Bug#617690: [PATCH] Fix #617690 (APT::Get::AllowUnauthenticated=true always

Markovtsev Vadim Thu, 26 Sep 2013 23:39:29 -0700

Dear David,

Your patch works and indeed is better than mine.
The only thing that I suggest is to cache the setting before entering the
cycle:


---------------------------------------------------

>From ac128e08f50298886bc9eb8722183acfb095b89f Mon Sep 17 00:00:00 2001
From: Vadim Markovtsev <v.markovt...@samsung.com>
Date: Fri, 27 Sep 2013 10:28:17 +0400
Subject: [PATCH] Fix #617690 (APT::Get::AllowUnauthenticated=true always
 causes warning "packages cannot be authenticated")

Signed-off-by: Vadim Markovtsev <v.markovt...@samsung.com>
---
 apt-pkg/acquire-item.cc | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 97b2d1e..4d40f21 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1736,12 +1736,6 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire
*Owner,pkgSourceList *Sources,
       }
    }
 
-   // "allow-unauthenticated" restores apts old fetching behaviour
-   // that means that e.g. unauthenticated file:// uris are higher
-   // priority than authenticated http:// uris
-   if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
-      Trusted = false;
-
    // Select a source
    if (QueueNext() == false && _error->PendingError() == false)
       _error->Error(_("I wasn't able to locate a file for the %s package. "
@@ -1757,6 +1751,8 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire
*Owner,pkgSourceList *Sources,
 bool pkgAcqArchive::QueueNext()
 {
    string const ForceHash = _config->Find("Acquire::ForceHash");
+   bool AllowUnauthenticated =
_config->FindB("APT::Get::AllowUnauthenticated",
+                                              false);
    for (; Vf.end() == false; ++Vf)
    {
       // Ignore not source sources
@@ -1766,11 +1762,15 @@ bool pkgAcqArchive::QueueNext()
       // Try to cross match against the source list
       pkgIndexFile *Index;
       if (Sources->FindIndex(Vf.File(),Index) == false)
-           continue;
+        continue;
       
       // only try to get a trusted package from another source if that
source
       // is also trusted
-      if(Trusted && !Index->IsTrusted()) 
+      // "AllowUnauthenticated" restores apts old fetching behaviour
+      // that means that e.g. unauthenticated file:// uris are higher
+      // priority than authenticated http:// uris - otherwise trusted
+      // packages can only be downloaded from trusted sources
+      if (Trusted && !Index->IsTrusted() && !AllowUnauthenticated)
         continue;
 
       // Grab the text package record
-- 
1.8.1.2


-----------------------------------------------------------

Regards,
Vadim Markovtsev.


-----Original Message-----
From: donk...@gmail.com [mailto:donk...@gmail.com] On Behalf Of David
Kalnischkies
Sent: Friday, September 20, 2013 9:37 PM
To: Markovtsev Vadim; 617...@bugs.debian.org;
617690-submit...@bugs.debian.org
Subject: Re: Bug#617690: [PATCH] Fix #617690
(APT::Get::AllowUnauthenticated=true always

Hi Vadim,

On Thu, Sep 19, 2013 at 3:25 PM, Markovtsev Vadim <v.markovt...@samsung.com>
wrote:
> I seem to fix this issue with the following patch:

The patch itself looks mostly fine by itself, but it breaks the ABI with a
new class-member and other frontends would need to be changed to use this
aswell to benefit from it (I presume aptitude and co has the same problem).

I haven't tested it myself, but does the following might work just aswell?
>From reading #335112 (<- the "Trusted=false" was added to fix it) I have the
impression that it is the actual intention.

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index
97b2d1e..49eadb7 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1736,12 +1736,6 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire
*Owner,pkgSourceList *Sources,
       }
    }

-   // "allow-unauthenticated" restores apts old fetching behaviour
-   // that means that e.g. unauthenticated file:// uris are higher
-   // priority than authenticated http:// uris
-   if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
-      Trusted = false;
-
    // Select a source
    if (QueueNext() == false && _error->PendingError() == false)
       _error->Error(_("I wasn't able to locate a file for the %s package. "
@@ -1767,10 +1761,13 @@ bool pkgAcqArchive::QueueNext()
       pkgIndexFile *Index;
       if (Sources->FindIndex(Vf.File(),Index) == false)
            continue;
-
-      // only try to get a trusted package from another source if that
source
-      // is also trusted
-      if(Trusted && !Index->IsTrusted())
+
+      // "allow-unauthenticated" restores apts old fetching behaviour
+      // that means that e.g. unauthenticated file:// uris are higher
+      // priority than authenticated http:// uris - otherwise trusted
+      // packages can only be downloaded from trusted sources
+      if (Trusted == true && Index->IsTrusted() == false &&
+           _config->FindB("APT::Get::AllowUnauthenticated",false) == 
+ false)
         continue;

       // Grab the text package record



Best regards

David Kalnischkies


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#617690: [PATCH] Fix #617690 (APT::Get::AllowUnauthenticated=true always

Reply via email to