diff options
| -rw-r--r-- | apt-pkg/acquire-item.cc | 3 | ||||
| -rw-r--r-- | apt-pkg/policy.h | 4 | ||||
| -rw-r--r-- | cmdline/apt-get.cc | 2 | ||||
| -rwxr-xr-x | cmdline/apt-key | 6 | ||||
| -rw-r--r-- | debian/apt-utils.examples | 1 | ||||
| -rw-r--r-- | debian/apt.manpages | 1 | ||||
| -rw-r--r-- | debian/apt.postinst | 2 | ||||
| -rw-r--r-- | debian/changelog | 77 | ||||
| -rwxr-xr-x | debian/rules | 5 | ||||
| -rw-r--r-- | doc/apt-key.8.xml | 47 | ||||
| -rw-r--r-- | doc/apt-secure.8.xml | 209 | ||||
| -rw-r--r-- | doc/apt.ent | 49 | ||||
| -rw-r--r-- | doc/apt_preferences.5.xml | 2 | ||||
| -rw-r--r-- | doc/examples/apt-ftparchive.conf | 46 | ||||
| -rw-r--r-- | doc/makefile | 3 | ||||
| -rw-r--r-- | methods/cdrom.cc | 7 | ||||
| -rw-r--r-- | methods/file.cc | 8 | ||||
| -rw-r--r-- | share/debian-archive.gpg | bin | 1303 -> 0 bytes |
18 files changed, 90 insertions, 382 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index c39d3fdde..ef107444f 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -905,7 +905,8 @@ void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash, { Status = StatError; ErrorText = _("MD5Sum mismatch"); - Rename(DestFile,DestFile + ".FAILED"); + if(FileExists(DestFile)) + Rename(DestFile,DestFile + ".FAILED"); return; } } diff --git a/apt-pkg/policy.h b/apt-pkg/policy.h index 15f204798..40ebd3f70 100644 --- a/apt-pkg/policy.h +++ b/apt-pkg/policy.h @@ -45,6 +45,8 @@ using std::vector; class pkgPolicy : public pkgDepCache::Policy { + protected: + struct Pin { pkgVersionMatch::MatchType Type; @@ -58,8 +60,6 @@ class pkgPolicy : public pkgDepCache::Policy string Pkg; }; - protected: - Pin *Pins; signed short *PFPriority; vector<Pin> Defaults; diff --git a/cmdline/apt-get.cc b/cmdline/apt-get.cc index e673e0f5b..7e079b91c 100644 --- a/cmdline/apt-get.cc +++ b/cmdline/apt-get.cc @@ -1659,7 +1659,7 @@ bool DoInstall(CommandLine &CmdL) // See if we need to prompt if (Cache->InstCount() == ExpectedInst && Cache->DelCount() == 0) return InstallPackages(Cache,false,false); - + return InstallPackages(Cache,false); } /*}}}*/ diff --git a/cmdline/apt-key b/cmdline/apt-key index 0685e36f7..be2b19a1a 100755 --- a/cmdline/apt-key +++ b/cmdline/apt-key @@ -9,14 +9,14 @@ GPG_CMD="gpg --no-options --no-default-keyring --secret-keyring /etc/apt/secring GPG="$GPG_CMD --keyring /etc/apt/trusted.gpg" -ARCHIVE_KEYRING=/usr/share/keyrings/debian-archive-keyring.gpg -REMOVED_KEYS=/usr/share/keyrings/debian-archive-removed-keys.gpg +ARCHIVE_KEYRING=/usr/share/keyrings/ubuntu-archive-keyring.gpg +REMOVED_KEYS=/usr/share/keyrings/ubuntu-archive-removed-keys.gpg update() { if [ ! -f $ARCHIVE_KEYRING ]; then echo >&2 "ERROR: Can't find the archive-keyring" - echo >&2 "Is the debian-keyring package installed?" + echo >&2 "Is the ubuntu-keyring package installed?" exit 1 fi diff --git a/debian/apt-utils.examples b/debian/apt-utils.examples deleted file mode 100644 index 25aadf996..000000000 --- a/debian/apt-utils.examples +++ /dev/null @@ -1 +0,0 @@ -doc/examples/apt-ftparchive.conf
\ No newline at end of file diff --git a/debian/apt.manpages b/debian/apt.manpages index b52ea3d3d..e621e1c49 100644 --- a/debian/apt.manpages +++ b/debian/apt.manpages @@ -3,7 +3,6 @@ doc/apt-cdrom.8 doc/apt-config.8 doc/apt-get.8 doc/apt-key.8 -doc/apt-secure.8 doc/apt.8 doc/apt.conf.5 doc/apt_preferences.5 diff --git a/debian/apt.postinst b/debian/apt.postinst index ae1801198..df0433057 100644 --- a/debian/apt.postinst +++ b/debian/apt.postinst @@ -17,7 +17,7 @@ case "$1" in configure) if ! test -f /etc/apt/trusted.gpg; then - cp /usr/share/apt/debian-archive.gpg /etc/apt/trusted.gpg + cp /usr/share/apt/ubuntu-archive.gpg /etc/apt/trusted.gpg fi ;; diff --git a/debian/changelog b/debian/changelog index 39ab07b32..61f5be622 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,27 +3,22 @@ apt (0.6.40.2) unstable; urgency=low * improved the support for "error" and "conffile" reporting from dpkg, added the format to README.progress-reporting * added README.progress-reporting to the apt-doc package - * improved the network timeout handling, if a index file from a - sources.list times out, don't try to get the other files from - that entry - * Support architecture-specific extra overrides - (closes: #225947). Thanks to Anthony Towns for idea and - the patch, thanks to Colin Watson for testing it. - * Javier Fernandez-Sanguino Pen~a: - - Added a first version of an apt-secure.8 manpage, and modified - apt-key and apt.end accordingly. Also added the 'update' - argument to apt-key which was previously not documented - (Closes: #322120) - * Andreas Pakulat: - - added example apt-ftparchive.conf file to doc/examples - (closes: #322483) + * Do md5sum checking for file and cdrom method (closes: #319142) + * Change pkgPolicy::Pin from private to protected to let subclasses + access it too (closes: #321799) * methods/connect.cc: - send failure reason for EAI_AGAIN (TmpResolveFailure) to acuire-item * apt-pkg/acquire-item.cc: - fail early if a FailReason is TmpResolveFailure (avoids hangs during the install when no network is available) - - -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 23 Aug 2005 00:15:00 +0200 + + -- + +apt (0.6.40.1ubuntu1) breezy; urgency=low + + * Synchronize with Debian + + -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 5 Aug 2005 14:20:56 +0200 apt (0.6.40.1) unstable; urgency=low @@ -32,7 +27,13 @@ apt (0.6.40.1) unstable; urgency=low conditions * 0.6.40 breaks the ABI but I accidentally didn't change the soname :/ - -- Michael Vogt <mvo@debian.org> Fri, 5 Aug 2005 13:24:58 +0200 + -- Michael Vogt <mvo@debian.org> Fri, 5 Aug 2005 13:24:58 +0200 + +apt (0.6.40ubuntu1) breezy; urgency=low + + * Synchronize with Debian + + -- Matt Zimmerman <mdz@ubuntu.com> Thu, 4 Aug 2005 15:53:22 -0700 apt (0.6.40) unstable; urgency=low @@ -49,6 +50,39 @@ apt (0.6.40) unstable; urgency=low -- Matt Zimmerman <mdz@debian.org> Thu, 28 Jul 2005 11:57:32 -0700 +apt (0.6.39ubuntu4) breezy; urgency=low + + * Fix keyring paths in apt-key, apt.postinst (I swear I remember doing this + before...) + + -- Matt Zimmerman <mdz@ubuntu.com> Wed, 29 Jun 2005 08:39:17 -0700 + +apt (0.6.39ubuntu3) breezy; urgency=low + + * Fix keyring locations for Ubuntu in apt-key too. + + -- Colin Watson <cjwatson@ubuntu.com> Wed, 29 Jun 2005 14:45:36 +0100 + +apt (0.6.39ubuntu2) breezy; urgency=low + + * Install ubuntu-archive.gpg rather than debian-archive.gpg as + /etc/apt/trusted.gpg. + + -- Colin Watson <cjwatson@ubuntu.com> Wed, 29 Jun 2005 11:53:34 +0100 + +apt (0.6.39ubuntu1) breezy; urgency=low + + * Michael Vogt + - Change debian/bugscript to use #!/bin/bash (Closes: #313402) + - Fix a incorrect example in the man-page (closes: #282918) + - Support architecture-specific extra overrides + (closes: #225947). Thanks to Anthony Towns for idea and + the patch, thanks to Colin Watson for testing it. + - better report network timeouts from the methods to the acuire code, + only timeout once per sources.list line + + -- Matt Zimmerman <mdz@ubuntu.com> Tue, 28 Jun 2005 11:52:24 -0700 + apt (0.6.39) unstable; urgency=low * Welsh translation update: daf@muse.19inch.net--2005/apt--main--0--patch-6 @@ -59,7 +93,14 @@ apt (0.6.39) unstable; urgency=low * Update priority of apt-utils to important, to match the override file * Install only one keyring on each branch (Closes: #316119) - -- Matt Zimmerman <mdz@debian.org> Tue, 28 Jun 2005 11:51:09 -0700 + -- Matt Zimmerman <mdz@ubuntu.com> Tue, 28 Jun 2005 11:35:21 -0700 + +apt (0.6.38ubuntu1) breezy; urgency=low + + * First release from Ubuntu branch + * Merge with --main--0, switch back to Ubuntu keyring + + -- Matt Zimmerman <mdz@ubuntu.com> Sat, 25 Jun 2005 16:52:41 -0700 apt (0.6.38) unstable; urgency=low diff --git a/debian/rules b/debian/rules index cd026b4a4..3bc9f53d9 100755 --- a/debian/rules +++ b/debian/rules @@ -209,7 +209,7 @@ apt: build debian/shlibs.local cp debian/bugscript debian/$@/usr/share/bug/apt/script - cp share/debian-archive.gpg debian/$@/usr/share/$@ + cp share/ubuntu-archive.gpg debian/$@/usr/share/$@ # head -n 500 ChangeLog > debian/ChangeLog @@ -269,7 +269,6 @@ apt-utils: build debian/shlibs.local cp $(addprefix $(BLD)/bin/apt-,$(APT_UTILS)) debian/$@/usr/bin/ dh_installdocs -p$@ - dh_installexamples -p$@ # Install the man pages.. dh_installman -p$@ @@ -337,4 +336,4 @@ arch-build: mkdir -p debian/arch-build/apt-$(APT_DEBVER) baz inventory -s | xargs cp -a --parents --target=debian/arch-build/apt-$(APT_DEBVER) $(MAKE) -C debian/arch-build/apt-$(APT_DEBVER) startup doc - (cd debian/arch-build/apt-$(APT_DEBVER); $(DEB_BUILD_PROG)) + (cd debian/arch-build/apt-$(APT_DEBVER); $(DEB_BUILD_PROG); dpkg-genchanges -S > ../apt_$(APT_DEBVER)_source.changes) diff --git a/doc/apt-key.8.xml b/doc/apt-key.8.xml index eac61307d..62686618a 100644 --- a/doc/apt-key.8.xml +++ b/doc/apt-key.8.xml @@ -68,56 +68,17 @@ <para> List trusted keys. - </para> </listitem> </varlistentry> - - <varlistentry><term>update</term> - <listitem> - <para> - - Update the local keyring with the keyring of Debian archive - keys and removes from the keyring the archive keys which are no - longer valid. - - </para> - - </listitem> - </varlistentry> - </variablelist> -</refsect1> - - <refsect1><title>Files</title> - <variablelist> - <varlistentry><term><filename>/etc/apt/trusted.gpg</filename></term> - <listitem><para>Keyring of local trusted keys, new keys will be added here.</para></listitem> - </varlistentry> - - <varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term> - <listitem><para>Local trust database of archive keys.</para></listitem> - </varlistentry> - - <varlistentry><term><filename>/usr/share/keyrings/debian-archive-keyring.gpg</filename></term> - <listitem><para>Keyring of Debian archive trusted keys.</para></listitem> - </varlistentry> - - <varlistentry><term><filename>/usr/share/keyrings/debian-archive-removed-keys.gpg</filename></term> - <listitem><para>Keyring of Debian archive removed trusted keys.</para></listitem> - </varlistentry> - - - </variablelist> - </refsect1> -<refsect1><title>See Also</title> -<para> -&apt-get;, &apt-secure; -</para> -</refsect1> +<!-- <refsect1><title>See Also</title> --> +<!-- <para> --> +<!-- &apt-conf;, &apt-get;, &sources-list; --> +<!-- </refsect1> --> &manbugs; &manauthor; diff --git a/doc/apt-secure.8.xml b/doc/apt-secure.8.xml deleted file mode 100644 index e22446030..000000000 --- a/doc/apt-secure.8.xml +++ /dev/null @@ -1,209 +0,0 @@ -<?xml version="1.0" encoding="utf-8" standalone="no"?> -<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" - "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ - -<!ENTITY % aptent SYSTEM "apt.ent"> -%aptent; - -]> - -<refentry> - &apt-docinfo; - - <refmeta> - <refentrytitle>apt-secure</refentrytitle> - <manvolnum>8</manvolnum> - </refmeta> - -<!-- NOTE: This manpage has been written based on the - Securing Debian Manual ("Debian Security - Infrastructure" chapter) and on documentation - available at the following sites: - http://wiki.debian.net/?apt06 - http://www.syntaxpolice.org/apt-secure/ - http://www.enyo.de/fw/software/apt-secure/ ---> -<!-- TODO: write a more verbose example of how it works with - a sample similar to - http://www.debian-administration.org/articles/174 - ? ---> - - - <!