summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-12-02Merge branch 'pu/patterns-phase2' into 'master'Julian Andres Klode
Pu/patterns phase2 See merge request apt-team/apt!85
2019-12-02Merge branch 'pu/netrc-https' into 'master'Julian Andres Klode
netrc: Restrict auth.conf data to https by default See merge request apt-team/apt!84
2019-12-02netrc: Restrict auth.conf entries to https by defaultJulian Andres Klode
This avoids downgrade attacks where an attacker could inject Location: http://private.example/ and then (having access to raw data to private.example, for example, by opening a port there, or sniffing network traffic) read the credentials for the private repository. Closes: #945911
2019-11-27Remove failed trusted signature instead of index on IMS hitDavid Kalnischkies
While passing the combi Release and Release.gpg to the gpgv method for verification the filename of Release is placed where usually Release.gpg is assumed in the rest of the code. The "usual" cases like passing verification and failing verification ending in an error are taking care of this, but the code path dealing with a failed verification, but ignoring said failure (e.g. due to trusted=yes) was not which results in the wrong file being removed later on (in case the index happens to be unmodified since the last update call) leading us into the abyss of strange failures (fixed in the previous commit) were nothing should have changed. This is not a security issue in this form as the repository needs to fail verification & the user forcing apt to ignore the failure and carry on anyhow. It does show however how complicated the code and its various interconnected paths can become. Reported-By: Val "pinkieval" Lorentz on IRC
2019-11-27Use correct filename on IMS-hit reverify for indicesDavid Kalnischkies
If we have no old Release file, but old indices we can't compare hashsums with the new Release file and hence must request the indices again and have to react to IMS hits if they didn't change. We used to symlink the old index file to the partial directory, but that usually meant that we linked an uncompressed file to a compressed file, which not all uncompressors can deal with transparently resulting in strange failures. We could do without the symlink, but that would require changes in the codepaths dealing with failure as they would rename the file to FAILED.
2019-11-26Fix skip-bug-601016-description-translation testDavid Kalnischkies
Skipped tests do not age very well as changes to the infrastructure go by unnoticied. In this case we are fetching Translation files now differently meaning only if mentioned in Release file, which broke this test. As it makes use of LC_ALL and utf8 locales it can't really be reenabled, but it might be able to serve as an example for others and hence at least deserves being fixed. Gbp-Dch: Ignore
2019-11-26Fix some style warnings from cppcheckDavid Kalnischkies
Unused variable, std::algorithms instead of raw for-loops. There should be no observeable difference in behaviour. Reported-By: cppcheck Gbp-Dch: Ignore
2019-11-26German manpage translation updateChris Leick
2019-11-26patterns: Add ?sectionJulian Andres Klode
2019-11-26patterns: Add ?all-versionsJulian Andres Klode
2019-11-26patterns: Implement ?narrow(...), as ?any-version(?and(...))Julian Andres Klode
This is pure syntactic sugar - ?narrow does not exist in the abstract syntax.
2019-11-26patterns: Add ?any-versionJulian Andres Klode
2019-11-25Merge branch 'fix-progressbar-size' into 'master'Julian Andres Klode
Fix progress bar width for multibyte charsets See merge request apt-team/apt!81
2019-11-25Fix progress bar width for multibyte charsetsАлексей Шилин
When using locale in which symbols occupy more than 1 byte (for example, ru_RU.UTF-8), the progress bar width was calculated incorrectly because std::string::size() returns the number of bytes rather than the number of actual characters. Use the newly introduced APT::String::DisplayLength() to calculate the width instead.
2019-11-25strutl: Add APT::String::DisplayLength() functionАлексей Шилин
Returns string length, but unlike std::string::size() it honors multibyte characters. This allows to properly calculate visible sizes of console messages.
2019-11-25patterns: Add ?originJulian Andres Klode
2019-11-25patterns: Add ?archiveJulian Andres Klode
2019-11-25patterns: Add ?source-name and ?source-versionJulian Andres Klode
2019-11-25patterns: Add ?versionJulian Andres Klode
2019-11-25patterns: Add base class for regular expression matchingJulian Andres Klode
2019-11-25Merge branch 'readme-anonscm' into 'master'Julian Andres Klode
README.md: fix dead anonscm link See merge request apt-team/apt!78
2019-11-25Merge branch 'search-in-all-translations' into 'master'Julian Andres Klode
Search in all available description translations See merge request apt-team/apt!79
2019-11-25Search in all available description translationsАлексей Шилин
When multiple translations of package descriptions are available, perform search in all of them. It allows using search patterns in any of the configured languages. Previously, only the first available translation was searched. As the result, patterns in e.g. English never matched packages which had their descriptions translated into local language. Closes: #490000
2019-10-30README.md: fix dead anonscm linkAnatoly Borodin
https://anonscm.debian.org/git/apt/apt.git/tree/doc/style.txt is not available anymore.
