summaryrefslogtreecommitdiff
path: root/cmdline
diff options
context:
space:
mode:
Diffstat (limited to 'cmdline')
-rw-r--r--cmdline/apt-extracttemplates.cc11
-rw-r--r--cmdline/apt-get.cc222
-rw-r--r--[-rwxr-xr-x]cmdline/apt-key.in (renamed from cmdline/apt-key)59
-rw-r--r--cmdline/apt.cc15
-rw-r--r--cmdline/makefile8
5 files changed, 230 insertions, 85 deletions
diff --git a/cmdline/apt-extracttemplates.cc b/cmdline/apt-extracttemplates.cc
index 8fe15fdf9..8e1937113 100644
--- a/cmdline/apt-extracttemplates.cc
+++ b/cmdline/apt-extracttemplates.cc
@@ -47,8 +47,6 @@
using namespace std;
-#define TMPDIR "/tmp"
-
pkgCache *DebFile::Cache = 0;
// DebFile::DebFile - Construct the DebFile object /*{{{*/
@@ -253,14 +251,11 @@ string WriteFile(const char *package, const char *prefix, const char *data)
{
char fn[512];
static int i;
- const char *tempdir = NULL;
-
- tempdir = getenv("TMPDIR");
- if (tempdir == NULL)
- tempdir = TMPDIR;
+ std::string tempdir = GetTempDir();
snprintf(fn, sizeof(fn), "%s/%s.%s.%u%d",
- _config->Find("APT::ExtractTemplates::TempDir", tempdir).c_str(),
+ _config->Find("APT::ExtractTemplates::TempDir",
+ tempdir.c_str()).c_str(),
package, prefix, getpid(), i++);
FileFd f;
if (data == NULL)
diff --git a/cmdline/apt-get.cc b/cmdline/apt-get.cc
index 15373b050..8a0772ce2 100644
--- a/cmdline/apt-get.cc
+++ b/cmdline/apt-get.cc
@@ -50,6 +50,8 @@
#include <apt-pkg/pkgrecords.h>
#include <apt-pkg/indexfile.h>
#include <apt-pkg/upgrade.h>
+#include <apt-pkg/metaindex.h>
+#include <apt-pkg/indexrecords.h>
#include <apt-private/private-download.h>
#include <apt-private/private-install.h>
@@ -59,6 +61,9 @@
#include <apt-private/private-update.h>
#include <apt-private/private-cmndline.h>
#include <apt-private/private-moo.h>
+#include <apt-private/private-utils.h>
+
+#include <apt-pkg/debmetaindex.h>
#include <apt-private/acqprogress.h>
@@ -129,24 +134,95 @@ bool TryToInstallBuildDep(pkgCache::PkgIterator Pkg,pkgCacheFile &Cache,
return true;
}
/*}}}*/
+
+
+// helper that can go wit hthe next ABI break
+#if (APT_PKG_MAJOR >= 4 && APT_PKG_MINOR < 13)
+std::string MetaIndexFileNameOnDisk(metaIndex *metaindex)
+{
+ // FIXME: this cast is the horror, the horror
+ debReleaseIndex *r = (debReleaseIndex*)metaindex;
+
+ // see if we have a InRelease file
+ std::string PathInRelease = r->MetaIndexFile("InRelease");
+ if (FileExists(PathInRelease))
+ return PathInRelease;
+
+ // and if not return the normal one
+ if (FileExists(PathInRelease))
+ return r->MetaIndexFile("Release");
+
+ return "";
+}
+#endif
+
+// GetReleaseForSourceRecord - Return Suite for the given srcrecord /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+std::string GetReleaseForSourceRecord(pkgSourceList *SrcList,
+ pkgSrcRecords::Parser *Parse)
+{
+ // try to find release
+ const pkgIndexFile& CurrentIndexFile = Parse->Index();
+
+ for (pkgSourceList::const_iterator S = SrcList->begin();
+ S != SrcList->end(); ++S)
+ {
+ vector<pkgIndexFile *> *Indexes = (*S)->GetIndexFiles();
+ for (vector<pkgIndexFile *>::const_iterator IF = Indexes->begin();
+ IF != Indexes->end(); ++IF)
+ {
+ if (&CurrentIndexFile == (*IF))
+ {
+#if (APT_PKG_MAJOR >= 4 && APT_PKG_MINOR < 13)
+ std::string path = MetaIndexFileNameOnDisk(*S);