-- Man page title --> - <refnamediv> - <refname>apt-secure</refname> - <refpurpose>Archive authentication support for APT</refpurpose> - </refnamediv> - - <refsect1><title>Description</title> - <para> - Starting with version 0.6, <command>apt</command> contains code - that does signature checking of the Release file for all - archives. This ensures that packages in the archive can't be - modified by people who have no access to the Release file signing - key. - </para> - - <para> - If a package comes from a archive without a signature or with a - signature that apt does not have a key for that package is - considered untrusted and installing it will result in a big - warning. <command>apt-get</command> will currently only warn - for unsigned archives, future releases might force all sources - to be verified before downloading packages from them. - </para> - - <para> - The package frontends &apt-get;, &aptitude; and &synaptic; support this new - authentication feature. - </para> -</refsect1> - - <refsect1><title>Trusted archives</title> - - <para> - The chain of trust from an apt archive to the end user is made up of - different steps. <command>apt-secure</command> is the last step in - this chain, trusting an archive does not mean that the packages - that you trust it do not contain malicious code but means that you - trust the archive maintainer. Its the archive maintainer - responsibility to ensure that the archive integrity is correct. - </para> - - <para>apt-secure does not review signatures at a - package level. If you require tools to do this you should look at - <command>debsig-verify</command> and - <command>debsign</command> (provided in the debsig-verify and - devscripts packages respectively).</para> - - <para> - The chain of trust in Debian starts when a maintainer uploads a new - package or a new version of a package to the Debian archive. This - upload in order to become effective needs to be signed by a key of - a maintainer within the Debian maintainer's keyring (available in - the debian-keyring package). Maintainer's keys are signed by - other maintainers following pre-established procedures to - ensure the identity of the key holder. - </para> - - <para> - Once the uploaded package is verified and included in the archive, - the maintainer signature is stripped off, an MD5 sum of the package - is computed and put in the Packages file. The MD5 sum of all of the - packages files are then computed and put into the Release file. The - Release file is then signed by the archive key (which is created - once a year and distributed through the FTP server. This key is - also on the Debian keyring. - </para> - - <para> - Any end user can check the signature of the Release file, extract the MD5 - sum of a package from it and compare it with the MD5 sum of the - package he downloaded. Prior to version 0.6 only the MD5 sum of the - downloaded Debian package was checked. Now both the MD5 sum and the - signature of the Release file are checked. - </para> - - <para>Notice that this is distinct from checking signatures on a - per package basis. It is designed to prevent two possible attacks: - </para> - - <itemizedlist> - <listitem><para><literal>Network "man in the middle" - attacks</literal>. Without signature checking, a malicious - agent can introduce himself in the package download process and - provide malicious software either by controlling a network - element (router, switch, etc.) or by redirecting traffic to a - rogue server (through arp or DNS spoofing - attacks).</para></listitem> - - <listitem><para><literal>Mirror network compromise</literal>. - Without signature checking, a malicious agent can compromise a - mirror host and modify the files in it to propage malicious - software to all users downloading packages from that - host.</para></listitem> - </itemizedlist> - - <para>However, it does not defend against a compromise of the - Debian master server itself (which signs the packages) or against a - compromise of the key used to sign the Release files. In any case, - this mechanism can complement a per-package signature.