From 7db98ffceda347f0bc457c6bdc4ff33d60e26b18 Mon Sep 17 00:00:00 2001 From: Matt Zimmerman Date: Mon, 13 Dec 2004 09:13:21 +0000 Subject: Merge apt--authentication--0 Patches applied: * apt@arch.ubuntu.com/apt--experimental--0.6--base-0 tag of apt@arch.ubuntu.com/apt--MAIN--0--patch-1190 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-1 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-2 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-3 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-4 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-5 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-6 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-7 Merge working copy of v0.6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-8 0.6.0 is headed for experimental, not unstable * apt@arch.ubuntu.com/apt--experimental--0.6--patch-9 Date * apt@arch.ubuntu.com/apt--experimental--0.6--patch-10 Update LIB_APT_PKG_MAJOR * apt@arch.ubuntu.com/apt--experimental--0.6--patch-11 - Fix a heap corruption bug in pkgSrcRecords::pkgSrcRec... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-12 Resynch * apt@arch.ubuntu.com/apt--experimental--0.6--patch-13 * Merge apt 0.5.17 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-14 * Rearrange Release file authentication code to be more... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-15 * Convert distribution "../project/experimental" to "ex... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-16 Merge 1.11 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-17 Merge 1.7 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-18 Merge 1.10 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-19 * Make a number of Release file errors into warnings; f... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-20 * Add space between package names when multiple unauthe... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-21 * Provide apt-key with a secret keyring and a trustdb, ... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-22 * Fix typo in apt-key(8) (standard input is '-', not '/') * apt@arch.ubuntu.com/apt--experimental--0.6--patch-23 0.6.2 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-24 Resynch * apt@arch.ubuntu.com/apt--experimental--0.6--patch-25 * Fix MetaIndexURI for flat ("foo/") sources * apt@arch.ubuntu.com/apt--experimental--0.6--patch-26 0.6.3 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-27 * Use the top-level Release file in LoadReleaseInfo, ra... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-28 0.6.4 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-29 Clarify * apt@arch.ubuntu.com/apt--experimental--0.6--patch-30 * Move the authentication check into a separate functio... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-31 * Fix display of unauthenticated packages when they are... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-32 * Move the authentication check into a separate functio... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-33 * Restore the ugly hack I removed from indexRecords::Lo... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-34 0.6.6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-35 * Forgot to revert part of the changes to tagfile in 0.... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-36 * Add a config option and corresponding command line option * apt@arch.ubuntu.com/apt--experimental--0.6--patch-37 0.6.8 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-38 hopefully avoid more segfaults * apt@arch.ubuntu.com/apt--experimental--0.6--patch-39 XXX * apt@arch.ubuntu.com/apt--experimental--0.6--patch-40 * Another tagfile workaround * apt@arch.ubuntu.com/apt--experimental--0.6--patch-41 * Use "Codename" (woody, sarge, etc.) to supply the val... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-42 * Support IMS requests of Release.gpg and Release * apt@arch.ubuntu.com/apt--experimental--0.6--patch-43 * Have pkgAcquireIndex calculate an MD5 sum if one is n... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-44 * Merge 0.5.18 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-45 apt (0.6.13) experimental; urgency=low * apt@arch.ubuntu.com/apt--experimental--0.6--patch-46 0.6.13 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-47 Merge 0.5.20 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-48 The source list works a bit differently in 0.6; fix the... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-49 * s/Debug::Acquire::gpg/&v/ * apt@arch.ubuntu.com/apt--experimental--0.6--patch-50 * Honor the [vendor] syntax in sources.list again (thou... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-51 * Don't ship vendors.list(5) since it isn't used yet * apt@arch.ubuntu.com/apt--experimental--0.6--patch-52 * Revert change from 0.6.10; it was right in the first ... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-53 * Fix some cases where the .gpg file could be left in p... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-54 Print a warning if gnupg is not installed * apt@arch.ubuntu.com/apt--experimental--0.6--patch-55 * Handle more IMS stuff correctly * apt@arch.ubuntu.com/apt--experimental--0.6--patch-56 0.6.17 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-57 * Merge 0.5.21 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-58 * Add new Debian Archive Automatic Signing Key to the d... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-59 0.6.18 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-60 * Merge 0.5.22 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-61 * Convert apt-key(8) to docbook XML * apt@arch.ubuntu.com/apt--experimental--0.6--patch-62 Merge 0.5.23 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-63 Remove bogus partial 0.5.22 changelog entry * apt@arch.ubuntu.com/apt--experimental--0.6--patch-64 Make the auth warning a bit less redundant * apt@arch.ubuntu.com/apt--experimental--0.6--patch-65 * Merge 0.5.24 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-66 * Make the unauthenticated packages prompt more intuiti... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-67 Merge 0.5.25 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-68 * Remove obsolete pkgIterator::TargetVer() (Closes: #230159) * apt@arch.ubuntu.com/apt--experimental--0.6--patch-69 * Reverse test in CheckAuth to match new prompt (Closes... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-70 Update version * apt@arch.ubuntu.com/apt--experimental--0.6--patch-71 Fix backwards sense of CheckAuth prompt * apt@arch.ubuntu.com/apt--experimental--0.6--patch-72 0.6.24 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-73 Close bug * apt@arch.ubuntu.com/apt--experimental--0.6--patch-74 * Fix handling of two-part sources for sources.list deb... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-75 0.6.25 * apt@packages.debian.org/apt--authentication--0--base-0 tag of apt@arch.ubuntu.com/apt--experimental--0.6--patch-75 * apt@packages.debian.org/apt--authentication--0--patch-1 Michael Vogt's merge of apt--experimental--0 onto apt--main--0 * apt@packages.debian.org/apt--authentication--0--patch-2 Merge from apt--main--0 * apt@packages.debian.org/apt--authentication--0--patch-3 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-4 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-5 Update version number in configure.in * apt@packages.debian.org/apt--authentication--0--patch-6 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-7 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-8 Merge from mvo's branch * apt@packages.debian.org/apt--authentication--0--patch-9 Merge from mvo's tree * apt@packages.debian.org/apt--authentication--0--patch-10 Merge from mvo * apt@packages.debian.org/apt--authentication--0--patch-11 Fix permissions AGAIN * michael.vogt@canonical.com--2004--laptop/apt--authentication-mvo--0--base-0 tag of michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-12 * michael.vogt@canonical.com--2004--laptop/apt--authentication-mvo--0--patch-1 * star-merged matt's changes (bz2 support for data-members in debs) * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-1 tag of apt@packages.debian.org/apt--authentication--0--base-0 * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-2 merged "tla apply-delta -A foo@ apt@arch.ubuntu.com/apt--MAIN--0--patch-1190 apt@arch.ubuntu.com/apt--MAIN--0--patch-1343" and cleaned up conflicts * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-3 * missing bits from the merge added * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-4 * star-merged with apt@packages.debian.org/apt--main--0 * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-5 * tree-synced to the apt--authentication tree * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-6 * use the ubuntu-key in this version * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-7 * imported the patches from mdz * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-8 * apt-get update --print-uris works now as before (fallback to 0.5.x behaviour) * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-9 * fix for the "if any source unauthenticated, all other sources are unauthenticated too" problem * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-10 * reworked the "--print-uris" patch. it no longer uses: "APT::Get::Print-URIs" in the library * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-11 * version of the library set to 3.6 * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-12 * changelog finallized, will upload to people.ubuntulinux.org/~mvo/apt-authentication * michael.vogt@canonical.com--2004/apt--main-authentication--0--base-0 tag of apt@packages.debian.org/apt--main--0--patch-22 * michael.vogt@canonical.com--2004/apt--main-authentication--0--patch-1 * star-merge from apt--experimental--0.6 * michael.vogt@canonical.com--2004/apt--main-authentication--0--patch-2 * compile failure fix for methods/http.cc, po-file fixes --- apt-pkg/acquire-item.cc | 439 ++++++++++++++++++++++++++++++++++++++----- apt-pkg/acquire-item.h | 76 ++++++-- apt-pkg/acquire-method.cc | 8 +- apt-pkg/acquire-method.h | 3 +- apt-pkg/acquire.cc | 2 +- apt-pkg/acquire.h | 4 +- apt-pkg/cacheiterators.h | 3 +- apt-pkg/deb/debindexfile.cc | 77 +------- apt-pkg/deb/debindexfile.h | 16 +- apt-pkg/deb/deblistparser.cc | 6 +- apt-pkg/deb/debmetaindex.cc | 269 ++++++++++++++++++++++++++ apt-pkg/deb/debmetaindex.h | 48 +++++ apt-pkg/indexfile.cc | 10 +- apt-pkg/indexfile.h | 9 +- apt-pkg/indexrecords.cc | 151 +++++++++++++++ apt-pkg/indexrecords.h | 52 +++++ apt-pkg/init.h | 4 +- apt-pkg/makefile | 12 +- apt-pkg/metaindex.h | 48 +++++ apt-pkg/pkgcachegen.cc | 15 +- apt-pkg/sourcelist.cc | 139 ++++---------- apt-pkg/sourcelist.h | 35 +--- apt-pkg/srcrecords.cc | 44 ++--- apt-pkg/srcrecords.h | 6 +- apt-pkg/tagfile.cc | 6 +- apt-pkg/vendor.cc | 39 ++++ apt-pkg/vendor.h | 37 ++++ apt-pkg/vendorlist.cc | 144 ++++++++++++++ apt-pkg/vendorlist.h | 52 +++++ 29 files changed, 1429 insertions(+), 325 deletions(-) create mode 100644 apt-pkg/deb/debmetaindex.cc create mode 100644 apt-pkg/deb/debmetaindex.h create mode 100644 apt-pkg/indexrecords.cc create mode 100644 apt-pkg/indexrecords.h create mode 100644 apt-pkg/metaindex.h create mode 100644 apt-pkg/vendor.cc create mode 100644 apt-pkg/vendor.h create mode 100644 apt-pkg/vendorlist.cc create mode 100644 apt-pkg/vendorlist.h (limited to 'apt-pkg') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 6227888b6..ada640936 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: acquire-item.cc,v 1.46 2003/02/02 22:19:17 jgg Exp $ +// $Id: acquire-item.cc,v 1.46.2.9 2004/01/16 18:51:11 mdz Exp $ /* ###################################################################### Acquire Item - Item to acquire @@ -19,9 +19,11 @@ #include #include #include +#include #include #include #include +#include #include @@ -32,7 +34,7 @@ #include /*}}}*/ -using std::string; +using namespace std; // Acquire::Item::Item - Constructor /*{{{*/ // --------------------------------------------------------------------- @@ -134,8 +136,9 @@ void pkgAcquire::Item::Rename(string From,string To) /* The package file is added to the queue and a second class is instantiated to fetch the revision file */ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner, - string URI,string URIDesc,string ShortDesc) : - Item(Owner), RealURI(URI) + string URI,string URIDesc,string ShortDesc, + string ExpectedMD5) : + Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5) { Decompression = false; Erase = false; @@ -199,6 +202,28 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5, if (Decompression == true) { + if (_config->FindB("Debug::pkgAcquire::Auth", false)) + { + std::cerr << std::endl << RealURI << ": Computed MD5: " << MD5; + std::cerr << " Expected MD5: " << ExpectedMD5 << std::endl; + } + + if (MD5.empty()) + { + MD5Summation sum; + FileFd Fd(DestFile, FileFd::ReadOnly); + sum.AddFD(Fd.Fd(), Fd.Size()); + Fd.Close(); + MD5 = (string)sum.Result(); + } + + if (!ExpectedMD5.empty() && MD5 != ExpectedMD5) + { + Status = StatAuthError; + ErrorText = _("MD5Sum mismatch"); + Rename(DestFile,DestFile + ".FAILED"); + return; + } // Done, move it into position string FinalFile = _config->FindDir("Dir::State::lists"); FinalFile += URItoFileName(RealURI); @@ -226,7 +251,7 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5, // The files timestamp matches if (StringToBool(LookupTag(Message,"Alt-IMS-Hit"),false) == true) return; - + Decompression = true; Local = true; DestFile += ".decomp"; @@ -269,31 +294,45 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5, QueueURI(Desc); Mode = decompProg; } - /*}}}*/ -// AcqIndexRel::pkgAcqIndexRel - Constructor /*{{{*/ -// --------------------------------------------------------------------- -/* The Release file is added to the queue */ -pkgAcqIndexRel::pkgAcqIndexRel(pkgAcquire *Owner, - string URI,string URIDesc,string ShortDesc) : - Item(Owner), RealURI(URI) +pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner, + string URI,string URIDesc,string ShortDesc, + string MetaIndexURI, string MetaIndexURIDesc, + string MetaIndexShortDesc, + const vector* IndexTargets, + indexRecords* MetaIndexParser) : + Item(Owner), RealURI(URI), MetaIndexURI(MetaIndexURI), + MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc) { + this->MetaIndexParser = MetaIndexParser; + this->IndexTargets = IndexTargets; DestFile = _config->FindDir("Dir::State::lists") + "partial/"; DestFile += URItoFileName(URI); - + // Create the item - Desc.URI = URI; Desc.Description = URIDesc; - Desc.ShortDesc = ShortDesc; Desc.Owner = this; + Desc.ShortDesc = ShortDesc; + Desc.URI = URI; + + + string Final = _config->FindDir("Dir::State::lists"); + Final += URItoFileName(RealURI); + struct stat Buf; + if (stat(Final.c_str(),&Buf) == 0) + { + // File was already in place. It needs to be re-verified + // because Release might have changed, so Move it into partial + Rename(Final,DestFile); + } QueueURI(Desc); } /*}}}*/ -// AcqIndexRel::Custom600Headers - Insert custom request headers /*{{{*/ +// pkgAcqMetaSig::Custom600Headers - Insert custom request headers /*{{{*/ // --------------------------------------------------------------------- /* The only header we use is the last-modified header. */ -string pkgAcqIndexRel::Custom600Headers() +string pkgAcqMetaSig::Custom600Headers() { string Final = _config->FindDir("Dir::State::lists"); Final += URItoFileName(RealURI); @@ -304,14 +343,9 @@ string pkgAcqIndexRel::Custom600Headers() return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime); } - /*}}}*/ -// AcqIndexRel::Done - Item downloaded OK /*{{{*/ -// --------------------------------------------------------------------- -/* The release file was not placed into the download directory then - a copy URI is generated and it is copied there otherwise the file - in the partial directory is moved into .. and the URI is finished. */ -void pkgAcqIndexRel::Done(string Message,unsigned long Size,string MD5, - pkgAcquire::MethodConfig *Cfg) + +void pkgAcqMetaSig::Done(string Message,unsigned long Size,string MD5, + pkgAcquire::MethodConfig *Cfg) { Item::Done(Message,Size,MD5,Cfg); @@ -323,34 +357,34 @@ void pkgAcqIndexRel::Done(string Message,unsigned long Size,string MD5, return; } - Complete = true; - - // The files timestamp matches - if (StringToBool(LookupTag(Message,"IMS-Hit"),false) == true) - return; - - // We have to copy it into place if (FileName != DestFile) { + // We have to copy it into place Local = true; Desc.URI = "copy:" + FileName; QueueURI(Desc); return; } - - // Done, move it into position - string FinalFile = _config->FindDir("Dir::State::lists"); - FinalFile += URItoFileName(RealURI); - Rename(DestFile,FinalFile); - - chmod(FinalFile.c_str(),0644); + + Complete = true; + + // queue a pkgAcqMetaIndex to be verified against the sig we just retrieved + new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc, + DestFile, IndexTargets, MetaIndexParser); + } /*}}}*/ -// AcqIndexRel::Failed - Silence failure messages for missing rel files /*{{{*/ -// --------------------------------------------------------------------- -/* */ -void pkgAcqIndexRel::Failed(string Message,pkgAcquire::MethodConfig *Cnf) +void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf) { + // Delete any existing sigfile, so that this source isn't + // mistakenly trusted + string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI); + unlink(Final.c_str()); + + // queue a pkgAcqMetaIndex with no sigfile + new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc, + "", IndexTargets, MetaIndexParser); + if (Cnf->LocalOnly == true || StringToBool(LookupTag(Message,"Transient-Failure"),false) == false) { @@ -363,6 +397,284 @@ void pkgAcqIndexRel::Failed(string Message,pkgAcquire::MethodConfig *Cnf) Item::Failed(Message,Cnf); } + +pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire *Owner, + string URI,string URIDesc,string ShortDesc, + string SigFile, + const vector* IndexTargets, + indexRecords* MetaIndexParser) : + Item(Owner), RealURI(URI), SigFile(SigFile) +{ + this->AuthPass = false; + this->MetaIndexParser = MetaIndexParser; + this->IndexTargets = IndexTargets; + DestFile = _config->FindDir("Dir::State::lists") + "partial/"; + DestFile += URItoFileName(URI); + + // Create the item + Desc.Description = URIDesc; + Desc.Owner = this; + Desc.ShortDesc = ShortDesc; + Desc.URI = URI; + + QueueURI(Desc); +} + + /*}}}*/ +// pkgAcqMetaIndex::Custom600Headers - Insert custom request headers /*{{{*/ +// --------------------------------------------------------------------- +/* The only header we use is the last-modified header. */ +string pkgAcqMetaIndex::Custom600Headers() +{ + string Final = _config->FindDir("Dir::State::lists"); + Final += URItoFileName(RealURI); + + struct stat Buf; + if (stat(Final.c_str(),&Buf) != 0) + return "\nIndex-File: true"; + + return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime); +} + +void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string MD5, + pkgAcquire::MethodConfig *Cfg) +{ + Item::Done(Message,Size,MD5,Cfg); + + // MetaIndexes are done in two passes: one to download the + // metaindex with an appropriate method, and a second to verify it + // with the gpgv method + + if (AuthPass == true) + { + AuthDone(Message); + } + else + { + RetrievalDone(Message); + if (!Complete) + // Still more retrieving to do + return; + + if (SigFile == "") + { + // There was no signature file, so we are finished. Download + // the indexes without verification. + QueueIndexes(false); + } + else + { + // There was a signature file, so pass it to gpgv for + // verification + + if (_config->FindB("Debug::pkgAcquire::Auth", false)) + std::cerr << "Metaindex acquired, queueing gpg verification (" + << SigFile << "," << DestFile << ")\n"; + AuthPass = true; + Desc.URI = "gpgv:" + SigFile; + QueueURI(Desc); + Mode = "gpgv"; + } + } +} + +void pkgAcqMetaIndex::RetrievalDone(string Message) +{ + // We have just finished downloading a Release file (it is not + // verified yet) + + string FileName = LookupTag(Message,"Filename"); + if (FileName.empty() == true) + { + Status = StatError; + ErrorText = "Method gave a blank filename"; + return; + } + + if (FileName != DestFile) + { + Local = true; + Desc.URI = "copy:" + FileName; + QueueURI(Desc); + return; + } + + Complete = true; + + string FinalFile = _config->FindDir("Dir::State::lists"); + FinalFile += URItoFileName(RealURI); + + // The files timestamp matches + if (StringToBool(LookupTag(Message,"IMS-Hit"),false) == false) + { + // Move it into position + Rename(DestFile,FinalFile); + } + DestFile = FinalFile; +} + +void pkgAcqMetaIndex::AuthDone(string Message) +{ + // At this point, the gpgv method has succeeded, so there is a + // valid signature from a key in the trusted keyring. We + // perform additional verification of its contents, and use them + // to verify the indexes we are about to download + + if (!MetaIndexParser->Load(DestFile)) + { + Status = StatAuthError; + ErrorText = MetaIndexParser->ErrorText; + return; + } + + if (!VerifyVendor()) + { + return; + } + + if (_config->FindB("Debug::pkgAcquire::Auth", false)) + std::cerr << "Signature verification succeeded: " + << DestFile << std::endl; + + // Download further indexes with verification + QueueIndexes(true); + + // Done, move signature file into position + + string VerifiedSigFile = _config->FindDir("Dir::State::lists") + + URItoFileName(RealURI) + ".gpg"; + Rename(SigFile,VerifiedSigFile); + chmod(VerifiedSigFile.c_str(),0644); +} + +void pkgAcqMetaIndex::QueueIndexes(bool verify) +{ + for (vector ::const_iterator Target = IndexTargets->begin(); + Target != IndexTargets->end(); + Target++) + { + string ExpectedIndexMD5; + if (verify) + { + const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey); + if (!Record) + { + Status = StatAuthError; + ErrorText = "Unable to find expected entry " + + (*Target)->MetaKey + " in Meta-index file (malformed Release file?)"; + return; + } + ExpectedIndexMD5 = Record->MD5Hash; + if (_config->FindB("Debug::pkgAcquire::Auth", false)) + { + std::cerr << "Queueing: " << (*Target)->URI << std::endl; + std::cerr << "Expected MD5: " << ExpectedIndexMD5 << std::endl; + } + if (ExpectedIndexMD5.empty()) + { + Status = StatAuthError; + ErrorText = "Unable to find MD5 sum for " + + (*Target)->MetaKey + " in Meta-index file"; + return; + } + } + + // Queue Packages file + new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description, + (*Target)->ShortDesc, ExpectedIndexMD5); + } +} + +bool pkgAcqMetaIndex::VerifyVendor() +{ +// // Maybe this should be made available from above so we don't have +// // to read and parse it every time? +// pkgVendorList List; +// List.ReadMainList(); + +// const Vendor* Vndr = NULL; +// for (std::vector::const_iterator I = GPGVOutput.begin(); I != GPGVOutput.end(); I++) +// { +// string::size_type pos = (*I).find("VALIDSIG "); +// if (_config->FindB("Debug::Vendor", false)) +// std::cerr << "Looking for VALIDSIG in \"" << (*I) << "\": pos " << pos +// << std::endl; +// if (pos != std::string::npos) +// { +// string Fingerprint = (*I).substr(pos+sizeof("VALIDSIG")); +// if (_config->FindB("Debug::Vendor", false)) +// std::cerr << "Looking for \"" << Fingerprint << "\" in vendor..." << +// std::endl; +// Vndr = List.FindVendor(Fingerprint) != ""; +// if (Vndr != NULL); +// break; +// } +// } + + string Transformed = MetaIndexParser->GetExpectedDist(); + + if (Transformed == "../project/experimental") + { + Transformed = "experimental"; + } + + string::size_type pos = Transformed.rfind('/'); + if (pos != string::npos) + { + Transformed = Transformed.substr(0, pos); + } + + if (Transformed == ".") + { + Transformed = ""; + } + + if (_config->FindB("Debug::pkgAcquire::Auth", false)) + { + std::cerr << "Got Codename: " << MetaIndexParser->GetDist() << std::endl; + std::cerr << "Expecting Dist: " << MetaIndexParser->GetExpectedDist() << std::endl; + std::cerr << "Transformed Dist: " << Transformed << std::endl; + } + + if (MetaIndexParser->CheckDist(Transformed) == false) + { + // This might become fatal one day +// Status = StatAuthError; +// ErrorText = "Conflicting distribution; expected " +// + MetaIndexParser->GetExpectedDist() + " but got " +// + MetaIndexParser->GetDist(); +// return false; + if (!Transformed.empty()) + { + _error->Warning("Conflicting distribution: %s (expected %s but got %s)", + Desc.Description.c_str(), + Transformed.c_str(), + MetaIndexParser->GetDist().c_str()); + } + } + + return true; +} + /*}}}*/ +// pkgAcqMetaIndex::Failed - no Release file present or no signature +// file present /*{{{*/ +// --------------------------------------------------------------------- +/* */ +void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) +{ + if (AuthPass == true) + { + // gpgv method failed + _error->Warning("GPG error: %s: %s", + Desc.Description.c_str(), + LookupTag(Message,"Message").c_str()); + } + + // No Release file was present, or verification failed, so fall + // back to queueing Packages files without verification + QueueIndexes(false); +} + /*}}}*/ // AcqArchive::AcqArchive - Constructor /*{{{*/ @@ -373,7 +685,8 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources, pkgRecords *Recs,pkgCache::VerIterator const &Version, string &StoreFilename) : Item(Owner), Version(Version), Sources(Sources), Recs(Recs), - StoreFilename(StoreFilename), Vf(Version.FileList()) + StoreFilename(StoreFilename), Vf(Version.FileList()), + Trusted(false) { Retries = _config->FindI("Acquire::Retries",0); @@ -411,7 +724,25 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources, QuoteString(Version.Arch(),"_:.") + "." + flExtension(Parse.FileName()); } - + + // check if we have one trusted source for the package. if so, switch + // to "TrustedOnly" mode + for (pkgCache::VerFileIterator i = Version.FileList(); i.end() == false; i++) + { + pkgIndexFile *Index; + if (Sources->FindIndex(i.File(),Index) == false) + continue; + if (_config->FindB("Debug::pkgAcquire::Auth", false)) + { + std::cerr << "Checking index: " << Index->Describe() + << "(Trusted=" << Index->IsTrusted() << ")\n"; + } + if (Index->IsTrusted()) { + Trusted = true; + break; + } + } + // Select a source if (QueueNext() == false && _error->PendingError() == false) _error->Error(_("I wasn't able to locate file for the %s package. " @@ -437,6 +768,11 @@ bool pkgAcqArchive::QueueNext() if (Sources->FindIndex(Vf.File(),Index) == false) continue; + // only try to get a trusted package from another source if that source + // is also trusted + if(Trusted && !Index->IsTrusted()) + continue; + // Grab the text package record pkgRecords::Parser &Parse = Recs->Lookup(Vf); if (_error->PendingError() == true) @@ -449,6 +785,11 @@ bool pkgAcqArchive::QueueNext() "field for package %s."), Version.ParentPkg().Name()); + Desc.URI = Index->ArchiveURI(PkgFile); + Desc.Description = Index->ArchiveInfo(Version); + Desc.Owner = this; + Desc.ShortDesc = Version.ParentPkg().Name(); + // See if we already have the file. (Legacy filenames) FileSize = Version->Size; string FinalFile = _config->FindDir("Dir::Cache::Archives") + flNotDir(PkgFile); @@ -609,6 +950,14 @@ void pkgAcqArchive::Failed(string Message,pkgAcquire::MethodConfig *Cnf) } } /*}}}*/ +// AcqArchive::IsTrusted - Determine whether this archive comes from a +// trusted source /*{{{*/ +// --------------------------------------------------------------------- +bool pkgAcqArchive::IsTrusted() +{ + return Trusted; +} + // AcqArchive::Finished - Fetching has finished, tidy up /*{{{*/ // --------------------------------------------------------------------- /* */ diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h index 9dab78f36..2b122cffb 100644 --- a/apt-pkg/acquire-item.h +++ b/apt-pkg/acquire-item.h @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: acquire-item.h,v 1.26 2003/02/02 03:13:13 doogie Exp $ +// $Id: acquire-item.h,v 1.26.2.3 2004/01/02 18:51:00 mdz Exp $ /* ###################################################################### Acquire Item - Item to acquire @@ -22,7 +22,10 @@ #include #include +#include +#include #include +#include #ifdef __GNUG__ #pragma interface "apt-pkg/acquire-item.h" @@ -45,7 +48,7 @@ class pkgAcquire::Item public: // State of the item - enum {StatIdle, StatFetching, StatDone, StatError} Status; + enum {StatIdle, StatFetching, StatDone, StatError, StatAuthError} Status; string ErrorText; unsigned long FileSize; unsigned long PartialSize; @@ -67,11 +70,13 @@ class pkgAcquire::Item virtual void Start(string Message,unsigned long Size); virtual string Custom600Headers() {return string();}; virtual string DescURI() = 0; + virtual string ShortDesc() {return DescURI();} virtual void Finished() {}; // Inquire functions virtual string MD5Sum() {return string();}; pkgAcquire *GetOwner() {return Owner;}; + virtual bool IsTrusted() {return false;}; Item(pkgAcquire *Owner); virtual ~Item(); @@ -86,6 +91,7 @@ class pkgAcqIndex : public pkgAcquire::Item bool Erase; pkgAcquire::ItemDesc Desc; string RealURI; + string ExpectedMD5; public: @@ -97,28 +103,73 @@ class pkgAcqIndex : public pkgAcquire::Item virtual string DescURI() {return RealURI + ".gz";}; pkgAcqIndex(pkgAcquire *Owner,string URI,string URIDesc, - string ShortDesct); + string ShortDesct, string ExpectedMD5); }; -// Item class for index files -class pkgAcqIndexRel : public pkgAcquire::Item +struct IndexTarget +{ + string URI; + string Description; + string ShortDesc; + string MetaKey; +}; + +// Item class for index signatures +class pkgAcqMetaSig : public pkgAcquire::Item { protected: pkgAcquire::ItemDesc Desc; - string RealURI; - + string RealURI,MetaIndexURI,MetaIndexURIDesc,MetaIndexShortDesc; + indexRecords* MetaIndexParser; + const vector* IndexTargets; + public: // Specialized action members virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf); virtual void Done(string Message,unsigned long Size,string Md5Hash, - pkgAcquire::MethodConfig *Cnf); + pkgAcquire::MethodConfig *Cnf); virtual string Custom600Headers(); - virtual string DescURI() {return RealURI;}; + virtual string DescURI() {return RealURI; }; + + pkgAcqMetaSig(pkgAcquire *Owner,string URI,string URIDesc, string ShortDesc, + string MetaIndexURI, string MetaIndexURIDesc, string MetaIndexShortDesc, + const vector* IndexTargets, + indexRecords* MetaIndexParser); +}; + +// Item class for index signatures +class pkgAcqMetaIndex : public pkgAcquire::Item +{ + protected: + + pkgAcquire::ItemDesc Desc; + string RealURI; // FIXME: is this redundant w/ Desc.URI? + string SigFile; + const vector* IndexTargets; + indexRecords* MetaIndexParser; + bool AuthPass; + + bool VerifyVendor(); + void RetrievalDone(string Message); + void AuthDone(string Message); + void QueueIndexes(bool verify); + + public: - pkgAcqIndexRel(pkgAcquire *Owner,string URI,string URIDesc, - string ShortDesct); + // Specialized action members + virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf); + virtual void Done(string Message,unsigned long Size,string Md5Hash, + pkgAcquire::MethodConfig *Cnf); + virtual string Custom600Headers(); + virtual string DescURI() {return RealURI; }; + + pkgAcqMetaIndex(pkgAcquire *Owner, + string URI,string URIDesc, string ShortDesc, + string SigFile, + const vector* IndexTargets, + indexRecords* MetaIndexParser); }; // Item class for archive files @@ -135,6 +186,7 @@ class pkgAcqArchive : public pkgAcquire::Item string &StoreFilename; pkgCache::VerFileIterator Vf; unsigned int Retries; + bool Trusted; // Queue the next available file for download. bool QueueNext(); @@ -147,7 +199,9 @@ class pkgAcqArchive : public pkgAcquire::Item pkgAcquire::MethodConfig *Cnf); virtual string MD5Sum() {return MD5;}; virtual string DescURI() {return Desc.URI;}; + virtual string ShortDesc() {return Desc.ShortDesc;}; virtual void Finished(); + virtual bool IsTrusted(); pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources, pkgRecords *Recs,pkgCache::VerIterator const &Version, diff --git a/apt-pkg/acquire-method.cc b/apt-pkg/acquire-method.cc index df8628916..04c62eaaa 100644 --- a/apt-pkg/acquire-method.cc +++ b/apt-pkg/acquire-method.