diff options
| -rw-r--r-- | apt-pkg/acquire-item.cc | 7 | ||||
| -rw-r--r-- | doc/examples/configure-index | 1 | ||||
| -rw-r--r-- | test/integration/framework | 4 | ||||
| -rwxr-xr-x | test/integration/test-ubuntu-bug-1921626-unsized-packages | 5 |
4 files changed, 17 insertions, 0 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index ab4306aac..2bab7d5c0 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -3469,6 +3469,13 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *const Owner, pkgSourceList *const Sourc Version.VerStr(), Version.ParentPkg().FullName(false).c_str()); return; } + if (FileSize == 0 && not _config->FindB("Acquire::AllowUnsizedPackages", false)) + { + _error->Error("Repository is broken: %s (= %s) has no Size information", + Version.ParentPkg().FullName(false).c_str(), + Version.VerStr()); + return; + } // Check if we already downloaded the file struct stat Buf; diff --git a/doc/examples/configure-index b/doc/examples/configure-index index ecd54b6ba..593cde9a3 100644 --- a/doc/examples/configure-index +++ b/doc/examples/configure-index @@ -257,6 +257,7 @@ Acquire AllowInsecureRepositories "<BOOL>"; AllowWeakRepositories "<BOOL>"; AllowDowngradeToInsecureRepositories "<BOOL>"; + AllowUnsizedPackages "<BOOL>"; // defaults to true. // allow repositories to change information potentially breaking user config like pinning AllowReleaseInfoChange "<BOOL>" { diff --git a/test/integration/framework b/test/integration/framework index cfde80329..412a96577 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -486,6 +486,10 @@ EOF echo 'APT::Machine-ID "912e43bd1c1d4ba481f9f8ccab25f9ee";' > rootdir/etc/apt/apt.conf.d/machine-id + # XXX: We really ought to make the packages in the test suite all have Size fields. + # But this needs a lot more changes, so let's keep it simple for stable updates. + echo 'Acquire::AllowUnsizedPackages "true";' >> rootdir/etc/apt/apt.conf.d/temporary-allow-unsized-packages + configcompression '.' 'gz' #'bz2' 'lzma' 'xz' confighashes 'SHA256' # these are tests, not security best-practices diff --git a/test/integration/test-ubuntu-bug-1921626-unsized-packages b/test/integration/test-ubuntu-bug-1921626-unsized-packages index 5442124aa..361cccd2e 100755 --- a/test/integration/test-ubuntu-bug-1921626-unsized-packages +++ b/test/integration/test-ubuntu-bug-1921626-unsized-packages @@ -20,6 +20,8 @@ changetowebserver # Disable sandbox echo 'APT::Sandbox::User "root";' > rootdir/etc/apt/apt.conf.d/no-acquire-sandbox +# XXX: Remove temporary hack +rm rootdir/etc/apt/apt.conf.d/temporary-allow-unsized-packages testsuccess apt update @@ -36,3 +38,6 @@ size_c=$(wc -c aptarchive/pool/c_1.0_all.deb | awk '{print $1}') testsuccessequal "Get:1 http://localhost:${APTHTTPPORT} stable/main all a all 1.0 [$size_a B] Get:2 http://localhost:${APTHTTPPORT} stable/main all b all 1.0 [$size_b B] Get:3 http://localhost:${APTHTTPPORT} stable/main all c all 1.0 [$size_c B]" apt download a b c -o Acquire::AllowUnsizedPackages=true + +rm *.deb +testfailureequal "E: Repository is broken: b:i386 (= 1.0) has no Size information" apt download a b c |