</para> -</refsect1> - - <refsect1><title>User configuration</title> - <para> - <command>apt-key</command> is the program that manages the list - of keys used by apt. It can be used to add or remove keys although - an installation of this release will automatically provide the - default Debian archive signing keys used in the Debian package - repositories. - </para> - <para> - In order to add a new key you need to first download it - (you should make sure you are using a trusted communication channel - when retrieving it), add it with <command>apt-key</command> and - then run <command>apt-get update</command> so that apt can download - and verify the <filename>Release.gpg</filename> files from the archives you - have configured. - </para> -</refsect1> - -<refsect1><title>Archive configuration</title> - <para> - If you want to provide archive signatures in an archive under your - maintenance you have to: - </para> - - <itemizedlist> - <listitem><para><literal>Create a toplevel Release - file</literal>. if it does not exist already. You can do this - by running <command>apt-ftparchive release</command> - (provided inftp apt-utils).</para></listitem> - - <listitem><para><literal>Sign it</literal>. You can do this by running - <command>gpg -abs -o Release.gpg Release</command>.</para></listitem> - - <listitem><para><literal>Publish the key fingerprint</literal>, - that way your users will know what key they need to import in - order to authenticate the files in the - archive.</para></listitem> - - </itemizedlist> - - <para>Whenever the contents of the archive changes (new packages - are added or removed) the archive maintainer has to follow the - first two steps previously outlined.</para> - -</refsect1> - -<refsect1><title>See Also</title> -<para> -&apt-conf;, &apt-get;, &sources-list;, &apt-key;, &apt-archive;, -&debsign; &debsig-verify;, &gpg; -</para> - -<para>For more backgound information you might want to review the -<ulink -url="http://www.debian.org/doc/manuals/securing-debian-howto/ch7.en.html">Debian -Security Infrastructure</ulink> chapter of the Securing Debian Manual -(available also in the harden-doc package) and the -<ulink url="http://www.cryptnet.net/fdp/crypto/strong_distro.html" ->Strong Distribution HOWTO</ulink> by V. Alex Brennen. </para> - -</refsect1> - - &manbugs; - &manauthor; - -<refsect1><title>Manpage Authors</title> - -<para>This man-page is based on the work of Javier Fernández-Sanguino -Peña, Isaac Jones, Colin Walters, Florian Weimer and Michael Vogt. -</para> - -</refsect1> - - -</refentry> - diff --git a/doc/apt.ent b/doc/apt.ent index cf22df6d2..8054a25f6 100644 --- a/doc/apt.ent +++ b/doc/apt.ent @@ -44,25 +44,6 @@ </citerefentry>" > -<!ENTITY apt-key "<citerefentry> - <refentrytitle><command>apt-key</command></refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry>" -> - -<!ENTITY apt-secure "<citerefentry> - <refentrytitle>apt-secure</refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry>" -> - -<!ENTITY apt-archive "<citerefentry> - <refentrytitle><filename>apt-archive</filename></refentrytitle> - <manvolnum>1</manvolnum> - </citerefentry>" -> - - <!ENTITY sources-list "<citerefentry> <refentrytitle><filename>sources.list</filename></refentrytitle> <manvolnum>5</manvolnum> @@ -110,36 +91,6 @@ <manvolnum>8</manvolnum> </citerefentry>" > - -<!ENTITY aptitude "<citerefentry> - <refentrytitle><command>aptitude</command></refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry>" -> - -<!ENTITY synaptic "<citerefentry> - <refentrytitle><command>synaptic</command></refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry>" -> - -<!ENTITY debsign "<citerefentry> - <refentrytitle><command>debsign</command></refentrytitle> - <manvolnum>1</manvolnum> - </citerefentry>" -> - -<!ENTITY debsig-verify "<citerefentry> - <refentrytitle><command>debsig-verify</command></refentrytitle> - <manvolnum>1</manvolnum> - </citerefentry>" -> - -<!ENTITY gpg "<citerefentry> - <refentrytitle><command>gpg</command></refentrytitle> - <manvolnum>1</manvolnum> - </citerefentry>" -> <!