From 6d052eba8cc67245b21d333ece2e76efb22f82db Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 9 Jun 2010 14:18:56 +0200 Subject: remove the "typename" from the const_iterators as gcc-4.4 doesn't like them and gcc-4.5 does the right thing (TM) with and without them --- apt-pkg/cacheset.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apt-pkg/cacheset.h b/apt-pkg/cacheset.h index c9d121083..668d8039e 100644 --- a/apt-pkg/cacheset.h +++ b/apt-pkg/cacheset.h @@ -61,7 +61,7 @@ public: /*{{{*/ }; }; // 103. set::iterator is required to be modifiable, but this allows modification of keys - typedef typename APT::PackageSet::const_iterator iterator; + typedef APT::PackageSet::const_iterator iterator; using std::set::insert; inline void insert(pkgCache::PkgIterator const &P) { if (P.end() == false) std::set::insert(P); }; @@ -169,7 +169,7 @@ public: /*{{{*/ inline pkgCache::VerFileIterator NewestFile() const { return (**this).NewestFile(); }; }; // 103. set::iterator is required to be modifiable, but this allows modification of keys - typedef typename APT::VersionSet::const_iterator iterator; + typedef APT::VersionSet::const_iterator iterator; using std::set::insert; inline void insert(pkgCache::VerIterator const &V) { if (V.end() == false) std::set::insert(V); }; -- cgit v1.2.3 From 9ee8287e5ea8a993fbb4c5beb8fe8bbddadfa7a0 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 9 Jun 2010 14:20:27 +0200 Subject: * apt-pkg/policy.cc: - get the candidate right for a not-installed pseudo package if his non-pseudo friend is installed --- apt-pkg/policy.cc | 32 +++++++++++++++++++++----------- apt-pkg/policy.h | 4 ++-- debian/changelog | 5 ++++- 3 files changed, 27 insertions(+), 14 deletions(-) diff --git a/apt-pkg/policy.cc b/apt-pkg/policy.cc index 922efb0dd..a3286391b 100644 --- a/apt-pkg/policy.cc +++ b/apt-pkg/policy.cc @@ -115,7 +115,7 @@ bool pkgPolicy::InitDefaults() // --------------------------------------------------------------------- /* Evaluate the package pins and the default list to deteremine what the best package is. */ -pkgCache::VerIterator pkgPolicy::GetCandidateVer(pkgCache::PkgIterator Pkg) +pkgCache::VerIterator pkgPolicy::GetCandidateVer(pkgCache::PkgIterator const &Pkg) { // Look for a package pin and evaluate it. signed Max = GetPriority(Pkg); @@ -147,6 +147,16 @@ pkgCache::VerIterator pkgPolicy::GetCandidateVer(pkgCache::PkgIterator Pkg) */ for (pkgCache::VerIterator Ver = Pkg.VersionList(); Ver.end() == false; Ver++) { + /* Lets see if this version is the installed version */ + bool instVer = (Pkg.CurrentVer() == Ver); + if (Ver.Pseudo() == true && instVer == false) + { + pkgCache::PkgIterator const allPkg = Ver.ParentPkg().Group().FindPkg("all"); + if (allPkg->CurrentVer != 0 && allPkg.CurrentVer()->Hash == Ver->Hash && + strcmp(allPkg.CurVersion(), Ver.VerStr()) == 0) + instVer = true; + } + for (pkgCache::VerFileIterator VF = Ver.FileList(); VF.end() == false; VF++) { /* If this is the status file, and the current version is not the @@ -155,9 +165,9 @@ pkgCache::VerIterator pkgPolicy::GetCandidateVer(pkgCache::PkgIterator Pkg) out bogus entries that may be due to config-file states, or other. */ if ((VF.File()->Flags & pkgCache::Flag::NotSource) == pkgCache::Flag::NotSource && - Pkg.CurrentVer() != Ver) + instVer == false) continue; - + signed Prio = PFPriority[VF.File()->ID]; if (Prio > Max) { @@ -171,7 +181,7 @@ pkgCache::VerIterator pkgPolicy::GetCandidateVer(pkgCache::PkgIterator Pkg) } } - if (Pkg.CurrentVer() == Ver && Max < 1000) + if (instVer == true && Max < 1000) { /* Elevate our current selection (or the status file itself) to the Pseudo-status