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: acquire-method.cc,v 1.27 2001/05/22 04:27:11 jgg Exp $ +// $Id: acquire-method.cc,v 1.27.2.1 2003/12/24 23:09:17 mdz Exp $ /* ###################################################################### Acquire Method @@ -29,6 +29,7 @@ #include #include #include +#include /*}}}*/ using namespace std; @@ -181,6 +182,11 @@ void pkgAcqMethod::URIDone(FetchResult &Res, FetchResult *Alt) End += snprintf(End,sizeof(S)-50 - (End - S),"MD5-Hash: %s\n",Res.MD5Sum.c_str()); if (Res.SHA1Sum.empty() == false) End += snprintf(End,sizeof(S)-50 - (End - S),"SHA1-Hash: %s\n",Res.SHA1Sum.c_str()); + if (Res.GPGVOutput.size() > 0) + End += snprintf(End,sizeof(S)-50 - (End - S),"GPGVOutput:\n"); + for (vector::iterator I = Res.GPGVOutput.begin(); + I != Res.GPGVOutput.end(); I++) + End += snprintf(End,sizeof(S)-50 - (End - S), " %s\n", (*I).c_str()); if (Res.ResumePoint != 0) End += snprintf(End,sizeof(S)-50 - (End - S),"Resume-Point: %lu\n", diff --git a/apt-pkg/acquire-method.h b/apt-pkg/acquire-method.h index 4721a3b65..f46209d12 100644 --- a/apt-pkg/acquire-method.h +++ b/apt-pkg/acquire-method.h @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: acquire-method.h,v 1.15 2001/03/13 06:51:46 jgg Exp $ +// $Id: acquire-method.h,v 1.15.2.1 2003/12/24 23:09:17 mdz Exp $ /* ###################################################################### Acquire Method - Method helper class + functions @@ -39,6 +39,7 @@ class pkgAcqMethod { string MD5Sum; string SHA1Sum; + vector GPGVOutput; time_t LastModified; bool IMSHit; string Filename; diff --git a/apt-pkg/acquire.cc b/apt-pkg/acquire.cc index 7800dc8d0..3c207fd27 100644 --- a/apt-pkg/acquire.cc +++ b/apt-pkg/acquire.cc @@ -481,7 +481,7 @@ double pkgAcquire::PartialPresent() Total += (*I)->PartialSize; return Total; } - /*}}}*/ + // Acquire::UriBegin - Start iterator for the uri list /*{{{*/ // --------------------------------------------------------------------- /* */ diff --git a/apt-pkg/acquire.h b/apt-pkg/acquire.h index 1881e80d5..65c53a953 100644 --- a/apt-pkg/acquire.h +++ b/apt-pkg/acquire.h @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: acquire.h,v 1.29 2001/05/22 04:17:18 jgg Exp $ +// $Id: acquire.h,v 1.29.2.1 2003/12/24 23:09:17 mdz Exp $ /* ###################################################################### Acquire - File Acquiration @@ -121,7 +121,7 @@ class pkgAcquire double TotalNeeded(); double FetchNeeded(); double PartialPresent(); - + pkgAcquire(pkgAcquireStatus *Log = 0); virtual ~pkgAcquire(); }; diff --git a/apt-pkg/cacheiterators.h b/apt-pkg/cacheiterators.h index d8fde81e6..62d2695dd 100644 --- a/apt-pkg/cacheiterators.h +++ b/apt-pkg/cacheiterators.h @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: cacheiterators.h,v 1.18 2003/10/09 23:15:25 mdz Exp $ +// $Id: cacheiterators.h,v 1.18.2.1 2004/05/08 22:44:27 mdz Exp $ /* ###################################################################### Cache Iterators - Iterators for navigating the cache structure @@ -78,7 +78,6 @@ class pkgCache::PkgIterator inline bool Purge() const {return Pkg->CurrentState == pkgCache::State::Purge || (Pkg->CurrentVer == 0 && Pkg->CurrentState == pkgCache::State::NotInstalled);}; inline VerIterator VersionList() const; - inline VerIterator TargetVer() const; inline VerIterator CurrentVer() const; inline DepIterator RevDependsList() const; inline PrvIterator ProvidesList() const; diff --git a/apt-pkg/deb/debindexfile.cc b/apt-pkg/deb/debindexfile.cc index e9c7b0638..f26265fff 100644 --- a/apt-pkg/deb/debindexfile.cc +++ b/apt-pkg/deb/debindexfile.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: debindexfile.cc,v 1.6 2004/01/04 07:41:30 mdz Exp $ +// $Id: debindexfile.cc,v 1.5.2.3 2004/01/04 19:11:00 mdz Exp $ /* ###################################################################### Debian Specific sources.list types and the three sorts of Debian @@ -23,6 +23,7 @@ #include #include #include +#include #include /*}}}*/ @@ -30,8 +31,8 @@ // SourcesIndex::debSourcesIndex - Constructor /*{{{*/ // --------------------------------------------------------------------- /* */ -debSourcesIndex::debSourcesIndex(string URI,string Dist,string Section) : - URI(URI), Dist(Dist), Section(Section) +debSourcesIndex::debSourcesIndex(string URI,string Dist,string Section,bool Trusted) : + pkgIndexFile(Trusted), URI(URI), Dist(Dist), Section(Section) { } /*}}}*/ @@ -129,16 +130,6 @@ string debSourcesIndex::IndexURI(const char *Type) const return Res; } /*}}}*/ -// SourcesIndex::GetIndexes - Fetch the index files /*{{{*/ -// --------------------------------------------------------------------- -/* */ -bool debSourcesIndex::GetIndexes(pkgAcquire *Owner) const -{ - new pkgAcqIndex(Owner,IndexURI("Sources"),Info("Sources"),"Sources"); - new pkgAcqIndexRel(Owner,IndexURI("Release"),Info("Release"),"Release"); - return true; -} - /*}}}*/ // SourcesIndex::Exists - Check if the index is available /*{{{*/ // --------------------------------------------------------------------- /* */ @@ -162,8 +153,8 @@ unsigned long debSourcesIndex::Size() const // PackagesIndex::debPackagesIndex - Contructor /*{{{*/ // --------------------------------------------------------------------- /* */ -debPackagesIndex::debPackagesIndex(string URI,string Dist,string Section) : - URI(URI), Dist(Dist), Section(Section) +debPackagesIndex::debPackagesIndex(string URI,string Dist,string Section,bool Trusted) : + pkgIndexFile(Trusted), URI(URI), Dist(Dist), Section(Section) { } /*}}}*/ @@ -246,16 +237,6 @@ string debPackagesIndex::IndexURI(const char *Type) const return Res; } /*}}}*/ -// PackagesIndex::GetIndexes - Fetch the index files /*{{{*/ -// --------------------------------------------------------------------- -/* */ -bool debPackagesIndex::GetIndexes(pkgAcquire *Owner) const -{ - new pkgAcqIndex(Owner,IndexURI("Packages"),Info("Packages"),"Packages"); - new pkgAcqIndexRel(Owner,IndexURI("Release"),Info("Release"),"Release"); - return true; -} - /*}}}*/ // PackagesIndex::Exists - Check if the index is available /*{{{*/ // --------------------------------------------------------------------- /* */ @@ -303,7 +284,7 @@ bool debPackagesIndex::Merge(pkgCacheGenerator &Gen,OpProgress &Prog) const return _error->Error("Problem with MergeList %s",PackageFile.c_str()); // Check the release file - string ReleaseFile = IndexFile("Release"); + string ReleaseFile = debReleaseIndex(URI,Dist).MetaIndexFile("Release"); if (FileExists(ReleaseFile) == true) { FileFd Rel(ReleaseFile,FileFd::ReadOnly); @@ -342,7 +323,7 @@ pkgCache::PkgFileIterator debPackagesIndex::FindInCache(pkgCache &Cache) const // StatusIndex::debStatusIndex - Constructor /*{{{*/ // --------------------------------------------------------------------- /* */ -debStatusIndex::debStatusIndex(string File) : File(File) +debStatusIndex::debStatusIndex(string File) : pkgIndexFile(true), File(File) { } /*}}}*/ @@ -418,48 +399,6 @@ bool debStatusIndex::Exists() const } /*}}}*/ -// Source List types for Debian /*{{{*/ -class debSLTypeDeb : public pkgSourceList::Type -{ - public: - - bool CreateItem(vector &List,string URI, - string Dist,string Section, - pkgSourceList::Vendor const *Vendor) const - { - List.push_back(new debPackagesIndex(URI,Dist,Section)); - return true; - }; - - debSLTypeDeb() - { - Name = "deb"; - Label = "Standard Debian binary tree"; - } -}; - -class debSLTypeDebSrc : public pkgSourceList::Type -{ - public: - - bool CreateItem(vector &List,string URI, - string Dist,string Section, - pkgSourceList::Vendor const *Vendor) const - { - List.push_back(new debSourcesIndex(URI,Dist,Section)); - return true; - }; - - debSLTypeDebSrc() - { - Name = "deb-src"; - Label = "Standard Debian source tree"; - } -}; - -debSLTypeDeb _apt_DebType; -debSLTypeDebSrc _apt_DebSrcType; - /*}}}*/ // Index File types for Debian /*{{{*/ class debIFTypeSrc : public pkgIndexFile::Type { diff --git a/apt-pkg/deb/debindexfile.h b/apt-pkg/deb/debindexfile.h index 9bce4da83..a1b9583a4 100644 --- a/apt-pkg/deb/debindexfile.h +++ b/apt-pkg/deb/debindexfile.h @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: debindexfile.h,v 1.3 2001/04/29 05:13:51 jgg Exp $ +// $Id: debindexfile.h,v 1.3.2.1 2003/12/24 23:09:17 mdz Exp $ /* ###################################################################### Debian Index Files @@ -48,10 +48,10 @@ class debPackagesIndex : public pkgIndexFile string URI; string Dist; string Section; - + string Info(const char *Type) const; string IndexFile(const char *Type) const; - string IndexURI(const char *Type) const; + string IndexURI(const char *Type) const; public: @@ -63,7 +63,6 @@ class debPackagesIndex : public pkgIndexFile // Interface for acquire virtual string Describe(bool Short) const; - virtual bool GetIndexes(pkgAcquire *Owner) const; // Interface for the Cache Generator virtual bool Exists() const; @@ -71,8 +70,8 @@ class debPackagesIndex : public pkgIndexFile virtual unsigned long Size() const; virtual bool Merge(pkgCacheGenerator &Gen,OpProgress &Prog) const; virtual pkgCache::PkgFileIterator FindInCache(pkgCache &Cache) const; - - debPackagesIndex(string URI,string Dist,string Section); + + debPackagesIndex(string URI,string Dist,string Section,bool Trusted); }; class debSourcesIndex : public pkgIndexFile @@ -83,7 +82,7 @@ class debSourcesIndex : public pkgIndexFile string Info(const char *Type) const; string IndexFile(const char *Type) const; - string IndexURI(const char *Type) const; + string IndexURI(const char *Type) const; public: @@ -96,7 +95,6 @@ class debSourcesIndex : public pkgIndexFile // Interface for acquire virtual string Describe(bool Short) const; - virtual bool GetIndexes(pkgAcquire *Owner) const; // Interface for the record parsers virtual pkgSrcRecords::Parser *CreateSrcParser() const; @@ -106,7 +104,7 @@ class debSourcesIndex : public pkgIndexFile virtual bool HasPackages() const {return false;}; virtual unsigned long Size() const; - debSourcesIndex(string URI,string Dist,string Section); + debSourcesIndex(string URI,string Dist,string Section,bool Trusted); }; #endif diff --git a/apt-pkg/deb/deblistparser.cc b/apt-pkg/deb/deblistparser.cc index cf81690e2..96a80582d 100644 --- a/apt-pkg/deb/deblistparser.cc +++ b/apt-pkg/deb/deblistparser.