[maemo-commits] [maemo-commits] r11353 - in projects/haf/trunk/apt: . apt-pkg debian
From: subversion at stage.maemo.org subversion at stage.maemo.orgDate: Fri Apr 27 16:04:27 EEST 2007
- Previous message: [maemo-commits] r11352 - in projects/haf/trunk/hildon-home-webshortcut: . plugin
- Next message: [maemo-commits] r11354 - projects/haf/tags/apt
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Author: marivoll
Date: 2007-04-27 16:04:26 +0300 (Fri, 27 Apr 2007)
New Revision: 11353
Modified:
projects/haf/trunk/apt/apt-pkg/acquire-item.cc
projects/haf/trunk/apt/apt-pkg/acquire-item.h
projects/haf/trunk/apt/configure
projects/haf/trunk/apt/configure.in
projects/haf/trunk/apt/debian/changelog
projects/haf/trunk/apt/trusthook.patch
Log:
apt (0.6.46.4.osso4) unstable; urgency=low
* Applied trusthook.patch that gives us a way to hook into libapt-pkg
when it is deciding where to download a archive file from and whether
to trust it.
-- Marius Vollmer <marius.vollmer at nokia.com> Tue, 24 Apr 2007 16:04:43 +0300
Modified: projects/haf/trunk/apt/apt-pkg/acquire-item.cc
===================================================================
--- projects/haf/trunk/apt/apt-pkg/acquire-item.cc 2007-04-27 12:48:37 UTC (rev 11352)
+++ projects/haf/trunk/apt/apt-pkg/acquire-item.cc 2007-04-27 13:04:26 UTC (rev 11353)
@@ -1251,7 +1251,26 @@
}
/*}}}*/
+static int
+default_index_trust_level_for_package (pkgIndexFile *Index,
+ const pkgCache::VerIterator &Ver)
+{
+ return Index->IsTrusted ()? 1 : 0;
+}
+static int (*index_trust_level_for_package) (pkgIndexFile *Index,
+ const pkgCache::VerIterator &Ver)
+ = default_index_trust_level_for_package;
+
+void
+apt_set_index_trust_level_for_package_hook (int (*hook)
+ (pkgIndexFile *Index,
+ const pkgCache::VerIterator &Ver))
+{
+ index_trust_level_for_package = hook;
+}
+
+
// AcqArchive::AcqArchive - Constructor /*{{{*/
// ---------------------------------------------------------------------
/* This just sets up the initial fetch environment and queues the first
@@ -1260,8 +1279,8 @@
pkgRecords *Recs,pkgCache::VerIterator const &Version,
string &StoreFilename) :
Item(Owner), Version(Version), Sources(Sources), Recs(Recs),
- StoreFilename(StoreFilename), Vf(Version.FileList()),
- Trusted(false)
+ StoreFilename(StoreFilename),
+ TrustLevel(0)
{
Retries = _config->FindI("Acquire::Retries",0);
@@ -1277,6 +1296,9 @@
/* We need to find a filename to determine the extension. We make the
assumption here that all the available sources for this version share
the same extension.. */
+
+ pkgCache::VerFileIterator Vf = Version.FileList();
+
// Skip not source sources, they do not have file fields.
for (; Vf.end() == false; Vf++)
{
@@ -1300,31 +1322,55 @@
"." + flExtension(Parse.FileName());
}
- // check if we have one trusted source for the package. if so, switch
- // to "TrustedOnly" mode
- for (pkgCache::VerFileIterator i = Version.FileList(); i.end() == false; i++)
- {
- pkgIndexFile *Index;
- if (Sources->FindIndex(i.File(),Index) == false)
- continue;
- if (_config->FindB("Debug::pkgAcquire::Auth", false))
- {
- std::cerr << "Checking index: " << Index->Describe()
- << "(Trusted=" << Index->IsTrusted() << ")\n";
- }
- if (Index->IsTrusted()) {
- Trusted = true;
- break;
- }
- }
+ VerFileCandidates.clear();
+ TrustLevel = 0;
- // "allow-unauthenticated" restores apts old fetching behaviour
- // that means that e.g. unauthenticated file:// uris are higher
- // priority than authenticated http:// uris
if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
- Trusted = false;
+ {
+ // "allow-unauthenticated" restores apts old fetching behaviour
+ // that means that e.g. unauthenticated file:// uris are higher
+ // priority than authenticated http:// uris
+
+ while (!Vf.end())
+ {
+ if ((Vf.File()->Flags & pkgCache::Flag::NotSource) != 0)
+ continue;
+ VerFileCandidates.push_back (Vf);
+ Vf++;
+ }
+ }
+ else
+ {
+ // Find the sources with the highest trust level.
