Browse Source

remove debianism file-content verification

The code requires every index file we download to have a Package field,
but that doesn't hold true for all index we might want to download in
the future. Some might not even be deb822 formatted files…

The check was needed as apt used to accept unverifiable files like
Translation-*, but nowadays it requires hashes for these as well. Even
for unsigned repositories we interpret the Release file as binding now,
which means this check isn't triggerable expect for repositories which
do not have a Release file at all – something which is highly discouraged!

Git-Dch: Ignore
debian/1.8.y
David Kalnischkies 7 years ago
parent
commit
4cd86fc619
  1. 39
      apt-pkg/acquire-item.cc
  2. 3
      apt-pkg/acquire-item.h

39
apt-pkg/acquire-item.cc

@ -2430,33 +2430,6 @@ void pkgAcqIndex::ReverifyAfterIMS()
QueueURI(Desc);
}
/*}}}*/
// AcqIndex::ValidateFile - Validate the content of the downloaded file /*{{{*/
bool pkgAcqIndex::ValidateFile(const std::string &FileName)
{
// FIXME: this can go away once we only ever download stuff that
// has a valid hash and we never do GET based probing
// FIXME2: this also leaks debian-isms into the code and should go therefore
/* Always validate the index file for correctness (all indexes must
* have a Package field) (LP: #346386) (Closes: #627642)
*/
FileFd fd(FileName, FileFd::ReadOnly, FileFd::Extension);
// Only test for correctness if the content of the file is not empty
// (empty is ok)
if (fd.Size() > 0)
{
pkgTagSection sec;
pkgTagFile tag(&fd);
// all our current indexes have a field 'Package' in each section
if (_error->PendingError() == true ||
tag.Step(sec) == false ||
sec.Exists("Package") == false)
return false;
}
return true;
}
/*}}}*/
// AcqIndex::Done - Finished a fetch /*{{{*/
// ---------------------------------------------------------------------
/* This goes through a number of states.. On the initial fetch the
@ -2557,20 +2530,12 @@ void pkgAcqIndex::StageDownloadDone(string const &Message, HashStringList const
}
/*}}}*/
// AcqIndex::StageDecompressDone - Final verification /*{{{*/
void pkgAcqIndex::StageDecompressDone(string const &Message,
void pkgAcqIndex::StageDecompressDone(string const &,
HashStringList const &,
pkgAcquire::MethodConfig const * const Cfg)
pkgAcquire::MethodConfig const * const)
{
if(!ValidateFile(DestFile))
{
RenameOnError(InvalidFormat);
Failed(Message, Cfg);
return;
}
// Done, queue for rename on transaction finished
TransactionManager->TransactionStageCopy(this, DestFile, GetFinalFilename());
return;
}
/*}}}*/

3
apt-pkg/acquire-item.h

@ -965,9 +965,6 @@ class APT_HIDDEN pkgAcqIndex : public pkgAcqBaseIndex
/** \brief Schedule file for verification after a IMS hit */
void ReverifyAfterIMS();
/** \brief Validate the downloaded index file */
bool ValidateFile(std::string const &FileName);
/** \brief Get the full pathname of the final file for the current URI */
virtual std::string GetFinalFilename() const;

Loading…
Cancel
Save