priority. */ @@ -189,6 +199,7 @@ pkgCache::VerIterator pkgPolicy::GetCandidateVer(pkgCache::PkgIterator Pkg) // will always be a candidate (Closes: #512318) if (!Pref.IsGood() && MaxAlt > 0) Pref = PrefAlt; + return Pref; } /*}}}*/ @@ -238,15 +249,14 @@ void pkgPolicy::CreatePin(pkgVersionMatch::MatchType Type,string Name, // Policy::GetMatch - Get the matching version for a package pin /*{{{*/ // --------------------------------------------------------------------- /* */ -pkgCache::VerIterator pkgPolicy::GetMatch(pkgCache::PkgIterator Pkg) +pkgCache::VerIterator pkgPolicy::GetMatch(pkgCache::PkgIterator const &Pkg) { const Pin &PPkg = Pins[Pkg->ID]; - if (PPkg.Type != pkgVersionMatch::None) - { - pkgVersionMatch Match(PPkg.Data,PPkg.Type); - return Match.Find(Pkg); - } - return pkgCache::VerIterator(*Pkg.Cache()); + if (PPkg.Type == pkgVersionMatch::None) + return pkgCache::VerIterator(*Pkg.Cache()); + + pkgVersionMatch Match(PPkg.Data,PPkg.Type); + return Match.Find(Pkg); } /*}}}*/ // Policy::GetPriority - Get the priority of the package pin /*{{{*/ diff --git a/apt-pkg/policy.h b/apt-pkg/policy.h index 4894682fa..28cb3ccbb 100644 --- a/apt-pkg/policy.h +++ b/apt-pkg/policy.h @@ -72,10 +72,10 @@ class pkgPolicy : public pkgDepCache::Policy inline signed short GetPriority(pkgCache::PkgFileIterator const &File) {return PFPriority[File->ID];}; signed short GetPriority(pkgCache::PkgIterator const &Pkg); - pkgCache::VerIterator GetMatch(pkgCache::PkgIterator Pkg); + pkgCache::VerIterator GetMatch(pkgCache::PkgIterator const &Pkg); // Things for the cache interface. - virtual pkgCache::VerIterator GetCandidateVer(pkgCache::PkgIterator Pkg); + virtual pkgCache::VerIterator GetCandidateVer(pkgCache::PkgIterator const &Pkg); virtual bool IsImportantDep(pkgCache::DepIterator Dep) {return pkgDepCache::Policy::IsImportantDep(Dep);}; bool InitDefaults(); diff --git a/debian/changelog b/debian/changelog index 9135d523b..8d67582e4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -81,8 +81,11 @@ apt (0.7.26~exp6) UNRELEASED; urgency=low looking code copycat from wget * ftparchive/writer.cc: - add ValidTime option to generate a Valid-Until header in Release file + * apt-pkg/policy.cc: + - get the candidate right for a not-installed pseudo package if + his non-pseudo friend is installed - -- David Kalnischkies Wed, 09 Jun 2010 10:52:31 +0200 + -- David Kalnischkies Wed, 09 Jun 2010 14:20:19 +0200 apt (0.7.26~exp5) experimental; urgency=low -- cgit v1.2.3 From 51561c4de75e84c2b2d037eb57387d3d3c2aa494 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 9 Jun 2010 17:13:40 +0200 Subject: fix compiler warning in the new mirror code --- methods/http.h | 2 +- methods/mirror.cc | 27 ++++++++++++++++----------- 2 files changed, 17 insertions(+), 12 deletions(-) diff --git a/methods/http.h b/methods/http.h index d0677bdaa..0bc019e77 100644 --- a/methods/http.h +++ b/methods/http.h @@ -13,7 +13,7 @@ #define MAXLEN 360 - +#include using std::cout; using std::endl; diff --git a/methods/mirror.cc b/methods/mirror.cc index b2b6b2ecf..e8873d97b 100644 --- a/methods/mirror.cc +++ b/methods/mirror.cc @@ -153,11 +153,12 @@ void MirrorMethod::CurrentQueueUriToMirror() return; // find current mirror and select next one - for (int i=0; i < AllMirrors.size(); i++) + for (vector::const_iterator mirror = AllMirrors.begin(); + mirror != AllMirrors.end(); ++mirror) { - if (Queue->Uri.find(AllMirrors[i]) == 0) + if (Queue->Uri.find(*mirror) == 0) { - Queue->Uri.replace(0, AllMirrors[i].size(), BaseUri); + Queue->Uri.replace(0, mirror->length(), BaseUri); return; } } @@ -168,15 +169,19 @@ void