summaryrefslogtreecommitdiff
path: root/apt-pkg/acquire-item.cc
AgeCommit message (Collapse)Author
2012-03-06* apt-pkg/acquire-item.cc:Michael Vogt
- remove 'old' InRelease file if we can't get a new one before proceeding with Release.gpg to avoid the false impression of a still trusted repository by a (still present) old InRelease file. Thanks to Simon Ruderich for reporting this issue! (CVE-2012-0214)
2011-08-22* apt-pkg/acquire-item.cc:David Kalnischkies
- if no Release.gpg file is found try to verify with hashes, but do not fail if a hash can't be found
2011-08-15merged fixes from lp:~mvo/apt/mvoMichael Vogt
2011-08-11cppcheck complains about some possible speed improvements which could beDavid Kalnischkies
done on the mirco-optimazation level, so lets fix them: (performance) Possible inefficient checking for emptiness. (performance) Prefer prefix ++/-- operators for non-primitive types.
2011-08-08fix crash when P.Arch() was used but the cache got remappedMichael Vogt
2011-08-08apt-pkg/acquire-item.cc: add more debug outputMichael Vogt
2011-08-05* test/integration/test-hashsum-verification:Michael Vogt
- add regression test for hashsum verification * apt-pkg/acquire-item.cc: - if no Release.gpg file is found, still load the hashes for verification (closes: #636314) and add test
2011-08-05* apt-pkg/acquire-item.cc:Michael Vogt
- if no Release.gpg file is found, still load the hashes for verification (closes: #636314) and add test
2011-07-01apt-pkg/acquire-item.cc: improve error message for valid-untilMichael Vogt
2011-05-31apt-pkg/acquire-item.cc: only test packages file for correctness if its not ↵Michael Vogt
empty (its ok to have empty packages files)
2011-05-30Reject files known to be invalid (LP: #346386) (Closes: #627642)Julian Andres Klode
2011-05-30apt-pkg/acquire-item.cc: Reject files known to be invalid (LP: #346386) ↵Julian Andres Klode
(Closes: #195301) This commit deals with the following cases: - First section of index file (Packages,Sources,Translation) without Package field - Signed release files without GPG data (NODATA) - i18n/Index files without hash sums Handling unsigned Release files is more complicated, and the example code using indexRecords is disabled as it can reject correct Release files without hashes. How we can reliably check unsigned Release files is another question, and not urgent anyway, as it should have no dramatic effect (we could check that it is a valid RFC-822 section, but that's a bit too long to write)
2011-04-26* apt-pkg/acquire-item.cc:Ben Finney
- apply fix for poorly worded 'locate file' error message from Ben Finney, thanks! (Closes: #623171)
2011-04-16apt-pkg/acquire-item.cc: Only try to rename existing Release files (Closes: ↵Julian Andres Klode
#622912)
2011-04-08* apt-pkg/acquire-item.cc:Julian Andres Klode
- Use Release files even if they cannot be verified (LP: #704595)
2011-04-04merged from lp:~donkult/apt/sidMichael Vogt
2011-04-02apt-pkg/acquire-item.cc: Use stat buffer if stat was0.8.13.1Julian Andres Klode
successful, not if it failed (Closes: #620546)
2011-03-16* apt-pkg/vendor.cc, apt-pkg/vendorlist.cc:David Kalnischkies
- mark them as deprecated as they are unused
2011-03-14apt-pkg/acquire-item.cc: add some more missing Fail-IgnoreMichael Vogt
2011-03-14apt-pkg/acquire-item.{cc,h}: mark InRelease with Fail-Ignore to ensure the ↵Michael Vogt
mirror methods does not retry on each mirror
2011-03-11* apt-pkg/acquire-item.cc:Michael Vogt
- mark pkgAcqIndexTrans as Index-File to avoid asking the user to insert the CD on each apt-get update
2011-02-08merged from lp:~donkult/apt/sidMichael Vogt
2011-01-28 - download and use i18n/Index to choose which Translations to downloadDavid Kalnischkies
* apt-pkg/aptconfiguration.cc: - remove the inbuilt Translation files whitelist
2011-01-26 - change the internal handling of Extensions in pkgAcqIndexDavid Kalnischkies
- add a special uncompressed compression type to prefer those files * methods/{gzip,bzip}.cc: - print a good error message if FileSize() is zero
2011-01-20 - try downloading clearsigned InRelease before trying Release.gpgDavid Kalnischkies
* apt-pkg/deb/deblistparser.cc: - rewrite LoadReleaseInfo to cope with clearsigned Releasefiles
2011-01-15* methods/rred.cc:David Kalnischkies
- operate optional on gzip compressed pdiffs * apt-pkg/acquire-item.cc: - don't uncompress downloaded pdiff files before feeding it to rred
2010-09-09Fix missing space after dot in a message from apt-pkgbubulle@debian.org
Translations unfuzzied. Thanks to Holger Wansing.
2010-09-09* apt-pkg/acquire-item.cc:David Kalnischkies
- use also unsigned Release files again (Closes: #596189)
2010-08-21* apt-pkg/acquire-item.cc:David Kalnischkies
- don't use ReadOnlyGzip mode for PDiffs as this mode doesn't work in combination with the AddFd methods of our hashclasses Add also 2 testcases: one to test pdiffs in general and one to test the handling of compressed indexes.
