diff options
| -rw-r--r-- | apt-pkg/acquire-item.cc | 25 | ||||
| -rw-r--r-- | apt-pkg/deb/debmetaindex.cc | 4 | ||||
| -rw-r--r-- | apt-pkg/indexfile.cc | 1 | ||||
| -rw-r--r-- | apt-pkg/indexfile.h | 4 | ||||
| -rw-r--r-- | doc/sources.list.5.xml | 9 | ||||
| -rwxr-xr-x | test/integration/test-apt-by-hash-update | 28 |
6 files changed, 66 insertions, 5 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 611876dd2..7fcc5867a 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1324,9 +1324,13 @@ bool pkgAcqMetaBase::CheckDownloadDone(pkgAcqTransactionItem * const I, const st // Save the final base URI we got this Release file from if (I->UsedMirror.empty() == false && _config->FindB("Acquire::SameMirrorForAllIndexes", true)) { - if (APT::String::Endswith(I->Desc.URI, "InRelease")) + auto InReleasePath = Target.Option(IndexTarget::INRELEASE_PATH); + if (InReleasePath.empty()) + InReleasePath = "InRelease"; + + if (APT::String::Endswith(I->Desc.URI, InReleasePath)) { - TransactionManager->BaseURI = I->Desc.URI.substr(0, I->Desc.URI.length() - strlen("InRelease")); + TransactionManager->BaseURI = I->Desc.URI.substr(0, I->Desc.URI.length() - InReleasePath.length()); TransactionManager->UsedMirror = I->UsedMirror; } else if (APT::String::Endswith(I->Desc.URI, "Release")) @@ -1871,6 +1875,7 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c auto const failreason = LookupTag(Message, "FailReason"); auto const httperror = "HttpError"; if (Status == StatAuthError || + Target.Option(IndexTarget::INRELEASE_PATH).empty() == false || /* do not fallback if InRelease was requested */ (strncmp(failreason.c_str(), httperror, strlen(httperror)) == 0 && failreason != "HttpError404")) { @@ -1880,7 +1885,7 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c // as this is gonna fail anyway and instead abort our try (LP#346386) _error->PushToStack(); _error->Error(_("Failed to fetch %s %s"), Target.URI.c_str(), ErrorText.c_str()); - if (AllowInsecureRepositories(InsecureType::UNSIGNED, Target.Description, TransactionManager->MetaIndexParser, TransactionManager, this) == true) + if (Target.Option(IndexTarget::INRELEASE_PATH).empty() == true && AllowInsecureRepositories(InsecureType::UNSIGNED, Target.Description, TransactionManager->MetaIndexParser, TransactionManager, this) == true) _error->RevertToStack(); else return; @@ -1941,7 +1946,19 @@ pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire * const Owner, /*{{{*/ Desc.Description = DataTarget.Description; Desc.Owner = this; Desc.ShortDesc = DataTarget.ShortDesc; - Desc.URI = DataTarget.URI; + + // Rewrite the description URI if INRELEASE_PATH was specified so + // we download the specified file instead. + auto InReleasePath = DataTarget.Option(IndexTarget::INRELEASE_PATH); + if (InReleasePath.empty() == false && APT::String::Endswith(DataTarget.URI, "/InRelease")) + { + Desc.URI = DataTarget.URI.substr(0, DataTarget.URI.size() - strlen("InRelease")) + InReleasePath; + } + else + { + Desc.URI = DataTarget.URI; + } + QueueURI(Desc); } /*}}}*/ diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc index 2688052a4..59a26390e 100644 --- a/apt-pkg/deb/debmetaindex.cc +++ b/apt-pkg/deb/debmetaindex.cc @@ -1092,6 +1092,10 @@ class APT_HIDDEN debSLTypeDebian : public pkgSourceList::Type /*{{{*/ if (GetBoolOption(Options, "allow-downgrade-to-insecure", _config->FindB("Acquire::AllowDowngradeToInsecureRepositories"))) ReleaseOptions.emplace("ALLOW_DOWNGRADE_TO_INSECURE", "true"); + auto InReleasePath = Options.find("inrelease-path"); + if (InReleasePath != Options.end()) + ReleaseOptions.emplace("INRELEASE_PATH", InReleasePath->second); + debReleaseIndex * Deb = nullptr; std::string const FileName = URItoFileName(constructMetaIndexURI(URI, Dist, "Release")); for (auto const &I: List) diff --git a/apt-pkg/indexfile.cc b/apt-pkg/indexfile.cc index 679e2eab8..96ae2f93b 100644 --- a/apt-pkg/indexfile.cc +++ b/apt-pkg/indexfile.cc @@ -149,6 +149,7 @@ std::string IndexTarget::Option(OptionKeys const EnumKey) const /*{{{*/ APT_CASE(ALLOW_INSECURE); APT_CASE(ALLOW_WEAK); APT_CASE(ALLOW_DOWNGRADE_TO_INSECURE); + APT_CASE(INRELEASE_PATH); #undef APT_CASE case FILENAME: { diff --git a/apt-pkg/indexfile.h b/apt-pkg/indexfile.h index 7ebbd66f1..31b95172e 100644 --- a/apt-pkg/indexfile.h +++ b/apt-pkg/indexfile.h @@ -72,7 +72,8 @@ class IndexTarget /*{{{*/ std::string const &LongDesc, std::string const &URI, bool const IsOptional, bool const KeepCompressed, std::map<std::string, std::string> const &Options); - enum OptionKeys { + enum OptionKeys + { SITE, RELEASE, COMPONENT, @@ -95,6 +96,7 @@ class IndexTarget /*{{{*/ ALLOW_INSECURE, ALLOW_WEAK, ALLOW_DOWNGRADE_TO_INSECURE, + INRELEASE_PATH, }; std::string Option(OptionKeys const Key) const; bool OptionBool(OptionKeys const Key) const; diff --git a/doc/sources.list.5.xml b/doc/sources.list.5.xml index bfad35aa7..b19808636 100644 --- a/doc/sources.list.5.xml +++ b/doc/sources.list.5.xml @@ -343,6 +343,15 @@ deb-src [ option1=value1 option2=value2 ] uri suite [component1] [component2] [. default. </para></listitem> + <listitem><para><option>InRelease-Path</option> (<option>inrelease-path</option>) + determines the path to the InRelease file, relative + to the normal position of an <filename>InRelease</filename> file. + By default, this option is unset and APT will try to fetch an <filename>InRelease</filename> + or, if that fails, a <filename>Release</filename> file and its associated <filename>Release.gpg</filename> file. By setting this option, + the specified path will be tried instead of the InRelease file, + and the fallback to <filename>Release</filename> files will be disabled. + </para></listitem> + </itemizedlist> </para> diff --git a/test/integration/test-apt-by-hash-update b/test/integration/test-apt-by-hash-update index 9701f97f9..f4794a84f 100755 --- a/test/integration/test-apt-by-hash-update +++ b/test/integration/test-apt-by-hash-update @@ -77,3 +77,31 @@ ensureitsbroken -o Acquire::By-Hash=0 sed -i "s#^\(deb\(-src\)\?\) \[by-hash=yes\] #\1 [by-hash=force] #" rootdir/etc/apt/sources.list.d/* ensureitworks #ensureitsbroken -o Acquire::By-Hash=0 + + + +msgmsg 'Test InRelease by-hash via' 'sources option' + +rm -rf aptarchive/dists +cp -a aptarchive/dists.bak aptarchive/dists +mkdir -p aptarchive/dists/unstable/by-hash/SHA256 +inrelease_hash=$(sha256sum aptarchive/dists/unstable/InRelease | awk '{print $1}') +mv aptarchive/dists/unstable/InRelease aptarchive/dists/unstable/by-hash/SHA256/$inrelease_hash +#ensureitworks -o Acquire::By-Hash=force +ensureitsbroken -o Acquire::By-Hash=1 +ensureitsbroken -o Acquire::By-Hash=0 + +sed -i "s#^\(deb\(-src\)\?\) \[by-hash=force\] #\1 [by-hash=force inrelease-path=by-hash/SHA256/$inrelease_hash] #" rootdir/etc/apt/sources.list.d/* +ensureitworks +#ensureitsbroken -o Acquire::By-Hash=0 + +msgmsg 'Test InRelease by-hash with' 'no fallback' + +rm -rf aptarchive/dists +cp -a aptarchive/dists.bak aptarchive/dists + +testfailureequal "Get:1 file:${TMPWORKINGDIRECTORY}/aptarchive unstable InRelease +Err:1 file:${TMPWORKINGDIRECTORY}/aptarchive unstable InRelease + File not found - ${TMPWORKINGDIRECTORY}/aptarchive/dists/unstable/by-hash/SHA256/${inrelease_hash} (2: No such file or directory) +Reading package lists... +E: Failed to fetch file://${TMPWORKINGDIRECTORY}/aptarchive/dists/unstable/InRelease File not found - ${TMPWORKINGDIRECTORY}/aptarchive/dists/unstable/by-hash/SHA256/${inrelease_hash} (2: No such file or directory)" aptget update |