MirrorMethod::CurrentQueueUriToMirror() bool MirrorMethod::TryNextMirror() { // find current mirror and select next one - for (int i=0; i < AllMirrors.size()-1; i++) + for (vector::const_iterator mirror = AllMirrors.begin(); + mirror != AllMirrors.end(); ++mirror) { - if (Queue->Uri.find(AllMirrors[i]) == 0) - { - Queue->Uri.replace(0, AllMirrors[i].size(), AllMirrors[i+1]); - if (Debug) - clog << "TryNextMirror: " << Queue->Uri << endl; - return true; - } + if (Queue->Uri.find(*mirror) != 0) + continue; + + vector::const_iterator nextmirror = mirror + 1; + if (nextmirror != AllMirrors.end()) + break; + Queue->Uri.replace(0, mirror->length(), *nextmirror); + if (Debug) + clog << "TryNextMirror: " << Queue->Uri << endl; + return true; } if (Debug) -- cgit v1.2.3 From a319c4eeae62511d1cb58986742491d3e224bf20 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 9 Jun 2010 17:19:40 +0200 Subject: * apt-pkg/indexcopy.cc: - move the gpg codecopy to a new method and use it also in methods/gpgv.cc --- apt-pkg/indexcopy.cc | 109 +++++++++++++++++++++++++++++++++------------------ apt-pkg/indexcopy.h | 3 ++ debian/changelog | 4 +- methods/gpgv.cc | 47 +++------------------- 4 files changed, 82 insertions(+), 81 deletions(-) diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc index 53eb11172..47eaefc5c 100644 --- a/apt-pkg/indexcopy.cc +++ b/apt-pkg/indexcopy.cc @@ -590,66 +590,39 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, indexRecords *MetaIndex = new indexRecords; string prefix = *I; + string const releasegpg = *I+"Release.gpg"; + string const release = *I+"Release"; + // a Release.gpg without a Release should never happen - if(!FileExists(*I+"Release")) + if(FileExists(release) == false) { delete MetaIndex; continue; } - - // verify the gpg signature of "Release" - // gpg --verify "*I+Release.gpg", "*I+Release" - const char *Args[400]; - unsigned int i = 0; - - string gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); - string pubringpath = _config->Find("Apt::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg"); - string releasegpg = *I+"Release.gpg"; - string release = *I+"Release"; - - Args[i++] = gpgvpath.c_str(); - Args[i++] = "--keyring"; - Args[i++] = pubringpath.c_str(); - Configuration::Item const *Opts; - Opts = _config->Tree("Acquire::gpgv::Options"); - if (Opts != 0) - { - Opts = Opts->Child; - for (; Opts != 0; Opts = Opts->Next) - { - if (Opts->Value.empty() == true) - continue; - Args[i++] = Opts->Value.c_str(); - if(i >= 390) { - _error->Error("Argument list from Acquire::gpgv::Options too long. Exiting."); - return false; - } - } - } - - Args[i++] = releasegpg.c_str(); - Args[i++] = release.c_str(); - Args[i++] = NULL; - pid_t pid = ExecFork(); if(pid < 0) { _error->Error("Fork failed"); return false; } if(pid == 0) { - execvp(gpgvpath.c_str(), (char**)Args); + string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); + std::vector Args = GetGPGVCommandLine(); + Args.push_back(releasegpg.c_str()); + Args.push_back(release.c_str()); + Args.push_back(NULL); + execvp(gpgvpath.c_str(), (char**) &Args[0]); } if(!ExecWait(pid, "gpgv")) { _error->Warning("Signature verification failed for: %s", - string(*I+"Release.gpg").c_str()); + releasegpg.c_str()); // something went wrong, don't copy the Release.gpg // FIXME: delete any existing gpg file? continue; } // Open the Release file and add it to the MetaIndex - if(!MetaIndex->Load(*I+"Release")) + if(!MetaIndex->Load(release)) { _error->Error("%s",MetaIndex->ErrorText.c_str()); return false; @@ -679,6 +652,64 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, return true; } /*}}}*/ +// SigVerify::GetGPGVCommandLine - returns the command needed for verify/*{{{*/ +// --------------------------------------------------------------------- +/* Generating the commandline for calling gpgv is somehow complicated as + we need to add multiple keyrings and user supplied options. Also, as + the cdrom code currently can not use the gpgv method we have two places + these need to be done - so the place for this method is wrong but better + than code duplication… */ +std::vector SigVerify::GetGPGVCommandLine() +{ + string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); + // FIXME: remove support for deprecated APT::GPGV setting + string const trustedFile = _config->FindFile("Dir::Etc::Trusted", + _config->Find("APT::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg").c_str()); + string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts", "/etc/apt/trusted.gpg.d"); + + if (_config->FindB("Debug::Acquire::gpgv", false) == true) + { + std::clog << "gpgv path: " << gpgvpath << std::endl; + std::clog << "Keyring file: " << trustedFile << std::endl; + std::clog << "Keyring path: " << trustedPath << std::endl; + } + + std::vector keyrings = GetListOfFilesInDir(trustedPath, "gpg", false); + if (FileExists(trustedFile) == true) + keyrings.push_back(trustedFile); + + std::vector Args; + Args.reserve(30); + + if (keyrings.empty() == true) + return Args; + + Args.push_back(gpgvpath.c_str()); + Args.push_back("--ignore-time-conflict"); + + for (vector::const_iterator K = keyrings.begin(); + K != keyrings.end(); ++K) + { + Args.push_back("--keyring"); + Args.push_back(K->c_str()); + } + + Configuration::Item const *Opts; + Opts = _config->Tree("Acquire::gpgv::Options"); + if (Opts != 0) + { + Opts = Opts->Child; + for (; Opts != 0; Opts = Opts->Next) + { + if (Opts->Value.empty() == true) + continue; + Args.push_back(Opts->Value.c_str()); + } + } + + return Args; +} + /*}}}*/ bool TranslationsCopy::CopyTranslations(string CDROM,string Name, /*{{{*/ vector &List, pkgCdromStatus *log) { diff --git a/apt-pkg/indexcopy.h b/apt-pkg/indexcopy.h index 9e5ad4e43..ee6557a3d 100644 --- a/apt-pkg/indexcopy.h +++ b/apt-pkg/indexcopy.h @@ -89,6 +89,9 @@ class SigVerify /*{{{*/ public: bool CopyAndVerify(string CDROM,string Name,vector &SigList, vector PkgList,vector SrcList); + + /** \brief generates the command to verify a file with gpgv */ + static std::vector GetGPGVCommandLine(); }; /*}}}*/ diff --git a/debian/changelog b/debian/changelog index 8d67582e4..a83d4c52a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -84,8 +84,10 @@ apt (0.7.26~exp6) UNRELEASED; urgency=low * apt-pkg/policy.cc: - get the candidate right for a not-installed pseudo package if his non-pseudo friend is installed + * apt-pkg/indexcopy.cc: + - move the gpg codecopy to a new method and use it also in methods/gpgv.cc - -- David Kalnischkies Wed, 09 Jun 2010 14:20:19 +0200 + -- David Kalnischkies Wed, 09 Jun 2010 17:18:26 +0200 apt (0.7.26~exp5) experimental; urgency=low diff --git a/methods/gpgv.cc b/methods/gpgv.cc index a149d67dd..5f5f23f7d 100644 --- a/methods/gpgv.cc +++ b/methods/gpgv.cc @@ -2,6 +2,7 @@ #include #include #include +#include #include #include @@ -58,26 +59,14 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, int fd[2]; FILE *pipein; int status; - string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); - // FIXME: remove support for deprecated APT::GPGV setting - string const trustedFile = _config->FindFile("Dir::Etc::Trusted", - _config->Find("APT::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg").c_str()); - string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts", "/etc/apt/trusted.gpg.d"); - if (Debug == true) - { - std::clog << "gpgv path: " << gpgvpath << std::endl; - std::clog << "Keyring file: " << trustedFile << std::endl; - std::clog << "Keyring path: " << trustedPath << std::endl; - } - vector keyrings = GetListOfFilesInDir(trustedPath, "gpg", false); - if (FileExists(trustedFile) == true) - keyrings.push_back(trustedFile); - - if (keyrings.empty() == true) + string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); + std::vector Args = SigVerify::GetGPGVCommandLine(); + if (Args.empty() == true) { // TRANSLATOR: %s is the trusted keyring parts directory - ioprintf(ret, _("No keyring installed in %s."), trustedPath.c_str()); + ioprintf(ret, _("No keyring installed in %s."), + _config->FindDir("Dir::Etc::TrustedParts", "/etc/apt/trusted.gpg.d").c_str()); return ret.str(); } @@ -89,32 +78,8 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, return string("Couldn't spawn new process") + strerror(errno); else if (pid == 0) { - std::vector Args; - Args.reserve(30); - - Args.push_back(gpgvpath.c_str()); Args.push_back("--status-fd"); Args.push_back("3"); - Args.push_back("--ignore-time-conflict"); - for (vector::const_iterator K = keyrings.begin(); - K != keyrings.end(); ++K) - { - Args.push_back("--keyring"); - Args.push_back(K->c_str()); - } - - Configuration::Item const *Opts; - Opts = _config->Tree("Acquire::gpgv::Options"); - if (Opts != 0) - { - Opts = Opts->Child; - for (; Opts != 0; Opts = Opts->Next) - { - if (Opts->Value.empty() == true) - continue; - Args.push_back(Opts->Value.c_str()); - } - } Args.push_back(file); Args.push_back(outfile); Args.push_back(NULL); -- cgit v1.2.3 From 24d7b6267ef3e475a153d4e2c4bcb30e1d14e671 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 9 Jun 2010 18:23:23 +0200 Subject: be sure that the RFC1123StrToTime method is run in a LANG=C environment --- apt-pkg/contrib/strutl.cc | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/apt-pkg/contrib/strutl.cc b/apt-pkg/contrib/strutl.cc index 160450366..ace74cb37 100644 --- a/apt-pkg/contrib/strutl.cc +++ b/apt-pkg/contrib/strutl.cc @@ -861,12 +861,16 @@ static time_t timegm(struct tm *t) bool RFC1123StrToTime(const char* const str,time_t &time) { struct tm Tm; + setlocale (LC_ALL,"C"); + bool const invalid = // Sun, 06 Nov 1994 08:49:37 GMT ; RFC 822, updated by RFC 1123 - if (strptime(str, "%a, %d %b %Y %H:%M:%S %Z", &Tm) == NULL && + (strptime(str, "%a, %d %b %Y %H:%M:%S %Z", &Tm) == NULL && // Sunday, 06-Nov-94 08:49:37 GMT ; RFC 850, obsoleted by RFC 1036 strptime(str, "%A, %d-%b-%y %H:%M:%S %Z", &Tm) == NULL && // Sun Nov 6 08:49:37 1994 ; ANSI C's asctime() format - strptime(str, "%a %b %d %H:%M:%S %Y", &Tm) == NULL) + strptime(str, "%a %b %d %H:%M:%S %Y", &Tm) == NULL); + setlocale (LC_ALL,""); + if (invalid == true) return false; time = timegm(&Tm); -- cgit v1.2.3 From c91d9a630bfe95f152d574a0ca420fde2afc6b2c Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 9 Jun 2010 21:15:52 +0200 Subject: sent Last-Modified header also for Translation files --- apt-pkg/acquire-item.cc | 13 ++++++++++--- debian/changelog | 3 ++- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 4d9a152ab..58754a5c0 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -140,7 +140,8 @@ void pkgAcquire::Item::Rename(string From,string To) } } /*}}}*/ - +// Acquire::Item::ReportMirrorFailure /*{{{*/ +// --------------------------------------------------------------------- void pkgAcquire::Item::ReportMirrorFailure(string FailCode) { // we only act if a mirror was used at all @@ -182,7 +183,7 @@ void pkgAcquire::Item::ReportMirrorFailure(string