summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--apt-pkg/acquire-item.cc25
-rw-r--r--apt-pkg/deb/debmetaindex.cc4
-rw-r--r--apt-pkg/indexfile.cc1
-rw-r--r--apt-pkg/indexfile.h4
-rw-r--r--doc/sources.list.5.xml9
-rwxr-xr-xtest/integration/test-apt-by-hash-update28
6 files changed, 66 insertions, 5 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 611876dd2..7fcc5867a 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1324,9 +1324,13 @@ bool pkgAcqMetaBase::CheckDownloadDone(pkgAcqTransactionItem * const I, const st
// Save the final base URI we got this Release file from
if (I->UsedMirror.empty() == false && _config->FindB("Acquire::SameMirrorForAllIndexes", true))
{
- if (APT::String::Endswith(I->Desc.URI, "InRelease"))
+ auto InReleasePath = Target.Option(IndexTarget::INRELEASE_PATH);
+ if (InReleasePath.empty())
+ InReleasePath = "InRelease";
+
+ if (APT::String::Endswith(I->Desc.URI, InReleasePath))
{
- TransactionManager->BaseURI = I->Desc.URI.substr(0, I->Desc.URI.length() - strlen("InRelease"));
+ TransactionManager->BaseURI = I->Desc.URI.substr(0, I->Desc.URI.length() - InReleasePath.length());
TransactionManager->UsedMirror = I->UsedMirror;
}
else if (APT::String::Endswith(I->Desc.URI, "Release"))
@@ -1871,6 +1875,7 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c
auto const failreason = LookupTag(Message, "FailReason");
auto const httperror = "HttpError";
if (Status == StatAuthError ||
+ Target.Option(IndexTarget::INRELEASE_PATH).empty() == false || /* do not fallback if InRelease was requested */
(strncmp(failreason.c_str(), httperror, strlen(httperror)) == 0 &&
failreason != "HttpError404"))
{
@@ -1880,7 +1885,7 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c
// as this is gonna fail anyway and instead abort our try (LP#346386)
_error->PushToStack();
_error->Error(_("Failed to fetch %s %s"), Target.URI.c_str(), ErrorText.c_str());
- if (AllowInsecureRepositories(InsecureType::UNSIGNED, Target.Description, TransactionManager->MetaIndexParser, TransactionManager, this) == true)
+ if (Target.Option(IndexTarget::INRELEASE_PATH).empty() == true && AllowInsecureRepositories(InsecureType::UNSIGNED, Target.Description, TransactionManager->MetaIndexParser, TransactionManager, this) == true)
_error->RevertToStack();
else
return;
@@ -1941,7 +1946,19 @@ pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire * const Owner, /*{{{*/
Desc.Description = DataTarget.Description;
Desc.Owner = this;
Desc.ShortDesc = DataTarget.ShortDesc;
- Desc.URI = DataTarget.URI;
+
+ // Rewrite the description URI if INRELEASE_PATH was specified so
+ // we download the specified file instead.
+ auto InReleasePath = DataTarget.Option(IndexTarget::INRELEASE_PATH);
+ if (InReleasePath.empty() == false && APT::String::Endswith(DataTarget.URI, "/InRelease"))
+ {
+ Desc.URI = DataTarget.URI.substr(0, DataTarget.URI.size() - strlen("InRelease")) + InReleasePath;
+ }
+ else
+ {
+ Desc.URI = DataTarget.URI;
+ }
+
QueueURI(Desc);
}
/*}}}*/
diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc
index 2688052a4..59a26390e 100644
--- a/apt-pkg/deb/debmetaindex.cc
+++ b/apt-pkg/deb/debmetaindex.cc
@@ -1092,6 +1092,10 @@ class APT_HIDDEN debSLTypeDebian : public pkgSourceList::Type /*{{{*/
if (GetBoolOption(Options, "allow-downgrade-to-insecure", _config->FindB("Acquire::AllowDowngradeToInsecureRepositories")))
ReleaseOptions.emplace("ALLOW_DOWNGRADE_TO_INSECURE", "true");
+ auto InReleasePath = Options.find("inrelease-path");
+ if (InReleasePath != Options.end())
+ ReleaseOptions.emplace("INRELEASE_PATH", InReleasePath->second);
+
debReleaseIndex * Deb = nullptr;
std::string const FileName = URItoFileName(constructMetaIndexURI(URI, Dist, "Release"));