+#else
+ std::string path = (*S)->LocalFileName();
+#endif
+ if (path != "")
+ {
+ indexRecords records;
+ records.Load(path);
+ return records.GetSuite();
+ }
+ }
+ }
+ }
+ return "";
+}
+ /*}}}*/
// FindSrc - Find a source record /*{{{*/
// ---------------------------------------------------------------------
/* */
pkgSrcRecords::Parser *FindSrc(const char *Name,pkgRecords &Recs,
pkgSrcRecords &SrcRecs,string &Src,
- pkgDepCache &Cache)
+ CacheFile &CacheFile)
{
- string VerTag;
- string DefRel = _config->Find("APT::Default-Release");
+ string VerTag, UserRequestedVerTag;
+ string ArchTag = "";
+ string RelTag = _config->Find("APT::Default-Release");
string TmpSrc = Name;
+ pkgDepCache *Cache = CacheFile.GetDepCache();
- // extract the version/release from the pkgname
- const size_t found = TmpSrc.find_last_of("/=");
- if (found != string::npos) {
- if (TmpSrc[found] == '/')
- DefRel = TmpSrc.substr(found+1);
- else
- VerTag = TmpSrc.substr(found+1);
+ // extract release
+ size_t found = TmpSrc.find_last_of("/");
+ if (found != string::npos)
+ {
+ RelTag = TmpSrc.substr(found+1);
+ TmpSrc = TmpSrc.substr(0,found);
+ }
+ // extract the version
+ found = TmpSrc.find_last_of("=");
+ if (found != string::npos)
+ {
+ VerTag = UserRequestedVerTag = TmpSrc.substr(found+1);
+ TmpSrc = TmpSrc.substr(0,found);
+ }
+ // extract arch
+ found = TmpSrc.find_last_of(":");
+ if (found != string::npos)
+ {
+ ArchTag = TmpSrc.substr(found+1);
TmpSrc = TmpSrc.substr(0,found);
}
@@ -154,10 +230,25 @@ pkgSrcRecords::Parser *FindSrc(const char *Name,pkgRecords &Recs,
install a version and determine the source package name, then look
in the archive for a source package of the same name. */
bool MatchSrcOnly = _config->FindB("APT::Get::Only-Source");
- const pkgCache::PkgIterator Pkg = Cache.FindPkg(TmpSrc);
+ pkgCache::PkgIterator Pkg;
+ if (ArchTag != "")
+ Pkg = Cache->FindPkg(TmpSrc, ArchTag);
+ else
+ Pkg = Cache->FindPkg(TmpSrc);
+
+ // if we can't find a package but the user qualified with a arch,
+ // error out here
+ if (Pkg.end() && ArchTag != "")
+ {
+ Src = Name;
+ _error->Error(_("Can not find a package for architecture '%s'"),
+ ArchTag.c_str());
+ return 0;
+ }
+
if (MatchSrcOnly == false && Pkg.end() == false)
{
- if(VerTag.empty() == false || DefRel.empty() == false)
+ if(VerTag != "" || RelTag != "" || ArchTag != "")
{
bool fuzzy = false;
// we have a default release, try to locate the pkg. we do it like
@@ -177,9 +268,20 @@ pkgSrcRecords::Parser *FindSrc(const char *Name,pkgRecords &Recs,
if (Ver.end() == true)
break;
}
+
+ // ignore arches that are not for us
+ if (ArchTag != "" && Ver.Arch() != ArchTag)
+ continue;
+
+ // pick highest version for the arch unless the user wants
+ // something else
+ if (ArchTag != "" && VerTag == "" && RelTag == "")
+ if(Cache->VS().CmpVersion(VerTag, Ver.VerStr()) < 0)
+ VerTag = Ver.VerStr();
+
// We match against a concrete version (or a part of this version)
if (VerTag.empty() == false &&
- (fuzzy == true || Cache.VS().CmpVersion(VerTag, Ver.VerStr()) != 0) && // exact match
+ (fuzzy == true || Cache->VS().CmpVersion(VerTag, Ver.VerStr()) != 0) && // exact match
