summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--apt-pkg/acquire-item.cc4
-rwxr-xr-xtest/integration/test-apt-get-update-unauth-warning30
2 files changed, 34 insertions, 0 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 9d9aec4d0..4e843ecaf 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1970,6 +1970,10 @@ void pkgAcqMetaIndex::Failed(string Message,
DestFile = FinalFile;
}
+ // warn if the repository is unsinged
+ _error->Warning(_("The data from '%s' is not signed. Packages "
+ "from that repository can not be authenticated."),
+ URIDesc.c_str());
// No Release file was present, or verification failed, so fall
// back to queueing Packages files without verification
QueueIndexes(false);
diff --git a/test/integration/test-apt-get-update-unauth-warning b/test/integration/test-apt-get-update-unauth-warning
new file mode 100755
index 000000000..4411a7430
--- /dev/null
+++ b/test/integration/test-apt-get-update-unauth-warning
@@ -0,0 +1,30 @@
+#!/bin/sh
+#
+# ensure we print warnings for unauthenticated repositories
+#
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+
+setupenvironment
+configarchitecture "i386"
+
+# a "normal" package with source and binary
+buildsimplenativepackage 'foo' 'all' '2.0'
+
+setupaptarchive --no-update
+
+APTARCHIVE=$(readlink -f ./aptarchive)
+rm -f $APTARCHIVE/dists/unstable/*Release*
+
+# update without authenticated InRelease file
+testequal "Ign file: unstable InRelease
+Ign file: unstable Release
+Reading package lists...
+W: The data from 'file: unstable Release' is not signed. Packages from that repository can not be authenticated." aptget update
+
+# ensure we can not install the package
+testequal "WARNING: The following packages cannot be authenticated!
+ foo
+E: There are problems and -y was used without --force-yes" aptget install -qq -y foo