summaryrefslogtreecommitdiff
path: root/apt-pkg
diff options
context:
space:
mode:
authorMichael Vogt <mvo@ubuntu.com>2014-10-06 14:34:38 +0200
committerMichael Vogt <mvo@ubuntu.com>2014-10-06 14:36:30 +0200
commit673c9469abd656a92c7e8f1f91f919cad09f391e (patch)
treea0bd856d3f0296a72fbf84d84e8f03ac01b649db /apt-pkg
parent22b2ef9d29b8a467c0fca8637636e417e020e2f5 (diff)
cleanup pkgAcq*::Failed()
Diffstat (limited to 'apt-pkg')
-rw-r--r--apt-pkg/acquire-item.cc113
-rw-r--r--apt-pkg/acquire-item.h13
2 files changed, 54 insertions, 72 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 975965e46..401566cfc 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1502,8 +1502,8 @@ void pkgAcqMetaBase::TransactionStageRemoval(Item *I,
// AcqMetaBase::GenerateAuthWarning - Check gpg authentication error /*{{{*/
// ---------------------------------------------------------------------
/* */
-bool pkgAcqMetaBase::GenerateAuthWarning(const std::string &RealURI,
- const std::string &Message)
+bool pkgAcqMetaBase::StopAuthentication(const std::string &RealURI,
+ const std::string &Message)
{
string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
@@ -1626,13 +1626,9 @@ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
{
string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
- // FIXME: duplicated code from pkgAcqMetaIndex
- if (AuthPass == true)
- {
- bool Stop = GenerateAuthWarning(RealURI, Message);
- if(Stop)
+ // check if we need to fail at this point
+ if (AuthPass == true && StopAuthentication(RealURI, Message))
return;
- }
// FIXME: meh, this is not really elegant
string InReleaseURI = RealURI.replace(RealURI.rfind("Release.gpg"), 12,
@@ -2021,50 +2017,28 @@ bool pkgAcqMetaBase::VerifyVendor(string Message, const string &RealURI)/*{{{*/
return true;
}
/*}}}*/
-// pkgAcqMetaIndex::Failed - no Release file present or no signature file present /*{{{*/
+// pkgAcqMetaIndex::Failed - no Release file present /*{{{*/
// ---------------------------------------------------------------------
/* */
void pkgAcqMetaIndex::Failed(string Message,
pkgAcquire::MethodConfig * /*Cnf*/)
{
- string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+ string FinalFile = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
- if (AuthPass == true)
- {
- bool Stop = GenerateAuthWarning(RealURI, Message);
- if(Stop)
- return;
- }
+ _error->Warning(_("The repository '%s' does not have a Release file. "
+ "This is deprecated, please contact the owner of the "
+ "repository."), URIDesc.c_str());
- _error->Warning(_("The data from '%s' is not signed. Packages "
- "from that repository can not be authenticated."),
- URIDesc.c_str());
-
- // No Release file was present, or verification failed, so fall
+ // No Release file was present so fall
// back to queueing Packages files without verification
// only allow going further if the users explicitely wants it
if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
{
- /* Always move the meta index, even if gpgv failed. This ensures
- * that PackageFile objects are correctly filled in */
+ // Done, queue for rename on transaction finished
if (FileExists(DestFile))
- {
- string FinalFile = _config->FindDir("Dir::State::lists");
- FinalFile += URItoFileName(RealURI);
- /* InRelease files become Release files, otherwise
- * they would be considered as trusted later on */
- if (SigFile == DestFile) {
- RealURI = RealURI.replace(RealURI.rfind("InRelease"), 9,
- "Release");
- FinalFile = FinalFile.replace(FinalFile.rfind("InRelease"), 9,
- "Release");
- SigFile = FinalFile;
- }
-
- // Done, queue for rename on transaction finished
TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
- }
+ // queue without any kind of hashsum support
QueueIndexes(false);
} else {
// warn if the repository is unsinged
@@ -2073,7 +2047,6 @@ void pkgAcqMetaIndex::Failed(string Message,
Status = StatError;
return;
}
-
}
/*}}}*/
