From a3371852091e3590bd425f2674b56ae3d5ae2445 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 9 Nov 2005 19:46:44 +0000 Subject: * turn off "secure-acquire" when --allow-unauthenticated is given --- apt-pkg/acquire-item.cc | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index dea68f3ee..debd1face 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -770,6 +770,12 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources, } } + // "allow-unauthenticated" restores apts old fetching behaviour + // that means that e.g. unauthenticated file:// uris are higher + // priority than authenticated http:// uris + if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true) + Trusted = false; + // Select a source if (QueueNext() == false && _error->PendingError() == false) _error->Error(_("I wasn't able to locate file for the %s package. " -- cgit v1.2.3 From 46e00f9d71300f3a80a4a311e369e64a48ce396f Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 22 Nov 2005 19:34:02 +0000 Subject: * ABI change: merged more flexible pkgAcquireFile code --- apt-pkg/acquire-item.cc | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index debd1face..88c25de43 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -184,7 +184,7 @@ string pkgAcqIndex::Custom600Headers() void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) { // no .bz2 found, retry with .gz - if(Desc.URI.substr(Desc.URI.size()-3,Desc.URI.size()-1) == "bz2") { + if(Desc.URI.substr(Desc.URI.size()-3) == "bz2") { Desc.URI = Desc.URI.substr(0,Desc.URI.size()-3) + "gz"; // retry with a gzip one @@ -290,7 +290,7 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5, else Local = true; - string compExt = Desc.URI.substr(Desc.URI.size()-3,Desc.URI.size()-1); + string compExt = Desc.URI.substr(Desc.URI.size()-3); char *decompProg; if(compExt == "bz2") decompProg = "bzip2"; @@ -315,10 +315,9 @@ pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner, const vector* IndexTargets, indexRecords* MetaIndexParser) : Item(Owner), RealURI(URI), MetaIndexURI(MetaIndexURI), - MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc) + MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc), + MetaIndexParser(MetaIndexParser), IndexTargets(IndexTargets) { - this->MetaIndexParser = MetaIndexParser; - this->IndexTargets = IndexTargets; DestFile = _config->FindDir("Dir::State::lists") + "partial/"; DestFile += URItoFileName(URI); @@ -430,11 +429,9 @@ pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire *Owner, string SigFile, const vector* IndexTargets, indexRecords* MetaIndexParser) : - Item(Owner), RealURI(URI), SigFile(SigFile) + Item(Owner), RealURI(URI), SigFile(SigFile), AuthPass(false), + MetaIndexParser(MetaIndexParser), IndexTargets(IndexTargets) { - this->AuthPass = false; - this->MetaIndexParser = MetaIndexParser; - this->IndexTargets = IndexTargets; DestFile = _config->FindDir("Dir::State::lists") + "partial/"; DestFile += URItoFileName(URI); @@ -1008,13 +1005,19 @@ void pkgAcqArchive::Finished() // --------------------------------------------------------------------- /* The file is added to the queue */ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5, - unsigned long Size,string Dsc,string ShortDesc) : + unsigned long Size,string Dsc,string ShortDesc, + const string &DestDir, const string &DestFilename) : Item(Owner), Md5Hash(MD5) { Retries = _config->FindI("Acquire::Retries",0); - DestFile = flNotDir(URI); - + if(!DestFilename.empty()) + DestFile = DestFilename; + else if(!DestDir.empty()) + DestFile = DestDir + "/" + flNotDir(URI); + else + DestFile = flNotDir(URI); + // Create the item Desc.URI = URI; Desc.Description = Dsc; -- cgit v1.2.3 From 092ae175f070124ba0857429609e5613a4606934 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 4 Jan 2006 17:52:59 +0000 Subject: * make apt-get source smarter about not downloading the same sources twice --- apt-pkg/acquire-item.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 88c25de43..1c5866a4a 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1037,7 +1037,7 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5, else PartialSize = Buf.st_size; } - + QueueURI(Desc); } /*}}}*/ -- cgit v1.2.3 From f381d68d3c1de8e96dfb2a2ebe36c8577729ec44 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 5 Jan 2006 21:11:29 +0000 Subject: * be more clever about I-M-S hits for the Release file and gpg-failures with it, requeue it without i-m-s then --- apt-pkg/acquire-item.cc | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 1c5866a4a..b9fc74456 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -430,7 +430,7 @@ pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire *Owner, const vector* IndexTargets, indexRecords* MetaIndexParser) : Item(Owner), RealURI(URI), SigFile(SigFile), AuthPass(false), - MetaIndexParser(MetaIndexParser), IndexTargets(IndexTargets) + MetaIndexParser(MetaIndexParser), IndexTargets(IndexTargets), IMSHit(false) { DestFile = _config->FindDir("Dir::State::lists") + "partial/"; DestFile += URItoFileName(URI); @@ -523,6 +523,9 @@ void pkgAcqMetaIndex::RetrievalDone(string Message) return; } + // see if the download was a IMSHit + IMSHit = StringToBool(LookupTag(Message,"IMS-Hit"),false); + Complete = true; string FinalFile = _config->FindDir("Dir::State::lists"); @@ -688,10 +691,30 @@ void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) { if (AuthPass == true) { - // gpgv method failed + // if we fail the authentication but got the file via a IMS-Hit + // this means that the file wasn't downloaded and that it might be + // just stale (server problem, proxy etc). we delete what we have + // queue it again without i-m-s + // alternatively we could just unlink the file and let the user try again + if (IMSHit) + { + Complete = false; + Local = false; + AuthPass = false; + unlink(DestFile.c_str()); + + DestFile = _config->FindDir("Dir::State::lists") + "partial/"; + DestFile += URItoFileName(RealURI); + Desc.URI = RealURI; + QueueURI(Desc); + return; + } + + // gpgv method failed _error->Warning("GPG error: %s: %s", Desc.Description.c_str(), LookupTag(Message,"Message").c_str()); + } // No Release file was present, or verification failed, so fall -- cgit v1.2.3 From ce424cd4464ce46706046d581e05fbf292a54881 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 6 Jan 2006 00:02:14 +0000 Subject: * support multiple signatures --- apt-pkg/acquire-item.cc | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index b9fc74456..11a449e91 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -554,7 +554,7 @@ void pkgAcqMetaIndex::AuthDone(string Message) return; } - if (!VerifyVendor()) + if (!VerifyVendor(Message)) { return; } @@ -612,7 +612,7 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify) } } -bool pkgAcqMetaIndex::VerifyVendor() +bool pkgAcqMetaIndex::VerifyVendor(string Message) { // // Maybe this should be made available from above so we don't have // // to read and parse it every time? @@ -637,6 +637,22 @@ bool pkgAcqMetaIndex::VerifyVendor() // break; // } // } + string::size_type pos; + + // check for missing sigs (that where not fatal because otherwise we had + // bombed earlier) + string missingkeys; + string msg = _("There was no public key available for the " + "following key IDs:\n"); + pos = Message.find("NO_PUBKEY "); + if (pos != std::string::npos) + { + string::size_type start = pos+strlen("NO_PUBKEY "); + string Fingerprint = Message.substr(start, Message.find("\n")-start); + missingkeys += (Fingerprint); + } + if(!missingkeys.empty()) + _error->Warning("%s", string(msg+missingkeys).c_str()); string Transformed = MetaIndexParser->GetExpectedDist(); @@ -645,7 +661,7 @@ bool pkgAcqMetaIndex::VerifyVendor() Transformed = "experimental"; } - string::size_type pos = Transformed.rfind('/'); + pos = Transformed.rfind('/'); if (pos != string::npos) { Transformed = Transformed.substr(0, pos); -- cgit v1.2.3 From 75dd8af14b76bb84a69a927ecae93f60600b9667 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Mon, 20 Feb 2006 20:38:11 +0000 Subject: * only remove the sigfile if pkgAcqMetaSig::Failed() didn't fail for a network error --- apt-pkg/acquire-item.cc | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 86f61dd00..0daca55c9 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -340,12 +340,6 @@ pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner, // File was already in place. It needs to be re-verified // because Release might have changed, so Move it into partial Rename(Final,DestFile); - // unlink the file and do not try to use I-M-S and Last-Modified - // if the users proxy is broken - if(_config->FindB("Acquire::BrokenProxy", false) == true) { - std::cerr << "forcing re-get of the signature file as requested" << std::endl; - unlink(DestFile.c_str()); - } } QueueURI(Desc); @@ -395,18 +389,19 @@ void pkgAcqMetaSig::Done(string Message,unsigned long Size,string MD5, /*}}}*/ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf) { - // Delete any existing sigfile, so that this source isn't - // mistakenly trusted - string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI); - unlink(Final.c_str()); - // if we get a timeout if fail + // if we get a network error we fail gracefully if(LookupTag(Message,"FailReason") == "Timeout" || - LookupTag(Message,"FailReason") == "TmpResolveFailure") { + LookupTag(Message,"FailReason") == "TmpResolveFailure") || + LookupTag(Message,"FailReason") == "ConnectionRefused") { Item::Failed(Message,Cnf); return; } + // Delete any existing sigfile when the acquire failed + string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI); + unlink(Final.c_str()); + // queue a pkgAcqMetaIndex with no sigfile new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc, "", IndexTargets, MetaIndexParser); -- cgit v1.2.3 From 0c1b7be9c1a30fddd72d5b80bb2e566fe379b166 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Mon, 20 Feb 2006 21:32:41 +0000 Subject: tyop --- apt-pkg/acquire-item.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 0daca55c9..1fa929aad 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -392,7 +392,7 @@ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf) // if we get a network error we fail gracefully if(LookupTag(Message,"FailReason") == "Timeout" || - LookupTag(Message,"FailReason") == "TmpResolveFailure") || + LookupTag(Message,"FailReason") == "TmpResolveFailure" || LookupTag(Message,"FailReason") == "ConnectionRefused") { Item::Failed(Message,Cnf); return; -- cgit v1.2.3 From 4577fda2b5f2b21f5400d10f4db71a8095f0df58 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 25 Jul 2006 13:48:17 +0200 Subject: * apt-pkg/acquire-item.cc: - check "/bin/bzip2" instead of "/usr/bin/bzip2" --- apt-pkg/acquire-item.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 1fa929aad..421288007 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -149,7 +149,7 @@ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner, if(comprExt.empty()) { // autoselect the compression method - if(FileExists("/usr/bin/bzip2")) + if(FileExists("/bin/bzip2")) CompressionExtension = ".bz2"; else CompressionExtension = ".gz"; -- cgit v1.2.3 From 400ad7a4b0b1776233462fa5e8687171a8b2f01a Mon Sep 17 00:00:00 2001 From: "bubulle@debian.org" <> Date: Wed, 22 Nov 2006 08:38:17 +0100 Subject: Correct grammar in one message. Unfuzzy translations. Closes: #399652 --- apt-pkg/acquire-item.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 421288007..8ec4ba2c0 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -637,7 +637,7 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message) // check for missing sigs (that where not fatal because otherwise we had // bombed earlier) string missingkeys; - string msg = _("There are no public key available for the " + string msg = _("There is no public key available for the " "following key IDs:\n"); pos = Message.find("NO_PUBKEY "); if (pos != std::string::npos) -- cgit v1.2.3