diff options
Diffstat (limited to 'apt-pkg')
| -rw-r--r-- | apt-pkg/acquire-item.cc | 48 | ||||
| -rw-r--r-- | apt-pkg/deb/debindexfile.cc | 15 | ||||
| -rw-r--r-- | apt-pkg/deb/deblistparser.cc | 2 | ||||
| -rw-r--r-- | apt-pkg/deb/dpkgpm.cc | 10 | ||||
| -rw-r--r-- | apt-pkg/orderlist.cc | 6 |
5 files changed, 69 insertions, 12 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 6785b4e1b..c3817f6ee 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -271,6 +271,14 @@ void pkgAcqSubIndex::Done(string Message,unsigned long Size,string Md5Hash, /*{{ string FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(Desc.URI); + /* Downloaded invalid transindex => Error (LP: #346386) (Closes: #627642) */ + indexRecords SubIndexParser; + if (FileExists(DestFile) == true && !SubIndexParser.Load(DestFile)) { + Status = StatError; + ErrorText = SubIndexParser.ErrorText; + return; + } + // sucess in downloading the index // rename the index if(Debug) @@ -894,6 +902,30 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash, ReportMirrorFailure("HashChecksumFailure"); return; } + + /* Verify the index file for correctness (all indexes must + * have a Package field) (LP: #346386) (Closes: #627642) */ + { + FileFd fd(DestFile, FileFd::ReadOnly); + pkgTagSection sec; + pkgTagFile tag(&fd); + + // Only test for correctness if the file is not empty (empty is ok) + if (fd.Size() > 0) { + if (_error->PendingError() || !tag.Step(sec)) { + Status = StatError; + _error->DumpErrors(); + Rename(DestFile,DestFile + ".FAILED"); + return; + } else if (!sec.Exists("Package")) { + Status = StatError; + ErrorText = ("Encountered a section with no Package: header"); + Rename(DestFile,DestFile + ".FAILED"); + return; + } + } + } + // Done, move it into position string FinalFile = _config->FindDir("Dir::State::lists"); FinalFile += URItoFileName(RealURI); @@ -1330,6 +1362,16 @@ void pkgAcqMetaIndex::AuthDone(string Message) /*{{{*/ /*}}}*/ void pkgAcqMetaIndex::QueueIndexes(bool verify) /*{{{*/ { +#if 0 + /* Reject invalid, existing Release files (LP: #346386) (Closes: #627642) + * FIXME: Disabled; it breaks unsigned repositories without hashes */ + if (!verify && FileExists(DestFile) && !MetaIndexParser->Load(DestFile)) + { + Status = StatError; + ErrorText = MetaIndexParser->ErrorText; + return; + } +#endif for (vector <struct IndexTarget*>::const_iterator Target = IndexTargets->begin(); Target != IndexTargets->end(); Target++) @@ -1493,6 +1535,12 @@ void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) LookupTag(Message,"Message").c_str()); RunScripts("APT::Update::Auth-Failure"); return; + } else if (LookupTag(Message,"Message").find("NODATA") != string::npos) { + /* Invalid signature file, reject (LP: #346386) (Closes: #627642) */ + _error->Error(_("GPG error: %s: %s"), + Desc.Description.c_str(), + LookupTag(Message,"Message").c_str()); + return; } else { _error->Warning(_("GPG error: %s: %s"), Desc.Description.c_str(), diff --git a/apt-pkg/deb/debindexfile.cc b/apt-pkg/deb/debindexfile.cc index 1e8c04033..c9e7f1176 100644 --- a/apt-pkg/deb/debindexfile.cc +++ b/apt-pkg/deb/debindexfile.cc @@ -423,12 +423,10 @@ string debTranslationsIndex::IndexURI(const char *Type) const /* */ bool debTranslationsIndex::GetIndexes(pkgAcquire *Owner) const { - if (TranslationsAvailable()) { - string const TranslationFile = string("Translation-").append(Language); - new pkgAcqIndexTrans(Owner, IndexURI(Language), - Info(TranslationFile.c_str()), - TranslationFile); - } + string const TranslationFile = string("Translation-").append(Language); + new pkgAcqIndexTrans(Owner, IndexURI(Language), + Info(TranslationFile.c_str()), + TranslationFile); return true; } @@ -468,9 +466,6 @@ string debTranslationsIndex::Info(const char *Type) const /*}}}*/ bool debTranslationsIndex::HasPackages() const /*{{{*/ { - if(!TranslationsAvailable()) - return false; - return FileExists(IndexFile(Language)); } /*}}}*/ @@ -510,7 +505,7 @@ bool debTranslationsIndex::Merge(pkgCacheGenerator &Gen,OpProgress *Prog) const { // Check the translation file, if in use string TranslationFile = IndexFile(Language); - if (TranslationsAvailable() && FileExists(TranslationFile)) + if (FileExists(TranslationFile)) { FileFd Trans(TranslationFile,FileFd::ReadOnlyGzip); debListParser TransParser(&Trans); diff --git a/apt-pkg/deb/deblistparser.cc b/apt-pkg/deb/deblistparser.cc index 4a9e94c85..9ae1065a4 100644 --- a/apt-pkg/deb/deblistparser.cc +++ b/apt-pkg/deb/deblistparser.cc @@ -201,7 +201,7 @@ string debListParser::DescriptionLanguage() if (Section.FindS("Description").empty() == false) return ""; - std::vector<string> const lang = APT::Configuration::getLanguages(); + std::vector<string> const lang = APT::Configuration::getLanguages(true); for (std::vector<string>::const_iterator l = lang.begin(); l != lang.end(); l++) if (Section.FindS(string("Description-").append(*l).c_str()).empty() == false) diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc index 5ddcd47e9..5fbd1801a 100644 --- a/apt-pkg/deb/dpkgpm.cc +++ b/apt-pkg/deb/dpkgpm.cc @@ -32,6 +32,8 @@ #include <algorithm> #include <sstream> #include <map> +#include <pwd.h> +#include <grp.h> #include <termios.h> #include <unistd.h> @@ -667,7 +669,13 @@ bool pkgDPkgPM::OpenLog() return _error->WarningE("OpenLog", _("Could not open file '%s'"), logfile_name.c_str()); setvbuf(term_out, NULL, _IONBF, 0); SetCloseExec(fileno(term_out), true); - chmod(logfile_name.c_str(), 0600); + struct passwd *pw; + struct group *gr; + pw = getpwnam("root"); + gr = getgrnam("adm"); + if (pw != NULL && gr != NULL) + chown(logfile_name.c_str(), pw->pw_uid, gr->gr_gid); + chmod(logfile_name.c_str(), 0644); fprintf(term_out, "\nLog started: %s\n", timestr); } diff --git a/apt-pkg/orderlist.cc b/apt-pkg/orderlist.cc index ba43bc757..19661fc2d 100644 --- a/apt-pkg/orderlist.cc +++ b/apt-pkg/orderlist.cc @@ -1073,6 +1073,12 @@ bool pkgOrderList::CheckDep(DepIterator D) just needs one */ if (D.IsNegative() == false) { + // ignore provides by older versions of this package + if (((D.Reverse() == false && Pkg == D.ParentPkg()) || + (D.Reverse() == true && Pkg == D.TargetPkg())) && + Cache[Pkg].InstallVer != *I) + continue; + /* Try to find something that does not have the after flag set if at all possible */ if (IsFlag(Pkg,After) == true) |