* apt-pkg/acquire-item.cc:

  - if no Release.gpg file is found try to verify with hashes,
    but do not fail if a hash can't be found

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 566f516..39ce90d 100644 (file)
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1258,9 +1258,9 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash, /*{{{*
       if (SigFile == "")
       {
          // There was no signature file, so we are finished.  Download
-         // the indexes and do only hashsum verification
+         // the indexes and do only hashsum verification if possible
          MetaIndexParser->Load(DestFile);
-         QueueIndexes(true);
+         QueueIndexes(false);
       }
       else
       {
@@ -1378,33 +1378,30 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)                         /*{{{*/
         ++Target)
    {
       HashString ExpectedIndexHash;
-      if (verify)
+      const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
+      if (Record == NULL)
       {
-        const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
-        if (Record == NULL)
+        if (verify == true && (*Target)->IsOptional() == false)
         {
-           if ((*Target)->IsOptional() == false)
-           {
-              Status = StatAuthError;
-              strprintf(ErrorText, _("Unable to find expected entry '%s' in Release file (Wrong sources.list entry or malformed file)"), (*Target)->MetaKey.c_str());
-              return;
-           }
+           Status = StatAuthError;
+           strprintf(ErrorText, _("Unable to find expected entry '%s' in Release file (Wrong sources.list entry or malformed file)"), (*Target)->MetaKey.c_str());
+           return;
         }
-        else
+      }
+      else
+      {
+        ExpectedIndexHash = Record->Hash;
+        if (_config->FindB("Debug::pkgAcquire::Auth", false))
         {
-           ExpectedIndexHash = Record->Hash;
-           if (_config->FindB("Debug::pkgAcquire::Auth", false))
-           {
-              std::cerr << "Queueing: " << (*Target)->URI << std::endl;
-              std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
-              std::cerr << "For: " << Record->MetaKeyFilename << std::endl;
-           }
-           if (ExpectedIndexHash.empty() == true && (*Target)->IsOptional() == false)
-           {
-              Status = StatAuthError;
-              strprintf(ErrorText, _("Unable to find hash sum for '%s' in Release file"), (*Target)->MetaKey.c_str());
-              return;
-           }
+           std::cerr << "Queueing: " << (*Target)->URI << std::endl;
+           std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
+           std::cerr << "For: " << Record->MetaKeyFilename << std::endl;
+        }
+        if (verify == true && ExpectedIndexHash.empty() == true && (*Target)->IsOptional() == false)
+        {
+           Status = StatAuthError;
+           strprintf(ErrorText, _("Unable to find hash sum for '%s' in Release file"), (*Target)->MetaKey.c_str());
+           return;
         }
       }
 

diff --git a/debian/changelog b/debian/changelog
index 137e3a7..eea258c 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -14,8 +14,11 @@ apt (0.8.15.7) UNRELEASED; urgency=low
   * cmdline/apt-get.cc:
     - remove the binary caches in 'apt-get clean' as it is the first
       thing recommend by many supporters in case of APT segfaults
+  * apt-pkg/acquire-item.cc:
+    - if no Release.gpg file is found try to verify with hashes,
+      but do not fail if a hash can't be found
 
- -- David Kalnischkies <kalnischkies@gmail.com>  Thu, 18 Aug 2011 11:41:31 +0200
+ -- David Kalnischkies <kalnischkies@gmail.com>  Mon, 22 Aug 2011 22:50:44 +0200
 
 apt (0.8.15.6) unstable; urgency=low