summaryrefslogtreecommitdiff
path: root/apt-pkg
diff options
context:
space:
mode:
Diffstat (limited to 'apt-pkg')
-rw-r--r--apt-pkg/acquire-item.cc13
-rw-r--r--apt-pkg/contrib/fileutl.cc20
-rw-r--r--apt-pkg/contrib/fileutl.h3
-rw-r--r--apt-pkg/contrib/netrc.cc12
-rw-r--r--apt-pkg/contrib/netrc.h4
-rw-r--r--apt-pkg/deb/debsrcrecords.cc125
-rw-r--r--apt-pkg/deb/dpkgpm.cc2
-rw-r--r--apt-pkg/init.h2
-rw-r--r--apt-pkg/pkgcache.cc4
-rw-r--r--apt-pkg/pkgcache.h2
-rw-r--r--apt-pkg/srcrecords.h1
11 files changed, 115 insertions, 73 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 95dadcd6d..12000a8c1 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1247,9 +1247,20 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash, /
}
else
{
+ // FIXME: move this into pkgAcqMetaClearSig::Done on the next
+ // ABI break
+
+ // if we expect a ClearTextSignature (InRelase), ensure that
+ // this is what we get and if not fail to queue a
+ // Release/Release.gpg, see #346386
+ if (SigFile == DestFile && !StartsWithGPGClearTextSignature(DestFile))
+ {
+ Failed(Message, Cfg);
+ return;
+ }
+
// There was a signature file, so pass it to gpgv for
// verification
-
if (_config->FindB("Debug::pkgAcquire::Auth", false))
std::cerr << "Metaindex acquired, queueing gpg verification ("
<< SigFile << "," << DestFile << ")\n";
diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index dca468c63..ac2879017 100644
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -858,6 +858,26 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap)
}
/*}}}*/
+// StartsWithGPGClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+bool StartsWithGPGClearTextSignature(string const &FileName)
+{
+ static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n";
+ char buffer[strlen(SIGMSG)+1];
+ FILE* gpg = fopen(FileName.c_str(), "r");
+ if (gpg == NULL)
+ return false;
+
+ char const * const test = fgets(buffer, sizeof(buffer), gpg);
+ fclose(gpg);
+ if (test == NULL || strcmp(buffer, SIGMSG) != 0)
+ return false;
+
+ return true;
+}
+
+
// FileFd::Open - Open a file /*{{{*/
// ---------------------------------------------------------------------
/* The most commonly used open mode combinations are given with Mode */
diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h
index decd64d9d..9402c8f75 100644
--- a/apt-pkg/contrib/fileutl.h
+++ b/apt-pkg/contrib/fileutl.h
@@ -184,6 +184,9 @@ bool WaitFd(int Fd,bool write = false,unsigned long timeout = 0);
pid_t ExecFork();
bool ExecWait(pid_t Pid,const char *Name,bool Reap = false);
+// check if the given file starts with a PGP cleartext signature
+bool StartsWithGPGClearTextSignature(std::string const &FileName);
+
// File string manipulators
std::string flNotDir(std::string File);
std::string flNotFile(std::string File);
diff --git a/apt-pkg/contrib/netrc.cc b/apt-pkg/contrib/netrc.cc
index de95aa4ab..e61a82f8c 100644
--- a/apt-pkg/contrib/netrc.cc
+++ b/apt-pkg/contrib/netrc.cc
@@ -153,18 +153,6 @@ static int parsenetrc_string (char *host, std::string &login, std::string &passw
return retcode;
}
-// for some unknown reason this method is exported so keep a compatible interface for now …
-int parsenetrc (char *host, char *login, char *password, char *netrcfile = NULL)
-{
- std::string login_string, password_string;
- int const ret = parsenetrc_string(host, login_string, password_string, netrcfile);
- if (ret < 0)
- return ret;
- strncpy(login, login_string.c_str(), LOGINSIZE - 1);
- strncpy(password, password_string.c_str(), PASSWORDSIZE - 1);
- return ret;
-}
-
void maybe_add_auth (URI &Uri, string NetRCFile)
{
diff --git a/apt-pkg/contrib/netrc.h b/apt-pkg/contrib/netrc.h
index 6feb5b726..7349126c4 100644
--- a/apt-pkg/contrib/netrc.h
+++ b/apt-pkg/contrib/netrc.h
