| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-10-07 | fixup foldmarkers in acquire-item.cc | David Kalnischkies | |
| Git-Dch: Ignore | |||
| 2014-10-06 | fix warnings | Michael Vogt | |
| 2014-10-06 | rename StopAuthentication -> CheckStopAuthentication and make it protected | Michael Vogt | |
| 2014-10-06 | rename AuthDone() -> CheckAuthDone() | Michael Vogt | |
| 2014-10-06 | cleanup pkgAcq*::Failed() | Michael Vogt | |
| 2014-10-06 | add missing TransactionStageCopy() in pkgAcqDiffIndex::Done() | Michael Vogt | |
| 2014-10-06 | Rework pkgAcqMeta{Index,Sig,ClearSig}::Done() for readability | Michael Vogt | |
| Move common code out but do not use subclassing for ::Done to make it easier to understand what each class is doing when its done | |||
| 2014-10-06 | fix incorrect docstrings for ↵ | Michael Vogt | |
| AcqMetaBase::TransactionStageRemoval/AcqMetaBase::TransactionStageCopy | |||
| 2014-10-06 | add new "SetActiveSubprocess() | Michael Vogt | |
| 2014-10-03 | really do not download Release if InRelease does not verify | Michael Vogt | |
| 2014-10-02 | cleanup around pkgAcqMetaSig and improved tests | Michael Vogt | |
| 2014-10-02 | add a bunch of docstrings etc | Michael Vogt | |
| 2014-10-02 | fix crash | Michael Vogt | |
| 2014-10-02 | donkults fixes | Michael Vogt | |
| 2014-10-02 | Cleanup pkgAcqIndex | Michael Vogt | |
| 2014-10-01 | refactor and add pkgAcqIndex::ValidateFile() | Michael Vogt | |
| 2014-10-01 | fix leftover files from Acquire::GzipIndex | Michael Vogt | |
| 2014-10-01 | hack around test-apt-update-unauth failure | Michael Vogt | |
| 2014-10-01 | update test/integration/test-releasefile-verification | Michael Vogt | |
| 2014-10-01 | Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories} | Michael Vogt | |
| The configuration key Acquire::AllowInsecureRepositories controls if apt allows loading of unsigned repositories at all. The configuration Acquire::AllowDowngradeToInsecureRepositories controls if a signed repository can ever become unsigned. This should really never be needed but we provide it to avoid having to mess around in /var/lib/apt/lists if there is a use-case for this (which I can't think of right now). | |||
| 2014-10-01 | add verify for the .diff/Index download and add FIXME for ↵ | Michael Vogt | |
| pkgAcqIndexDiffs/pkgAcqMergeDiffs | |||
| 2014-09-29 | cleanup | Michael Vogt | |
| 2014-09-29 | fix DestFile ext | Michael Vogt | |
| 2014-09-29 | refactor | Michael Vogt | |
| 2014-09-29 | Adjust DestFile in ReverifyAfterIMS() to not include compr Extension | Michael Vogt | |
| 2014-09-29 | Merge remote-tracking branch 'upstream/debian/experimental' into ↵ | Michael Vogt | |
| feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/gpgv.cc | |||
| 2014-09-29 | Merge branch 'debian/sid' into debian/experimental | Michael Vogt | |
| Conflicts: apt-pkg/acquire-item.cc | |||
| 2014-09-28 | replace c-string Mode with c++-string ActiveSubprocess | David Kalnischkies | |
| A long-lasting FIXME in the acquire code points out the problem that we e.g. for decompressors assign c-string representations of c++-strings to the Mode variable, which e.g. cppcheck points out as very bad. In practice, nothing major happens as the c++-strings do not run out of scope until Mode would do, but that is bad style and fragile, so the obvious proper fix is to use a c++ string for storage to begin with. The slight complications stems from the fact that progress reporting code in frontends potentially uses Mode and compares it with NULL, which can't be done with std::string, so instead of just changing the type we introduce a new variable and deprecate the old one. Git-Dch: Ignore | |||
| 2014-09-26 | test fixes | Michael Vogt | |