FailCode) _config->Find("Methods::Mirror::ProblemReporting").c_str()); } } - + /*}}}*/ // AcqDiffIndex::AcqDiffIndex - Constructor /*{{{*/ // --------------------------------------------------------------------- /* Get the DiffIndex file first and see if there are patches availabe @@ -835,7 +836,13 @@ pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner, // --------------------------------------------------------------------- string pkgAcqIndexTrans::Custom600Headers() { - return "\nFail-Ignore: true"; + string Final = _config->FindDir("Dir::State::lists"); + Final += URItoFileName(RealURI); + + struct stat Buf; + if (stat(Final.c_str(),&Buf) != 0) + return "\nFail-Ignore: true"; + return "\nFail-Ignore: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime); } /*}}}*/ // AcqIndexTrans::Failed - Silence failure messages for missing files /*{{{*/ diff --git a/debian/changelog b/debian/changelog index a83d4c52a..42fe916c5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -47,6 +47,7 @@ apt (0.7.26~exp6) UNRELEASED; urgency=low - add a constant Exists check for MetaKeys * apt-pkg/acquire-item.cc: - do not try PDiff if it is not listed in the Meta file + - sent Last-Modified header also for Translation files * apt-pkg/cacheiterator.h: - let pkgCache::Iterator inherent std::iterator * ftparchive/writer.h: @@ -87,7 +88,7 @@ apt (0.7.26~exp6) UNRELEASED; urgency=low * apt-pkg/indexcopy.cc: - move the gpg codecopy to a new method and use it also in methods/gpgv.cc - -- David Kalnischkies Wed, 09 Jun 2010 17:18:26 +0200 + -- David Kalnischkies Wed, 09 Jun 2010 21:15:46 +0200 apt (0.7.26~exp5) experimental; urgency=low -- cgit v1.2.3 From cf440facb498fa0ec70148723b13d6d019758c0e Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 9 Jun 2010 23:20:26 +0200 Subject: enhance the split out of the gpgv commandline mangling by splitting out the call completely --- apt-pkg/indexcopy.cc | 62 +++++++++++++++++++++++++++++++++++++++++----------- apt-pkg/indexcopy.h | 10 +++++++-- methods/gpgv.cc | 51 +++++++++--------------------------------- 3 files changed, 67 insertions(+), 56 deletions(-) diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc index 47eaefc5c..621c18716 100644 --- a/apt-pkg/indexcopy.cc +++ b/apt-pkg/indexcopy.cc @@ -27,6 +27,8 @@ #include #include #include +#include +#include #include /*}}}*/ @@ -605,14 +607,9 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, _error->Error("Fork failed"); return false; } - if(pid == 0) { - string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); - std::vector Args = GetGPGVCommandLine(); - Args.push_back(releasegpg.c_str()); - Args.push_back(release.c_str()); - Args.push_back(NULL); - execvp(gpgvpath.c_str(), (char**) &Args[0]); - } + if(pid == 0) + RunGPGV(release, releasegpg); + if(!ExecWait(pid, "gpgv")) { _error->Warning("Signature verification failed for: %s", releasegpg.c_str()); @@ -652,14 +649,15 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, return true; } /*}}}*/ -// SigVerify::GetGPGVCommandLine - returns the command needed for verify/*{{{*/ +// SigVerify::RunGPGV - returns the command needed for verify /*{{{*/ // --------------------------------------------------------------------- /* Generating the commandline for calling gpgv is somehow complicated as we need to add multiple keyrings and user supplied options. Also, as the cdrom code currently can not use the gpgv method we have two places these need to be done - so the place for this method is wrong but better than code duplication… */ -std::vector SigVerify::GetGPGVCommandLine() +bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, + int const &statusfd, int