From e8b1db38cca29cbdc0116e567f0aa7a28034287b Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 1 Oct 2014 14:06:01 +0200 Subject: update test/integration/test-releasefile-verification --- apt-pkg/acquire-item.cc | 18 +++++++++--------- test/integration/test-releasefile-verification | 13 ++++++++++++- 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 93ba098ee..4ab4ef6a1 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1623,7 +1623,15 @@ void pkgAcqMetaSig::Done(string Message,unsigned long long Size, HashStringList void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/ { string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI); - + + // FIXME: duplicated code from pkgAcqMetaIndex + if (AuthPass == true) + { + bool Stop = GenerateAuthWarning(RealURI, Message); + if(Stop) + return; + } + // FIXME: meh, this is not really elegant string InReleaseURI = RealURI.replace(RealURI.rfind("Release.gpg"), 12, "InRelease"); @@ -1658,14 +1666,6 @@ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/ DestFile += URItoFileName(RealURI); TransactionManager->TransactionStageRemoval(this, DestFile); - // FIXME: duplicated code from pkgAcqMetaIndex - if (AuthPass == true) - { - bool Stop = GenerateAuthWarning(RealURI, Message); - if(Stop) - return; - } - // only allow going further if the users explicitely wants it if(_config->FindB("Acquire::AllowInsecureRepositories") == true) { diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index e558b83e8..3765a4b1f 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -235,10 +235,21 @@ runtest2() { " aptcache show apt failaptnew } -runtest2 +# diable some protection by default and ensure we still do the verification +# correctly +cat > rootdir/etc/apt/apt.conf.d/weaken-security <