vector<Item*> Transaction;
    for (ItemIterator I = Items.begin(); I != Items.end(); ++I)
       if((*I)->TransactionID == TransactionID)
-         if((*I)->Status == pkgAcquire::Item::StatError ||
-            (*I)->Status == pkgAcquire::Item::StatAuthError)
+         if((*I)->Status != pkgAcquire::Item::StatDone &&
+            (*I)->Status != pkgAcquire::Item::StatIdle)
             return true;
 
    return false;
diff --git a/test/integration/test-apt-update-rollback b/test/integration/test-apt-update-rollback
index c16e4f480..a6297792e 100755
--- a/test/integration/test-apt-update-rollback
+++ b/test/integration/test-apt-update-rollback
@@ -156,14 +156,13 @@ test_inrelease_to_unauth_inrelease() {
     signreleasefiles 'Marvin Paranoid'
     avoid_ims_hit
     
-    testsuccess aptget update -qq
+    testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
 
-    testequal "WARNING: The following packages cannot be authenticated!
-  old
-E: There are problems and -y was used without --force-yes" aptget install -qq -y old
+W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease  
 
-    testfailure ls rootdir/var/lib/apt/lists/*_InRelease
-    testsuccess ls rootdir/var/lib/apt/lists/*_Release
+W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
+
+    testsuccess ls rootdir/var/lib/apt/lists/*_InRelease
 }
 
 TESTDIR=$(readlink -f $(dirname $0))