Parcourir la source

"support" unsigned Release files without hashes again

This 'ignores' the component Release files you can find in Debian
alongside the binary-* directories, which isn't exactly a common
usecase, but it worked before, so lets support it again as this isn't
worse than a valid Release file which is unsigned.

Git-Dch: Ignore
David Kalnischkies il y a 10 ans
Parent
commit
f01f5d911d
2 fichiers modifiés avec 11 ajouts et 5 suppressions
  1. 4 3
      apt-pkg/acquire-item.cc
  2. 7 2
      test/integration/test-apt-get-update-unauth-warning

+ 4 - 3
apt-pkg/acquire-item.cc

@@ -213,7 +213,7 @@ APT_CONST bool pkgAcqTransactionItem::HashesRequired() const
       Only repositories without a Release file can (obviously) not have
       Only repositories without a Release file can (obviously) not have
       hashes – and they are very uncommon and strongly discouraged */
       hashes – and they are very uncommon and strongly discouraged */
    return TransactionManager->MetaIndexParser != NULL &&
    return TransactionManager->MetaIndexParser != NULL &&
-      TransactionManager->MetaIndexParser->GetLoadedSuccessfully() != metaIndex::TRI_UNSET;
+      TransactionManager->MetaIndexParser->GetLoadedSuccessfully() == metaIndex::TRI_YES;
 }
 }
 HashStringList pkgAcqTransactionItem::GetExpectedHashes() const
 HashStringList pkgAcqTransactionItem::GetExpectedHashes() const
 {
 {
@@ -1669,10 +1669,11 @@ void pkgAcqMetaSig::Failed(string const &Message,pkgAcquire::MethodConfig const
 
 
       // we parse the indexes here because at this point the user wanted
       // we parse the indexes here because at this point the user wanted
       // a repository that may potentially harm him
       // a repository that may potentially harm him
-      if (TransactionManager->MetaIndexParser->Load(MetaIndex->DestFile, &ErrorText) == false || MetaIndex->VerifyVendor(Message) == false)
+      bool const GoodLoad = TransactionManager->MetaIndexParser->Load(MetaIndex->DestFile, &ErrorText);
+      if (MetaIndex->VerifyVendor(Message) == false)
 	 /* expired Release files are still a problem you need extra force for */;
 	 /* expired Release files are still a problem you need extra force for */;
       else
       else
-	 MetaIndex->QueueIndexes(true);
+	 MetaIndex->QueueIndexes(GoodLoad);
 
 
       TransactionManager->TransactionStageCopy(MetaIndex, MetaIndex->DestFile, MetaIndex->GetFinalFilename());
       TransactionManager->TransactionStageCopy(MetaIndex, MetaIndex->DestFile, MetaIndex->GetFinalFilename());
    }
    }

+ 7 - 2
test/integration/test-apt-get-update-unauth-warning

@@ -11,16 +11,21 @@ setupenvironment
 configarchitecture "i386"
 configarchitecture "i386"
 configcompression '.' 'gz'
 configcompression '.' 'gz'
 
 
+echo 'Acquire::Progress::Ignore::ShowErrorText "false";' > rootdir/etc/apt/apt.conf.d/99show-no-ignore-errors.conf
+
 # a "normal" package with source and binary
 # a "normal" package with source and binary
 buildsimplenativepackage 'foo' 'all' '2.0'
 buildsimplenativepackage 'foo' 'all' '2.0'
 
 
 setupaptarchive --no-update
 setupaptarchive --no-update
 
 
 APTARCHIVE="$(readlink -f ./aptarchive)"
 APTARCHIVE="$(readlink -f ./aptarchive)"
-find "$APTARCHIVE/dists/unstable" -name '*Release*' -delete
+find "$APTARCHIVE/dists/unstable" \( -name 'InRelease' -o -name 'Release.gpg' \) -delete
+sed -i -n '/^SHA1:$/q;p' "${APTARCHIVE}/dists/unstable/Release"
+testwarning aptget update
 
 
-echo 'Acquire::Progress::Ignore::ShowErrorText "false";' > rootdir/etc/apt/apt.conf.d/99show-no-ignore-errors.conf
 
 
+rm -rf rootdir/var/lib/apt/lists
+find "$APTARCHIVE/dists/unstable" -name '*Release*' -delete
 # update without authenticated files leads to warning
 # update without authenticated files leads to warning
 testfailureequal "Get:1 file:$APTARCHIVE unstable InRelease
 testfailureequal "Get:1 file:$APTARCHIVE unstable InRelease
 Ign:1 file:$APTARCHIVE unstable InRelease
 Ign:1 file:$APTARCHIVE unstable InRelease