-- Boiler plate docinfo section --> <!ENTITY apt-docinfo " diff --git a/doc/apt_preferences.5.xml b/doc/apt_preferences.5.xml index 3e50bef8c..12b03196a 100644 --- a/doc/apt_preferences.5.xml +++ b/doc/apt_preferences.5.xml @@ -183,7 +183,7 @@ belonging to any distribution whose Archive name is "<literal>unstable</literal> <programlisting> Package: * Pin: release a=unstable -Pin-Priority: 50 +Pin-Priority: 500 </programlisting> <simpara>The following record assigns a high priority to all package versions diff --git a/doc/examples/apt-ftparchive.conf b/doc/examples/apt-ftparchive.conf deleted file mode 100644 index 657ec5440..000000000 --- a/doc/examples/apt-ftparchive.conf +++ /dev/null @@ -1,46 +0,0 @@ -// This config is for use with the pool-structure for the packages, thus we -// don't use a Tree Section in here - -// The debian archive should be in the current working dir -Dir { - ArchiveDir "."; - CacheDir "."; -}; - -// Create Packages, Packages.gz and Packages.bz2, remove what you don't need -Default { - Packages::Compress ". gzip bzip2"; - Sources::Compress ". gzip bzip2"; - Contents::Compress ". gzip bzip2"; -}; - -// Includes the main section. You can structure the directory tree under -// ./pool/main any way you like, apt-ftparchive will take any deb (and -// source package) it can find. This creates a Packages a Sources and a -// Contents file for these in the main section of the sid release -BinDirectory "pool/main" { - Packages "dists/sid/main/binary-i386/Packages"; - SrcPackages "dists/sid/main/source/Sources"; - Contents "dists/sid/Contents-i386"; -} - -// This is the same for the contrib section -BinDirectory "pool/contrib" { - Packages "dists/sid/contrib/binary-i386/Packages"; - SrcPackages "dists/sid/contrib/source/Sources"; - Contents "dists/sid/Contents-i386"; -} - -// This is the same for the non-free section -BinDirectory "pool/non-free" { - Packages "dists/sid/non-free/binary-i386/Packages"; - SrcPackages "dists/sid/non-free/source/Sources"; - Contents "dists/sid/Contents-i386"; -}; - -// By default all Packages should have the extension ".deb" -Default { - Packages { - Extensions ".deb"; - }; -}; diff --git a/doc/makefile b/doc/makefile index 31ee061fb..f34b3f6e5 100644 --- a/doc/makefile +++ b/doc/makefile @@ -14,8 +14,7 @@ include $(DEBIANDOC_H) # XML man pages SOURCE = apt-cache.8 apt-get.8 apt-cdrom.8 apt.conf.5 sources.list.5 \ apt-config.8 apt_preferences.5 \ - apt-sortpkgs.1 apt-ftparchive.1 apt-extracttemplates.1 \ - apt-key.8 apt-secure.8 + apt-sortpkgs.1 apt-ftparchive.1 apt-extracttemplates.1 apt-key.8 INCLUDES = apt.ent include $(XML_MANPAGE_H) diff --git a/methods/cdrom.cc b/methods/cdrom.cc index 7cc036814..41eb8a0ee 100644 --- a/methods/cdrom.cc +++ b/methods/cdrom.cc @@ -13,6 +13,7 @@ #include <apt-pkg/error.h> #include <apt-pkg/configuration.h> #include <apt-pkg/fileutl.h> +#include <apt-pkg/hashes.h> #include <sys/stat.h> #include <unistd.h> @@ -180,6 +181,12 @@ bool CDROMMethod::Fetch(FetchItem *Itm) CurrentID = NewID; Res.LastModified = Buf.st_mtime; Res.Size = Buf.st_size; + + Hashes Hash; + FileFd Fd(Res.Filename, FileFd::ReadOnly); + Hash.AddFD(Fd.Fd(), Fd.Size()); + Res.TakeHashes(Hash); + URIDone(Res); return true; } diff --git a/methods/file.cc b/methods/file.cc index 3500de9f5..9cdd5bc2d 100644 --- a/methods/file.cc +++ b/methods/file.cc @@ -15,6 +15,8 @@ // Include Files /*{{{*/ #include <apt-pkg/acquire-method.h> #include <apt-pkg/error.h> +#include <apt-pkg/hashes.h> +#include <apt-pkg/fileutl.h> #include <sys/stat.h> #include <unistd.h> @@ -75,7 +77,11 @@ bool FileMethod::Fetch(FetchItem *Itm) if (Res.Filename.empty() == true) return _error->Error(_("File not found")); - + + Hashes Hash; + FileFd Fd(Res.Filename, FileFd::ReadOnly); + Hash.AddFD(Fd.Fd(), Fd.Size()); + Res.TakeHashes(Hash); URIDone(Res); return true; } diff --git a/share/debian-archive.gpg b/share/debian-archive.gpg Binary files differdeleted file mode 100644 index c391d8fa1..000000000 --- a/share/debian-archive.gpg +++ /dev/null |