diff options
| -rw-r--r-- | apt-pkg/acquire-item.cc | 4 | ||||
| -rwxr-xr-x | test/integration/test-apt-get-update-unauth-warning | 30 |
2 files changed, 34 insertions, 0 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 9d9aec4d0..4e843ecaf 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1970,6 +1970,10 @@ void pkgAcqMetaIndex::Failed(string Message, DestFile = FinalFile; } + // warn if the repository is unsinged + _error->Warning(_("The data from '%s' is not signed. Packages " + "from that repository can not be authenticated."), + URIDesc.c_str()); // No Release file was present, or verification failed, so fall // back to queueing Packages files without verification QueueIndexes(false); diff --git a/test/integration/test-apt-get-update-unauth-warning b/test/integration/test-apt-get-update-unauth-warning new file mode 100755 index 000000000..4411a7430 --- /dev/null +++ b/test/integration/test-apt-get-update-unauth-warning @@ -0,0 +1,30 @@ +#!/bin/sh +# +# ensure we print warnings for unauthenticated repositories +# +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# a "normal" package with source and binary +buildsimplenativepackage 'foo' 'all' '2.0' + +setupaptarchive --no-update + +APTARCHIVE=$(readlink -f ./aptarchive) +rm -f $APTARCHIVE/dists/unstable/*Release* + +# update without authenticated InRelease file +testequal "Ign file: unstable InRelease +Ign file: unstable Release +Reading package lists... +W: The data from 'file: unstable Release' is not signed. Packages from that repository can not be authenticated." aptget update + +# ensure we can not install the package +testequal "WARNING: The following packages cannot be authenticated! + foo +E: There are problems and -y was used without --force-yes" aptget install -qq -y foo |