| 2014-09-26 | Do not allow going from authenticated to unauthenticated repo | Michael Vogt | |
| Also rework the way we load the Release file, so it only after Release.gpg verified the Release file. The rational is that we never want to load untrusted data into our parsers. Only stuff verified with gpg or by its hashes get loaded. To load untrusted data you now need to use apt-get update --allow-unauthenticated. | |||
| 2014-09-26 | Print warning for unauthenticated repositories | Michael Vogt | |
| 2014-09-26 | Do not download Packages/Sources files on I-M-S hit of the Release file | Michael Vogt | |
| With this branch we know that the data in the lists directory is always what the release file says, so if the Release file is unchanged, then there is no need to queue the download of the other indexfiles as they will be unchanged too (or broken :) | |||
| 2014-09-26 | Merge remote-tracking branch 'donkult/feature/generalize-gzipindex' into ↵ | Michael Vogt | |
| debian/sid | |||
| 2014-09-25 | Remove check for "Translation-" from pkgAcqIndex::Custom600Headers() | Michael Vogt | |
| This unneeded because pkgAcqIndexTrans has its own Custom600Headers() method. | |||
| 2014-09-23 | make pdiff transactional (but at the cost of a CopyFile() | Michael Vogt | |
| 2014-09-23 | cleanup, fix test-apt-update-unauth as the behavior of apt changed | Michael Vogt | |
| 2014-09-23 | cleanup | Michael Vogt | |
| 2014-09-23 | fix one broken test | Michael Vogt | |
| 2014-09-23 | Merge remote-tracking branch 'upstream/debian/experimental' into ↵ | Michael Vogt | |
| feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/copy.cc test/integration/test-hashsum-verification | |||
| 2014-09-23 | fix tests | Michael Vogt | |
| 2014-09-23 | Merge branch 'debian/sid' into debian/experimental | Michael Vogt | |
| Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/cachefilter.h configure.ac debian/changelog | |||
| 2014-09-21 | Fix regression for cdrom: sources from latest security update | Michael Vogt | |
| Skip a reverify for cdrom: sources. The reverify step is actually harmful here because the apt-cdrom add code uses the indexcopy.cc which will "normalize" the Packages file from the cdrom when it writes it to the local disk. This leads to changing the "MD5sum" field (notice the lower case "s") on the cdrom Packages file to a "MD5Sum" field on the local file in /var/lib/apt/lists. Which of course alters the hash and makes apt fail to reverify the file. | |||
| 2014-09-21 | generalize Acquire::GzipIndex | Michael Vogt | |
| 2014-09-17 | improve test for commit daff4a | Michael Vogt | |
| 2014-09-17 | Fix regression for file:/// uris from CVE-2014-0487 | Michael Vogt | |
| Do not run ReverifyAfterIMS() for local file URIs as this will causes apt to mess around in the file:/// uri space. This is wrong in itself, but it will also cause a incorrect verification failure when the archive and the lists directory are on different partitions as rename(). | |||
| 2014-09-17 | fix gcc warnings | Michael Vogt | |
| 2014-09-17 | use pkgAcqMetaBase as the transactionManager | Michael Vogt | |
| 2014-09-16 | SECURITY UPDATE for CVE-2014-{0488,0487,0489} | Michael Vogt | |
| incorrect invalidating of unauthenticated data (CVE-2014-0488) incorect verification of 304 reply (CVE-2014-0487) incorrect verification of Acquire::Gzip indexes (CVE-2014-0489) | |||
| 2014-09-16 | remove pkgAcqSubIndex | Michael Vogt | |
| 2014-09-05 | Merge remote-tracking branch 'upstream/debian/experimental' into ↵ | Michael Vogt | |
| feature/acq-trans | |||
 |
index : apt.git | |
| Saurik's version of apt managed for tvOS/ARM64 | Sam Bingner |
| summaryrefslogtreecommitdiff |