@@ -2097,39 +2070,17 @@ pkgAcqMetaClearSig::pkgAcqMetaClearSig(pkgAcquire *Owner, /*{{{*/
MetaIndexURI(MetaIndexURI), MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc),
MetaSigURI(MetaSigURI), MetaSigURIDesc(MetaSigURIDesc), MetaSigShortDesc(MetaSigShortDesc)
{
- SigFile = DestFile;
-
// index targets + (worst case:) Release/Release.gpg
ExpectedAdditionalItems = IndexTargets->size() + 2;
-#if 0
- // keep the old InRelease around in case of transistent network errors
- string const Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
- if (RealFileExists(Final) == true)
- {
- string const LastGoodSig = DestFile + ".reverify";
- Rename(Final,LastGoodSig);
- }
-#endif
}
/*}}}*/
pkgAcqMetaClearSig::~pkgAcqMetaClearSig() /*{{{*/
{
-#if 0
- // if the file was never queued undo file-changes done in the constructor
- if (QueueCounter == 1 && Status == StatIdle && FileSize == 0 && Complete == false)
- {
- string const Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
- string const LastGoodSig = DestFile + ".reverify";
- if (RealFileExists(Final) == false && RealFileExists(LastGoodSig) == true)
- Rename(LastGoodSig, Final);
- }
-#endif
}
/*}}}*/
// pkgAcqMetaClearSig::Custom600Headers - Insert custom request headers /*{{{*/
// ---------------------------------------------------------------------
-// FIXME: this can go away once the InRelease file is used widely
string pkgAcqMetaClearSig::Custom600Headers() const
{
string Final = _config->FindDir("Dir::State::lists");
@@ -2204,7 +2155,45 @@ void pkgAcqMetaClearSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf) /*
Dequeue();
}
else
- pkgAcqMetaIndex::Failed(Message, Cnf);
+ {
+ if(StopAuthentication(RealURI, Message))
+ return;
+
+ _error->Warning(_("The data from '%s' is not signed. Packages "
+ "from that repository can not be authenticated."),
+ URIDesc.c_str());
+
+ // No Release file was present, or verification failed, so fall
+ // back to queueing Packages files without verification
+ // only allow going further if the users explicitely wants it
+ if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
+ {
+ /* Always move the meta index, even if gpgv failed. This ensures
+ * that PackageFile objects are correctly filled in */
+ if (FileExists(DestFile))
+ {
+ string FinalFile = _config->FindDir("Dir::State::lists");
+ FinalFile += URItoFileName(RealURI);
+ /* InRelease files become Release files, otherwise
+ * they would be considered as trusted later on */
+ RealURI = RealURI.replace(RealURI.rfind("InRelease"), 9,
+ "Release");
+ FinalFile = FinalFile.replace(FinalFile.rfind("InRelease"), 9,
+ "Release");
+
+
+ // Done, queue for rename on transaction finished
+ TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
+ }
+ QueueIndexes(false);
+ } else {
+ // warn if the repository is unsinged
+ _error->Warning("Use --allow-insecure-repositories to force the update");
+ TransactionManager->AbortTransaction();
+ Status = StatError;
+ return;
+ }
+ }
}
/*}}}*/
// AcqArchive::AcqArchive - Constructor /*{{{*/
diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h
index f12f57262..e0739dcd2 100644
--- a/apt-pkg/acquire-item.h
+++ b/apt-pkg/acquire-item.h
@@ -436,9 +436,9 @@ class pkgAcqMetaBase : public pkgAcquire::Item
*/
void TransactionStageRemoval(Item *I, const std::string &FinalFile);
- // helper for the signature warning
- bool GenerateAuthWarning(const std::string &RealURI,
- const std::string &Message);
+ /** Check if the current item should fail at this point */
+ bool StopAuthentication(const std::string &RealURI,
+ const std::string &Message);
pkgAcqMetaBase(pkgAcquire *Owner,
@@ -524,13 +524,6 @@ class pkgAcqMetaIndex : public pkgAcqMetaBase
*/
std::string RealURI;
- /** \brief The file in which the signature for this index was stored.
- *
- * If empty, the signature and the md5sums of the individual
- * indices will not be checked.
- */
- std::string SigFile;
-
std::string URIDesc;
std::string ShortDesc;