From 7db98ffceda347f0bc457c6bdc4ff33d60e26b18 Mon Sep 17 00:00:00 2001 From: Matt Zimmerman Date: Mon, 13 Dec 2004 09:13:21 +0000 Subject: Merge apt--authentication--0 Patches applied: * apt@arch.ubuntu.com/apt--experimental--0.6--base-0 tag of apt@arch.ubuntu.com/apt--MAIN--0--patch-1190 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-1 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-2 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-3 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-4 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-5 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-6 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-7 Merge working copy of v0.6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-8 0.6.0 is headed for experimental, not unstable * apt@arch.ubuntu.com/apt--experimental--0.6--patch-9 Date * apt@arch.ubuntu.com/apt--experimental--0.6--patch-10 Update LIB_APT_PKG_MAJOR * apt@arch.ubuntu.com/apt--experimental--0.6--patch-11 - Fix a heap corruption bug in pkgSrcRecords::pkgSrcRec... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-12 Resynch * apt@arch.ubuntu.com/apt--experimental--0.6--patch-13 * Merge apt 0.5.17 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-14 * Rearrange Release file authentication code to be more... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-15 * Convert distribution "../project/experimental" to "ex... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-16 Merge 1.11 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-17 Merge 1.7 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-18 Merge 1.10 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-19 * Make a number of Release file errors into warnings; f... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-20 * Add space between package names when multiple unauthe... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-21 * Provide apt-key with a secret keyring and a trustdb, ... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-22 * Fix typo in apt-key(8) (standard input is '-', not '/') * apt@arch.ubuntu.com/apt--experimental--0.6--patch-23 0.6.2 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-24 Resynch * apt@arch.ubuntu.com/apt--experimental--0.6--patch-25 * Fix MetaIndexURI for flat ("foo/") sources * apt@arch.ubuntu.com/apt--experimental--0.6--patch-26 0.6.3 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-27 * Use the top-level Release file in LoadReleaseInfo, ra... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-28 0.6.4 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-29 Clarify * apt@arch.ubuntu.com/apt--experimental--0.6--patch-30 * Move the authentication check into a separate functio... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-31 * Fix display of unauthenticated packages when they are... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-32 * Move the authentication check into a separate functio... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-33 * Restore the ugly hack I removed from indexRecords::Lo... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-34 0.6.6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-35 * Forgot to revert part of the changes to tagfile in 0.... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-36 * Add a config option and corresponding command line option * apt@arch.ubuntu.com/apt--experimental--0.6--patch-37 0.6.8 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-38 hopefully avoid more segfaults * apt@arch.ubuntu.com/apt--experimental--0.6--patch-39 XXX * apt@arch.ubuntu.com/apt--experimental--0.6--patch-40 * Another tagfile workaround * apt@arch.ubuntu.com/apt--experimental--0.6--patch-41 * Use "Codename" (woody, sarge, etc.) to supply the val... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-42 * Support IMS requests of Release.gpg and Release * apt@arch.ubuntu.com/apt--experimental--0.6--patch-43 * Have pkgAcquireIndex calculate an MD5 sum if one is n... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-44 * Merge 0.5.18 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-45 apt (0.6.13) experimental; urgency=low * apt@arch.ubuntu.com/apt--experimental--0.6--patch-46 0.6.13 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-47 Merge 0.5.20 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-48 The source list works a bit differently in 0.6; fix the... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-49 * s/Debug::Acquire::gpg/&v/ * apt@arch.ubuntu.com/apt--experimental--0.6--patch-50 * Honor the [vendor] syntax in sources.list again (thou... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-51 * Don't ship vendors.list(5) since it isn't used yet * apt@arch.ubuntu.com/apt--experimental--0.6--patch-52 * Revert change from 0.6.10; it was right in the first ... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-53 * Fix some cases where the .gpg file could be left in p... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-54 Print a warning if gnupg is not installed * apt@arch.ubuntu.com/apt--experimental--0.6--patch-55 * Handle more IMS stuff correctly * apt@arch.ubuntu.com/apt--experimental--0.6--patch-56 0.6.17 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-57 * Merge 0.5.21 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-58 * Add new Debian Archive Automatic Signing Key to the d... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-59 0.6.18 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-60 * Merge 0.5.22 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-61 * Convert apt-key(8) to docbook XML * apt@arch.ubuntu.com/apt--experimental--0.6--patch-62 Merge 0.5.23 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-63 Remove bogus partial 0.5.22 changelog entry * apt@arch.ubuntu.com/apt--experimental--0.6--patch-64 Make the auth warning a bit less redundant * apt@arch.ubuntu.com/apt--experimental--0.6--patch-65 * Merge 0.5.24 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-66 * Make the unauthenticated packages prompt more intuiti... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-67 Merge 0.5.25 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-68 * Remove obsolete pkgIterator::TargetVer() (Closes: #230159) * apt@arch.ubuntu.com/apt--experimental--0.6--patch-69 * Reverse test in CheckAuth to match new prompt (Closes... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-70 Update version * apt@arch.ubuntu.com/apt--experimental--0.6--patch-71 Fix backwards sense of CheckAuth prompt * apt@arch.ubuntu.com/apt--experimental--0.6--patch-72 0.6.24 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-73 Close bug * apt@arch.ubuntu.com/apt--experimental--0.6--patch-74 * Fix handling of two-part sources for sources.list deb... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-75 0.6.25 * apt@packages.debian.org/apt--authentication--0--base-0 tag of apt@arch.ubuntu.com/apt--experimental--0.6--patch-75 * apt@packages.debian.org/apt--authentication--0--patch-1 Michael Vogt's merge of apt--experimental--0 onto apt--main--0 * apt@packages.debian.org/apt--authentication--0--patch-2 Merge from apt--main--0 * apt@packages.debian.org/apt--authentication--0--patch-3 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-4 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-5 Update version number in configure.in * apt@packages.debian.org/apt--authentication--0--patch-6 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-7 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-8 Merge from mvo's branch * apt@packages.debian.org/apt--authentication--0--patch-9 Merge from mvo's tree * apt@packages.debian.org/apt--authentication--0--patch-10 Merge from mvo * apt@packages.debian.org/apt--authentication--0--patch-11 Fix permissions AGAIN * michael.vogt@canonical.com--2004--laptop/apt--authentication-mvo--0--base-0 tag of michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-12 * michael.vogt@canonical.com--2004--laptop/apt--authentication-mvo--0--patch-1 * star-merged matt's changes (bz2 support for data-members in debs) * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-1 tag of apt@packages.debian.org/apt--authentication--0--base-0 * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-2 merged "tla apply-delta -A foo@ apt@arch.ubuntu.com/apt--MAIN--0--patch-1190 apt@arch.ubuntu.com/apt--MAIN--0--patch-1343" and cleaned up conflicts * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-3 * missing bits from the merge added * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-4 * star-merged with apt@packages.debian.org/apt--main--0 * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-5 * tree-synced to the apt--authentication tree * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-6 * use the ubuntu-key in this version * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-7 * imported the patches from mdz * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-8 * apt-get update --print-uris works now as before (fallback to 0.5.x behaviour) * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-9 * fix for the "if any source unauthenticated, all other sources are unauthenticated too" problem * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-10 * reworked the "--print-uris" patch. it no longer uses: "APT::Get::Print-URIs" in the library * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-11 * version of the library set to 3.6 * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-12 * changelog finallized, will upload to people.ubuntulinux.org/~mvo/apt-authentication * michael.vogt@canonical.com--2004/apt--main-authentication--0--base-0 tag of apt@packages.debian.org/apt--main--0--patch-22 * michael.vogt@canonical.com--2004/apt--main-authentication--0--patch-1 * star-merge from apt--experimental--0.6 * michael.vogt@canonical.com--2004/apt--main-authentication--0--patch-2 * compile failure fix for methods/http.cc, po-file fixes --- methods/cdrom.cc | 2 +- methods/connect.cc | 2 +- methods/copy.cc | 2 +- methods/file.cc | 2 +- methods/ftp.cc | 2 +- methods/gpgv.cc | 261 +++++++++++++++++++++++++++++++++++++++++++++++++++++ methods/gzip.cc | 2 +- methods/makefile | 9 +- methods/rsh.cc | 2 +- 9 files changed, 276 insertions(+), 8 deletions(-) create mode 100644 methods/gpgv.cc (limited to 'methods') diff --git a/methods/cdrom.cc b/methods/cdrom.cc index 0d8fdc29c..d5987dc45 100644 --- a/methods/cdrom.cc +++ b/methods/cdrom.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: cdrom.cc,v 1.21 2004/01/07 20:39:38 mdz Exp $ +// $Id: cdrom.cc,v 1.20.2.1 2004/01/16 18:58:50 mdz Exp $ /* ###################################################################### CDROM URI method for APT diff --git a/methods/connect.cc b/methods/connect.cc index d1d71b004..981ac1371 100644 --- a/methods/connect.cc +++ b/methods/connect.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: connect.cc,v 1.11 2004/01/07 20:39:38 mdz Exp $ +// $Id: connect.cc,v 1.10.2.1 2004/01/16 18:58:50 mdz Exp $ /* ###################################################################### Connect - Replacement connect call diff --git a/methods/copy.cc b/methods/copy.cc index 3f367e72a..d737e3c33 100644 --- a/methods/copy.cc +++ b/methods/copy.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: copy.cc,v 1.8 2004/01/07 20:39:38 mdz Exp $ +// $Id: copy.cc,v 1.7.2.1 2004/01/16 18:58:50 mdz Exp $ /* ###################################################################### Copy URI - This method takes a uri like a file: uri and copies it diff --git a/methods/file.cc b/methods/file.cc index 76fd64d86..3500de9f5 100644 --- a/methods/file.cc +++ b/methods/file.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: file.cc,v 1.10 2004/01/07 20:39:38 mdz Exp $ +// $Id: file.cc,v 1.9.2.1 2004/01/16 18:58:50 mdz Exp $ /* ###################################################################### File URI method for APT diff --git a/methods/ftp.cc b/methods/ftp.cc index 0f222272d..fafa10534 100644 --- a/methods/ftp.cc +++ b/methods/ftp.