+ while (!Vf.end())
+ {
+ pkgIndexFile *Index;
+ if (Sources->FindIndex(Vf.File(),Index) == false)
+ continue;
+
+ int l = index_trust_level_for_package (Index, Version);
+
+ if (_config->FindB("Debug::pkgAcquire::Auth", false))
+ {
+ std::cerr << "Checking index: " << Index->Describe()
+ << "(Trust level =" << l << ")\n";
+ }
+
+ if (l >= TrustLevel)
+ {
+ if (l > TrustLevel)
+ VerFileCandidates.clear ();
+ VerFileCandidates.push_back (Vf);
+ TrustLevel = l;
+ }
+
+ Vf++;
+ }
+ }
+
// Select a source
+ CurVerFile = VerFileCandidates.begin ();
if (QueueNext() == false && _error->PendingError() == false)
_error->Error(_("I wasn't able to locate file for the %s package. "
"This might mean you need to manually fix this package."),
@@ -1338,22 +1384,15 @@
checking later. */
bool pkgAcqArchive::QueueNext()
{
- for (; Vf.end() == false; Vf++)
+ while (CurVerFile != VerFileCandidates.end())
{
- // Ignore not source sources
- if ((Vf.File()->Flags & pkgCache::Flag::NotSource) != 0)
- continue;
+ pkgCache::VerFileIterator Vf = *CurVerFile++;
// Try to cross match against the source list
pkgIndexFile *Index;
if (Sources->FindIndex(Vf.File(),Index) == false)
continue;
- // only try to get a trusted package from another source if that source
- // is also trusted
- if(Trusted && !Index->IsTrusted())
- continue;
-
// Grab the text package record
pkgRecords::Parser &Parse = Recs->Lookup(Vf);
if (_error->PendingError() == true)
@@ -1431,7 +1470,6 @@
Desc.ShortDesc = Version.ParentPkg().Name();
QueueURI(Desc);
- Vf++;
return true;
}
return false;
@@ -1508,7 +1546,7 @@
StringToBool(LookupTag(Message,"Transient-Failure"),false) == true)
{
// Vf = Version.FileList();
- while (Vf.end() == false) Vf++;
+ CurVerFile = VerFileCandidates.end ();
StoreFilename = string();
Item::Failed(Message,Cnf);
return;
@@ -1522,7 +1560,7 @@
StringToBool(LookupTag(Message,"Transient-Failure"),false) == true)
{
Retries--;
- Vf = Version.FileList();
+ CurVerFile = VerFileCandidates.begin ();
if (QueueNext() == true)
return;
}
@@ -1537,7 +1575,7 @@
// ---------------------------------------------------------------------
bool pkgAcqArchive::IsTrusted()
{
- return Trusted;
+ return TrustLevel > 0;
}
// AcqArchive::Finished - Fetching has finished, tidy up /*{{{*/
Modified: projects/haf/trunk/apt/apt-pkg/acquire-item.h
===================================================================
--- projects/haf/trunk/apt/apt-pkg/acquire-item.h 2007-04-27 12:48:37 UTC (rev 11352)
+++ projects/haf/trunk/apt/apt-pkg/acquire-item.h 2007-04-27 13:04:26 UTC (rev 11353)
@@ -27,6 +27,8 @@
#include <apt-pkg/pkgrecords.h>
#include <apt-pkg/indexrecords.h>
+#include <list>
+
#ifdef __GNUG__
#pragma interface "apt-pkg/acquire-item.h"
#endif
@@ -254,9 +256,10 @@
pkgRecords *Recs;
string MD5;
string &StoreFilename;
- pkgCache::VerFileIterator Vf;
+ std::list<pkgCache::VerFileIterator> VerFileCandidates;
+ std::list<pkgCache::VerFileIterator>::const_iterator CurVerFile;
unsigned int Retries;
- bool Trusted;
+ int TrustLevel;
// Queue the next available file for download.
