Merge branch 'inrelease-path' into 'master'

Introduce inrelease-path option for sources.list

See merge request apt-team/apt!2

6 files changed, 66 insertions, 5 deletions

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 611876dd2..7fcc5867a 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1324,9 +1324,13 @@ bool pkgAcqMetaBase::CheckDownloadDone(pkgAcqTransactionItem * const I, const st
    // Save the final base URI we got this Release file from
    if (I->UsedMirror.empty() == false && _config->FindB("Acquire::SameMirrorForAllIndexes", true))
    {
-      if (APT::String::Endswith(I->Desc.URI, "InRelease"))
+      auto InReleasePath = Target.Option(IndexTarget::INRELEASE_PATH);
+      if (InReleasePath.empty())
+	 InReleasePath = "InRelease";
+
+      if (APT::String::Endswith(I->Desc.URI, InReleasePath))
       {
-	 TransactionManager->BaseURI = I->Desc.URI.substr(0, I->Desc.URI.length() - strlen("InRelease"));
+	 TransactionManager->BaseURI = I->Desc.URI.substr(0, I->Desc.URI.length() - InReleasePath.length());
 	 TransactionManager->UsedMirror = I->UsedMirror;
       }
       else if (APT::String::Endswith(I->Desc.URI, "Release"))
@@ -1871,6 +1875,7 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c
       auto const failreason = LookupTag(Message, "FailReason");
       auto const httperror = "HttpError";
       if (Status == StatAuthError ||
+	  Target.Option(IndexTarget::INRELEASE_PATH).empty() == false || /* do not fallback if InRelease was requested */
 	  (strncmp(failreason.c_str(), httperror, strlen(httperror)) == 0 &&
 	   failreason != "HttpError404"))
       {
@@ -1880,7 +1885,7 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c
 	 // as this is gonna fail anyway and instead abort our try (LP#346386)
 	 _error->PushToStack();
 	 _error->Error(_("Failed to fetch %s  %s"), Target.URI.c_str(), ErrorText.c_str());
-	 if (AllowInsecureRepositories(InsecureType::UNSIGNED, Target.Description, TransactionManager->MetaIndexParser, TransactionManager, this) == true)
+	 if (Target.Option(IndexTarget::INRELEASE_PATH).empty() == true && AllowInsecureRepositories(InsecureType::UNSIGNED, Target.Description, TransactionManager->MetaIndexParser, TransactionManager, this) == true)
 	    _error->RevertToStack();
 	 else
 	    return;
@@ -1941,7 +1946,19 @@ pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire * const Owner,		/*{{{*/
    Desc.Description = DataTarget.Description;
    Desc.Owner = this;
    Desc.ShortDesc = DataTarget.ShortDesc;
-   Desc.URI = DataTarget.URI;
+
+   // Rewrite the description URI if INRELEASE_PATH was specified so
+   // we download the specified file instead.
+   auto InReleasePath = DataTarget.Option(IndexTarget::INRELEASE_PATH);
+   if (InReleasePath.empty() == false && APT::String::Endswith(DataTarget.URI, "/InRelease"))
+   {
+      Desc.URI = DataTarget.URI.substr(0, DataTarget.URI.size() - strlen("InRelease")) + InReleasePath;
+   }
+   else
+   {
+      Desc.URI = DataTarget.URI;
+   }
+
    QueueURI(Desc);
 }
 									/*}}}*/
diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc
index 2688052a4..59a26390e 100644
--- a/apt-pkg/deb/debmetaindex.cc
+++ b/apt-pkg/deb/debmetaindex.cc
@@ -1092,6 +1092,10 @@ class APT_HIDDEN debSLTypeDebian : public pkgSourceList::Type		/*{{{*/
       if (GetBoolOption(Options, "allow-downgrade-to-insecure", _config->FindB("Acquire::AllowDowngradeToInsecureRepositories")))
 	 ReleaseOptions.emplace("ALLOW_DOWNGRADE_TO_INSECURE", "true");
 
+      auto InReleasePath = Options.find("inrelease-path");
+      if (InReleasePath != Options.end())
+	 ReleaseOptions.emplace("INRELEASE_PATH", InReleasePath->second);
+
       debReleaseIndex * Deb = nullptr;
       std::string const FileName = URItoFileName(constructMetaIndexURI(URI, Dist, "Release"));
       for (auto const &I: List)
diff --git a/apt-pkg/indexfile.cc b/apt-pkg/indexfile.cc
index 679e2eab8..96ae2f93b 100644
--- a/apt-pkg/indexfile.cc
+++ b/apt-pkg/indexfile.cc
@@ -149,6 +149,7 @@ std::string IndexTarget::Option(OptionKeys const EnumKey) const		/*{{{*/
       APT_CASE(ALLOW_INSECURE);
       APT_CASE(ALLOW_WEAK);
       APT_CASE(ALLOW_DOWNGRADE_TO_INSECURE);
+      APT_CASE(INRELEASE_PATH);
 #undef APT_CASE
       case FILENAME:
       {
diff --git a/apt-pkg/indexfile.h b/apt-pkg/indexfile.h
index 7ebbd66f1..31b95172e 100644
--- a/apt-pkg/indexfile.h
+++ b/apt-pkg/indexfile.h
@@ -72,7 +72,8 @@ class IndexTarget							/*{{{*/
 	 std::string const &LongDesc, std::string const &URI, bool const IsOptional,
 	 bool const KeepCompressed, std::map<std::string, std::string> const &Options);
 