@@ -25,9 +25,5 @@
class URI;
-// kill this export on the next ABI break - strongly doubt its in use anyway
-// outside of the apt itself, its really a internal interface
-__deprecated int parsenetrc (char *host, char *login, char *password, char *filename);
-
void maybe_add_auth (URI &Uri, std::string NetRCFile);
#endif
diff --git a/apt-pkg/deb/debsrcrecords.cc b/apt-pkg/deb/debsrcrecords.cc
index ce55ccd1f..f5fb2da4a 100644
--- a/apt-pkg/deb/debsrcrecords.cc
+++ b/apt-pkg/deb/debsrcrecords.cc
@@ -17,6 +17,7 @@
#include <apt-pkg/strutl.h>
#include <apt-pkg/configuration.h>
#include <apt-pkg/aptconfiguration.h>
+#include <apt-pkg/hashes.h>
using std::max;
/*}}}*/
@@ -114,64 +115,86 @@ bool debSrcRecordParser::BuildDepends(std::vector<pkgSrcRecords::Parser::BuildDe
bool debSrcRecordParser::Files(std::vector<pkgSrcRecords::File> &List)
{
List.erase(List.begin(),List.end());
+
+ // map from the Hashsum field to the hashsum function,
+ // unfortunately this is not a 1:1 mapping from
+ // Hashes::SupporedHashes as e.g. Files is a historic name for the md5
+ const std::pair<const char*, const char*> SourceHashFields[] = {
+ std::make_pair( "Checksums-Sha512", "SHA512"),
+ std::make_pair( "Checksums-Sha256", "SHA256"),
+ std::make_pair( "Checksums-Sha1", "SHA1"),
+ std::make_pair( "Files", "MD5Sum"), // historic Name
+ };
- string Files = Sect.FindS("Files");
- if (Files.empty() == true)
- return false;
+ for (unsigned int i=0;
+ i < sizeof(SourceHashFields)/sizeof(SourceHashFields[0]);
+ i++)
+ {
+ string Files = Sect.FindS(SourceHashFields[i].first);
+ if (Files.empty() == true)
+ continue;
- // Stash the / terminated directory prefix
- string Base = Sect.FindS("Directory");
- if (Base.empty() == false && Base[Base.length()-1] != '/')
- Base += '/';
+ // Stash the / terminated directory prefix
+ string Base = Sect.FindS("Directory");
+ if (Base.empty() == false && Base[Base.length()-1] != '/')
+ Base += '/';
- std::vector<std::string> const compExts = APT::Configuration::getCompressorExtensions();
+ std::vector<std::string> const compExts = APT::Configuration::getCompressorExtensions();
- // Iterate over the entire list grabbing each triplet
- const char *C = Files.c_str();
- while (*C != 0)
- {
- pkgSrcRecords::File F;
- string Size;
-
- // Parse each of the elements
- if (ParseQuoteWord(C,F.MD5Hash) == false ||
- ParseQuoteWord(C,Size) == false ||
- ParseQuoteWord(C,F.Path) == false)
- return _error->Error("Error parsing file record");
-
- // Parse the size and append the directory
- F.Size = atoi(Size.c_str());
- F.Path = Base + F.Path;
-
- // Try to guess what sort of file it is we are getting.
- string::size_type Pos = F.Path.length()-1;
- while (1)
- {
- string::size_type Tmp = F.Path.rfind('.',Pos);
- if (Tmp == string::npos)
- break;
- if (F.Type == "tar") {
- // source v3 has extension 'debian.tar.*' instead of 'diff.*'
- if (string(F.Path, Tmp+1, Pos-Tmp) == "debian")
- F.Type = "diff";
- break;
- }
- F.Type = string(F.Path,Tmp+1,Pos-Tmp);
+ // Iterate over the entire list grabbing each triplet
+ const char *C = Files.c_str();
+ while (*C != 0)
+ {
+ pkgSrcRecords::File F;
+ string Size;
+
+ // Parse each of the elements
+ std::string RawHash;
+ if (ParseQuoteWord(C, RawHash) == false ||
+ ParseQuoteWord(C, Size) == false ||
+ ParseQuoteWord(C, F.Path) == false)
+ return _error->Error("Error parsing '%s' record",
+ SourceHashFields[i].first);
+ // assign full hash string
+ F.Hash = HashString(SourceHashFields[i].second, RawHash).toStr();
+ // API compat hack
+ if(SourceHashFields[i].second == "MD5Sum")
+ F.MD5Hash = RawHash;
+
+ // Parse the size and append the directory
+ F.Size = atoi(Size.c_str());
+ F.Path = Base + F.Path;
+
+ // Try to guess what sort of file it is we are getting.