(fuzzy == false || strncmp(VerTag.c_str(), Ver.VerStr(), VerTag.size()) != 0)) // fuzzy match
continue;
@@ -197,8 +299,8 @@ pkgSrcRecords::Parser *FindSrc(const char *Name,pkgRecords &Recs,
// or we match against a release
if(VerTag.empty() == false ||
- (VF.File().Archive() != 0 && VF.File().Archive() == DefRel) ||
- (VF.File().Codename() != 0 && VF.File().Codename() == DefRel))
+ (VF.File().Archive() != 0 && VF.File().Archive() == RelTag) ||
+ (VF.File().Codename() != 0 && VF.File().Codename() == RelTag))
{
pkgRecords::Parser &Parse = Recs.Lookup(VF);
Src = Parse.SourcePkg();
@@ -216,22 +318,28 @@ pkgSrcRecords::Parser *FindSrc(const char *Name,pkgRecords &Recs,
if (Src.empty() == false)
break;
}
- if (Src.empty() == true)
- {
- // Sources files have no codename information
- if (VerTag.empty() == true && DefRel.empty() == false)
- {
- _error->Error(_("Ignore unavailable target release '%s' of package '%s'"), DefRel.c_str(), TmpSrc.c_str());
- return 0;
- }
- }
}
+
+ if (Src == "" && ArchTag != "")
+ {
+ if (VerTag != "")
+ _error->Error(_("Can not find a package '%s' with version '%s'"),
+ Pkg.FullName().c_str(), VerTag.c_str());
+ if (RelTag != "")
+ _error->Error(_("Can not find a package '%s' with release '%s'"),
+ Pkg.FullName().c_str(), RelTag.c_str());
+ Src = Name;
+ return 0;
+ }
+
+
if (Src.empty() == true)
{
// if we don't have found a fitting package yet so we will
// choose a good candidate and proceed with that.
// Maybe we will find a source later on with the right VerTag
- pkgCache::VerIterator Ver = Cache.GetCandidateVer(Pkg);
+ // or RelTag
+ pkgCache::VerIterator Ver = Cache->GetCandidateVer(Pkg);
if (Ver.end() == false)
{
pkgRecords::Parser &Parse = Recs.Lookup(Ver.FileList());
@@ -243,7 +351,9 @@ pkgSrcRecords::Parser *FindSrc(const char *Name,pkgRecords &Recs,
}
if (Src.empty() == true)
+ {
Src = TmpSrc;
+ }
else
{
/* if we have a source pkg name, make sure to only search
@@ -261,6 +371,7 @@ pkgSrcRecords::Parser *FindSrc(const char *Name,pkgRecords &Recs,
pkgSrcRecords::Parser *Last = 0;
unsigned long Offset = 0;
string Version;
+ pkgSourceList *SrcList = CacheFile.GetSourceList();
/* Iterate over all of the hits, which includes the resulting
binary packages in the search */
@@ -272,26 +383,43 @@ pkgSrcRecords::Parser *FindSrc(const char *Name,pkgRecords &Recs,
{
const string Ver = Parse->Version();
+ // See if we need to look for a specific release tag
+ if (RelTag != "" && UserRequestedVerTag == "")
+ {
+ const string Rel = GetReleaseForSourceRecord(SrcList, Parse);
+
+ if (Rel == RelTag)
+ {
+ Last = Parse;
+ Offset = Parse->Offset();
+ Version = Ver;
+ }
+ }
+
// Ignore all versions which doesn't fit
if (VerTag.empty() == false &&
- Cache.VS().CmpVersion(VerTag, Ver) != 0) // exact match
+ Cache->VS().CmpVersion(VerTag, Ver) != 0) // exact match
continue;
// Newer version or an exact match? Save the hit
- if (Last == 0 || Cache.VS().CmpVersion(Version,Ver) < 0) {
+ if (Last == 0 || Cache->VS().CmpVersion(Version,Ver) < 0) {
Last = Parse;
Offset = Parse->Offset();
Version = Ver;
}
- // was the version check above an exact match? If so, we don't need to look further
- if (VerTag.empty() == false && VerTag.size() == Ver.size())
+ // was the version check above an exact match?