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: ftp.cc,v 1.32 2004/01/07 20:39:38 mdz Exp $ +// $Id: ftp.cc,v 1.31.2.1 2004/01/16 18:58:50 mdz Exp $ /* ###################################################################### FTP Aquire Method - This is the FTP aquire method for APT. diff --git a/methods/gpgv.cc b/methods/gpgv.cc new file mode 100644 index 000000000..b34ea8d85 --- /dev/null +++ b/methods/gpgv.cc @@ -0,0 +1,261 @@ +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#define GNUPGPREFIX "[GNUPG:]" +#define GNUPGBADSIG "[GNUPG:] BADSIG" +#define GNUPGNOPUBKEY "[GNUPG:] NO_PUBKEY" +#define GNUPGVALIDSIG "[GNUPG:] VALIDSIG" + +class GPGVMethod : public pkgAcqMethod +{ + private: + const char *VerifyGetSigners(const char *file, const char *outfile, + vector &GoodSigners, vector &BadSigners, + vector &NoPubKeySigners); + + protected: + virtual bool Fetch(FetchItem *Itm); + + public: + + GPGVMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {}; +}; + +const char *GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, + vector &GoodSigners, + vector &BadSigners, + vector &NoPubKeySigners) +{ + if (_config->FindB("Debug::Acquire::gpgv", false)) + { + std::cerr << "inside VerifyGetSigners" << std::endl; + } + pid_t pid; + int fd[2]; + FILE *pipein; + int status; + struct stat buff; + string gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); + string pubringpath = _config->Find("Apt::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg"); + if (_config->FindB("Debug::Acquire::gpgv", false)) + { + std::cerr << "gpgv path: " << gpgvpath << std::endl; + std::cerr << "Keyring path: " << pubringpath << std::endl; + } + + if (stat(pubringpath.c_str(), &buff) != 0) + return (string("Couldn't access keyring: ") + strerror(errno)).c_str(); + + if (pipe(fd) < 0) + { + return "Couldn't create pipe"; + } + + pid = fork(); + if (pid < 0) + { + return (string("Couldn't spawn new process") + strerror(errno)).c_str(); + } + else if (pid == 0) + { + if (_config->FindB("Debug::Acquire::gpgv", false)) + { + std::cerr << "Preparing to exec: " << gpgvpath + << " --status-fd 3 --keyring " << pubringpath + << " " << file << " " << outfile << std::endl; + } + int nullfd = open("/dev/null", O_RDONLY); + close(fd[0]); + // Redirect output to /dev/null; we read from the status fd + dup2(nullfd, STDOUT_FILENO); + dup2(nullfd, STDERR_FILENO); + // Redirect the pipe to the status fd (3) + dup2(fd[1], 3); + + putenv("LANG="); + putenv("LC_ALL="); + putenv("LC_MESSAGES="); + execlp(gpgvpath.c_str(), gpgvpath.c_str(), "--status-fd", "3", "--keyring", + pubringpath.c_str(), file, outfile, NULL); + + exit(111); + } + close(fd[1]); + + pipein = fdopen(fd[0], "r"); + + // Loop over the output of gpgv, and check the signatures. + size_t buffersize = 64; + char *buffer = (char *) malloc(buffersize); + size_t bufferoff = 0; + while (1) + { + int c; + + // Read a line. Sigh. + while ((c = getc(pipein)) != EOF && c != '\n') + { + if (bufferoff == buffersize) + buffer = (char *) realloc(buffer, buffersize *= 2); + *(buffer+bufferoff) = c; + bufferoff++; + } + if (bufferoff == 0 && c == EOF) + break; + *(buffer+bufferoff) = '\0'; + bufferoff = 0; + if (_config->FindB("Debug::Acquire::gpgv", false)) + std::cerr << "Read: " << buffer << std::endl; + + // Push the data into three separate vectors, which + // we later concatenate. They're kept separate so + // if we improve the apt method communication stuff later + // it will be better. + if (strncmp(buffer, GNUPGBADSIG, sizeof(GNUPGBADSIG)-1) == 0) + { + if (_config->FindB("Debug::Acquire::gpgv", false)) + std::cerr << "Got BADSIG! " << std::endl; + BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX))); + } + + if (strncmp(buffer, GNUPGNOPUBKEY, sizeof(GNUPGNOPUBKEY)-1) == 0) + { + if (_config->FindB("Debug::Acquire::gpgv", false)) + std::cerr << "Got NO_PUBKEY " << std::endl; + NoPubKeySigners.push_back(string(buffer+sizeof(GNUPGPREFIX))); + } + + if (strncmp(buffer, GNUPGVALIDSIG, sizeof(GNUPGVALIDSIG)-1) == 0) + { + char *sig = buffer + sizeof(GNUPGPREFIX); + char *p = sig + sizeof("VALIDSIG"); + while (*p && isxdigit(*p)) + p++; + *p = 0; + if (_config->FindB("Debug::Acquire::gpgv", false)) + std::cerr << "Got VALIDSIG, key ID:" << sig << std::endl; + GoodSigners.push_back(string(sig)); + } + } + fclose(pipein); + + waitpid(pid, &status, 0); + if (_config->FindB("Debug::Acquire::gpgv", false)) + { + std::cerr <<"gpgv exited\n"; + } + + if (WEXITSTATUS(status) == 0) + { + if (GoodSigners.empty()) + return "Internal error: Good signature, but could not determine key fingerprint?!"; + return NULL; + } + else if (WEXITSTATUS(status) == 1) + { + return "At least one invalid signature was encountered."; + } + else if (WEXITSTATUS(status) == 111) + { + return (string("Could not execute ") + gpgvpath + + string(" to verify signature (is gnupg installed?)")).c_str(); + } + else + { + return "Unknown error executing gpgv"; + } +} + +bool GPGVMethod::Fetch(FetchItem *Itm) +{ + URI Get = Itm->Uri; + string Path = Get.Host + Get.Path; // To account for relative paths + string keyID; + vector GoodSigners; + vector BadSigners; + vector NoPubKeySigners; + + FetchResult Res; + Res.Filename = Itm->DestFile; + URIStart(Res); + + // Run gpgv on file, extract contents and get the key ID of the signer + const char *msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(), + GoodSigners, BadSigners, NoPubKeySigners); + if (GoodSigners.empty() || !BadSigners.empty() || !NoPubKeySigners.empty()) + { + string errmsg; + // In this case, something bad probably happened, so we just go + // with what the other method gave us for an error message. + if (BadSigners.empty() && NoPubKeySigners.empty()) + errmsg = msg; + else + { + if (!BadSigners.empty()) + { + errmsg += "The following signatures were invalid:\n"; + for (vector::iterator I = BadSigners.begin(); + I != BadSigners.end(); I++) + errmsg += (*I + "\n"); + } + if (!NoPubKeySigners.empty()) + { + errmsg += "The following signatures couldn't be verified because the public key is not available:\n"; + for (vector::iterator I = NoPubKeySigners.begin(); + I != NoPubKeySigners.end(); I++) + errmsg += (*I + "\n"); + } + } + return _error->Error(errmsg.c_str()); + } + + // Transfer the modification times + struct stat Buf; + if (stat(Path.c_str(),&Buf) != 0) + return _error->Errno("stat","Failed to stat %s", Path.c_str()); + + struct utimbuf TimeBuf; + TimeBuf.actime = Buf.st_atime; + TimeBuf.modtime = Buf.st_mtime; + if (utime(Itm->DestFile.c_str(),&TimeBuf) != 0) + return _error->Errno("utime","Failed to set modification time"); + + if (stat(Itm->DestFile.c_str(),&Buf) != 0) + return _error->Errno("stat","Failed to stat"); + + // Return a Done response + Res.LastModified = Buf.st_mtime; + Res.Size = Buf.st_size; + // Just pass the raw output up, because passing it as a real data + // structure is too difficult with the method stuff. We keep it + // as three separate vectors for future extensibility. + Res.GPGVOutput = GoodSigners; + Res.GPGVOutput.insert(Res.GPGVOutput.end(),BadSigners.begin(),BadSigners.end()); + Res.GPGVOutput.insert(Res.GPGVOutput.end(),NoPubKeySigners.begin(),NoPubKeySigners.end()); + URIDone(Res); + + if (_config->FindB("Debug::Acquire::gpgv", false)) + { + std::cerr <<"gpgv suceeded\n"; + } + + return true; +} + + +int main() +{ + GPGVMethod Mth; + + return Mth.Run(); +} diff --git a/methods/gzip.cc b/methods/gzip.cc index ac64f33f8..75a038979 100644 --- a/methods/gzip.cc +++ b/methods/gzip.