Age | Commit message (Collapse) | Author |
|
- add regression test for hashsum verification
* apt-pkg/acquire-item.cc:
- if no Release.gpg file is found, still load the hashes for
verification (closes: #636314) and add test
* apt-pkg/pkgcachegen.cc:
- fix incorrect comparision when checking sources.list freshness
|
|
|
|
|
|
- add regression test for hashsum verification
* apt-pkg/acquire-item.cc:
- if no Release.gpg file is found, still load the hashes for
verification (closes: #636314) and add test
|
|
- if no Release.gpg file is found, still load the hashes for
verification (closes: #636314) and add test
|
|
- cleanup around OptionalIndexTarget and SubIndexTarget
|
|
|
|
- try even harder to support really big files in the fetcher by
converting (hopefully) everything to 'long long' (Closes: #632271)
|
|
|
|
|
|
|
|
empty (its ok to have empty packages files)
|
|
|
|
(Closes: #195301)
This commit deals with the following cases:
- First section of index file (Packages,Sources,Translation) without Package field
- Signed release files without GPG data (NODATA)
- i18n/Index files without hash sums
Handling unsigned Release files is more complicated, and the example code
using indexRecords is disabled as it can reject correct Release files
without hashes. How we can reliably check unsigned Release files is
another question, and not urgent anyway, as it should have no
dramatic effect (we could check that it is a valid RFC-822 section,
but that's a bit too long to write)
|
|
- apply fix for poorly worded 'locate file' error message from
Ben Finney, thanks! (Closes: #623171)
|
|
#622912)
|
|
- Use Release files even if they cannot be verified (LP: #704595)
|
|
|
|
successful, not if it failed (Closes: #620546)
|
|
- mark them as deprecated as they are unused
|
|
|
|
mirror methods does not retry on each mirror
|
|
- mark pkgAcqIndexTrans as Index-File to avoid asking the
user to insert the CD on each apt-get update
|
|
|
|
|
|
* apt-pkg/aptconfiguration.cc:
- remove the inbuilt Translation files whitelist
|
|
- add a special uncompressed compression type to prefer those files
* methods/{gzip,bzip}.cc:
- print a good error message if FileSize() is zero
|
|
* apt-pkg/deb/deblistparser.cc:
- rewrite LoadReleaseInfo to cope with clearsigned Releasefiles
|
|
- operate optional on gzip compressed pdiffs
* apt-pkg/acquire-item.cc:
- don't uncompress downloaded pdiff files before feeding it to rred
|
|
Translations unfuzzied. Thanks to Holger Wansing.
|
|
- use also unsigned Release files again (Closes: #596189)
|
|
- don't use ReadOnlyGzip mode for PDiffs as this mode doesn't work
in combination with the AddFd methods of our hashclasses
Add also 2 testcases: one to test pdiffs in general and
one to test the handling of compressed indexes.
|
|
|
|
* debian/rules:
- Make DEB_BUILD_OPTIONS=noopt actually work by passing the right
CXXFLAGS.
* apt-pkg/contrib/fileutl.{h,cc}:
- Add support for reading of gzipped files with the new "ReadOnlyGzip"
OpenMode. (Closes: #188407)
- Link against zlib (in apt-pkg/makefile) and add zlib build dependency.
- [ABI BREAK] This adds a new private member to FileFd, but its
initialization is in the public header file.
* configure.in:
- Check for zlib library and headers.
* apt-pkg/acquire-item.cc, apt-pkg/deb/debindexfile.cc,
apt-pkg/deb/debrecords.cc, apt-pkg/deb/debsrcrecords.h,
cmdline/apt-cache.cc:
- Open Packages, Sources, and Translations indexes in "ReadOnlyGzip" mode.
* apt-pkg/deb/debindexfile.cc:
- If we do not find uncompressed package/source/translation indexes, look
for gzip compressed ones.
* apt-pkg/acquire-item.cc:
- If the Acquire::GzipIndexes option is true and we download a gzipped
index file, keep it as it is (and rename to .gz) instead of
uncompressing it.
* doc/apt.conf.5.xml:
- Document the new Acquire::GzipIndexes option.
* doc/po/apt-doc.pot, doc/po/de.po:
- German translation of new Acquire::GzipIndexes option.
* Add test/test-indexes.sh:
- Test behaviour of index retrieval and usage, in particular with
uncompressed and gzip compressed indexes.
* methods/gzip.cc: With FileFd now being able to read gzipped files, there
is no need for the gzip method any more to spawn an external gzip process.
Rewrite it to use FileFd directly, which makes the code a lot simpler, and
also using less memory and overhead.
|
|
|
|
expects the compressed contents to stay (such as the copy backend, or when using file:// repositories. Instead, introduce a new ReadOnlyGzip mode and use that where needed
|
|
in GzipIndexes mode, to avoid it being cleaned
|
|
- Fix return value of pkgAcqFile::Custom600Headers() in the non-index
case, to avoid returning NULL and causing crashers in callers. This also
fixes a compiler warning.
|
|
Fix a thinko in r1973, which did the Acquire::GzipIndexes test ealier than the
IMS-Hit test. This led to rename errors.
|
|
- If the Acquire::GzipIndexes option is true and we download a gzipped
index file, keep it as it is (and rename to .gz) instead of
uncompressing it.
|
|
|
|
|
|
|
|
- on gpg verification failure warn and restore the last known
good state
- on failure display the IP of the server (useful for servers
that use round robin DNS)
- support Original-Maintainer in RewritePackageOrder
- enable cdrom autodetection via libudev by default
- show messsage about Vcs in use when apt-get source is run for
packages maintained in a Vcs
- better support transitional packages with mark auto-installed.
when the transitional package is in "oldlibs" the new package
is not marked auto installed (same is true for section
metapackages)
- provide new "deb mirror://archive.foo/mirrors.list sid main"
method expects a list of mirrors (generated on the server e.g.
via geoip) and will use that, including cycle on failure
- write apport crash file on package failure (disabled by default
on debian until apport is available)
- support mirror failure reporting (disabled by default on debian)
|
|
branch to prevent replay attacks better, thanks to Thomas Viehmann
for the initial patch! (Closes: #499897)
* doc/apt.conf.5.xml:
- document the new Valid-Until related options
* apt-pkg/contrib/strutl.cc:
- split StrToTime() into HTTP1.1 and FTP date parser methods and
use strptime() instead of some self-made scanf mangling
- use the portable timegm shown in his manpage instead of a strange
looking code copycat from wget
* ftparchive/writer.cc:
- add ValidTime option to generate a Valid-Until header in Release file
|
|
method and allow for better translations of the error messages
|
|
- backport forgotten Valid-Until patch from the obsolete experimental
branch to prevent replay attacks better, thanks to Thomas Viehmann
for the initial patch! (Closes: #499897)
|
|
of this item is ok and does not need to be tried on all mirrors
|
|
- add a constant Exists check for MetaKeys
* apt-pkg/acquire-item.cc:
- do not try PDiff if it is not listed in the Meta file
|
|
|