From 7ea7ac9efa88b73fc6ff30483a928ef49b95c015 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Fri, 8 Apr 2011 13:57:04 +0200 Subject: * apt-pkg/acquire-item.cc: - Use Release files even if they cannot be verified (LP: #704595) --- apt-pkg/acquire-item.cc | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 39b9feff2..1d651ba69 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1502,6 +1502,26 @@ void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) ReportMirrorFailure("GPGFailure"); } + /* Always move the meta index, even if gpgv failed. This ensures + * that PackageFile objects are correctly filled in */ + { + string FinalFile = _config->FindDir("Dir::State::lists"); + FinalFile += URItoFileName(RealURI); + /* InRelease files become Release files, otherwise + * they would be considered as trusted later on */ + if (SigFile == DestFile) { + RealURI = RealURI.replace(RealURI.rfind("InRelease"), 9, + "Release"); + FinalFile = FinalFile.replace(FinalFile.rfind("InRelease"), 9, + "Release"); + SigFile = FinalFile; + } + Rename(DestFile,FinalFile); + chmod(FinalFile.c_str(),0644); + + DestFile = FinalFile; + } + // No Release file was present, or verification failed, so fall // back to queueing Packages files without verification QueueIndexes(false); -- cgit v1.2.3 From a235ddf86a9cc5c3a8fade9084044229ff51a77f Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Sat, 16 Apr 2011 11:02:47 +0200 Subject: apt-pkg/acquire-item.cc: Only try to rename existing Release files (Closes: #622912) --- apt-pkg/acquire-item.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 1d651ba69..7b120d3ce 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1504,7 +1504,7 @@ void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) /* Always move the meta index, even if gpgv failed. This ensures * that PackageFile objects are correctly filled in */ - { + if (FileExists(DestFile)) { string FinalFile = _config->FindDir("Dir::State::lists"); FinalFile += URItoFileName(RealURI); /* InRelease files become Release files, otherwise -- cgit v1.2.3 From 2d5102e87ae43da3ec7a3f12997363348278cabe Mon Sep 17 00:00:00 2001 From: Ben Finney Date: Tue, 26 Apr 2011 22:45:31 +0200 Subject: * apt-pkg/acquire-item.cc: - apply fix for poorly worded 'locate file' error message from Ben Finney, thanks! (Closes: #623171) --- apt-pkg/acquire-item.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 7b120d3ce..6785b4e1b 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1645,7 +1645,7 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources, // Select a source if (QueueNext() == false && _error->PendingError() == false) - _error->Error(_("I wasn't able to locate file for the %s package. " + _error->Error(_("I wasn't able to locate a file for the %s package. " "This might mean you need to manually fix this package."), Version.ParentPkg().Name()); } -- cgit v1.2.3 From 0901c5d08eadea5b5d91b09d4f532a029cb42574 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Mon, 30 May 2011 14:04:01 +0200 Subject: apt-pkg/acquire-item.cc: Reject files known to be invalid (LP: #346386) (Closes: #195301) This commit deals with the following cases: - First section of index file (Packages,Sources,Translation) without Package field - Signed release files without GPG data (NODATA) - i18n/Index files without hash sums Handling unsigned Release files is more complicated, and the example code using indexRecords is disabled as it can reject correct Release files without hashes. How we can reliably check unsigned Release files is another question, and not urgent anyway, as it should have no dramatic effect (we could check that it is a valid RFC-822 section, but that's a bit too long to write) --- apt-pkg/acquire-item.cc | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 6785b4e1b..6df915d8e 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -271,6 +271,14 @@ void pkgAcqSubIndex::Done(string Message,unsigned long Size,string Md5Hash, /*{{ string FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(Desc.URI); + /* Downloaded invalid transindex => Error (LP: #346386) (Closes: #195301) */ + indexRecords SubIndexParser; + if (FileExists(DestFile) == true && !SubIndexParser.Load(DestFile)) { + Status = StatError; + ErrorText = SubIndexParser.ErrorText; + return; + } + // sucess in downloading the index // rename the index if(Debug) @@ -894,6 +902,27 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash, ReportMirrorFailure("HashChecksumFailure"); return; } + + /* Verify the index file for correctness (all indexes must + * have a Package field) (LP: #346386) (Closes: #195301) */ + { + FileFd fd(DestFile, FileFd::ReadOnly); + pkgTagSection sec; + pkgTagFile tag(&fd); + + if (_error->PendingError() || !tag.Step(sec)) { + Status = StatError; + _error->DumpErrors(); + Rename(DestFile,DestFile + ".FAILED"); + return; + } else if (!sec.Exists("Package")) { + Status = StatError; + ErrorText = ("Encountered a section with no Package: header"); + Rename(DestFile,DestFile + ".FAILED"); + return; + } + } + // Done, move it into position string FinalFile = _config->FindDir("Dir::State::lists"); FinalFile += URItoFileName(RealURI); @@ -1330,6 +1359,16 @@ void pkgAcqMetaIndex::AuthDone(string Message) /*{{{*/ /*}}}*/ void pkgAcqMetaIndex::QueueIndexes(bool verify) /*{{{*/ { +#if 0 + /* Reject invalid, existing Release files (LP: #346386) (Closes: #195301) + * FIXME: Disabled; it breaks unsigned repositories without hashes */ + if (!verify && FileExists(DestFile) && !MetaIndexParser->Load(DestFile)) + { + Status = StatError; + ErrorText = MetaIndexParser->ErrorText; + return; + } +#endif for (vector ::const_iterator Target = IndexTargets->begin(); Target != IndexTargets->end(); Target++) @@ -1493,6 +1532,12 @@ void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) LookupTag(Message,"Message").c_str()); RunScripts("APT::Update::Auth-Failure"); return; + } else if (LookupTag(Message,"Message").find("NODATA") != string::npos) { + /* Invalid signature file, reject (LP: #346386) (Closes: #195301) */ + _error->Error(_("GPG error: %s: %s"), + Desc.Description.c_str(), + LookupTag(Message,"Message").c_str()); + return; } else { _error->Warning(_("GPG error: %s: %s"), Desc.Description.c_str(), -- cgit v1.2.3 From 4fdb612374655361c8923a4611db6a0d10054317 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Mon, 30 May 2011 14:14:11 +0200 Subject: Reject files known to be invalid (LP: #346386) (Closes: #627642) --- apt-pkg/acquire-item.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 6df915d8e..998c42dc4 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -271,7 +271,7 @@ void pkgAcqSubIndex::Done(string Message,unsigned long Size,string Md5Hash, /*{{ string FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(Desc.URI); - /* Downloaded invalid transindex => Error (LP: #346386) (Closes: #195301) */ + /* Downloaded invalid transindex => Error (LP: #346386) (Closes: #627642) */ indexRecords SubIndexParser; if (FileExists(DestFile) == true && !SubIndexParser.Load(DestFile)) { Status = StatError; @@ -904,7 +904,7 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash, } /* Verify the index file for correctness (all indexes must - * have a Package field) (LP: #346386) (Closes: #195301) */ + * have a Package field) (LP: #346386) (Closes: #627642) */ { FileFd fd(DestFile, FileFd::ReadOnly); pkgTagSection sec; @@ -1360,7 +1360,7 @@ void pkgAcqMetaIndex::AuthDone(string Message) /*{{{*/ void pkgAcqMetaIndex::QueueIndexes(bool verify) /*{{{*/ { #if 0 - /* Reject invalid, existing Release files (LP: #346386) (Closes: #195301) + /* Reject invalid, existing Release files (LP: #346386) (Closes: #627642) * FIXME: Disabled; it breaks unsigned repositories without hashes */ if (!verify && FileExists(DestFile) && !MetaIndexParser->Load(DestFile)) { @@ -1533,7 +1533,7 @@ void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) RunScripts("APT::Update::Auth-Failure"); return; } else if (LookupTag(Message,"Message").find("NODATA") != string::npos) { - /* Invalid signature file, reject (LP: #346386) (Closes: #195301) */ + /* Invalid signature file, reject (LP: #346386) (Closes: #627642) */ _error->Error(_("GPG error: %s: %s"), Desc.Description.c_str(), LookupTag(Message,"Message").c_str()); -- cgit v1.2.3