bool QueueNext();
@@ -303,4 +306,28 @@
const string &DestDir="", const string &DestFilename="");
};
+/* For influencing the IsTrusted decision when acquiring a new version
+ of a package and for influencing which source is selected if the
+ highest version of a package is available from multiple sources.
+
+ The hook should return a integer indicating the 'trust level' that
+ a given index should be afforded for a given package. Indices with
+ higher trust levels will be preferred.
+
+ The default behavior is to use a trust level of zero for unsigned
+ repositories and a level of one for repositories with valid
+ signatures.
+
+ The IsTrusted predicate on a pkgAcqArchive object will return true
+ when the highest trust level is non-zero, false otherwise.
+
+ A trust level can be negative. In that case, the index will never
+ be considered as a source for the package.
+*/
+
+void
+apt_set_index_trust_level_for_package_hook (int (*hook)
+ (pkgIndexFile *Index,
+ const pkgCache::VerIterator &V));
+
#endif
Modified: projects/haf/trunk/apt/configure
===================================================================
--- projects/haf/trunk/apt/configure 2007-04-27 12:48:37 UTC (rev 11352)
+++ projects/haf/trunk/apt/configure 2007-04-27 13:04:26 UTC (rev 11353)
@@ -1347,7 +1347,7 @@
cat >>confdefs.h <<_ACEOF
-#define VERSION "0.6.46.4.osso3"
+#define VERSION "0.6.46.4.osso4"
_ACEOF
PACKAGE="apt"
Modified: projects/haf/trunk/apt/configure.in
===================================================================
--- projects/haf/trunk/apt/configure.in 2007-04-27 12:48:37 UTC (rev 11352)
+++ projects/haf/trunk/apt/configure.in 2007-04-27 13:04:26 UTC (rev 11353)
@@ -18,7 +18,7 @@
AC_CONFIG_HEADER(include/config.h:buildlib/config.h.in include/apti18n.h:buildlib/apti18n.h.in)
dnl -- SET THIS TO THE RELEASE VERSION --
-AC_DEFINE_UNQUOTED(VERSION,"0.6.46.4.osso3")
+AC_DEFINE_UNQUOTED(VERSION,"0.6.46.4.osso4")
PACKAGE="apt"
AC_DEFINE_UNQUOTED(PACKAGE,"$PACKAGE")
AC_SUBST(PACKAGE)
Modified: projects/haf/trunk/apt/debian/changelog
===================================================================
--- projects/haf/trunk/apt/debian/changelog 2007-04-27 12:48:37 UTC (rev 11352)
+++ projects/haf/trunk/apt/debian/changelog 2007-04-27 13:04:26 UTC (rev 11353)
@@ -1,3 +1,11 @@
+apt (0.6.46.4.osso4) unstable; urgency=low
+
+ * Applied trusthook.patch that gives us a way to hook into libapt-pkg
+ when it is deciding where to download a archive file from and whether
+ to trust it.
