2 files changed, 37 insertions, 3 deletions

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 714edd8d8..b2f896627 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -340,6 +340,12 @@ pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,
       // File was already in place.  It needs to be re-verified
       // because Release might have changed, so Move it into partial
       Rename(Final,DestFile);
+      // unlink the file and do not try to use I-M-S and Last-Modified
+      // if the users proxy is broken
+      if(_config->FindB("Acquire::BrokenProxy", false) == true) {
+	 std::cerr << "forcing re-get of the signature file as requested" << std::endl;
+	 unlink(DestFile.c_str());
+      }
    }
 
    QueueURI(Desc);
diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc
index 4b6ac5ce0..1f65062f7 100644
--- a/apt-pkg/indexcopy.cc
+++ b/apt-pkg/indexcopy.cc
@@ -593,17 +593,45 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector<string> &SigList,
 
       // verify the gpg signature of "Release"
       // gpg --verify "*I+Release.gpg", "*I+Release"
+      const char *Args[400];
+      unsigned int i = 0;
+
       string gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
       string pubringpath = _config->Find("Apt::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg");
+      string releasegpg = *I+"Release.gpg";
+      string release = *I+"Release";
+
+      Args[i++] = gpgvpath.c_str();
+      Args[i++] = "--keyring";
+      Args[i++] = pubringpath.c_str();
+      Configuration::Item const *Opts;
+      Opts = _config->Tree("Acquire::gpgv::Options");
+      if (Opts != 0)
+      {
+         Opts = Opts->Child;
+	 for (; Opts != 0; Opts = Opts->Next)
+         {
+            if (Opts->Value.empty() == true)
+               continue;
+            Args[i++] = Opts->Value.c_str();
+	    if(i >= 390) { 
+	       _error->Error("Argument list from Acquire::gpgv::Options too long. Exiting.");
+	       return false;
+	    }
+         }
+      }
+      
+      Args[i++] = releasegpg.c_str();
+      Args[i++] = release.c_str();
+      Args[i++] = NULL;
+      
       pid_t pid = ExecFork();
       if(pid < 0) {
 	 _error->Error("Fork failed");
 	 return false;
       }
       if(pid == 0) {
-	 execlp(gpgvpath.c_str(), gpgvpath.c_str(), "--keyring", 
-		pubringpath.c_str(), string(*I+"Release.gpg").c_str(), 
-		string(*I+"Release").c_str(), NULL);
+	 execvp(gpgvpath.c_str(), (char**)Args);
       }
       if(!ExecWait(pid, "gpgv")) {
 	 _error->Warning("Signature verification failed for: %s",