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: gzip.cc,v 1.18 2004/01/07 20:39:38 mdz Exp $ +// $Id: gzip.cc,v 1.17.2.1 2004/01/16 18:58:50 mdz Exp $ /* ###################################################################### GZip method - Take a file URI in and decompress it into the target diff --git a/methods/makefile b/methods/makefile index 50f44342c..089300570 100644 --- a/methods/makefile +++ b/methods/makefile @@ -7,7 +7,7 @@ include ../buildlib/defaults.mak BIN := $(BIN)/methods # FIXME.. -LIB_APT_PKG_MAJOR = 3.3 +LIB_APT_PKG_MAJOR = 3.5 APT_DOMAIN := libapt-pkg$(LIB_APT_PKG_MAJOR) # The file method @@ -31,6 +31,13 @@ LIB_MAKES = apt-pkg/makefile SOURCE = gzip.cc include $(PROGRAM_H) +# The gpgv method +PROGRAM=gpgv +SLIBS = -lapt-pkg +LIB_MAKES = apt-pkg/makefile +SOURCE = gpgv.cc +include $(PROGRAM_H) + # The cdrom method PROGRAM=cdrom SLIBS = -lapt-pkg diff --git a/methods/rsh.cc b/methods/rsh.cc index c742a6eaf..ffd2b7dbd 100644 --- a/methods/rsh.cc +++ b/methods/rsh.cc @@ -1,6 +1,6 @@ // -*- mode: cpp; mode: fold -*- // Description /*{{{*/ -// $Id: rsh.cc,v 1.7 2004/01/07 20:39:38 mdz Exp $ +// $Id: rsh.cc,v 1.6.2.1 2004/01/16 18:58:50 mdz Exp $ /* ###################################################################### RSH method - Transfer files via rsh compatible program -- cgit v1.2.3-70-g09d2 From 3826564e07eaffb05eca5af34a0e76f6f161b89c Mon Sep 17 00:00:00 2001 From: Matt Zimmerman Date: Mon, 13 Dec 2004 10:59:20 +0000 Subject: Merge misc-abi-changes Patches applied: * apt@packages.debian.org/apt--misc-abi-changes--0--base-0 tag of apt@packages.debian.org/apt--main--0--patch-16 * apt@packages.debian.org/apt--misc-abi-changes--0--patch-1 Fix apt-get -s remove to not display the candidate version * apt@packages.debian.org/apt--misc-abi-changes--0--patch-2 Merge from main * apt@packages.debian.org/apt--misc-abi-changes--0--patch-3 Use pid_t throughout to hold process IDs --- apt-inst/deb/dpkgdb.cc | 2 +- apt-pkg/algorithms.cc | 25 ++++++++++++++----------- apt-pkg/algorithms.h | 4 +++- apt-pkg/contrib/fileutl.cc | 4 ++-- apt-pkg/contrib/fileutl.h | 4 ++-- apt-pkg/makefile | 2 +- cmdline/indexcopy.cc | 2 +- debian/changelog | 12 +++++++++++- ftparchive/multicompress.cc | 8 ++++---- ftparchive/multicompress.h | 6 +++--- ftparchive/writer.cc | 2 +- methods/gzip.cc | 2 +- methods/rsh.h | 2 +- po/apt-all.pot | 6 +++--- 14 files changed, 48 insertions(+), 33 deletions(-) (limited to 'methods') diff --git a/apt-inst/deb/dpkgdb.cc b/apt-inst/deb/dpkgdb.cc index 50b361948..7da5a26aa 100644 --- a/apt-inst/deb/dpkgdb.cc +++ b/apt-inst/deb/dpkgdb.cc @@ -61,7 +61,7 @@ static bool EraseDir(const char *Dir) return _error->Errno("rmdir",_("Failed to remove %s"),Dir); // Purge it using rm - int Pid = ExecFork(); + pid_t Pid = ExecFork(); // Spawn the subprocess if (Pid == 0) diff --git a/apt-pkg/algorithms.cc b/apt-pkg/algorithms.cc index 9b37385bf..479927d65 100644 --- a/apt-pkg/algorithms.cc +++ b/apt-pkg/algorithms.cc @@ -50,26 +50,29 @@ pkgSimulate::pkgSimulate(pkgDepCache *Cache) : pkgPackageManager(Cache), /*}}}*/ // Simulate::Describe - Describe a package /*{{{*/ // --------------------------------------------------------------------- -/* Parameter Now == true gives both current and available varsion, - Parameter Now == false gives only the available package version */ -void pkgSimulate::Describe(PkgIterator Pkg,ostream &out,bool Now) +/* Parameter Current == true displays the current package version, + Parameter Candidate == true displays the candidate package version */ +void pkgSimulate::Describe(PkgIterator Pkg,ostream &out,bool Current,bool Candidate) { VerIterator Ver(Sim); out << Pkg.Name(); - if (Now == true) + if (Current == true) { Ver = Pkg.CurrentVer(); if (Ver.end() == false) out << " [" << Ver.VerStr() << ']'; } - Ver = Sim[Pkg].CandidateVerIter(Sim); - if (Ver.end() == true) - return; + if (Candidate == true) + { + Ver = Sim[Pkg].CandidateVerIter(Sim); + if (Ver.end() == true) + return; - out << " (" << Ver.VerStr() << ' ' << Ver.RelStr() << ')'; + out << " (" << Ver.VerStr() << ' ' << Ver.RelStr() << ')'; + } } /*}}}*/ // Simulate::Install - Simulate unpacking of a package /*{{{*/ @@ -82,7 +85,7 @@ bool pkgSimulate::Install(PkgIterator iPkg,string /*File*/) Flags[Pkg->ID] = 1; cout << "Inst "; - Describe(Pkg,cout,true); + Describe(Pkg,cout,true,true); Sim.MarkInstall(Pkg,false); // Look for broken