fd[2]) { string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); // FIXME: remove support for deprecated APT::GPGV setting @@ -667,7 +665,9 @@ std::vector SigVerify::GetGPGVCommandLine() _config->Find("APT::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg").c_str()); string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts", "/etc/apt/trusted.gpg.d"); - if (_config->FindB("Debug::Acquire::gpgv", false) == true) + bool const Debug = _config->FindB("Debug::Acquire::gpgv", false); + + if (Debug == true) { std::clog << "gpgv path: " << gpgvpath << std::endl; std::clog << "Keyring file: " << trustedFile << std::endl; @@ -682,11 +682,19 @@ std::vector SigVerify::GetGPGVCommandLine() Args.reserve(30); if (keyrings.empty() == true) - return Args; + return false; Args.push_back(gpgvpath.c_str()); Args.push_back("--ignore-time-conflict"); + if (statusfd != -1) + { + Args.push_back("--status-fd"); + char fd[10]; + snprintf(fd, sizeof(fd), "%i", statusfd); + Args.push_back(fd); + } + for (vector::const_iterator K = keyrings.begin(); K != keyrings.end(); ++K) { @@ -707,7 +715,35 @@ std::vector SigVerify::GetGPGVCommandLine() } } - return Args; + Args.push_back(FileGPG.c_str()); + Args.push_back(File.c_str()); + Args.push_back(NULL); + + if (Debug == true) + { + std::clog << "Preparing to exec: " << gpgvpath; + for (std::vector::const_iterator a = Args.begin(); *a != NULL; ++a) + std::clog << " " << *a; + std::clog << std::endl; + } + + if (statusfd != -1) + { + int const nullfd = open("/dev/null", O_RDONLY); + close(fd[0]); + // Redirect output to /dev/null; we read from the status fd + dup2(nullfd, STDOUT_FILENO); + dup2(nullfd, STDERR_FILENO); + // Redirect the pipe to the status fd (3) + dup2(fd[1], statusfd); + + putenv((char *)"LANG="); + putenv((char *)"LC_ALL="); + putenv((char *)"LC_MESSAGES="); + } + + execvp(gpgvpath.c_str(), (char **) &Args[0]); + return true; } /*}}}*/ bool TranslationsCopy::CopyTranslations(string CDROM,string Name, /*{{{*/ diff --git a/apt-pkg/indexcopy.h b/apt-pkg/indexcopy.h index ee6557a3d..6fcd3b8ce 100644 --- a/apt-pkg/indexcopy.h +++ b/apt-pkg/indexcopy.h @@ -90,8 +90,14 @@ class SigVerify /*{{{*/ bool CopyAndVerify(string CDROM,string Name,vector &SigList, vector PkgList,vector SrcList); - /** \brief generates the command to verify a file with gpgv */ - static std::vector GetGPGVCommandLine(); + /** \brief generates and run the command to verify a file with gpgv */ + static bool RunGPGV(std::string const &File, std::string const &FileOut, + int const &statusfd, int fd[2]); + inline static bool RunGPGV(std::string const &File, std::string const &FileOut, + int const &statusfd = -1) { + int fd[2]; + return RunGPGV(File, FileOut, statusfd, fd); + }; }; /*}}}*/ diff --git a/methods/gpgv.cc b/methods/gpgv.cc index 5f5f23f7d..018e4f622 100644 --- a/methods/gpgv.cc +++ b/methods/gpgv.cc @@ -55,61 +55,29 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, if (Debug == true) std::clog << "inside VerifyGetSigners" << std::endl; - pid_t pid; int fd[2]; - FILE *pipein; - int status; - - string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); - std::vector Args = SigVerify::GetGPGVCommandLine(); - if (Args.empty() == true) - { - // TRANSLATOR: %s is the trusted keyring parts directory - ioprintf(ret, _("No keyring installed in %s."), - _config->FindDir("Dir::Etc::TrustedParts", "/etc/apt/trusted.gpg.d").c_str()); - return ret.str(); - } if (pipe(fd) < 0) return "Couldn't create pipe"; - pid = fork(); + pid_t pid = fork(); if (pid < 0) return string("Couldn't spawn new process") + strerror(errno); else if (pid == 