2010-07-11mark all "Hash Sum mismatch" strings as translateableDavid Kalnischkies
2010-07-11[ Martin Pitt ]David Kalnischkies
* debian/rules: - Make DEB_BUILD_OPTIONS=noopt actually work by passing the right CXXFLAGS. * apt-pkg/contrib/fileutl.{h,cc}: - Add support for reading of gzipped files with the new "ReadOnlyGzip" OpenMode. (Closes: #188407) - Link against zlib (in apt-pkg/makefile) and add zlib build dependency. - [ABI BREAK] This adds a new private member to FileFd, but its initialization is in the public header file. * configure.in: - Check for zlib library and headers. * apt-pkg/acquire-item.cc, apt-pkg/deb/debindexfile.cc, apt-pkg/deb/debrecords.cc, apt-pkg/deb/debsrcrecords.h, cmdline/apt-cache.cc: - Open Packages, Sources, and Translations indexes in "ReadOnlyGzip" mode. * apt-pkg/deb/debindexfile.cc: - If we do not find uncompressed package/source/translation indexes, look for gzip compressed ones. * apt-pkg/acquire-item.cc: - If the Acquire::GzipIndexes option is true and we download a gzipped index file, keep it as it is (and rename to .gz) instead of uncompressing it. * doc/apt.conf.5.xml: - Document the new Acquire::GzipIndexes option. * doc/po/apt-doc.pot, doc/po/de.po: - German translation of new Acquire::GzipIndexes option. * Add test/test-indexes.sh: - Test behaviour of index retrieval and usage, in particular with uncompressed and gzip compressed indexes. * methods/gzip.cc: With FileFd now being able to read gzipped files, there is no need for the gzip method any more to spawn an external gzip process. Rewrite it to use FileFd directly, which makes the code a lot simpler, and also using less memory and overhead.
2010-06-24apt-pkg/acquire-item.cc: Fix handling of local (file:/) sourcesmartin@piware.de
2010-06-24Switch FileFd to not transparently gunzip, since that breaks code which ↵martin@piware.de
expects the compressed contents to stay (such as the copy backend, or when using file:// repositories. Instead, introduce a new ReadOnlyGzip mode and use that where needed
2010-06-17pkgAcqIndex::Done(): If we have an IMS-Hit, also rename the destination file ↵martin@piware.de
in GzipIndexes mode, to avoid it being cleaned
2010-06-11* apt-pkg/acquire-item.cc:martin@piware.de
- Fix return value of pkgAcqFile::Custom600Headers() in the non-index case, to avoid returning NULL and causing crashers in callers. This also fixes a compiler warning.
2010-06-11Fix compressed index retrieval for current timestampsmartin@piware.de
Fix a thinko in r1973, which did the Acquire::GzipIndexes test ealier than the IMS-Hit test. This led to rename errors.
2010-06-10* apt-pkg/acquire-item.cc:martin@piware.de
- If the Acquire::GzipIndexes option is true and we download a gzipped index file, keep it as it is (and rename to .gz) instead of uncompressing it.
2010-06-09sent Last-Modified header also for Translation filesDavid Kalnischkies
2010-06-09merged from lp:~donkult/apt/sidMichael Vogt
2010-06-09merge lp:~mvo/apt/ubuntu-mirror-method-improvementsMichael Vogt
2010-06-09* merge the remaining Ubuntu change:Michael Vogt
- on gpg verification failure warn and restore the last known good state - on failure display the IP of the server (useful for servers that use round robin DNS) - support Original-Maintainer in RewritePackageOrder - enable cdrom autodetection via libudev by default - show messsage about Vcs in use when apt-get source is run for packages maintained in a Vcs - better support transitional packages with mark auto-installed. when the transitional package is in "oldlibs" the new package is not marked auto installed (same is true for section metapackages) - provide new "deb mirror://archive.foo/mirrors.list sid main" method expects a list of mirrors (generated on the server e.g. via geoip) and will use that, including cycle on failure - write apport crash file on package failure (disabled by default on debian until apport is available) - support mirror failure reporting (disabled by default on debian)
2010-06-09 - backport forgotten Valid-Until patch from the obsolete experimentalDavid Kalnischkies
branch to prevent replay attacks better, thanks to Thomas Viehmann for the initial patch! (Closes: #499897) * doc/apt.conf.5.xml: - document the new Valid-Until related options * apt-pkg/contrib/strutl.cc: - split StrToTime() into HTTP1.1 and FTP date parser methods and use strptime() instead of some self-made scanf mangling - use the portable timegm shown in his manpage instead of a strange looking code copycat from wget * ftparchive/writer.cc: - add ValidTime option to generate a Valid-Until header in Release file
2010-06-08enhance the Valid-Until code a bit by using the correct RFC1123StrToTimeDavid Kalnischkies
method and allow for better translations of the error messages
2010-06-08* apt-pkg/indexrecords.cc:David Kalnischkies
- backport forgotten Valid-Until patch from the obsolete experimental branch to prevent replay attacks better, thanks to Thomas Viehmann for the initial patch! (Closes: #499897)
2010-06-02implement Fail-Ignore bool in FetchItem that tells the method that a failure ↵Michael Vogt
of this item is ok and does not need to be tried on all mirrors
2010-05-29* apt-pkg/indexrecords.{cc,h}:David Kalnischkies
- add a constant Exists check for MetaKeys * apt-pkg/acquire-item.cc: - do not try PDiff if it is not listed in the Meta file
2010-05-04fix compiler warning: reaching end of non-void methodDavid Kalnischkies
2010-05-04merge from the debian-sid branchDavid Kalnischkies
2010-05-04merge from the mvo branchMichael Vogt
2010-04-28* [ Abi break ] apt-pkg/acquire-item.{cc,h}:Michael Vogt
- add "IsIndexFile" to constructor of pkgAcqFile so that it sends the right cache control headers