conflicts+predepends. @@ -156,7 +159,7 @@ bool pkgSimulate::Configure(PkgIterator iPkg) else { cout << "Conf "; - Describe(Pkg,cout,false); + Describe(Pkg,cout,false,true); } if (Sim.BrokenCount() != 0) @@ -181,7 +184,7 @@ bool pkgSimulate::Remove(PkgIterator iPkg,bool Purge) cout << "Purg "; else cout << "Remv "; - Describe(Pkg,cout,false); + Describe(Pkg,cout,true,false); if (Sim.BrokenCount() != 0) ShortBreaks(); diff --git a/apt-pkg/algorithms.h b/apt-pkg/algorithms.h index 0b38e4244..174a7f58d 100644 --- a/apt-pkg/algorithms.h +++ b/apt-pkg/algorithms.h @@ -67,8 +67,10 @@ class pkgSimulate : public pkgPackageManager virtual bool Install(PkgIterator Pkg,string File); virtual bool Configure(PkgIterator Pkg); virtual bool Remove(PkgIterator Pkg,bool Purge); + +private: void ShortBreaks(); - void Describe(PkgIterator iPkg,ostream &out,bool Now); + void Describe(PkgIterator iPkg,ostream &out,bool Current,bool Candidate); public: diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 4ba8ab05a..7c9f5c0dd 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -306,7 +306,7 @@ bool WaitFd(int Fd,bool write,unsigned long timeout) /* This is used if you want to cleanse the environment for the forked child, it fixes up the important signals and nukes all of the fds, otherwise acts like normal fork. */ -int ExecFork() +pid_t ExecFork() { // Fork off the process pid_t Process = fork(); @@ -340,7 +340,7 @@ int ExecFork() /* Waits for the given sub process. If Reap is set then no errors are generated. Otherwise a failed subprocess will generate a proper descriptive message */ -bool ExecWait(int Pid,const char *Name,bool Reap) +bool ExecWait(pid_t Pid,const char *Name,bool Reap) { if (Pid <= 1) return true; diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index b6b9cae83..041aa3309 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -87,8 +87,8 @@ string SafeGetCWD(); void SetCloseExec(int Fd,bool Close); void SetNonBlock(int Fd,bool Block); bool WaitFd(int Fd,bool write = false,unsigned long timeout = 0); -int ExecFork(); -bool ExecWait(int Pid,const char *Name,bool Reap = false); +pid_t ExecFork(); +bool ExecWait(pid_t Pid,const char *Name,bool Reap = false); // File string manipulators string flNotDir(string File); diff --git a/apt-pkg/makefile b/apt-pkg/makefile index ec2013b04..e62a7efd5 100644 --- a/apt-pkg/makefile +++ b/apt-pkg/makefile @@ -13,7 +13,7 @@ include ../buildlib/defaults.mak # methods/makefile - FIXME LIBRARY=apt-pkg LIBEXT=$(GLIBC_VER)$(LIBSTDCPP_VER) -MAJOR=3.6 +MAJOR=3.7 MINOR=0 SLIBS=$(PTHREADLIB) $(INTLLIBS) APT_DOMAIN:=libapt-pkg$(MAJOR) diff --git a/cmdline/indexcopy.cc b/cmdline/indexcopy.cc index 3ce12a94b..0a3cd1575 100644 --- a/cmdline/indexcopy.cc +++ b/cmdline/indexcopy.cc @@ -83,7 +83,7 @@ bool IndexCopy::CopyPackages(string CDROM,string Name,vector &List) fclose(tmp); // Fork gzip - int Process = fork(); + pid_t Process = fork(); if (Process < 0) return _error->Errno("fork","Couldn't fork gzip"); diff --git a/debian/changelog b/debian/changelog index 9d26496f2..8dbf5cc8f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,16 @@ apt (0.6.27) hoary; urgency=low - * Merge apt--authentication--0 branch (gpg authentication) + * Merge apt--authentication--0 branch + - Implement gpg authentication for package repositories (Closes: #203741) + - Also includes Michael Vogt's fixes + * Merge apt--misc-abi-changes--0 branch + - Use pid_t throughout to hold process IDs (Closes: #226701) + - Import patch from Debian bug #195510: (Closes: #195510) + - Make Simulate::Describe and Simulate::ShortBreaks private member + functions + - Add a parameter (Candidate) to Describe to control whether the + candidate version is displayed + - Pass an appropriate value for Candidate everywhere Describe is called -- Matt Zimmerman Mon, 13 Dec 2004 01:03:11 -0800 diff --git a/ftparchive/multicompress.cc b/ftparchive/multicompress.cc index fabd460f8..5073e98ac 100644 --- a/ftparchive/multicompress.cc +++ b/ftparchive/multicompress.cc @@ -271,7 +271,7 @@ bool MultiCompress::Finalize(unsigned long &OutSize) /* This opens the compressor, either in compress mode or decompress mode. FileFd is always the compressor input/output file, OutFd is the created pipe, Input for Compress, Output for Decompress. */ -bool MultiCompress::OpenCompress(const CompType *Prog,int &Pid,int FileFd, +bool MultiCompress::OpenCompress(const CompType *Prog,pid_t &Pid,int FileFd, int &OutFd,bool Comp) { Pid = -1; @@ -334,7 +334,7 @@ bool MultiCompress::OpenCompress(const CompType *Prog,int &Pid,int FileFd, // MultiCompress::OpenOld - Open an old file /*{{{*/ // --------------------------------------------------------------------- /* This opens one of the original output files, possibly decompressing it. */ -bool MultiCompress::OpenOld(int &Fd,int &Proc) +bool MultiCompress::OpenOld(int &Fd,pid_t &Proc) { Files *Best = Outputs; for (Files *I = Outputs; I != 0; I = I->Next) @@ -356,7 +356,7 @@ bool MultiCompress::OpenOld(int &Fd,int &Proc) // MultiCompress::CloseOld - Close the old file /*{{{*/ // --------------------------------------------------------------------- /* */ -bool MultiCompress::CloseOld(int Fd,int Proc) +bool MultiCompress::CloseOld(int Fd,pid_t Proc) { close(Fd); if (Proc != -1) @@ -439,7 +439,7 @@ bool MultiCompress::Child(int FD) while (Missing == false) { int CompFd = -1; - int Proc = -1; + pid_t Proc = -1; if (OpenOld(CompFd,Proc) == false) { _error->Discard(); diff --git a/ftparchive/multicompress.h b/ftparchive/multicompress.h index 212dec63d..444d8626f 100644 --- a/ftparchive/multicompress.h +++ b/ftparchive/multicompress.h @@ -55,7 +55,7 @@ class MultiCompress mode_t Permissions; static const CompType Compressors[]; - bool OpenCompress(const CompType *Prog,int &Pid,int FileFd, + bool OpenCompress(const CompType *Prog,pid_t &Pid,int FileFd, int &OutFd,bool Comp); bool Child(int Fd); bool Start(); @@ -68,8 +68,8 @@ class MultiCompress unsigned long UpdateMTime; bool Finalize(unsigned long &OutSize); - bool OpenOld(int &Fd,int &Proc); - bool CloseOld(int Fd,int Proc); + bool OpenOld(int &Fd,pid_t &Proc); + bool CloseOld(int Fd,pid_t Proc); static bool GetStat(string Output,string Compress,struct stat &St); MultiCompress(string Output,string Compress,mode_t Permissions, diff --git a/ftparchive/writer.cc b/ftparchive/writer.cc index e1fd33ad3..35a23a3d7 100644 --- a/ftparchive/writer.cc +++ b/ftparchive/writer.cc @@ -754,7 +754,7 @@ bool ContentsWriter::ReadFromPkgs(string PkgFile,string PkgCompress) // Open the package file int CompFd = -1; - int Proc = -1; + pid_t Proc = -1; if (Pkgs.OpenOld(CompFd,Proc) == false) return false; diff --git a/methods/gzip.cc b/methods/gzip.cc index 75a038979..809afc0fc 100644 --- a/methods/gzip.cc +++ b/methods/gzip.cc @@ -57,7 +57,7 @@ bool GzipMethod::Fetch(FetchItem *Itm) return _error->Errno("pipe",_("Couldn't open pipe for %s"),Prog); // Fork gzip - int Process = ExecFork(); + pid_t Process = ExecFork(); if (Process == 0) { close(GzOut[0]); diff --git a/methods/rsh.h b/methods/rsh.h index bb97f062c..b06d5a94e 100644 --- a/methods/rsh.h +++ b/methods/rsh.h @@ -29,7 +29,7 @@ class RSHConn public: - int Process; + pid_t Process; // Raw connection IO bool WriteMsg(string &Text,bool Sync,const char *Fmt,...); diff --git a/po/apt-all.pot b/po/apt-all.pot index 722d2e280..bb60a995c 100644 --- a/po/apt-all.pot +++ b/po/apt-all.pot @@ -2087,19 +2087,19 @@ msgstr "" msgid "Index file type '%s' is not supported" msgstr "" -#: apt-pkg/algorithms.cc:238 +#: apt-pkg/algorithms.cc:241 #, c-format msgid "" "The package %s needs to be reinstalled, but I can't find an archive for it." msgstr "" -#: apt-pkg/algorithms.cc:1056 +#: apt-pkg/algorithms.cc:1059 msgid "" "Error, pkgProblemResolver::Resolve generated breaks, this may be caused by " "held packages." msgstr "" -#: apt-pkg/algorithms.cc:1058 +#: apt-pkg/algorithms.cc:1061 msgid "Unable to correct problems, you have held broken packages." msgstr "" -- cgit v1.2.3-70-g09d2