+ // If so, we don't need to look further
+ if (VerTag.empty() == false && (VerTag == Ver))
break;
}
+ if (UserRequestedVerTag == "" && Version != "" && RelTag != "")
+ ioprintf(c1out, "Selected version '%s' (%s) for %s\n",
+ Version.c_str(), RelTag.c_str(), Src.c_str());
+
if (Last != 0 || VerTag.empty() == true)
break;
- //if (VerTag.empty() == false && Last == 0)
- _error->Error(_("Ignore unavailable version '%s' of package '%s'"), VerTag.c_str(), TmpSrc.c_str());
+ _error->Error(_("Can not find version '%s' of package '%s'"), VerTag.c_str(), TmpSrc.c_str());
return 0;
}
@@ -627,7 +755,7 @@ bool DoSource(CommandLine &CmdL)
for (const char **I = CmdL.FileList + 1; *I != 0; I++, J++)
{
string Src;
- pkgSrcRecords::Parser *Last = FindSrc(*I,Recs,SrcRecs,Src,*Cache);
+ pkgSrcRecords::Parser *Last = FindSrc(*I,Recs,SrcRecs,Src,Cache);
if (Last == 0) {
delete[] Dsc;
@@ -924,7 +1052,7 @@ bool DoBuildDep(CommandLine &CmdL)
for (const char **I = CmdL.FileList + 1; *I != 0; I++, J++)
{
string Src;
- pkgSrcRecords::Parser *Last = FindSrc(*I,Recs,SrcRecs,Src,*Cache);
+ pkgSrcRecords::Parser *Last = FindSrc(*I,Recs,SrcRecs,Src,Cache);
if (Last == 0)
return _error->Error(_("Unable to find a source package for %s"),Src.c_str());
@@ -1378,24 +1506,6 @@ bool DownloadChangelog(CacheFile &CacheFile, pkgAcquire &Fetcher,
return _error->Error("changelog download failed");
}
/*}}}*/
-// DisplayFileInPager - Display File with pager /*{{{*/
-void DisplayFileInPager(string filename)
-{
- pid_t Process = ExecFork();
- if (Process == 0)
- {
- const char *Args[3];
- Args[0] = "/usr/bin/sensible-pager";
- Args[1] = filename.c_str();
- Args[2] = 0;
- execvp(Args[0],(char **)Args);
- exit(100);
- }
-
- // Wait for the subprocess
- ExecWait(Process, "sensible-pager", false);
-}
- /*}}}*/
// DoChangelog - Get changelog from the command line /*{{{*/
// ---------------------------------------------------------------------
bool DoChangelog(CommandLine &CmdL)
@@ -1426,14 +1536,12 @@ bool DoChangelog(CommandLine &CmdL)
bool const downOnly = _config->FindB("APT::Get::Download-Only", false);
char tmpname[100];
- char* tmpdir = NULL;
+ const char* tmpdir = NULL;
if (downOnly == false)
{
- const char* const tmpDir = getenv("TMPDIR");
- if (tmpDir != NULL && *tmpDir != '\0')
- snprintf(tmpname, sizeof(tmpname), "%s/apt-changelog-XXXXXX", tmpDir);
- else
- strncpy(tmpname, "/tmp/apt-changelog-XXXXXX", sizeof(tmpname));
+ std::string systemTemp = GetTempDir();
+ snprintf(tmpname, sizeof(tmpname), "%s/apt-changelog-XXXXXX",
+ systemTemp.c_str());
tmpdir = mkdtemp(tmpname);
if (tmpdir == NULL)
return _error->Errno("mkdtemp", "mkdtemp failed");
diff --git a/cmdline/apt-key b/cmdline/apt-key.in
index 713a41c07..463e4b4b4 100755..100644
--- a/cmdline/apt-key
+++ b/cmdline/apt-key.in
@@ -25,17 +25,18 @@ GPG_CMD="$GPG_CMD --no-auto-check-trustdb --trust-model always"
GPG="$GPG_CMD"
-MASTER_KEYRING=""
-#MASTER_KEYRING=/usr/share/keyrings/debian-master-keyring.gpg
-eval $(apt-config shell MASTER_KEYRING APT::Key::MasterKeyring)
-ARCHIVE_KEYRING_URI=""
-#ARCHIVE_KEYRING_URI=http://ftp.debian.org/debian/debian-archive-keyring.gpg
