diff options
| author | David Kalnischkies <kalnischkies@gmail.com> | 2013-08-18 23:27:24 +0200 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2014-11-10 17:23:29 +0100 |
| commit | 3a2b39ee602dd5a98b8fdaee2f1c8e0b13a276e2 (patch) | |
| tree | c825fbd73efde59e405d3088361ea1771f095c02 /cmdline/apt-get.cc | |
| parent | 3f439e2b7126fb82952cd7bc12b8d6cb01352219 (diff) | |
use 'best' hash for source authentication
Collect all hashes we can get from the source record and put them into a
HashStringList so that 'apt-get source' can use it instead of using
always the MD5sum.
We therefore also deprecate the MD5 struct member in favor of the list.
While at it, the parsing of the Files is enhanced so that records which
miss "Files" (aka MD5 checksums) are still searched for other checksums
as they include just as much data, just not with a nice and catchy name.
This is a cherry-pick of 1262d35 with some dirty tricks to preserve ABI.
LP: 1098738
Diffstat (limited to 'cmdline/apt-get.cc')
| -rw-r--r-- | cmdline/apt-get.cc | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/cmdline/apt-get.cc b/cmdline/apt-get.cc index cfa79339b..a28537712 100644 --- a/cmdline/apt-get.cc +++ b/cmdline/apt-get.cc @@ -797,13 +797,13 @@ static bool DoSource(CommandLine &CmdL) } // Back track - vector<pkgSrcRecords::File> Lst; - if (Last->Files(Lst) == false) { + vector<pkgSrcRecords::File2> Lst; + if (Last->Files2(Lst) == false) { return false; } // Load them into the fetcher - for (vector<pkgSrcRecords::File>::const_iterator I = Lst.begin(); + for (vector<pkgSrcRecords::File2>::const_iterator I = Lst.begin(); I != Lst.end(); ++I) { // Try to guess what sort of file it is we are getting. @@ -832,22 +832,26 @@ static bool DoSource(CommandLine &CmdL) queued.insert(Last->Index().ArchiveURI(I->Path)); // check if we have a file with that md5 sum already localy - if(!I->MD5Hash.empty() && FileExists(flNotDir(I->Path))) - { - FileFd Fd(flNotDir(I->Path), FileFd::ReadOnly); - MD5Summation sum; - sum.AddFD(Fd.Fd(), Fd.Size()); - Fd.Close(); - if((string)sum.Result() == I->MD5Hash) + std::string localFile = flNotDir(I->Path); + if (FileExists(localFile) == true) + if(I->Hashes.VerifyFile(localFile) == true) { ioprintf(c1out,_("Skipping already downloaded file '%s'\n"), - flNotDir(I->Path).c_str()); + localFile.c_str()); continue; } + + // see if we have a hash (Acquire::ForceHash is the only way to have none) + HashString const * const hs = I->Hashes.find(NULL); + if (hs == NULL && _config->FindB("APT::Get::AllowUnauthenticated",false) == false) + { + ioprintf(c1out, "Skipping download of file '%s' as requested hashsum is not available for authentication\n", + localFile.c_str()); + continue; } new pkgAcqFile(&Fetcher,Last->Index().ArchiveURI(I->Path), - I->MD5Hash,I->Size, + hs != NULL ? hs->toStr() : "", I->FileSize, Last->Index().SourceInfo(*Last,*I),Src); } } |