check when finished downloading the InRelease file if it has the expected gpg clearsign signature and if not download Release/Release.gpg instead

author: Michael Vogt <michael.vogt@ubuntu.com> 2012-06-21 12:32:56 +0200
committer: Michael Vogt <michael.vogt@ubuntu.com> 2012-06-21 12:32:56 +0200
commit: 0854ad8b8016d0132741a267492d72cfa0d3bd8e (patch)
tree: f5f3b55c020a2651c35602322253b86b5481cecb /apt-pkg/indexcopy.cc
parent: 2448a064f33c66d4f698375d30b87201a5a3b103 (diff)
1 files changed, 1 insertions, 5 deletions
diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc
index e29e2819c..db3d10ecd 100644
--- a/apt-pkg/indexcopy.cc
+++ b/apt-pkg/indexcopy.cc
@@ -648,16 +648,12 @@ bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG,
 {
    if (File == FileGPG)
    {
-      #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n"
-      char buffer[sizeof(SIGMSG)];
       FILE* gpg = fopen(File.c_str(), "r");
       if (gpg == NULL)
 	 return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str());
-      char const * const test = fgets(buffer, sizeof(buffer), gpg);
       fclose(gpg);
-      if (test == NULL || strcmp(buffer, SIGMSG) != 0)
+      if (!IsPgpClearTextSignature(File))
 	 return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str());
-      #undef SIGMSG
    }
author	Michael Vogt <michael.vogt@ubuntu.com>	2012-06-21 12:32:56 +0200
committer	Michael Vogt <michael.vogt@ubuntu.com>	2012-06-21 12:32:56 +0200
commit	0854ad8b8016d0132741a267492d72cfa0d3bd8e (patch)
tree	f5f3b55c020a2651c35602322253b86b5481cecb /apt-pkg/indexcopy.cc
parent	2448a064f33c66d4f698375d30b87201a5a3b103 (diff)