Hi!

On Tue, 2013-07-30 at 23:30:41 +0200, Guillem Jover wrote:
> Package: apt-zip
> Version: 0.18
> Severity: important

> This package contains some code to verify .deb files in the wget
> method, but it only handles data.tar.gz deb members, it's at least
> missing support, as documented in deb(5), for:
> 
>   data.tar
>   data.tar.bz2
>   data.tar.xz
>   data.tar.lzma (deprecated)
> 
> So the check function should be updated to cope with packages that
> exist in the wild.

Ok, here is a tentative untested patch. The current deb-format
support in various tools is being tracked at
<https://wiki.debian.org/Teams/Dpkg/DebSupport>.

Thanks,
Guillem
diff -Nru apt-zip-0.18/debian/changelog apt-zip-0.18+nmu1/debian/changelog
--- apt-zip-0.18/debian/changelog	2008-02-01 08:18:33.000000000 +0100
+++ apt-zip-0.18+nmu1/debian/changelog	2014-08-03 10:59:53.000000000 +0200
@@ -1,3 +1,10 @@
+apt-zip (0.18+nmu1) UNRELEASED; urgency=low
+
+  * Non-maintainer upload.
+  * Add support for data.tar, data.tar.xz, data.tar.bz2 and data.tar.lzma.
+
+ -- Guillem Jover <[email protected]>  Sun, 03 Aug 2014 10:59:35 +0200
+
 apt-zip (0.18) unstable; urgency=medium
   
   * Use sha256 instead of md5 for checksum, as in apt 0.7.7.
diff -Nru apt-zip-0.18/methods/wget apt-zip-0.18+nmu1/methods/wget
--- apt-zip-0.18/methods/wget	2008-02-01 07:54:37.000000000 +0100
+++ apt-zip-0.18+nmu1/methods/wget	2014-08-03 10:56:57.000000000 +0200
@@ -38,11 +38,39 @@
 	        then return 0
 	        else err \$1 "wrong checksum"; return 1
 	        fi
-	    [ "\`type gzip\`" ] &&
-	        if ar p \$1 data.tar.gz | gzip -t
+	    case "\`ar t \$1 | grep data\\.tar\`" in
+	    data.tar)
+	        if ar p \$1 data.tar | tar -t >/dev/null
 	        then return 0
 	        else err \$1 "wrong contents"; return 1
 	        fi
+	    data.tar.gz)
+	        [ "\`type gzip\`" ] &&
+	            if ar p \$1 data.tar.gz | gzip -t
+	            then return 0
+	            else err \$1 "wrong contents"; return 1
+	            fi
+	    data.tar.xz)
+	        [ "\`type xz\`" ] &&
+	            if ar p \$1 data.tar.xz | xz -t
+	            then return 0
+	            else err \$1 "wrong contents"; return 1
+	            fi
+	    data.tar.bz2)
+	        [ "\`type bzip2\`" ] &&
+	            if ar p \$1 data.tar.bz2 | bzip2 -t
+	            then return 0
+	            else err \$1 "wrong contents"; return 1
+	            fi
+	    data.tar.lzma)
+	        [ "\`type xz\`" ] &&
+	            if ar p \$1 data.tar.lzma | xz -t
+	            then return 0
+	            else err \$1 "wrong contents"; return 1
+	            fi
+	    *)
+	        err \$1 "wrong contents"; return 1
+	    esac
 	    return \$3
 	}
 EOF

Reply via email to