2019-09-27Parse 'show' arguments for the 'info' alias as wellJulian Andres Klode
We recently made info an alias for show, but we did not change the command-line parser to work around it. LP: #1843812
2019-09-19Release 1.9.4Julian Andres Klode
2019-09-19Fix use of GTest to adjust for GTest 1.9Julian Andres Klode
GTest 1.9 uses a variable defined in the parent directory, thus failing to configure. Configure the project in the parent directory instead.
2019-09-19Pass --abort-after=1 to dpkg when using --force-dependsJulian Andres Klode
Using --force-depends causes dpkg to continue removing packages a package depends upon even if that package fails to be removed, because dpkg turns off all sanity checks. So we gotta tell dpkg to stop immediately if there's an error removing stuff. Closes: #935910 LP: #1844634
2019-08-22srvrec: Use re-entrant resolver functionsJulian Andres Klode
This should probably make those functions thread-safe, which might be useful for some external users.
2019-08-22apt.systemd.daily: Do not numerically check if intervals equal 0Julian Andres Klode
Commit 1d9e29c9e2a5591b42a99a721b901fc003ed9149 added support for suffixes to to intervals, but did not adjust the code to actually support them by replacing -eq with =. LP: #1840995
2019-08-21CMake: Produce a fatal error if triehash could not be foundJulian Andres Klode
2019-08-21CMake: Pass -Werror=return-type to gccJulian Andres Klode
In C++, this warns about not returning in a function not returning void, which is undefined behavior and causes weird crashes. Make it an error.
2019-08-19Release 1.9.3Julian Andres Klode
2019-08-19doc/po4a: Fixup location of translated apt-patterns(7) xmlJulian Andres Klode
2019-08-19Merge branch 'pu/patterns' into 'master'Julian Andres Klode
Package patterns See merge request apt-team/apt!74
2019-08-19patterns: Allow more complex wordsJulian Andres Klode
Only disallow ,() and on the start of a word also ~ and ?. Make sure to include \0 as disallowed.
2019-08-15patterns: Improve error reporting at end of argument listJulian Andres Klode
2019-08-15Add ?virtual patternJulian Andres Klode
This matches any package that does not have versions.
2019-08-15Add the ?exact-name patternJulian Andres Klode
The ?exact-name pattern matches the name exactly, there is no substring matching going on, or any regular expression or fnmatch magic.
2019-08-15Add ?essential patternJulian Andres Klode
This matches all packages where at least one of the versions is marked essential; or well, whenver apt considers a package essential.
2019-08-15Add ?broken patternJulian Andres Klode
This matches all packages that have broken dependencies in the installed version or the version selected for install.
2019-08-15Add ?config-files and ?installed patternsJulian Andres Klode
These two are mutually exclusive states of installed-ness. And ?installed package is fully unpacked and configured; a ?config-files package only has config files left.
2019-08-15Add ?obsolete and ?upgradable patternsJulian Andres Klode
These match packages that have no version in a repository, or where an upgrade is available. Notably, ?and(?obsolete,?upgradable) == ?false because an upgradable package is by definition not obsolete.
2019-08-15Add ?automatic and ?garbage patternsJulian Andres Klode
These patterns allow you to identify automatically installed packages, as well as automatically installed packages that are no longer reachable from the manually installed ones.
2019-08-15Add patterns for the existing CacheFilter::Matcher classesJulian Andres Klode
This implements the basic logic patterns: ?and ?false ?not ?or ?true and the basic package patterns: ?architecture ?name ?x-name-fnmatch
2019-08-15Add pattern tree parser infra and connect with cacheset and apt listJulian Andres Klode
This adds a transformation from parse tree into a CacheFilter and connects it with cachesets and the apt list command.
2019-08-15doc: Add apt-patterns(7) manual pageJulian Andres Klode
This does not describe much yet, as there's not much to talk about.
2019-08-15Add initial support for parsing patterns into parse treesJulian Andres Klode
Introduce a parser for patterns that generates a parse tree. The language understood by the parser is: pattern = '?'TERM | '?'TERM '(' pattern (',' pattern)* ','? ')' | WORD | QUOTED-WORD TERM = [0-9a-zA-Z-] WORD = [0-9a-ZA-Z-.*^$\[\]_\\] QUOTED_WORD = "..." # you know what I mean This language is context free, which is a massive simplification from aptitude's language, where ?foo(bar) could have two different meanings depending on whether ?foo takes an argument or not.
2019-08-15Merge branch 'master' into 'master'Julian Andres Klode
Fix segfault in pkgAcquire::Enqueue() with Acquire::Queue-Mode=access See merge request apt-team/apt!73
2019-08-15test: Use valgrind to ensure Acquire::Queue-Mode=access does not crashJulian Andres Klode
Unfortunately for us, apt update with Acquire::Queue-Mode=access does not always crash on a real system, so run the whole thing in valgrind.