From cbbf185c3c55effe47f218a07e7b1f324973a8a6 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Mon, 29 May 2017 12:37:08 +0200 Subject: fail InRelease on non-404 HTTP errorcodes There are very many HTTP errorcodes which indicate that the repository isn't available at the moment or the connection has some kind of problem. Given that we do not require Release files the result was that these errors were ignored and the user presented with a message like "Repository is no longer signed" which sends the user in the wrong direction. Instead of trying to figure out which http errorcodes indicate a global problem we accept only 404 for ignoring and consider all the rest as hard errors now causing us to stop instantly after the InRelease file and print the errorcode (with short description from server) received. --- apt-pkg/acquire-item.cc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'apt-pkg/acquire-item.cc') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 3ce0f25cf..574ef4939 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1717,7 +1717,11 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c if (AuthPass == false) { - if (Status == StatAuthError || Status == StatTransientNetworkError) + auto const failreason = LookupTag(Message, "FailReason"); + auto const httperror = "HttpError"; + if (Status == StatAuthError || Status == StatTransientNetworkError || + (strncmp(failreason.c_str(), httperror, strlen(httperror)) == 0 && + failreason != "HttpError404")) { // if we expected a ClearTextSignature (InRelease) but got a network // error or got a file, but it wasn't valid, we end up here (see VerifyDone). -- cgit v1.2.3