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: deblistparser.cc,v 1.29 2003/09/22 04:16:26 mdz Exp $ +// $Id: deblistparser.cc,v 1.29.2.5 2004/01/06 01:43:44 mdz Exp $ /* ###################################################################### Package Cache Generator - Generator for the cache structure. @@ -566,14 +566,14 @@ bool debListParser::Step() bool debListParser::LoadReleaseInfo(pkgCache::PkgFileIterator FileI, FileFd &File) { - pkgTagFile Tags(&File); + pkgTagFile Tags(&File, File.Size() + 256); // XXX pkgTagSection Section; if (Tags.Step(Section) == false) return false; const char *Start; const char *Stop; - if (Section.Find("Archive",Start,Stop) == true) + if (Section.Find("Suite",Start,Stop) == true) FileI->Archive = WriteUniqString(Start,Stop - Start); if (Section.Find("Component",Start,Stop) == true) FileI->Component = WriteUniqString(Start,Stop - Start); diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc new file mode 100644 index 000000000..526c8c0b2 --- /dev/null +++ b/apt-pkg/deb/debmetaindex.cc @@ -0,0 +1,269 @@ +// ijones, walters + +#ifdef __GNUG__ +#pragma implementation "apt-pkg/debmetaindex.h" +#endif + +#include +#include +#include +#include +#include +#include + +using namespace std; + +string debReleaseIndex::Info(const char *Type, const string Section) const +{ + string Info = ::URI::SiteOnly(URI) + ' '; + if (Dist[Dist.size() - 1] == '/') + { + if (Dist != "/") + Info += Dist; + } + else + Info += Dist + '/' + Section; + Info += " "; + Info += Type; + return Info; +} + +string debReleaseIndex::MetaIndexInfo(const char *Type) const +{ + string Info = ::URI::SiteOnly(URI) + ' '; + if (Dist[Dist.size() - 1] == '/') + { + if (Dist != "/") + Info += Dist; + } + else + Info += Dist; + Info += " "; + Info += Type; + return Info; +} + +string debReleaseIndex::MetaIndexFile(const char *Type) const +{ + return _config->FindDir("Dir::State::lists") + + URItoFileName(MetaIndexURI(Type)); +} + +string debReleaseIndex::MetaIndexURI(const char *Type) const +{ + string Res; + + if (Dist == "/") + Res = URI; + else if (Dist[Dist.size()-1] == '/') + Res = URI + Dist; + else + Res = URI + "dists/" + Dist + "/"; + + Res += Type; + return Res; +} + +string debReleaseIndex::IndexURISuffix(const char *Type, const string Section) const +{ + string Res =""; + if (Dist[Dist.size() - 1] != '/') + Res += Section + "/binary-" + _config->Find("APT::Architecture") + '/'; + return Res + Type; +} + + +string debReleaseIndex::IndexURI(const char *Type, const string Section) const +{ + if (Dist[Dist.size() - 1] == '/') + { + string Res; + if (Dist != "/") + Res = URI + Dist; + else + Res = URI; + return Res + Type; + } + else + return URI + "dists/" + Dist + '/' + IndexURISuffix(Type, Section); + } + +string debReleaseIndex::SourceIndexURISuffix(const char *Type, const string Section) const +{ + string Res =""; + if (Dist[Dist.size() - 1] != '/') + Res += Section + "/source/"; + return Res + Type; +} + +string debReleaseIndex::SourceIndexURI(const char *Type, const string Section) const +{ + string Res; + if (Dist[Dist.size() - 1] == '/') + { + if (Dist != "/") + Res = URI + Dist; + else + Res = URI; + return Res + Type; + } + else + return URI + "dists/" + Dist + "/" + SourceIndexURISuffix(Type, Section); +} + +debReleaseIndex::debReleaseIndex(string URI,string Dist) +{ + this->URI = URI; + this->Dist = Dist; + this->Indexes = NULL; + this->Type = "deb"; +} + +vector * debReleaseIndex::ComputeIndexTargets() const +{ + vector * IndexTargets = new vector ; + for (vector ::const_iterator I = SectionEntries.begin(); + I != SectionEntries.end(); + I++) + { + IndexTarget * Target = new IndexTarget(); + Target->ShortDesc = (*I)->IsSrc ? "Sources" : "Packages"; + Target->MetaKey + = (*I)->IsSrc ? SourceIndexURISuffix(Target->ShortDesc.c_str(), (*I)->Section) + : IndexURISuffix(Target->ShortDesc.c_str(), (*I)->Section); + Target->URI + = (*I)->IsSrc ? SourceIndexURI(Target->ShortDesc.c_str(), (*I)->Section) + : IndexURI(Target->ShortDesc.c_str(), (*I)->Section); + + Target->Description = Info (Target->ShortDesc.c_str(), (*I)->Section); + IndexTargets->push_back (Target); + } + return IndexTargets; +} + /*}}}*/ +bool debReleaseIndex::GetIndexes(pkgAcquire *Owner, bool GetAll) const +{ + // special case for --print-uris + if (GetAll) { + vector *targets = ComputeIndexTargets(); + for (vector ::const_iterator Target = targets->begin(); Target != targets->end(); Target++) { + new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description, + (*Target)->ShortDesc, ""); + } + } + new pkgAcqMetaSig(Owner, MetaIndexURI("Release.gpg"), + MetaIndexInfo("Release.gpg"), "Release.gpg", + MetaIndexURI("Release"), MetaIndexInfo("Release"), "Release", + ComputeIndexTargets(), + new indexRecords (Dist)); + + return true; +} + +bool debReleaseIndex::IsTrusted() const +{ + string VerifiedSigFile = _config->FindDir("Dir::State::lists") + + URItoFileName(MetaIndexURI("Release")) + ".gpg"; + + if (FileExists(VerifiedSigFile)) + return true; + return false; +} + +vector *debReleaseIndex::GetIndexFiles() +{ + if (Indexes != NULL) + return Indexes; + + Indexes = new vector ; + for (vector::const_iterator I = SectionEntries.begin(); + I != SectionEntries.end(); I++) + if ((*I)->IsSrc) + Indexes->push_back(new debSourcesIndex (URI, Dist, (*I)->Section, IsTrusted())); + else + Indexes->push_back(new debPackagesIndex (URI, Dist, (*I)->Section, IsTrusted())); + return Indexes; +} + +void debReleaseIndex::PushSectionEntry(const debSectionEntry *Entry) +{ + SectionEntries.push_back(Entry); +} + +debReleaseIndex::debSectionEntry::debSectionEntry (string Section, bool IsSrc): Section(Section) +{ + this->IsSrc = IsSrc; +} + +class debSLTypeDebian : public pkgSourceList::Type +{ + protected: + + bool CreateItemInternal(vector &List,string URI, + string Dist,string Section, + bool IsSrc) const + { + for (vector::const_iterator I = List.begin(); + I != List.end(); I++) + { + // This check insures that there will be only one Release file + // queued for all the Packages files and Sources files it + // corresponds to. + if ((*I)->GetType() == "deb") + { + debReleaseIndex *Deb = (debReleaseIndex *) (*I); + // This check insures that there will be only one Release file + // queued for all the Packages files and Sources files it + // corresponds to. + if (Deb->GetURI() == URI && Deb->GetDist() == Dist) + { + Deb->PushSectionEntry(new debReleaseIndex::debSectionEntry(Section, IsSrc)); + return true; + } + } + } + // No currently created Release file indexes this entry, so we create a new one. + // XXX determine whether this release is trusted or not + debReleaseIndex *Deb = new debReleaseIndex(URI,Dist); + Deb->PushSectionEntry (new debReleaseIndex::debSectionEntry(Section, IsSrc)); + List.push_back(Deb); + return true; + } +}; + +class debSLTypeDeb : public debSLTypeDebian +{ + public: + + bool CreateItem(vector &List,string URI, + string Dist,string Section) const + { + return CreateItemInternal(List, URI, Dist, Section, false); + } + + debSLTypeDeb() + { + Name = "deb"; + Label = "Standard Debian binary tree"; + } +}; + +class debSLTypeDebSrc : public debSLTypeDebian +{ + public: + + bool CreateItem(vector &List,string URI, + string Dist,string Section) const + { + return CreateItemInternal(List, URI, Dist, Section, true); + } + + debSLTypeDebSrc() + { + Name = "deb-src"; + Label = "Standard Debian source tree"; + } +}; + +debSLTypeDeb _apt_DebType; +debSLTypeDebSrc _apt_DebSrcType; diff --git a/apt-pkg/deb/debmetaindex.h b/apt-pkg/deb/debmetaindex.h new file mode 100644 index 000000000..2b9922987 --- /dev/null +++ b/apt-pkg/deb/debmetaindex.h @@ -0,0 +1,48 @@ +// ijones, walters +#ifndef PKGLIB_DEBMETAINDEX_H +#define PKGLIB_DEBMETAINDEX_H + +#ifdef __GNUG__ +#pragma interface "apt-pkg/debmetaindex.h" +#endif + +#include +#include + +class debReleaseIndex : public metaIndex { + public: + + class debSectionEntry + { + public: + debSectionEntry (string Section, bool IsSrc); + bool IsSrc; + string Section; + }; + + private: + vector SectionEntries; + + public: + + debReleaseIndex(string URI, string Dist); + + virtual string ArchiveURI(string File) const {return URI + File;}; + virtual bool GetIndexes(pkgAcquire *Owner, bool GetAll=false) const; + vector * ComputeIndexTargets() const; + string Info(const char *Type, const string Section) const; + string MetaIndexInfo(const char *Type) const; + string MetaIndexFile(const char *Types) const; + string MetaIndexURI(const char *Type) const; + string IndexURI(const char *Type, const string Section) const; + string IndexURISuffix(const char *Type, const string Section) const; + string SourceIndexURI(const char *Type, const string Section) const; + string SourceIndexURISuffix(const char *Type, const string Section) const; + virtual vector *GetIndexFiles(); + + virtual bool IsTrusted() const; + + void PushSectionEntry(const debSectionEntry *Entry); +}; + +#endif diff --git a/apt-pkg/indexfile.cc b/apt-pkg/indexfile.cc index f59387c1a..49665161d 100644 --- a/apt-pkg/indexfile.cc +++ b/apt-pkg/indexfile.