-eval $(apt-config shell ARCHIVE_KEYRING_URI APT::Key::ArchiveKeyringURI)
+APT_DIR="/"
+eval $(apt-config shell APT_DIR Dir)
-ARCHIVE_KEYRING=/usr/share/keyrings/debian-archive-keyring.gpg
+MASTER_KEYRING='&keyring-master-filename;'
+eval $(apt-config shell MASTER_KEYRING APT::Key::MasterKeyring)
+ARCHIVE_KEYRING='&keyring-filename;'
eval $(apt-config shell ARCHIVE_KEYRING APT::Key::ArchiveKeyring)
-REMOVED_KEYS=/usr/share/keyrings/debian-archive-removed-keys.gpg
+REMOVED_KEYS='&keyring-removed-filename;'
eval $(apt-config shell REMOVED_KEYS APT::Key::RemovedKeys)
+ARCHIVE_KEYRING_URI='&keyring-uri;'
+eval $(apt-config shell ARCHIVE_KEYRING_URI APT::Key::ArchiveKeyringURI)
+TMP_KEYRING=${APT_DIR}/var/lib/apt/keyrings/maybe-import-keyring.gpg
requires_root() {
if [ "$(id -u)" -ne 0 ]; then
@@ -57,7 +58,7 @@ init_keyring() {
add_keys_with_verify_against_master_keyring() {
ADD_KEYRING=$1
MASTER=$2
-
+
if [ ! -f "$ADD_KEYRING" ]; then
echo "ERROR: '$ADD_KEYRING' not found"
return
@@ -72,12 +73,28 @@ add_keys_with_verify_against_master_keyring() {
# all keys that are exported must have a valid signature
# from a key in the $distro-master-keyring
add_keys=`$GPG_CMD --keyring $ADD_KEYRING --with-colons --list-keys | grep ^pub | cut -d: -f5`
+ all_add_keys=`$GPG_CMD --keyring $ADD_KEYRING --with-colons --list-keys | grep ^[ps]ub | cut -d: -f5`
master_keys=`$GPG_CMD --keyring $MASTER --with-colons --list-keys | grep ^pub | cut -d: -f5`
+
+ # ensure there are no colisions LP: #857472
+ for all_add_key in $all_add_keys; do
+ for master_key in $master_keys; do
+ if [ "$all_add_key" = "$master_key" ]; then
+ echo >&2 "Keyid collision for '$all_add_key' detected, operation aborted"
+ return 1
+ fi
+ done
+ done
+
for add_key in $add_keys; do
- ADDED=0
+ # export the add keyring one-by-one
+ rm -f $TMP_KEYRING
+ $GPG_CMD --keyring $ADD_KEYRING --output $TMP_KEYRING --export $add_key
+ # check if signed with the master key and only add in this case
+ ADDED=0
for master_key in $master_keys; do
- if $GPG_CMD --keyring $ADD_KEYRING --list-sigs --with-colons $add_key | grep ^sig | cut -d: -f5 | grep -q $master_key; then
- $GPG_CMD --quiet --batch --keyring $ADD_KEYRING --export $add_key | $GPG --import
+ if $GPG_CMD --keyring $MASTER --keyring $TMP_KEYRING --check-sigs --with-colons $add_key | grep '^sig:!:' | cut -d: -f5 | grep -q $master_key; then
+ $GPG --import $TMP_KEYRING
ADDED=1
fi
done
@@ -85,12 +102,20 @@ add_keys_with_verify_against_master_keyring() {
echo >&2 "Key '$add_key' not added. It is not signed with a master key"
fi
done
+ rm -f $TMP_KEYRING
}
# update the current archive signing keyring from a network URI
# the archive-keyring keys needs to be signed with the master key
# (otherwise it does not make sense from a security POV)
net_update() {
+ # Disabled for now as code is insecure (LP: #1013639 (and 857472, 1013128))
+ APT_KEY_NET_UPDATE_ENABLED=""
+ eval $(apt-config shell APT_KEY_NET_UPDATE_ENABLED APT::Key::Net-Update-Enabled)
+ if [ -z "$APT_KEY_NET_UPDATE_ENABLED" ]; then
+ exit 1
+ fi
+
if [ -z "$ARCHIVE_KEYRING_URI" ]; then
