summaryrefslogtreecommitdiff
path: root/methods/sqv.cc
diff options
context:
space:
mode:
authorJulian Andres Klode <julian.klode@canonical.com>2025-01-20 12:31:55 +0100
committerJulian Andres Klode <jak@debian.org>2025-01-21 11:16:34 +0000
commite14417db27771ad85f45880974c8f59f05d138f1 (patch)
tree89dc3ca0cf51829dbf30f96ee5bff60c29759cf0 /methods/sqv.cc
parentc4e57e200ae40db5e9ada6ec0933b53d249e4a97 (diff)
Remove superseded warning about trusted.gpg fallback
This warning has been superseded by the missing sources.list notice (which will also become a warning shortly) Adjust the sqv exit to avoid introducing a new spurious "No good signature" that we did not reach before. moo
Diffstat (limited to 'methods/sqv.cc')
-rw-r--r--methods/sqv.cc23
1 files changed, 3 insertions, 20 deletions
diff --git a/methods/sqv.cc b/methods/sqv.cc
index ce7e36657..9dbe75994 100644
--- a/methods/sqv.cc
+++ b/methods/sqv.cc
@@ -133,6 +133,8 @@ bool SQVMethod::VerifyGetSigners(const char *file, const char *outfile,
if (keyFiles.empty())
{
auto Parts = GetListOfFilesInDir(_config->FindDir("Dir::Etc::TrustedParts"), std::vector<std::string>{"gpg", "asc"}, true);
+ if (auto trusted = _config->FindFile("Dir::Etc::Trusted"); not trusted.empty())
+ Parts.push_back(trusted);
for (auto &Part : Parts)
{
if (Debug)
@@ -298,27 +300,8 @@ bool SQVMethod::URIAcquire(std::string const &Message, FetchItem *Itm)
// Run sqv on file, extract contents and get the key ID of the signer
VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(), keyFiles, Signers);
- if (_error->PendingError())
- {
- // Legacy fallback to trusted.gpg
- auto trusted = _config->FindFile("Dir::Etc::Trusted");
- _error->PushToStack();
- VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(), {trusted}, Signers);
- bool error = _error->PendingError();
- _error->RevertToStack();
- if (error)
- return false;
-
- _error->Discard();
- std::string warning;
- strprintf(warning,
- _("Key is stored in legacy trusted.gpg keyring (%s). Use Signed-By instead. See the USER CONFIGURATION section in apt-secure(8) for details."),
- trusted.c_str());
- Warning(std::move(warning));
- }
-
if (Signers.empty())
- return _error->Error("No good signature");
+ return _error->PendingError() ? false : _error->Error("No good signature");
if (not keyFpts.empty())
{