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: indexfile.cc,v 1.2 2001/02/20 07:03:17 jgg Exp $ +// $Id: indexfile.cc,v 1.2.2.1 2003/12/24 23:09:17 mdz Exp $ /* ###################################################################### Index File - Abstraction for an index of archive/souce file. @@ -42,14 +42,6 @@ pkgIndexFile::Type *pkgIndexFile::Type::GetType(const char *Type) } /*}}}*/ -// IndexFile::GetIndexes - Stub /*{{{*/ -// --------------------------------------------------------------------- -/* */ -bool pkgIndexFile::GetIndexes(pkgAcquire *Owner) const -{ - return _error->Error("Internal Error, this index file is not downloadable"); -} - /*}}}*/ // IndexFile::ArchiveInfo - Stub /*{{{*/ // --------------------------------------------------------------------- /* */ diff --git a/apt-pkg/indexfile.h b/apt-pkg/indexfile.h index 1904fddea..be02669fa 100644 --- a/apt-pkg/indexfile.h +++ b/apt-pkg/indexfile.h @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: indexfile.h,v 1.6 2002/07/08 03:13:30 jgg Exp $ +// $Id: indexfile.h,v 1.6.2.1 2003/12/24 23:09:17 mdz Exp $ /* ###################################################################### Index File - Abstraction for an index of archive/source file. @@ -37,6 +37,9 @@ class pkgCacheGenerator; class OpProgress; class pkgIndexFile { + protected: + bool Trusted; + public: class Type @@ -64,7 +67,6 @@ class pkgIndexFile // Interface for acquire virtual string ArchiveURI(string /*File*/) const {return string();}; - virtual bool GetIndexes(pkgAcquire *Owner) const; // Interface for the record parsers virtual pkgSrcRecords::Parser *CreateSrcParser() const {return 0;}; @@ -76,7 +78,10 @@ class pkgIndexFile virtual bool Merge(pkgCacheGenerator &/*Gen*/,OpProgress &/*Prog*/) const {return false;}; virtual bool MergeFileProvides(pkgCacheGenerator &/*Gen*/,OpProgress &/*Prog*/) const {return true;}; virtual pkgCache::PkgFileIterator FindInCache(pkgCache &Cache) const; + + bool IsTrusted() const { return Trusted; }; + pkgIndexFile(bool Trusted): Trusted(Trusted) {}; virtual ~pkgIndexFile() {}; }; diff --git a/apt-pkg/indexrecords.cc b/apt-pkg/indexrecords.cc new file mode 100644 index 000000000..c4b8a8235 --- /dev/null +++ b/apt-pkg/indexrecords.cc @@ -0,0 +1,151 @@ +// -*- mode: cpp; mode: fold -*- +// Description /*{{{*/ +// $Id: indexrecords.cc,v 1.1.2.4 2003/12/30 02:11:43 mdz Exp $ + /*}}}*/ +// Include Files /*{{{*/ +#ifdef __GNUG__ +#pragma implementation "apt-pkg/indexrecords.h" +#endif +#include +#include +#include +#include +#include +#include + +string indexRecords::GetDist() const +{ + return this->Dist; +} + +bool indexRecords::CheckDist(const string MaybeDist) const +{ + return (this->Dist == MaybeDist + || this->Suite == MaybeDist); +} + +string indexRecords::GetExpectedDist() const +{ + return this->ExpectedDist; +} + +const indexRecords::checkSum *indexRecords::Lookup(const string MetaKey) +{ + return Entries[MetaKey]; +} + +bool indexRecords::Load(const string Filename) +{ + FileFd Fd(Filename, FileFd::ReadOnly); + pkgTagFile TagFile(&Fd, Fd.Size() + 256); // XXX + if (_error->PendingError() == true) + { + ErrorText = _(("Unable to parse Release file " + Filename).c_str()); + return false; + } + + pkgTagSection Section; + if (TagFile.Step(Section) == false) + { + ErrorText = _(("No sections in Release file " + Filename).c_str()); + return false; + } + + const char *Start, *End; + Section.Get (Start, End, 0); + Suite = Section.FindS("Suite"); + Dist = Section.FindS("Codename"); +// if (Dist.empty()) +// { +// ErrorText = _(("No Codename entry in Release file " + Filename).c_str()); +// return false; +// } + if (!Section.Find("MD5Sum", Start, End)) + { + ErrorText = _(("No MD5Sum entry in Release file " + Filename).c_str()); + return false; + } + string Name; + string MD5Hash; + size_t Size; + while (Start < End) + { + if (!parseSumData(Start, End, Name, MD5Hash, Size)) + return false; + indexRecords::checkSum *Sum = new indexRecords::checkSum; + Sum->MetaKeyFilename = Name; + Sum->MD5Hash = MD5Hash; + Sum->Size = Size; + Entries[Name] = Sum; + } + + string Strdate = Section.FindS("Date"); // FIXME: verify this somehow? + return true; +} + +bool indexRecords::parseSumData(const char *&Start, const char *End, + string &Name, string &Hash, size_t &Size) +{ + Name = ""; + Hash = ""; + Size = 0; + /* Skip over the first blank */ + while ((*Start == '\t' || *Start == ' ' || *Start == '\n') + && Start < End) + Start++; + if (Start >= End) + return false; + + /* Move EntryEnd to the end of the first entry (the hash) */ + const char *EntryEnd = Start; + while ((*EntryEnd != '\t' && *EntryEnd != ' ') + && EntryEnd < End) + EntryEnd++; + if (EntryEnd == End) + return false; + + Hash.append(Start, EntryEnd-Start); + + /* Skip over intermediate blanks */ + Start = EntryEnd; + while (*Start == '\t' || *Start == ' ') + Start++; + if (Start >= End) + return false; + + EntryEnd = Start; + /* Find the end of the second entry (the size) */ + while ((*EntryEnd != '\t' && *EntryEnd != ' ' ) + && EntryEnd < End) + EntryEnd++; + if (EntryEnd == End) + return false; + + Size = strtol (Start, NULL, 10); + + /* Skip over intermediate blanks */ + Start = EntryEnd; + while (*Start == '\t' || *Start == ' ') + Start++; + if (Start >= End) + return false; + + EntryEnd = Start; + /* Find the end of the third entry (the filename) */ + while ((*EntryEnd != '\t' && *EntryEnd != ' ' && *EntryEnd != '\n') + && EntryEnd < End) + EntryEnd++; + + Name.append(Start, EntryEnd-Start); + Start = EntryEnd; //prepare for the next round + return true; +} + +indexRecords::indexRecords() +{ +} + +indexRecords::indexRecords(const string ExpectedDist) : + ExpectedDist(ExpectedDist) +{ +} diff --git a/apt-pkg/indexrecords.h b/apt-pkg/indexrecords.h new file mode 100644 index 000000000..277280620 --- /dev/null +++ b/apt-pkg/indexrecords.h @@ -0,0 +1,52 @@ +// -*- mode: cpp; mode: fold -*- +// Description /*{{{*/ +// $Id: indexrecords.h,v 1.1.2.1 2003/12/24 23:09:17 mdz Exp $ + /*}}}*/ +#ifndef PKGLIB_INDEXRECORDS_H +#define PKGLIB_INDEXRECORDS_H + +#ifdef __GNUG__ +#pragma interface "apt-pkg/indexrecords.h" +#endif +#include +#include + +#include + +class indexRecords +{ + bool parseSumData(const char *&Start, const char *End, string &Name, + string &Hash, size_t &Size); + public: + struct checkSum; + string ErrorText; + + protected: + string Dist; + string Suite; + string ExpectedDist; + std::map Entries; + + public: + + indexRecords(); + indexRecords(const string ExpectedDist); + + // Lookup function + virtual const checkSum *Lookup(const string MetaKey); + + virtual bool Load(string Filename); + string GetDist() const; + virtual bool CheckDist(const string MaybeDist) const; + string GetExpectedDist() const; + virtual ~indexRecords(){}; +}; + +struct indexRecords::checkSum +{ + string MetaKeyFilename; + string MD5Hash; + size_t Size; +}; + +#endif diff --git a/apt-pkg/init.h b/apt-pkg/init.h index ed8a607b9..74ac3a7ca 100644 --- a/apt-pkg/init.h +++ b/apt-pkg/init.h @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: init.h,v 1.9 2001/11/04 17:09:18 tausq Exp $ +// $Id: init.h,v 1.9.2.2 2004/01/02 18:51:00 mdz Exp $ /* ###################################################################### Init - Initialize the package library @@ -18,7 +18,7 @@ // See the makefile #define APT_PKG_MAJOR 3 -#define APT_PKG_MINOR 3 +#define APT_PKG_MINOR 5 #define APT_PKG_RELEASE 0 extern const char *pkgVersion; diff --git a/apt-pkg/makefile b/apt-pkg/makefile index 9b931d654..ec2013b04 100644 --- a/apt-pkg/makefile +++ b/apt-pkg/makefile @@ -13,7 +13,7 @@ include ../buildlib/defaults.mak # methods/makefile - FIXME LIBRARY=apt-pkg LIBEXT=$(GLIBC_VER)$(LIBSTDCPP_VER) -MAJOR=3.3 +MAJOR=3.6 MINOR=0 SLIBS=$(PTHREADLIB) $(INTLLIBS) APT_DOMAIN:=libapt-pkg$(MAJOR) @@ -33,21 +33,23 @@ SOURCE+= pkgcache.cc version.cc depcache.cc \ pkgrecords.cc algorithms.cc acquire.cc\ acquire-worker.cc acquire-method.cc init.cc clean.cc \ srcrecords.cc cachefile.cc versionmatch.cc policy.cc \ - pkgsystem.cc indexfile.cc pkgcachegen.cc acquire-item.cc + pkgsystem.cc indexfile.cc pkgcachegen.cc acquire-item.cc \ + indexrecords.cc vendor.cc vendorlist.cc HEADERS+= algorithms.h depcache.h pkgcachegen.h cacheiterators.h \ orderlist.h sourcelist.h packagemanager.h tagfile.h \ init.h pkgcache.h version.h progress.h pkgrecords.h \ acquire.h acquire-worker.h acquire-item.h acquire-method.h \ clean.h srcrecords.h cachefile.h versionmatch.h policy.h \ - pkgsystem.h indexfile.h + pkgsystem.h indexfile.h metaindex.h indexrecords.h vendor.h \ + vendorlist.h # Source code for the debian specific components # In theory the deb headers do not need to be exported.. SOURCE+= deb/deblistparser.cc deb/debrecords.cc deb/dpkgpm.cc \ deb/debsrcrecords.cc deb/debversion.cc deb/debsystem.cc \ - deb/debindexfile.cc deb/debindexfile.cc + deb/debindexfile.cc deb/debindexfile.cc deb/debmetaindex.cc HEADERS+= debversion.h debsrcrecords.h dpkgpm.h debrecords.h \ - deblistparser.h debsystem.h debindexfile.h + deblistparser.h debsystem.h debindexfile.h debmetaindex.h HEADERS := $(addprefix apt-pkg/,$(HEADERS)) diff --git a/apt-pkg/metaindex.h b/apt-pkg/metaindex.h new file mode 100644 index 000000000..8ebf23541 --- /dev/null +++ b/apt-pkg/metaindex.h @@ -0,0 +1,48 @@ +#ifndef PKGLIB_METAINDEX_H +#define PKGLIB_METAINDEX_H + +/* #ifdef __GNUG__ */ +/* #pragma interface "apt-pkg/metaindex.h" */ +/* #endif */ + +#include +#include +#include +#include +#include +#include + +using std::string; + +class pkgAcquire; +class pkgCacheGenerator; +class OpProgress; + +class metaIndex +{ + protected: + vector *Indexes; + const char *Type; + string URI; + string Dist; + bool Trusted; + + public: + + + // Various accessors + virtual string GetURI() const {return URI;} + virtual string GetDist() const {return Dist;} + virtual const char* GetType() const {return Type;} + + // Interface for acquire + virtual string ArchiveURI(string /*File*/) const = 0; + virtual bool GetIndexes(pkgAcquire *Owner, bool GetAll=false) const = 0; + + virtual vector *GetIndexFiles() = 0; + virtual bool IsTrusted() const = 0; + + virtual ~metaIndex() {}; +}; + +#endif diff --git a/apt-pkg/pkgcachegen.cc b/apt-pkg/pkgcachegen.cc index 099a9a5eb..3c02310a3 100644 --- a/apt-pkg/pkgcachegen.cc +++ b/apt-pkg/pkgcachegen.