-   enum OptionKeys {
+   enum OptionKeys
+   {
       SITE,
       RELEASE,
       COMPONENT,
@@ -95,6 +96,7 @@ class IndexTarget							/*{{{*/
       ALLOW_INSECURE,
       ALLOW_WEAK,
       ALLOW_DOWNGRADE_TO_INSECURE,
+      INRELEASE_PATH,
    };
    std::string Option(OptionKeys const Key) const;
    bool OptionBool(OptionKeys const Key) const;
diff --git a/doc/sources.list.5.xml b/doc/sources.list.5.xml
index bfad35aa7..b19808636 100644
--- a/doc/sources.list.5.xml
+++ b/doc/sources.list.5.xml
@@ -343,6 +343,15 @@ deb-src [ option1=value1 option2=value2 ] uri suite [component1] [component2] [.
 		default.
 	  </para></listitem>
 
+	  <listitem><para><option>InRelease-Path</option> (<option>inrelease-path</option>)
+		determines the path to the InRelease file, relative
+		to the normal position of an <filename>InRelease</filename> file.
+		By default, this option is unset and APT will try to fetch an <filename>InRelease</filename>
+		or, if that fails, a <filename>Release</filename> file and its associated <filename>Release.gpg</filename> file. By setting this option,
+		the specified path will be tried instead of the InRelease file,
+		and the fallback to <filename>Release</filename> files will be disabled.
+	  </para></listitem>
+
        </itemizedlist>
 
     </para>
diff --git a/test/integration/test-apt-by-hash-update b/test/integration/test-apt-by-hash-update
index 9701f97f9..f4794a84f 100755
--- a/test/integration/test-apt-by-hash-update
+++ b/test/integration/test-apt-by-hash-update
@@ -77,3 +77,31 @@ ensureitsbroken -o Acquire::By-Hash=0
 sed -i "s#^\(deb\(-src\)\?\) \[by-hash=yes\] #\1 [by-hash=force] #" rootdir/etc/apt/sources.list.d/*
 ensureitworks
 #ensureitsbroken -o Acquire::By-Hash=0
+
+
+
+msgmsg 'Test InRelease by-hash via' 'sources option'
+
+rm -rf aptarchive/dists
+cp -a aptarchive/dists.bak aptarchive/dists
+mkdir -p aptarchive/dists/unstable/by-hash/SHA256
+inrelease_hash=$(sha256sum aptarchive/dists/unstable/InRelease | awk '{print $1}')
+mv aptarchive/dists/unstable/InRelease aptarchive/dists/unstable/by-hash/SHA256/$inrelease_hash
+#ensureitworks -o Acquire::By-Hash=force
+ensureitsbroken -o Acquire::By-Hash=1
+ensureitsbroken -o Acquire::By-Hash=0
+
+sed -i "s#^\(deb\(-src\)\?\) \[by-hash=force\] #\1 [by-hash=force inrelease-path=by-hash/SHA256/$inrelease_hash] #" rootdir/etc/apt/sources.list.d/*
+ensureitworks
+#ensureitsbroken -o Acquire::By-Hash=0
+
+msgmsg 'Test InRelease by-hash with' 'no fallback'
+
+rm -rf aptarchive/dists
+cp -a aptarchive/dists.bak aptarchive/dists
+
+testfailureequal "Get:1 file:${TMPWORKINGDIRECTORY}/aptarchive unstable InRelease
+Err:1 file:${TMPWORKINGDIRECTORY}/aptarchive unstable InRelease
+  File not found - ${TMPWORKINGDIRECTORY}/aptarchive/dists/unstable/by-hash/SHA256/${inrelease_hash} (2: No such file or directory)
+Reading package lists...
+E: Failed to fetch file://${TMPWORKINGDIRECTORY}/aptarchive/dists/unstable/InRelease  File not found - ${TMPWORKINGDIRECTORY}/aptarchive/dists/unstable/by-hash/SHA256/${inrelease_hash} (2: No such file or directory)" aptget update