+
+ -- Marius Vollmer <marius.vollmer at nokia.com> Tue, 24 Apr 2007 16:04:43 +0300
+
apt (0.6.46.4.osso3) unstable; urgency=low
* Applied gpgvinfo.patch that causes the output of gpgv to be recorded
Modified: projects/haf/trunk/apt/trusthook.patch
===================================================================
--- projects/haf/trunk/apt/trusthook.patch 2007-04-27 12:48:37 UTC (rev 11352)
+++ projects/haf/trunk/apt/trusthook.patch 2007-04-27 13:04:26 UTC (rev 11353)
@@ -29,46 +29,118 @@
// AcqArchive::AcqArchive - Constructor /*{{{*/
// ---------------------------------------------------------------------
/* This just sets up the initial fetch environment and queues the first
-@@ -1261,7 +1280,7 @@
+@@ -1260,8 +1279,8 @@
+ pkgRecords *Recs,pkgCache::VerIterator const &Version,
string &StoreFilename) :
Item(Owner), Version(Version), Sources(Sources), Recs(Recs),
- StoreFilename(StoreFilename), Vf(Version.FileList()),
+- StoreFilename(StoreFilename), Vf(Version.FileList()),
- Trusted(false)
++ StoreFilename(StoreFilename),
+ TrustLevel(0)
{
Retries = _config->FindI("Acquire::Retries",0);
-@@ -1307,13 +1326,17 @@
- pkgIndexFile *Index;
- if (Sources->FindIndex(i.File(),Index) == false)
- continue;
+@@ -1277,6 +1296,9 @@
+ /* We need to find a filename to determine the extension. We make the
+ assumption here that all the available sources for this version share
+ the same extension.. */
+
-+ int l = index_trust_level_for_package (Index, Version);
++ pkgCache::VerFileIterator Vf = Version.FileList();
+
- if (_config->FindB("Debug::pkgAcquire::Auth", false))
- {
- std::cerr << "Checking index: " << Index->Describe()
+ // Skip not source sources, they do not have file fields.
+ for (; Vf.end() == false; Vf++)
+ {
+@@ -1300,31 +1322,55 @@
+ "." + flExtension(Parse.FileName());
+ }
+
+- // check if we have one trusted source for the package. if so, switch
+- // to "TrustedOnly" mode
+- for (pkgCache::VerFileIterator i = Version.FileList(); i.end() == false; i++)
+- {
+- pkgIndexFile *Index;
+- if (Sources->FindIndex(i.File(),Index) == false)
+- continue;
+- if (_config->FindB("Debug::pkgAcquire::Auth", false))
+- {
+- std::cerr << "Checking index: " << Index->Describe()
- << "(Trusted=" << Index->IsTrusted() << ")\n";
-+ << "(Trust level =" << l << ")\n";
- }
+- }
- if (Index->IsTrusted()) {
- Trusted = true;
-+
-+ if (l > TrustLevel) {
-+ TrustLevel = l;
- break;
- }
- }
-@@ -1322,7 +1345,7 @@
- // that means that e.g. unauthenticated file:// uris are higher
- // priority than authenticated http:// uris
+- break;
+- }
+- }
++ VerFileCandidates.clear();
++ TrustLevel = 0;
+
+- // "allow-unauthenticated" restores apts old fetching behaviour
+- // that means that e.g. unauthenticated file:// uris are higher
+- // priority than authenticated http:// uris
if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
- Trusted = false;
-+ TrustLevel = 0;
++ {
++ // "allow-unauthenticated" restores apts old fetching behaviour
++ // that means that e.g. unauthenticated file:// uris are higher
++ // priority than authenticated http:// uris
++
++ while (!Vf.end())
++ {
++ if ((Vf.File()->Flags & pkgCache::Flag::NotSource) != 0)
++ continue;
++ VerFileCandidates.push_back (Vf);
++ Vf++;
++ }
++ }
++ else
++ {
++ // Find the sources with the highest trust level.
