Bug#488424: should delete cached files that don't verify

To: 488424@bugs.debian.org
Cc: Joey Hess <joeyh@debian.org>
Subject: Bug#488424: should delete cached files that don't verify
From: Frans Pop <elendil@planet.nl>
Date: Mon, 30 Jun 2008 23:26:25 +0200
Message-id: <[🔎] 200806302326.34449.elendil@planet.nl>
Reply-to: 488424@bugs.debian.org, 488424@bugs.debian.org
In-reply-to: <[🔎] 20080628192629.GA7957@kodama.kitenet.net>
References: <[🔎] 20080628192629.GA7957@kodama.kitenet.net>

On Saturday 28 June 2008, Joey Hess wrote:
> If a Release file fails to verify because it is out of sync with the
> Release.gpg on one mirror, debootstrap will cache the file, and reuse
> it if it's run a second time, with a different mirror. Result is that
> the second mirror also appears to fail.
>
> debootstrap should delete cached files if they fail to verify. This
> may apply to downloaded debs, too.

What about something like the attached (untested) patch?

It ensures that both the Release and Release.gpg files are always 
downloaded.

AFAICT anything that is downloaded later gets checked using MD5SUMS or 
similar and old versions get deleted automatically if that is invalid.

Cheers,
FJP

Index: functions
===================================================================
--- functions	(revision 53808)
+++ functions	(working copy)
@@ -248,6 +248,7 @@
 
 get () {
 	# args: from dest [md5sum size] [alt {md5sum size type}]
+	# args: from dest nocache
 	local displayname
 	if [ "${2%.deb}" != "$2" ]; then
 		displayname="$(echo "$2" | sed 's,^.*/,,;s,_.*$,,')"
@@ -258,12 +259,15 @@
 	if [ -e "$2" ]; then
 		if [ "$3" = "" ]; then
 			return 0
-		fi
-		info VALIDATING "Validating %s" "$displayname"
-		if check_md5 "$2" "$3" "$4"; then
-			return 0
+		elif [ "$3" = nocache ]; then
+			rm -f "$2"
 		else
-			rm -f "$2"
+			info VALIDATING "Validating %s" "$displayname"
+			if check_md5 "$2" "$3" "$4"; then
+				return 0
+			else
+				rm -f "$2"
+			fi
 		fi
 	fi
 	if [ "$#" -gt 5 ]; then
@@ -441,7 +445,7 @@
 	if [ -n "$KEYRING" ]; then
 		progress 0 100 DOWNRELSIG "Downloading Release file signature"
 		progress_next 50
-		get "$m1/dists/$SUITE/Release.gpg" "$relsigdest" ||
+		get "$m1/dists/$SUITE/Release.gpg" "$relsigdest" nocache ||
 			error 1 NOGETRELSIG "Failed getting release signature file %s" \
 			"$m1/dists/$SUITE/Release.gpg"
 		progress 50 100 DOWNRELSIG "Downloading Release file signature"
@@ -460,7 +464,7 @@
 	local reldest="$TARGET/$($DLDEST rel "$SUITE" "$m1" "dists/$SUITE/Release")"
 	progress 0 100 DOWNREL "Downloading Release file"
 	progress_next 100
-	get "$m1/dists/$SUITE/Release" "$reldest" ||
+	get "$m1/dists/$SUITE/Release" "$reldest" nocache ||
 		error 1 NOGETREL "Failed getting release file %s" "$m1/dists/$SUITE/Release"
 
 	TMPCOMPONENTS="$(sed -n 's/Components: *//p' "$reldest")"

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Follow-Ups:
- Bug#488424: should delete cached files that don't verify
  - From: Joey Hess <joeyh@debian.org>

References:
- Bug#488424: should delete cached files that don't verify
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Bug#488267: Should add hostap modules
Next by Date: Bug#488267: Should add hostap modules
Previous by thread: Bug#488424: should delete cached files that don't verify
Next by thread: Bug#488424: should delete cached files that don't verify
Index(es):
- Date
- Thread