0) { - Args.push_back("--status-fd"); - Args.push_back("3"); - Args.push_back(file); - Args.push_back(outfile); - Args.push_back(NULL); - - if (Debug == true) + if (SigVerify::RunGPGV(outfile, file, 3, fd) == false) { - std::clog << "Preparing to exec: " << gpgvpath; - for(std::vector::const_iterator a = Args.begin();*a != NULL; ++a) - std::clog << " " << *a; - std::clog << std::endl; + // TRANSLATOR: %s is the trusted keyring parts directory + ioprintf(ret, _("No keyring installed in %s."), + _config->FindDir("Dir::Etc::TrustedParts", "/etc/apt/trusted.gpg.d").c_str()); + return ret.str(); } - int const nullfd = open("/dev/null", O_RDONLY); - close(fd[0]); - // Redirect output to /dev/null; we read from the status fd - dup2(nullfd, STDOUT_FILENO); - dup2(nullfd, STDERR_FILENO); - // Redirect the pipe to the status fd (3) - dup2(fd[1], 3); - - putenv((char *)"LANG="); - putenv((char *)"LC_ALL="); - putenv((char *)"LC_MESSAGES="); - execvp(gpgvpath.c_str(), (char **) &Args[0]); - exit(111); } close(fd[1]); - pipein = fdopen(fd[0], "r"); - + FILE *pipein = fdopen(fd[0], "r"); + // Loop over the output of gpgv, and check the signatures. size_t buffersize = 64; char *buffer = (char *) malloc(buffersize); @@ -182,6 +150,7 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, } fclose(pipein); + int status; waitpid(pid, &status, 0); if (Debug == true) { @@ -200,7 +169,7 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, } else if (WEXITSTATUS(status) == 111) { - ioprintf(ret, _("Could not execute '%s' to verify signature (is gpgv installed?)"), gpgvpath.c_str()); + ioprintf(ret, _("Could not execute 'gpgv' to verify signature (is gpgv installed?)")); return ret.str(); } else -- cgit v1.2.3 From 6f466ddbf2d9cb34b88df1738bb1115a66f46536 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Thu, 10 Jun 2010 02:04:03 +0200 Subject: readd the autoremove protection for the kfreebsd-image as it was lost in Michaels merge with the ubuntu branch --- debian/apt.conf.autoremove | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/debian/apt.conf.autoremove b/debian/apt.conf.autoremove index 2f00b9f8b..b3f4a3edd 100644 --- a/debian/apt.conf.autoremove +++ b/debian/apt.conf.autoremove @@ -1,9 +1,11 @@ APT { - NeverAutoRemove + NeverAutoRemove { - "^linux-firmware$"; - "^linux-image.*"; + "^firmware-linux.*"; + "^linux-firmware$"; + "^linux-image.*"; + "^kfreebsd-image.*"; "^linux-restricted-modules.*"; "^linux-ubuntu-modules-.*"; }; @@ -11,13 +13,12 @@ APT Never-MarkAuto-Sections { "metapackages"; - "restricted/metapackages"; - "universe/metapackages"; - "multiverse/metapackages"; + "restricted/metapackages"; + "universe/metapackages"; + "multiverse/metapackages"; "oldlibs"; - "restricted/oldlibs"; - "universe/oldlibs"; - "multiverse/oldlibs"; - + "restricted/oldlibs"; + "universe/oldlibs"; + "multiverse/oldlibs"; }; }; -- cgit v1.2.3 From 97f4026d93a85838439263d30146c3ad25fef474 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Thu, 10 Jun 2010 10:03:14 +0200 Subject: correct a minor spelling mistake in the changelog --- debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index 42fe916c5..f9638b78f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -8,7 +8,7 @@ apt (0.7.26~exp6) UNRELEASED; urgency=low that use round robin DNS) - support Original-Maintainer in RewritePackageOrder - enable cdrom autodetection via libudev by default - - show messsage about Vcs in use when apt-get source is run for + - show message about Vcs in use when apt-get source is run for packages maintained in a Vcs - better support transitional packages with mark auto-installed. when the transitional package is in "oldlibs" the new package -- cgit v1.2.3