++ while (!Vf.end())
++ {
++ pkgIndexFile *Index;
++ if (Sources->FindIndex(Vf.File(),Index) == false)
++ continue;
++
++ int l = index_trust_level_for_package (Index, Version);
++
++ if (_config->FindB("Debug::pkgAcquire::Auth", false))
++ {
++ std::cerr << "Checking index: " << Index->Describe()
++ << "(Trust level =" << l << ")\n";
++ }
++
++ if (l >= TrustLevel)
++ {
++ if (l > TrustLevel)
++ VerFileCandidates.clear ();
++ VerFileCandidates.push_back (Vf);
++ TrustLevel = l;
++ }
++
++ Vf++;
++ }
++ }
++
// Select a source
++ CurVerFile = VerFileCandidates.begin ();
if (QueueNext() == false && _error->PendingError() == false)
-@@ -1349,10 +1372,9 @@
+ _error->Error(_("I wasn't able to locate file for the %s package. "
+ "This might mean you need to manually fix this package."),
+@@ -1338,22 +1384,15 @@
+ checking later. */
+ bool pkgAcqArchive::QueueNext()
+ {
+- for (; Vf.end() == false; Vf++)
++ while (CurVerFile != VerFileCandidates.end())
+ {
+- // Ignore not source sources
+- if ((Vf.File()->Flags & pkgCache::Flag::NotSource) != 0)
+- continue;
++ pkgCache::VerFileIterator Vf = *CurVerFile++;
+
+ // Try to cross match against the source list
+ pkgIndexFile *Index;
if (Sources->FindIndex(Vf.File(),Index) == false)
continue;
@@ -76,13 +148,37 @@
- // is also trusted
- if(Trusted && !Index->IsTrusted())
- continue;
-+ // only consider sources with a high enough trust level
-+ if (index_trust_level_for_package (Index, Version) < TrustLevel)
-+ continue;
-
+-
// Grab the text package record
pkgRecords::Parser &Parse = Recs->Lookup(Vf);
-@@ -1537,7 +1559,7 @@
+ if (_error->PendingError() == true)
+@@ -1431,7 +1470,6 @@
+ Desc.ShortDesc = Version.ParentPkg().Name();
+ QueueURI(Desc);
+
+- Vf++;
+ return true;
+ }
+ return false;
+@@ -1508,7 +1546,7 @@
+ StringToBool(LookupTag(Message,"Transient-Failure"),false) == true)
+ {
+ // Vf = Version.FileList();
+- while (Vf.end() == false) Vf++;
++ CurVerFile = VerFileCandidates.end ();
+ StoreFilename = string();
+ Item::Failed(Message,Cnf);
+ return;
+@@ -1522,7 +1560,7 @@
+ StringToBool(LookupTag(Message,"Transient-Failure"),false) == true)
+ {
+ Retries--;
+- Vf = Version.FileList();
++ CurVerFile = VerFileCandidates.begin ();
+ if (QueueNext() == true)
+ return;
+ }
+@@ -1537,7 +1575,7 @@
// ---------------------------------------------------------------------
bool pkgAcqArchive::IsTrusted()
{
@@ -95,16 +191,29 @@
===================================================================
--- apt-pkg/acquire-item.h (revision 11192)
+++ apt-pkg/acquire-item.h (working copy)
-@@ -256,7 +256,7 @@
+@@ -27,6 +27,8 @@
+ #include <apt-pkg/pkgrecords.h>
+ #include <apt-pkg/indexrecords.h>
+
++#include <list>
++
+ #ifdef __GNUG__
+ #pragma interface "apt-pkg/acquire-item.h"
+ #endif
+@@ -254,9 +256,10 @@
+ pkgRecords *Recs;
+ string MD5;
string &StoreFilename;
- pkgCache::VerFileIterator Vf;
+- pkgCache::VerFileIterator Vf;
++ std::list<pkgCache::VerFileIterator> VerFileCandidates;
++ std::list<pkgCache::VerFileIterator>::const_iterator CurVerFile;
unsigned int Retries;
- bool Trusted;
+ int TrustLevel;
// Queue the next available file for download.
bool QueueNext();
-@@ -303,4 +303,28 @@
+@@ -303,4 +306,28 @@
const string &DestDir="", const string &DestFilename="");
};
@@ -120,7 +229,7 @@
+ repositories and a level of one for repositories with valid
+ signatures.
+
-+ The IsTrusted prodicate on a pkgAcqArchive object will return true
++ The IsTrusted predicate on a pkgAcqArchive object will return true
+ when the highest trust level is non-zero, false otherwise.
+
+ A trust level can be negative. In that case, the index will never
- Previous message: [maemo-commits] r11352 - in projects/haf/trunk/hildon-home-webshortcut: . plugin
- Next message: [maemo-commits] r11354 - projects/haf/tags/apt
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]