From a0970d07204e0ab97df63f782e1ff49cc94659fe Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Fri, 25 Apr 2014 23:53:56 -0400 Subject: [PATCH] when adding a repo with fingerprint, make sure to store the pubkey The logic here is crufty, so I slapped a flag in there to make sure that the pubkey gets stored when someone configures a repo and includes the fingerprint. When the fingerprint is set, it will first download the index.jar and verify it against that fingerprint. The logic for storing the pubkey permanently happens later in the XML parsing, so there needs to be a flag to signal to store the pubkey in this case. Before the flow was always index.xml -> get pubkey -> index.jar. Really, there should no longer be support for unsigned repos, then all of this stuff can be dramatically simplified. fixes #2924 https://dev.guardianproject.info/issues/2924 refs #2960 https://dev.guardianproject.info/issues/2960 --- src/org/fdroid/fdroid/updater/RepoUpdater.java | 12 +++++++++--- src/org/fdroid/fdroid/updater/SignedRepoUpdater.java | 1 + 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/org/fdroid/fdroid/updater/RepoUpdater.java b/src/org/fdroid/fdroid/updater/RepoUpdater.java index d961e26fb..486798154 100644 --- a/src/org/fdroid/fdroid/updater/RepoUpdater.java +++ b/src/org/fdroid/fdroid/updater/RepoUpdater.java @@ -43,6 +43,7 @@ abstract public class RepoUpdater { protected final Repo repo; private List apps = new ArrayList(); private List apks = new ArrayList(); + protected boolean usePubkeyInJar = false; protected boolean hasChanged = false; protected ProgressListener progressListener; @@ -230,9 +231,13 @@ abstract public class RepoUpdater { values.put(RepoProvider.DataColumns.LAST_ETAG, etag); } - // We read an unsigned index, but that indicates that - // a signed version is now available... - if (handler.getPubKey() != null && repo.pubkey == null) { + /* + * We read an unsigned index that indicates that a signed version + * is available. Or we received a repo config that included the + * fingerprint, so we need to save the pubkey now. + */ + if (handler.getPubKey() != null && + (repo.pubkey == null || usePubkeyInJar)) { // TODO: Spend the time *now* going to get the etag of the signed // repo, so that we can prevent downloading it next time. Otherwise // next time we update, we have to download the signed index @@ -241,6 +246,7 @@ abstract public class RepoUpdater { Log.d("FDroid", "Public key found - switching to signed repo for future updates"); values.put(RepoProvider.DataColumns.PUBLIC_KEY, handler.getPubKey()); + usePubkeyInJar = false; } if (handler.getVersion() != -1 && handler.getVersion() != repo.version) { diff --git a/src/org/fdroid/fdroid/updater/SignedRepoUpdater.java b/src/org/fdroid/fdroid/updater/SignedRepoUpdater.java index 9b5ef8b1e..f7ac7e805 100644 --- a/src/org/fdroid/fdroid/updater/SignedRepoUpdater.java +++ b/src/org/fdroid/fdroid/updater/SignedRepoUpdater.java @@ -31,6 +31,7 @@ public class SignedRepoUpdater extends RepoUpdater { String certdata = Hasher.hex(cert); if (repo.pubkey == null && repo.fingerprint.equals(Utils.calcFingerprint(cert))) { repo.pubkey = certdata; + usePubkeyInJar = true; } if (repo.pubkey != null && repo.pubkey.equals(certdata)) { match = true;