diff options
| author | David Kalnischkies <david@kalnischkies.de> | 2016-04-29 00:31:49 +0200 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2016-05-01 10:50:24 +0200 |
| commit | fb7b11ebb852fa255053ecab605bc9cfe9de0603 (patch) | |
| tree | 409a82bf36e0be9d79666872a2165feb9c22b932 /apt-pkg/acquire-item.cc | |
| parent | 1af227c2eaad386f0917fc4f36c84fd5999b884e (diff) | |
don't show NO_PUBKEY warning if repo is signed by another key
Daniel Kahn Gillmor highlights in the bugreport that security isn't
improving by having the user import additional keys – especially as
importing keys securely is hard.
The bugreport was initially about dropping the warning to a notice, but
in given the previously mentioned observation and the fact that we
weren't printing a warning (or a notice) for expired or revoked keys
providing a signature we drop it completely as the code to display a
message if this was the only key is in another path – and is considered
critical.
Closes: 618445
Diffstat (limited to 'apt-pkg/acquire-item.cc')
| -rw-r--r-- | apt-pkg/acquire-item.cc | 21 |
1 files changed, 2 insertions, 19 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 317db65b8..fde45e1fe 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1365,25 +1365,8 @@ void pkgAcqMetaBase::QueueIndexes(bool const verify) /*{{{*/ } } /*}}}*/ -bool pkgAcqMetaBase::VerifyVendor(string const &Message) /*{{{*/ +bool pkgAcqMetaBase::VerifyVendor(string const &) /*{{{*/ { - string::size_type pos; - - // check for missing sigs (that where not fatal because otherwise we had - // bombed earlier) - string missingkeys; - string msg = _("There is no public key available for the " - "following key IDs:\n"); - pos = Message.find("NO_PUBKEY "); - if (pos != std::string::npos) - { - string::size_type start = pos+strlen("NO_PUBKEY "); - string Fingerprint = Message.substr(start, Message.find("\n")-start); - missingkeys += (Fingerprint); - } - if(!missingkeys.empty()) - _error->Warning("%s", (msg + missingkeys).c_str()); - string Transformed = TransactionManager->MetaIndexParser->GetExpectedDist(); if (Transformed == "../project/experimental") @@ -1391,7 +1374,7 @@ bool pkgAcqMetaBase::VerifyVendor(string const &Message) /*{{{*/ Transformed = "experimental"; } - pos = Transformed.rfind('/'); + auto pos = Transformed.rfind('/'); if (pos != string::npos) { Transformed = Transformed.substr(0, pos); |