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: pkgcachegen.cc,v 1.53 2003/02/02 02:44:20 doogie Exp $ +// $Id: pkgcachegen.cc,v 1.53.2.1 2003/12/24 23:09:17 mdz Exp $ /* ###################################################################### Package Cache Generator - Generator for the cache structure. @@ -678,7 +678,18 @@ bool pkgMakeStatusCache(pkgSourceList &List,OpProgress &Progress, { unsigned long MapSize = _config->FindI("APT::Cache-Limit",12*1024*1024); - vector Files(List.begin(),List.end()); + vector Files; + for (vector::const_iterator i = List.begin(); + i != List.end(); + i++) + { + vector *Indexes = (*i)->GetIndexFiles(); + for (vector::const_iterator j = Indexes->begin(); + j != Indexes->end(); + j++) + Files.push_back (*j); + } + unsigned long EndOfSource = Files.size(); if (_system->AddStatusFiles(Files) == false) return false; diff --git a/apt-pkg/sourcelist.cc b/apt-pkg/sourcelist.cc index 734e5b075..e32d804ce 100644 --- a/apt-pkg/sourcelist.cc +++ b/apt-pkg/sourcelist.cc @@ -15,8 +15,8 @@ #include #include #include -#include #include +#include #include @@ -74,8 +74,7 @@ bool pkgSourceList::Type::FixupURI(string &URI) const // --------------------------------------------------------------------- /* This is a generic one that is the 'usual' format for sources.list Weird types may override this. */ -bool pkgSourceList::Type::ParseLine(vector &List, - Vendor const *Vendor, +bool pkgSourceList::Type::ParseLine(vector &List, const char *Buffer, unsigned long CurLine, string File) const @@ -98,7 +97,7 @@ bool pkgSourceList::Type::ParseLine(vector &List, if (ParseQuoteWord(Buffer,Section) == true) return _error->Error(_("Malformed line %lu in source list %s (Absolute dist)"),CurLine,File.c_str()); Dist = SubstVar(Dist,"$(ARCH)",_config->Find("APT::Architecture")); - return CreateItem(List,URI,Dist,Section,Vendor); + return CreateItem(List,URI,Dist,Section); } // Grab the rest of the dists @@ -107,7 +106,7 @@ bool pkgSourceList::Type::ParseLine(vector &List, do { - if (CreateItem(List,URI,Dist,Section,Vendor) == false) + if (CreateItem(List,URI,Dist,Section) == false) return false; } while (ParseQuoteWord(Buffer,Section) == true); @@ -135,93 +134,15 @@ pkgSourceList::~pkgSourceList() { for (const_iterator I = SrcList.begin(); I != SrcList.end(); I++) delete *I; - for (vector::const_iterator I = VendorList.begin(); - I != VendorList.end(); I++) - delete *I; } /*}}}*/ -// SourceList::ReadVendors - Read list of known package vendors /*{{{*/ -// --------------------------------------------------------------------- -/* This also scans a directory of vendor files similar to apt.conf.d - which can contain the usual suspects of distribution provided data. - The APT config mechanism allows the user to override these in their - configuration file. */ -bool pkgSourceList::ReadVendors() -{ - Configuration Cnf; - - string CnfFile = _config->FindDir("Dir::Etc::vendorparts"); - if (FileExists(CnfFile) == true) - if (ReadConfigDir(Cnf,CnfFile,true) == false) - return false; - CnfFile = _config->FindFile("Dir::Etc::vendorlist"); - if (FileExists(CnfFile) == true) - if (ReadConfigFile(Cnf,CnfFile,true) == false) - return false; - - for (vector::const_iterator I = VendorList.begin(); - I != VendorList.end(); I++) - delete *I; - VendorList.erase(VendorList.begin(),VendorList.end()); - - // Process 'simple-key' type sections - const Configuration::Item *Top = Cnf.Tree("simple-key"); - for (Top = (Top == 0?0:Top->Child); Top != 0; Top = Top->Next) - { - Configuration Block(Top); - Vendor *Vendor; - - Vendor = new pkgSourceList::Vendor; - - Vendor->VendorID = Top->Tag; - Vendor->FingerPrint = Block.Find("Fingerprint"); - Vendor->Description = Block.Find("Name"); - - if (Vendor->FingerPrint.empty() == true || - Vendor->Description.empty() == true) - { - _error->Error(_("Vendor block %s is invalid"), Vendor->VendorID.c_str()); - delete Vendor; - continue; - } - - VendorList.push_back(Vendor); - } - - /* XXX Process 'group-key' type sections - This is currently faked out so that the vendors file format is - parsed but nothing is done with it except check for validity */ - Top = Cnf.Tree("group-key"); - for (Top = (Top == 0?0:Top->Child); Top != 0; Top = Top->Next) - { - Configuration Block(Top); - Vendor *Vendor; - - Vendor = new pkgSourceList::Vendor; - - Vendor->VendorID = Top->Tag; - Vendor->Description = Block.Find("Name"); - - if (Vendor->Description.empty() == true) - { - _error->Error(_("Vendor block %s is invalid"), - Vendor->VendorID.c_str()); - delete Vendor; - continue; - } - - VendorList.push_back(Vendor); - } - - return !_error->PendingError(); -} /*}}}*/ // SourceList::ReadMainList - Read the main source list from etc /*{{{*/ // --------------------------------------------------------------------- /* */ bool pkgSourceList::ReadMainList() { - return ReadVendors() && Read(_config->FindFile("Dir::Etc::sourcelist")); + return Read(_config->FindFile("Dir::Etc::sourcelist")); } /*}}}*/ // SourceList::Read - Parse the sourcelist file /*{{{*/ @@ -269,8 +190,7 @@ bool pkgSourceList::Read(string File) if (Parse == 0) return _error->Error(_("Type '%s' is not known on line %u in source list %s"),LineType.c_str(),CurLine,File.c_str()); - // Authenticated repository - Vendor const *Vndr = 0; + // Vendor name specified if (C[0] == '[') { string VendorID; @@ -282,22 +202,24 @@ bool pkgSourceList::Read(string File) return _error->Error(_("Malformed line %u in source list %s (vendor id)"),CurLine,File.c_str()); VendorID = string(VendorID,1,VendorID.size()-2); - for (vector::const_iterator iter = VendorList.begin(); - iter != VendorList.end(); iter++) - { - if ((*iter)->VendorID == VendorID) - { - Vndr = *iter; - break; - } - } +// for (vector::const_iterator iter = VendorList.begin(); +// iter != VendorList.end(); iter++) +// { +// if ((*iter)->GetVendorID() == VendorID) +// { +// if (_config->FindB("Debug::sourceList", false)) +// std::cerr << "Comparing VendorID \"" << VendorID << "\" with \"" << (*iter)->GetVendorID() << '"' << std::endl; +// Verifier = *iter; +// break; +// } +// } - if (Vndr == 0) - return _error->Error(_("Unknown vendor ID '%s' in line %u of source list %s"), - VendorID.c_str(),CurLine,File.c_str()); +// if (Verifier == 0) +// return _error->Error(_("Unknown vendor ID '%s' in line %u of source list %s"), +// VendorID.c_str(),CurLine,File.c_str()); } - - if (Parse->ParseLine(SrcList,Vndr,C,CurLine,File) == false) + + if (Parse->ParseLine(SrcList,C,CurLine,File) == false) return false; } return true; @@ -311,23 +233,28 @@ bool pkgSourceList::FindIndex(pkgCache::PkgFileIterator File, { for (const_iterator I = SrcList.begin(); I != SrcList.end(); I++) { - if ((*I)->FindInCache(*File.Cache()) == File) + vector *Indexes = (*I)->GetIndexFiles(); + for (vector::const_iterator J = Indexes->begin(); + J != Indexes->end(); J++) { - Found = *I; - return true; + if ((*J)->FindInCache(*File.Cache()) == File) + { + Found = (*J); + return true; + } } } - + return false; } /*}}}*/ // SourceList::GetIndexes - Load the index files into the downloader /*{{{*/ // --------------------------------------------------------------------- /* */ -bool pkgSourceList::GetIndexes(pkgAcquire *Owner) const +bool pkgSourceList::GetIndexes(pkgAcquire *Owner, bool GetAll) const { for (const_iterator I = SrcList.begin(); I != SrcList.end(); I++) - if ((*I)->GetIndexes(Owner) == false) + if ((*I)->GetIndexes(Owner,GetAll) == false) return false; return true; } diff --git a/apt-pkg/sourcelist.h b/apt-pkg/sourcelist.h index 307b12133..5d8427017 100644 --- a/apt-pkg/sourcelist.h +++ b/apt-pkg/sourcelist.h @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: sourcelist.h,v 1.12 2002/07/01 21:41:11 jgg Exp $ +// $Id: sourcelist.h,v 1.12.2.1 2003/12/24 23:09:17 mdz Exp $ /* ###################################################################### SourceList - Manage a list of sources @@ -20,7 +20,7 @@ The vendor machanism is similar, except the vendor types are hard wired. Before loading the source list the vendor list is loaded. - This doesn't load key data, just the checks to preform. + This doesn't load key data, just the checks to perform. ##################################################################### */ /*}}}*/ @@ -30,7 +30,7 @@ #include #include #include -#include +#include using std::string; using std::vector; @@ -44,18 +44,6 @@ class pkgSourceList { public: - // An available vendor - struct Vendor - { - string VendorID; - string FingerPrint; - string Description; - - /* Lets revisit these.. - bool MatchFingerPrint(string FingerPrint); - string FingerPrintDescr();*/ - }; - // List of supported source list types class Type { @@ -70,30 +58,25 @@ class pkgSourceList const char *Label; bool FixupURI(string &URI) const; - virtual bool ParseLine(vector &List, - Vendor const *Vendor, + virtual bool ParseLine(vector &List, const char *Buffer, unsigned long CurLine,string File) const; - virtual bool CreateItem(vector &List,string URI, - string Dist,string Section, - Vendor const *Vendor) const = 0; - + virtual bool CreateItem(vector &List,string URI, + string Dist,string Section) const = 0; Type(); virtual ~Type() {}; }; - typedef vector::const_iterator const_iterator; + typedef vector::const_iterator const_iterator; protected: - vector SrcList; - vector VendorList; + vector SrcList; public: bool ReadMainList(); bool Read(string File); - bool ReadVendors(); // List accessors inline const_iterator begin() const {return SrcList.begin();}; @@ -103,7 +86,7 @@ class pkgSourceList bool FindIndex(pkgCache::PkgFileIterator File, pkgIndexFile *&Found) const; - bool GetIndexes(pkgAcquire *Owner) const; + bool GetIndexes(pkgAcquire *Owner, bool GetAll=false) const; pkgSourceList(); pkgSourceList(string File); diff --git a/apt-pkg/srcrecords.cc b/apt-pkg/srcrecords.cc index d4719f7c4..6cac477ef 100644 --- a/apt-pkg/srcrecords.cc +++ b/apt-pkg/srcrecords.