summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Vogt <mvo@debian.org>2014-07-31 19:24:36 +0200
committerMichael Vogt <mvo@debian.org>2014-07-31 19:24:36 +0200
commit21638c3af355b3997fadd169495551568af6acfe (patch)
treef29b64cc8610f8e6516b7ef1677953244e96434b
parentc5fced388848b967f0ce076656cad5366517f981 (diff)
fail early (again) on gpg sig failures
-rw-r--r--apt-pkg/acquire-item.cc45
-rw-r--r--apt-pkg/acquire.cc4
-rwxr-xr-xtest/integration/test-apt-update-rollback11
3 files changed, 20 insertions, 40 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 2d9328b6b..da8402ffc 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -954,32 +954,16 @@ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
HashStringList const &ExpectedHash, string comprExt)
: pkgAcqBaseIndex(Owner, 0, NULL, ExpectedHash, NULL), RealURI(URI)
{
- if(comprExt.empty() == true)
- {
- // autoselect the compression method
- std::vector<std::string> types = APT::Configuration::getCompressionTypes();
- for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
- comprExt.append(*t).append(" ");
- if (comprExt.empty() == false)
- comprExt.erase(comprExt.end()-1);
- }
- CompressionExtension = comprExt;
-
- Init(URI, URIDesc, ShortDesc);
-}
-#if 0
-pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner, IndexTarget const *Target,
- HashStringList const &ExpectedHash,
- indexRecords *MetaIndexParser)
- : pkgAcqBaseIndex(Owner, Target, ExpectedHash, MetaIndexParser),
- RealURI(Target->URI)
-{
- // autoselect the compression method
AutoSelectCompression();
- Init(Target->URI, Target->Description, Target->ShortDesc);
+ Init(URI, URIDesc, ShortDesc);
+
+ if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+ std::clog << "New pkgIndex with TransactionID "
+ << TransactionID << std::endl;
}
-#endif
/*}}}*/
+// AcqIndex::AcqIndex - Constructor /*{{{*/
+// ---------------------------------------------------------------------
pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
unsigned long TransactionID,
IndexTarget const *Target,
@@ -997,6 +981,8 @@ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
<< TransactionID << std::endl;
}
/*}}}*/
+// AcqIndex::AutoSelectCompression - Select compression /*{{{*/
+// ---------------------------------------------------------------------
void pkgAcqIndex::AutoSelectCompression()
{
std::vector<std::string> types = APT::Configuration::getCompressionTypes();
@@ -1846,24 +1832,19 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message) /*{{{*/
// pkgAcqMetaIndex::Failed - no Release file present or no signature file present /*{{{*/
// ---------------------------------------------------------------------
/* */
-void pkgAcqMetaIndex::Failed(string /*Message*/,
+void pkgAcqMetaIndex::Failed(string Message,
pkgAcquire::MethodConfig * /*Cnf*/)
{
-#if 0
if (AuthPass == true)
{
// gpgv method failed, if we have a good signature
- string LastGoodSigFile = _config->FindDir("Dir::State::lists").append("partial/").append(URItoFileName(RealURI));
+ string LastGoodSigFile = _config->FindDir("Dir::State::lists");
+ LastGoodSigFile += URItoFileName(RealURI);
if (DestFile != SigFile)
LastGoodSigFile.append(".gpg");
- LastGoodSigFile.append(".reverify");
if(FileExists(LastGoodSigFile))
{
- string VerifiedSigFile = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
- if (DestFile != SigFile)
- VerifiedSigFile.append(".gpg");
- Rename(LastGoodSigFile, VerifiedSigFile);
Status = StatTransientNetworkError;
_error->Warning(_("An error occurred during the signature "
"verification. The repository is not updated "
@@ -1878,6 +1859,7 @@ void pkgAcqMetaIndex::Failed(string /*Message*/,
_error->Error(_("GPG error: %s: %s"),
Desc.Description.c_str(),
LookupTag(Message,"Message").c_str());
+ Status = StatError;
return;
} else {
_error->Warning(_("GPG error: %s: %s"),
@@ -1887,7 +1869,6 @@ void pkgAcqMetaIndex::Failed(string /*Message*/,
// gpgv method failed
ReportMirrorFailure("GPGFailure");
}
-#endif
/* Always move the meta index, even if gpgv failed. This ensures
* that PackageFile objects are correctly filled in */
diff --git a/apt-pkg/acquire.cc b/apt-pkg/acquire.cc
index 33afd8f1f..15af5d6bd 100644
--- a/apt-pkg/acquire.cc
+++ b/apt-pkg/acquire.cc
@@ -195,8 +195,8 @@ bool pkgAcquire::TransactionHasError(unsigned long TransactionID)
std::vector<Item*> Transaction;
for (ItemIterator I = Items.begin(); I != Items.end(); ++I)
if((*I)->TransactionID == TransactionID)
- if((*I)->Status == pkgAcquire::Item::StatError ||
- (*I)->Status == pkgAcquire::Item::StatAuthError)
+ if((*I)->Status != pkgAcquire::Item::StatDone &&
+ (*I)->Status != pkgAcquire::Item::StatIdle)
return true;
return false;
diff --git a/test/integration/test-apt-update-rollback b/test/integration/test-apt-update-rollback
index c16e4f480..a6297792e 100755
--- a/test/integration/test-apt-update-rollback
+++ b/test/integration/test-apt-update-rollback
@@ -156,14 +156,13 @@ test_inrelease_to_unauth_inrelease() {
signreleasefiles 'Marvin Paranoid'
avoid_ims_hit
- testsuccess aptget update -qq
+ testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
- testequal "WARNING: The following packages cannot be authenticated!
- old
-E: There are problems and -y was used without --force-yes" aptget install -qq -y old
+W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease
- testfailure ls rootdir/var/lib/apt/lists/*_InRelease
- testsuccess ls rootdir/var/lib/apt/lists/*_Release
+W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
+
+ testsuccess ls rootdir/var/lib/apt/lists/*_InRelease
}
TESTDIR=$(readlink -f $(dirname $0))