+ string::size_type Pos = F.Path.length()-1;
+ while (1)
+ {
+ string::size_type Tmp = F.Path.rfind('.',Pos);
+ if (Tmp == string::npos)
+ break;
+ if (F.Type == "tar") {
+ // source v3 has extension 'debian.tar.*' instead of 'diff.*'
+ if (string(F.Path, Tmp+1, Pos-Tmp) == "debian")
+ F.Type = "diff";
+ break;
+ }
+ F.Type = string(F.Path,Tmp+1,Pos-Tmp);
+
+ if (std::find(compExts.begin(), compExts.end(), std::string(".").append(F.Type)) != compExts.end() ||
+ F.Type == "tar")
+ {
+ Pos = Tmp-1;
+ continue;
+ }
- if (std::find(compExts.begin(), compExts.end(), std::string(".").append(F.Type)) != compExts.end() ||
- F.Type == "tar")
- {
- Pos = Tmp-1;
- continue;
- }
-
- break;
- }
+ break;
+ }
- List.push_back(F);
+ List.push_back(F);
+ }
+ break;
}
-
- return true;
+ return (List.size() > 0);
}
/*}}}*/
// SrcRecordParser::~SrcRecordParser - Destructor /*{{{*/
diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc
index 4b5467eff..b069f22f7 100644
--- a/apt-pkg/deb/dpkgpm.cc
+++ b/apt-pkg/deb/dpkgpm.cc
@@ -464,7 +464,7 @@ bool pkgDPkgPM::RunScriptsWithPkgs(const char *Cnf)
void pkgDPkgPM::DoStdin(int master)
{
unsigned char input_buf[256] = {0,};
- ssize_t len = read(0, input_buf, sizeof(input_buf));
+ ssize_t len = read(STDIN_FILENO, input_buf, sizeof(input_buf));
if (len)
FileFd::Write(master, input_buf, len);
else
diff --git a/apt-pkg/init.h b/apt-pkg/init.h
index b6f3df753..00d361560 100644
--- a/apt-pkg/init.h
+++ b/apt-pkg/init.h
@@ -27,7 +27,7 @@ class Configuration;
// Non-ABI-Breaks should only increase RELEASE number.
// See also buildlib/libversion.mak
#define APT_PKG_MAJOR 4
-#define APT_PKG_MINOR 12
+#define APT_PKG_MINOR 13
#define APT_PKG_RELEASE 0
extern const char *pkgVersion;
diff --git a/apt-pkg/pkgcache.cc b/apt-pkg/pkgcache.cc
index 52e814c0b..0b8b6fe77 100644
--- a/apt-pkg/pkgcache.cc
+++ b/apt-pkg/pkgcache.cc
@@ -51,8 +51,8 @@ pkgCache::Header::Header()
/* Whenever the structures change the major version should be bumped,
whenever the generator changes the minor version should be bumped. */
- MajorVersion = 8;
- MinorVersion = 1;
+ MajorVersion = 9;
+ MinorVersion = 0;
Dirty = false;
HeaderSz = sizeof(pkgCache::Header);
diff --git a/apt-pkg/pkgcache.h b/apt-pkg/pkgcache.h
index 1a7013551..565ee657c 100644
--- a/apt-pkg/pkgcache.h
+++ b/apt-pkg/pkgcache.h
@@ -136,7 +136,7 @@ class pkgCache /*{{{*/
/** \brief priority of a package version
Zero is used for unparsable or absent Priority fields. */
- enum VerPriority {Important=1,Required=2,Standard=3,Optional=4,Extra=5};
+ enum VerPriority {Required=1,Important=2,Standard=3,Optional=4,Extra=5};
enum PkgSelectedState {Unknown=0,Install=1,Hold=2,DeInstall=3,Purge=4};
enum PkgInstState {Ok=0,ReInstReq=1,HoldInst=2,HoldReInstReq=3};
enum PkgCurrentState {NotInstalled=0,UnPacked=1,HalfConfigured=2,
diff --git a/apt-pkg/srcrecords.h b/apt-pkg/srcrecords.h
index ed69d0d72..796d2e1bd 100644
--- a/apt-pkg/srcrecords.h
+++ b/apt-pkg/srcrecords.h
@@ -32,6 +32,7 @@ class pkgSrcRecords
struct File
{
std::string MD5Hash;
+ std::string Hash;
unsigned long Size;
std::string Path;
std::string Type;