echo >&2 "ERROR: Your distribution is not supported in net-update as no uri for the archive-keyring is set"
exit 1
@@ -102,15 +127,15 @@ net_update() {
echo >&2 "ERROR: an installed wget is required for a network-based update"
exit 1
fi
- if [ ! -d /var/lib/apt/keyrings ]; then
- mkdir -p /var/lib/apt/keyrings
+ if [ ! -d ${APT_DIR}/var/lib/apt/keyrings ]; then
+ mkdir -p ${APT_DIR}/var/lib/apt/keyrings
fi
- keyring=/var/lib/apt/keyrings/$(basename $ARCHIVE_KEYRING)
+ keyring=${APT_DIR}/var/lib/apt/keyrings/$(basename $ARCHIVE_KEYRING_URI)
old_mtime=0
if [ -e $keyring ]; then
old_mtime=$(stat -c %Y $keyring)
fi
- (cd /var/lib/apt/keyrings; wget -q -N $ARCHIVE_KEYRING_URI)
+ (cd ${APT_DIR}/var/lib/apt/keyrings; wget --timeout=90 -q -N $ARCHIVE_KEYRING_URI)
if [ ! -e $keyring ]; then
return
fi
@@ -124,7 +149,7 @@ net_update() {
update() {
if [ ! -f $ARCHIVE_KEYRING ]; then
echo >&2 "ERROR: Can't find the archive-keyring"
- echo >&2 "Is the debian-archive-keyring package installed?"
+ echo >&2 "Is the &keyring-package; package installed?"
exit 1
fi
requires_root
diff --git a/cmdline/apt.cc b/cmdline/apt.cc
index d2eb7a5a3..170478174 100644
--- a/cmdline/apt.cc
+++ b/cmdline/apt.cc
@@ -41,6 +41,7 @@
#include <apt-pkg/pkgsystem.h>
#include <apt-pkg/indexfile.h>
#include <apt-pkg/metaindex.h>
+#include <apt-pkg/hashes.h>
#include <apti18n.h>
@@ -54,8 +55,12 @@
#include <apt-private/private-upgrade.h>
#include <apt-private/private-show.h>
#include <apt-private/private-main.h>
+#include <apt-private/private-utils.h>
+#include <apt-private/private-sources.h>
/*}}}*/
+
+
bool ShowHelp(CommandLine &CmdL)
{
ioprintf(c1out,_("%s %s for %s compiled on %s %s\n"),PACKAGE,PACKAGE_VERSION,
@@ -71,11 +76,13 @@ bool ShowHelp(CommandLine &CmdL)
" search - search in package descriptions\n"
" show - show package details\n"
"\n"
- " update - update list of available packages\n"
- " upgrade - upgrade the systems packages\n"
- "\n"
" install - install packages\n"
" remove - remove packages\n"
+ "\n"
+ " edit-sources - edit the source information file\n"
+ "\n"
+ " update - update list of available packages\n"
+ " upgrade - upgrade the systems packages\n"
);
return true;
@@ -91,6 +98,8 @@ int main(int argc, const char *argv[]) /*{{{*/
{"remove", &DoInstall},
{"update",&DoUpdate},
{"upgrade",&DoUpgradeWithAllowNewPackages},
+ // misc
+ {"edit-sources",&EditSources},
// helper
{"moo",&DoMoo},
{"help",&ShowHelp},
diff --git a/cmdline/makefile b/cmdline/makefile
index e77ad5669..06f170b6a 100644
--- a/cmdline/makefile
+++ b/cmdline/makefile
@@ -41,6 +41,14 @@ SOURCE = apt-cdrom.cc
include $(PROGRAM_H)
# The apt-key program
+apt-key: apt-key.in
+ sed -e "s#&keyring-filename;#$(shell ../vendor/getinfo keyring-filename)#" \
+ -e "s#&keyring-removed-filename;#$(shell ../vendor/getinfo keyring-removed-filename)#" \
+ -e "s#&keyring-master-filename;#$(shell ../vendor/getinfo keyring-master-filename)#" \
+ -e "s#&keyring-uri;#$(shell ../vendor/getinfo keyring-uri)#" \
+ -e "s#&keyring-package;#$(shell ../vendor/getinfo keyring-package)#" $< > $@
+ chmod 755 $@
+
SOURCE=apt-key
TO=$(BIN)
TARGET=program