for (auto const &I: List)
diff --git a/apt-pkg/indexfile.cc b/apt-pkg/indexfile.cc
index 679e2eab8..96ae2f93b 100644
--- a/apt-pkg/indexfile.cc
+++ b/apt-pkg/indexfile.cc
@@ -149,6 +149,7 @@ std::string IndexTarget::Option(OptionKeys const EnumKey) const /*{{{*/
APT_CASE(ALLOW_INSECURE);
APT_CASE(ALLOW_WEAK);
APT_CASE(ALLOW_DOWNGRADE_TO_INSECURE);
+ APT_CASE(INRELEASE_PATH);
#undef APT_CASE
case FILENAME:
{
diff --git a/apt-pkg/indexfile.h b/apt-pkg/indexfile.h
index 7ebbd66f1..31b95172e 100644
--- a/apt-pkg/indexfile.h
+++ b/apt-pkg/indexfile.h
@@ -72,7 +72,8 @@ class IndexTarget /*{{{*/
std::string const &LongDesc, std::string const &URI, bool const IsOptional,
bool const KeepCompressed, std::map<std::string, std::string> const &Options);
- enum OptionKeys {
+ enum OptionKeys
+ {
SITE,
RELEASE,
COMPONENT,
@@ -95,6 +96,7 @@ class IndexTarget /*{{{*/
ALLOW_INSECURE,
ALLOW_WEAK,
ALLOW_DOWNGRADE_TO_INSECURE,
+ INRELEASE_PATH,
};
std::string Option(OptionKeys const Key) const;
bool OptionBool(OptionKeys const Key) const;
diff --git a/doc/sources.list.5.xml b/doc/sources.list.5.xml
index bfad35aa7..b19808636 100644
--- a/doc/sources.list.5.xml
+++ b/doc/sources.list.5.xml
@@ -343,6 +343,15 @@ deb-src [ option1=value1 option2=value2 ] uri suite [component1] [component2] [.
default.
</para></listitem>
+ <listitem><para><option>InRelease-Path</option> (<option>inrelease-path</option>)
+ determines the path to the InRelease file, relative
+ to the normal position of an <filename>InRelease</filename> file.
+ By default, this option is unset and APT will try to fetch an <filename>InRelease</filename>
+ or, if that fails, a <filename>Release</filename> file and its associated <filename>Release.gpg</filename> file. By setting this option,
+ the specified path will be tried instead of the InRelease file,
+ and the fallback to <filename>Release</filename> files will be disabled.
+ </para></listitem>
+
</itemizedlist>
</para>
diff --git a/test/integration/test-apt-by-hash-update b/test/integration/test-apt-by-hash-update
index 9701f97f9..f4794a84f 100755
--- a/test/integration/test-apt-by-hash-update
+++ b/test/integration/test-apt-by-hash-update
@@ -77,3 +77,31 @@ ensureitsbroken -o Acquire::By-Hash=0
sed -i "s#^\(deb\(-src\)\?\) \[by-hash=yes\] #\1 [by-hash=force] #" rootdir/etc/apt/sources.list.d/*
ensureitworks
#ensureitsbroken -o Acquire::By-Hash=0
+
+
+
+msgmsg 'Test InRelease by-hash via' 'sources option'
+
+rm -rf aptarchive/dists
+cp -a aptarchive/dists.bak aptarchive/dists
+mkdir -p aptarchive/dists/unstable/by-hash/SHA256
+inrelease_hash=$(sha256sum aptarchive/dists/unstable/InRelease | awk '{print $1}')
+mv aptarchive/dists/unstable/InRelease aptarchive/dists/unstable/by-hash/SHA256/$inrelease_hash
+#ensureitworks -o Acquire::By-Hash=force
+ensureitsbroken -o Acquire::By-Hash=1
+ensureitsbroken -o Acquire::By-Hash=0
+
+sed -i "s#^\(deb\(-src\)\?\) \[by-hash=force\] #\1 [by-hash=force inrelease-path=by-hash/SHA256/$inrelease_hash] #" rootdir/etc/apt/sources.list.d/*
+ensureitworks
+#ensureitsbroken -o Acquire::By-Hash=0
+
+msgmsg 'Test InRelease by-hash with' 'no fallback'
+
+rm -rf aptarchive/dists
+cp -a aptarchive/dists.bak aptarchive/dists
+
+testfailureequal "Get:1 file:${TMPWORKINGDIRECTORY}/aptarchive unstable InRelease
+Err:1 file:${TMPWORKINGDIRECTORY}/aptarchive unstable InRelease
+ File not found - ${TMPWORKINGDIRECTORY}/aptarchive/dists/unstable/by-hash/SHA256/${inrelease_hash} (2: No such file or directory)
+Reading package lists...
+E: Failed to fetch file://${TMPWORKINGDIRECTORY}/aptarchive/dists/unstable/InRelease File not found - ${TMPWORKINGDIRECTORY}/aptarchive/dists/unstable/by-hash/SHA256/${inrelease_hash} (2: No such file or directory)" aptget update