summaryrefslogtreecommitdiff
path: root/apt-pkg/deb/debmetaindex.cc
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-03-17 16:36:14 +0100
committerDavid Kalnischkies <david@kalnischkies.de>2016-06-22 14:05:01 +0200
commitab94dcece2465f824bea80fc9158bf9a028b2e87 (patch)
treed4aed383e010d64ca5a689216b36ab28929c06a8 /apt-pkg/deb/debmetaindex.cc
parent57f7fb6511fcc7c55ee7a88475d15385093c048e (diff)
handle weak-security repositories as unauthenticated
APT can be forced to deal with repositories which have no security features whatsoever, so just giving up on repositories which "just" fail our current criteria of good security features is the wrong incentive. Of course, repositories are better of fixing their setup to provide the minimum of security features, but sometimes this isn't possible: Historic repositories for example which do not change (anymore). That also fixes problem with repositories which are marked as trusted, but are providing only weak security features which would fail the parsing of the Release file. Closes: 827364
Diffstat (limited to 'apt-pkg/deb/debmetaindex.cc')
-rw-r--r--apt-pkg/deb/debmetaindex.cc22
1 files changed, 9 insertions, 13 deletions
diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc
index c70c39a45..0c9cde620 100644
--- a/apt-pkg/deb/debmetaindex.cc
+++ b/apt-pkg/deb/debmetaindex.cc
@@ -440,18 +440,13 @@ bool debReleaseIndex::Load(std::string const &Filename, std::string * const Erro
}
}
+ bool AuthPossible = false;
if(FoundHashSum == false)
- {
- if (ErrorText != NULL)
- strprintf(*ErrorText, _("No Hash entry in Release file %s"), Filename.c_str());
- return false;
- }
- if(FoundStrongHashSum == false)
- {
- if (ErrorText != NULL)
- strprintf(*ErrorText, _("No Hash entry in Release file %s which is considered strong enough for security purposes"), Filename.c_str());
- return false;
- }
+ _error->Warning(_("No Hash entry in Release file %s"), Filename.c_str());
+ else if(FoundStrongHashSum == false)
+ _error->Warning(_("No Hash entry in Release file %s which is considered strong enough for security purposes"), Filename.c_str());
+ else
+ AuthPossible = true;
std::string const StrDate = Section.FindS("Date");
if (RFC1123StrToTime(StrDate.c_str(), Date) == false)
@@ -539,8 +534,9 @@ bool debReleaseIndex::Load(std::string const &Filename, std::string * const Erro
}
}
- LoadedSuccessfully = TRI_YES;
- return true;
+ if (AuthPossible)
+ LoadedSuccessfully = TRI_YES;
+ return AuthPossible;
}
/*}}}*/
metaIndex * debReleaseIndex::UnloadedClone() const /*{{{*/