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: srcrecords.cc,v 1.7 2002/11/09 20:38:02 doogie Exp $ +// $Id: srcrecords.cc,v 1.7.2.2 2003/12/26 16:27:34 mdz Exp $ /* ###################################################################### Source Package Records - Allows access to source package records @@ -28,23 +28,22 @@ /* Open all the source index files */ pkgSrcRecords::pkgSrcRecords(pkgSourceList &List) : Files(0), Current(0) { - Files = new Parser *[List.end() - List.begin() + 1]; - memset(Files,0,sizeof(*Files)*(List.end() - List.begin() + 1)); - - unsigned int Count = 0; - pkgSourceList::const_iterator I = List.begin(); - for (; I != List.end(); I++) + for (pkgSourceList::const_iterator I = List.begin(); I != List.end(); I++) { - Files[Count] = (*I)->CreateSrcParser(); - if (_error->PendingError() == true) - return; - if (Files[Count] != 0) - Count++; + vector *Indexes = (*I)->GetIndexFiles(); + for (vector::const_iterator J = Indexes->begin(); + J != Indexes->end(); J++) + { + Parser* P = (*J)->CreateSrcParser(); + if (_error->PendingError() == true) + return; + if (P != 0) + Files.push_back(P); + } } - Files[Count] = 0; // Doesn't work without any source index files - if (Count == 0) + if (Files.size() == 0) { _error->Error(_("You must put some 'source' URIs" " in your sources.list")); @@ -59,13 +58,9 @@ pkgSrcRecords::pkgSrcRecords(pkgSourceList &List) : Files(0), Current(0) /* */ pkgSrcRecords::~pkgSrcRecords() { - if (Files == 0) - return; - // Blow away all the parser objects - for (unsigned int Count = 0; Files[Count] != 0; Count++) - delete Files[Count]; - delete [] Files; + for(vector::iterator I = Files.begin(); I != Files.end(); ++I) + delete *I; } /*}}}*/ // SrcRecords::Restart - Restart the search /*{{{*/ @@ -73,8 +68,9 @@ pkgSrcRecords::~pkgSrcRecords() /* Return all of the parsers to their starting position */ bool pkgSrcRecords::Restart() { - Current = Files; - for (Parser **I = Files; *I != 0; I++) + Current = Files.begin(); + for (vector::iterator I = Files.begin(); + I != Files.end(); I++) (*I)->Restart(); return true; @@ -87,7 +83,7 @@ bool pkgSrcRecords::Restart() function to be called multiple times to get successive entries */ pkgSrcRecords::Parser *pkgSrcRecords::Find(const char *Package,bool SrcOnly) { - if (*Current == 0) + if (Current == Files.end()) return 0; while (true) @@ -98,7 +94,7 @@ pkgSrcRecords::Parser *pkgSrcRecords::Find(const char *Package,bool SrcOnly) if (_error->PendingError() == true) return 0; Current++; - if (*Current == 0) + if (Current == Files.end()) return 0; } diff --git a/apt-pkg/srcrecords.h b/apt-pkg/srcrecords.h index 4eebf48f1..3e2112549 100644 --- a/apt-pkg/srcrecords.h +++ b/apt-pkg/srcrecords.h @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: srcrecords.h,v 1.8 2001/11/04 17:09:18 tausq Exp $ +// $Id: srcrecords.h,v 1.8.2.1 2003/12/26 16:27:34 mdz Exp $ /* ###################################################################### Source Package Records - Allows access to source package records @@ -84,8 +84,8 @@ class pkgSrcRecords private: // The list of files and the current parser pointer - Parser **Files; - Parser **Current; + vector Files; + vector::iterator Current; public: diff --git a/apt-pkg/tagfile.cc b/apt-pkg/tagfile.cc index 5443b178e..cae0fa819 100644 --- a/apt-pkg/tagfile.cc +++ b/apt-pkg/tagfile.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: tagfile.cc,v 1.37 2003/05/19 17:13:57 doogie Exp $ +// $Id: tagfile.cc,v 1.37.2.2 2003/12/31 16:02:30 mdz Exp $ /* ###################################################################### Fast scanner for RFC-822 type header information @@ -31,7 +31,9 @@ using std::string; // TagFile::pkgTagFile - Constructor /*{{{*/ // --------------------------------------------------------------------- /* */ -pkgTagFile::pkgTagFile(FileFd *pFd,unsigned long Size) : Fd(*pFd), Size(Size) +pkgTagFile::pkgTagFile(FileFd *pFd,unsigned long Size) : + Fd(*pFd), + Size(Size) { if (Fd.IsOpen() == false) { diff --git a/apt-pkg/vendor.cc b/apt-pkg/vendor.cc new file mode 100644 index 000000000..d0392ebdb --- /dev/null +++ b/apt-pkg/vendor.cc @@ -0,0 +1,39 @@ +#ifdef __GNUG__ +#pragma implementation "apt-pkg/vendor.h" +#endif + +#include +#include +#include +#include + +Vendor::Vendor(std::string VendorID, + std::string Origin, + std::vector *FingerprintList) +{ + this->VendorID = VendorID; + this->Origin = Origin; + for (std::vector::iterator I = FingerprintList->begin(); + I != FingerprintList->end(); I++) + { + if (_config->FindB("Debug::Vendor", false)) + std::cerr << "Vendor \"" << VendorID << "\": Mapping \"" + << (*I)->Print << "\" to \"" << (*I)->Description << '"' << std::endl; + Fingerprints[(*I)->Print] = (*I)->Description; + } + delete FingerprintList; +} + +const string Vendor::LookupFingerprint(string Print) const +{ + std::map::const_iterator Elt = Fingerprints.find(Print); + if (Elt == Fingerprints.end()) + return ""; + else + return (*Elt).second; +} + +bool Vendor::CheckDist(string Dist) +{ + return true; +} diff --git a/apt-pkg/vendor.h b/apt-pkg/vendor.h new file mode 100644 index 000000000..033bb96e8 --- /dev/null +++ b/apt-pkg/vendor.h @@ -0,0 +1,37 @@ +#ifndef PKGLIB_VENDOR_H +#define PKGLIB_VENDOR_H +#include +#include +#include + +#ifdef __GNUG__ +#pragma interface "apt-pkg/vendor.h" +#endif + +using std::string; + +// A class representing a particular software provider. +class Vendor +{ + public: + struct Fingerprint + { + string Print; + string Description; + }; + + protected: + string VendorID; + string Origin; + std::map Fingerprints; + + public: + Vendor(string VendorID, string Origin, + std::vector *FingerprintList); + virtual const string& GetVendorID() const { return VendorID; }; + virtual const string LookupFingerprint(string Print) const; + virtual bool CheckDist(string Dist); + virtual ~Vendor(){}; +}; + +#endif diff --git a/apt-pkg/vendorlist.cc b/apt-pkg/vendorlist.cc new file mode 100644 index 000000000..72694dd75 --- /dev/null +++ b/apt-pkg/vendorlist.cc @@ -0,0 +1,144 @@ +#include +#include +#include +#include + +pkgVendorList::~pkgVendorList() +{ + for (vector::const_iterator I = VendorList.begin(); + I != VendorList.end(); I++) + delete *I; +} + +// pkgVendorList::ReadMainList - Read list of known package vendors /*{{{*/ +// --------------------------------------------------------------------- +/* This also scans a directory of vendor files similar to apt.conf.d + which can contain the usual suspects of distribution provided data. + The APT config mechanism allows the user to override these in their + configuration file. */ +bool pkgVendorList::ReadMainList() +{ + Configuration Cnf; + + string CnfFile = _config->FindDir("Dir::Etc::vendorparts"); + if (FileExists(CnfFile) == true) + if (ReadConfigDir(Cnf,CnfFile,true) == false) + return false; + CnfFile = _config->FindFile("Dir::Etc::vendorlist"); + if (FileExists(CnfFile) == true) + if (ReadConfigFile(Cnf,CnfFile,true) == false) + return false; + + return CreateList(Cnf); +} + +bool pkgVendorList::Read(string File) +{ + Configuration Cnf; + if (ReadConfigFile(Cnf,File,true) == false) + return false; + + return CreateList(Cnf); +} + +bool pkgVendorList::CreateList(Configuration& Cnf) +{ + for (vector::const_iterator I = VendorList.begin(); + I != VendorList.end(); I++) + delete *I; + VendorList.erase(VendorList.begin(),VendorList.end()); + + const Configuration::Item *Top = Cnf.Tree("Vendor"); + for (Top = (Top == 0?0:Top->Child); Top != 0; Top = Top->Next) + { + Configuration Block(Top); + string VendorID = Top->Tag; + vector *Fingerprints = new vector; + struct Vendor::Fingerprint *Fingerprint = new struct Vendor::Fingerprint; + string Origin = Block.Find("Origin"); + + Fingerprint->Print = Block.Find("Fingerprint"); + Fingerprint->Description = Block.Find("Name"); + Fingerprints->push_back(Fingerprint); + + if (Fingerprint->Print.empty() || Fingerprint->Description.empty()) + { + _error->Error(_("Vendor block %s contains no fingerprint"), VendorID.c_str()); + delete Fingerprints; + continue; + } + if (_config->FindB("Debug::sourceList", false)) + std::cerr << "Adding vendor with ID: " << VendorID + << " Fingerprint: " << Fingerprint->Print << std::endl; + + VendorList.push_back(new Vendor(VendorID, Origin, Fingerprints)); + } + + /* Process 'group-key' type sections */ + Top = Cnf.Tree("group-key"); + for (Top = (Top == 0?0:Top->Child); Top != 0; Top = Top->Next) + { +// Configuration Block(Top); +// vector Fingerprints; +// string VendorID = Top->Tag; + +// while (Block->Next) +// { +// struct Vendor::Fingerprint Fingerprint = new struct Vendor::Fingerprint; +// Fingerprint->Print = Block.Find("Fingerprint"); +// Fingerprint->Description = Block.Find("Name"); +// if (Fingerprint->print.empty() || Fingerprint->Description.empty()) +// { +// _error->Error(_("Vendor block %s is invalid"), +// Vendor->VendorID.c_str()); +// delete Fingerprint; +// break; +// } +// Block = Block->Next->Next; +// } +// if (_error->PendingError()) +// { +// for (vector ::iterator I = Fingerprints.begin(); +// I != Fingerprints.end(); I++) +// delete *I; +// delete Fingerprints; +// continue; +// } + +// VendorList.push_back(new Vendor(VendorID, Fingerprints)); + } + + return !_error->PendingError(); +} + +const Vendor* pkgVendorList::LookupFingerprint(string Fingerprint) +{ + for (const_iterator I = begin(); I != end(); ++I) + { + if ((*I)->LookupFingerprint(Fingerprint) != "") + return *I; + } + + return NULL; +} + +const Vendor* pkgVendorList::FindVendor(const std::vector GPGVOutput) +{ + for (std::vector::const_iterator I = GPGVOutput.begin(); I != GPGVOutput.end(); I++) + { + string::size_type pos = (*I).find("VALIDSIG "); + if (_config->FindB("Debug::Vendor", false)) + std::cerr << "Looking for VALIDSIG in \"" << (*I) << "\": pos " << pos << std::endl; + if (pos != std::string::npos) + { + string Fingerprint = (*I).substr(pos+sizeof("VALIDSIG")); + if (_config->FindB("Debug::Vendor", false)) + std::cerr << "Looking for \"" << Fingerprint << "\" in vendor..." << std::endl; + const Vendor* vendor = this->LookupFingerprint(Fingerprint); + if (vendor != NULL) + return vendor; + } + } + + return NULL; +} diff --git a/apt-pkg/vendorlist.h b/apt-pkg/vendorlist.h new file mode 100644 index 000000000..7f96fc766 --- /dev/null +++ b/apt-pkg/vendorlist.h @@ -0,0 +1,52 @@ +// -*- mode: cpp; mode: fold -*- +// Description /*{{{*/ +// $Id: vendorlist.h,v 1.1.2.1 2003/12/24 23:09:17 mdz Exp $ +/* ###################################################################### + + VendorList - Manage a list of vendors + + The Vendor List class provides access to a list of vendors and + attributes associated with them, read from a configuration file. + + ##################################################################### */ + /*}}}*/ +#ifndef PKGLIB_VENDORLIST_H +#define PKGLIB_VENDORLIST_H + +#include +#include +#include +#include + +using std::string; +using std::vector; + +#ifdef __GNUG__ +#pragma interface "apt-pkg/vendorlist.h" +#endif + +class pkgVendorList +{ + protected: + vector VendorList; + + bool CreateList(Configuration& Cnf); + const Vendor* LookupFingerprint(string Fingerprint); + + public: + typedef vector::const_iterator const_iterator; + bool ReadMainList(); + bool Read(string File); + + // List accessors + inline const_iterator begin() const {return VendorList.begin();}; + inline const_iterator end() const {return VendorList.end();}; + inline unsigned int size() const {return VendorList.size();}; + inline bool empty() const {return VendorList.empty();}; + + const Vendor* FindVendor(const vector GPGVOutput); + + ~pkgVendorList(); +}; + +#endif -- cgit v1.2.3