summaryrefslogtreecommitdiff
path: root/apt-pkg/acquire-item.cc
diff options
context:
space:
mode:
Diffstat (limited to 'apt-pkg/acquire-item.cc')
-rw-r--r--apt-pkg/acquire-item.cc70
1 files changed, 52 insertions, 18 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 88c25de43..1fa929aad 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -340,12 +340,6 @@ pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,
// File was already in place. It needs to be re-verified
// because Release might have changed, so Move it into partial
Rename(Final,DestFile);
- // unlink the file and do not try to use I-M-S and Last-Modified
- // if the users proxy is broken
- if(_config->FindB("Acquire::BrokenProxy", false) == true) {
- std::cerr << "forcing re-get of the signature file as requested" << std::endl;
- unlink(DestFile.c_str());
- }
}
QueueURI(Desc);
@@ -395,18 +389,19 @@ void pkgAcqMetaSig::Done(string Message,unsigned long Size,string MD5,
/*}}}*/
void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
{
- // Delete any existing sigfile, so that this source isn't
- // mistakenly trusted
- string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
- unlink(Final.c_str());
- // if we get a timeout if fail
+ // if we get a network error we fail gracefully
if(LookupTag(Message,"FailReason") == "Timeout" ||
- LookupTag(Message,"FailReason") == "TmpResolveFailure") {
+ LookupTag(Message,"FailReason") == "TmpResolveFailure" ||
+ LookupTag(Message,"FailReason") == "ConnectionRefused") {
Item::Failed(Message,Cnf);
return;
}
+ // Delete any existing sigfile when the acquire failed
+ string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+ unlink(Final.c_str());
+
// queue a pkgAcqMetaIndex with no sigfile
new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc,
"", IndexTargets, MetaIndexParser);
@@ -430,7 +425,7 @@ pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire *Owner,
const vector<struct IndexTarget*>* IndexTargets,
indexRecords* MetaIndexParser) :
Item(Owner), RealURI(URI), SigFile(SigFile), AuthPass(false),
- MetaIndexParser(MetaIndexParser), IndexTargets(IndexTargets)
+ MetaIndexParser(MetaIndexParser), IndexTargets(IndexTargets), IMSHit(false)
{
DestFile = _config->FindDir("Dir::State::lists") + "partial/";
DestFile += URItoFileName(URI);
@@ -523,6 +518,9 @@ void pkgAcqMetaIndex::RetrievalDone(string Message)
return;
}
+ // see if the download was a IMSHit
+ IMSHit = StringToBool(LookupTag(Message,"IMS-Hit"),false);
+
Complete = true;
string FinalFile = _config->FindDir("Dir::State::lists");
@@ -551,7 +549,7 @@ void pkgAcqMetaIndex::AuthDone(string Message)
return;
}
- if (!VerifyVendor())
+ if (!VerifyVendor(Message))
{
return;
}
@@ -609,7 +607,7 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)
}
}
-bool pkgAcqMetaIndex::VerifyVendor()
+bool pkgAcqMetaIndex::VerifyVendor(string Message)
{
// // Maybe this should be made available from above so we don't have
// // to read and parse it every time?
@@ -634,6 +632,22 @@ bool pkgAcqMetaIndex::VerifyVendor()
// break;
// }
// }
+ string::size_type pos;
+
+ // check for missing sigs (that where not fatal because otherwise we had
+ // bombed earlier)
+ string missingkeys;
+ string msg = _("There are no public key available for the "
+ "following key IDs:\n");
+ pos = Message.find("NO_PUBKEY ");
+ if (pos != std::string::npos)
+ {
+ string::size_type start = pos+strlen("NO_PUBKEY ");
+ string Fingerprint = Message.substr(start, Message.find("\n")-start);
+ missingkeys += (Fingerprint);
+ }
+ if(!missingkeys.empty())
+ _error->Warning("%s", string(msg+missingkeys).c_str());
string Transformed = MetaIndexParser->GetExpectedDist();
@@ -642,7 +656,7 @@ bool pkgAcqMetaIndex::VerifyVendor()
Transformed = "experimental";
}
- string::size_type pos = Transformed.rfind('/');
+ pos = Transformed.rfind('/');
if (pos != string::npos)
{
Transformed = Transformed.substr(0, pos);
@@ -688,10 +702,30 @@ void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
{
if (AuthPass == true)
{
- // gpgv method failed
+ // if we fail the authentication but got the file via a IMS-Hit
+ // this means that the file wasn't downloaded and that it might be
+ // just stale (server problem, proxy etc). we delete what we have
+ // queue it again without i-m-s
+ // alternatively we could just unlink the file and let the user try again
+ if (IMSHit)
+ {
+ Complete = false;
+ Local = false;
+ AuthPass = false;
+ unlink(DestFile.c_str());
+
+ DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+ DestFile += URItoFileName(RealURI);
+ Desc.URI = RealURI;
+ QueueURI(Desc);
+ return;
+ }
+
+ // gpgv method failed
_error->Warning("GPG error: %s: %s",
Desc.Description.c_str(),
LookupTag(Message,"Message").c_str());
+
}
// No Release file was present, or verification failed, so fall
@@ -1037,7 +1071,7 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5,
else
PartialSize = Buf.st_size;
}
-
+
QueueURI(Desc);
}
/*}}}*/