summaryrefslogtreecommitdiff
path: root/apt-pkg/acquire-item.h
AgeCommit message (Collapse)Author
2014-10-07use _apt:root only for partial directoriesDavid Kalnischkies
Using a different user for calling methods is intended to protect us from methods running amok (via remotely exploited bugs) by limiting what can be done by them. By using root:root for the final directories and just have the files in partial writeable by the methods we enhance this in sofar as a method can't modify already verified data in its parent directory anymore. As a side effect, this also clears most of the problems you could have if the final directories are shared without user-sharing or if these directories disappear as they are now again root owned and only the partial directories contain _apt owned files (usually none if apt isn't running) and the directory itself is autocreated with the right permissions.
2014-10-06rename StopAuthentication -> CheckStopAuthentication and make it protectedMichael Vogt
2014-10-06rename AuthDone() -> CheckAuthDone()Michael Vogt
2014-10-06cleanup pkgAcq*::Failed()Michael Vogt
2014-10-06Rework pkgAcqMeta{Index,Sig,ClearSig}::Done() for readabilityMichael Vogt
Move common code out but do not use subclassing for ::Done to make it easier to understand what each class is doing when its done
2014-10-06add new "SetActiveSubprocess()Michael Vogt
2014-10-02cleanup around pkgAcqMetaSig and improved testsMichael Vogt
2014-10-02add a bunch of docstrings etcMichael Vogt
2014-10-02fix crashMichael Vogt
2014-10-02donkults fixesMichael Vogt
2014-10-02Cleanup pkgAcqIndexMichael Vogt
2014-10-01refactor and add pkgAcqIndex::ValidateFile()Michael Vogt
2014-09-29cleanupMichael Vogt
2014-09-29refactorMichael Vogt
2014-09-29Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt
feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/gpgv.cc
2014-09-28replace c-string Mode with c++-string ActiveSubprocessDavid Kalnischkies
A long-lasting FIXME in the acquire code points out the problem that we e.g. for decompressors assign c-string representations of c++-strings to the Mode variable, which e.g. cppcheck points out as very bad. In practice, nothing major happens as the c++-strings do not run out of scope until Mode would do, but that is bad style and fragile, so the obvious proper fix is to use a c++ string for storage to begin with. The slight complications stems from the fact that progress reporting code in frontends potentially uses Mode and compares it with NULL, which can't be done with std::string, so instead of just changing the type we introduce a new variable and deprecate the old one. Git-Dch: Ignore
2014-09-26Do not allow going from authenticated to unauthenticated repoMichael Vogt
Also rework the way we load the Release file, so it only after Release.gpg verified the Release file. The rational is that we never want to load untrusted data into our parsers. Only stuff verified with gpg or by its hashes get loaded. To load untrusted data you now need to use apt-get update --allow-unauthenticated.
2014-09-25Revert making pkgAcquire::Item::DescURI() "const"Michael Vogt
Revert because its a API change and the gain does not justify the extra work to make the required changes in the consumers of this interface at this point.
2014-09-23make pdiff transactional (but at the cost of a CopyFile()Michael Vogt
2014-09-23cleanup, fix test-apt-update-unauth as the behavior of apt changedMichael Vogt
2014-09-23cleanupMichael Vogt
2014-09-23Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt
feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/copy.cc test/integration/test-hashsum-verification
2014-09-23Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/cachefilter.h configure.ac debian/changelog
2014-09-17fix gcc warningsMichael Vogt
2014-09-17use pkgAcqMetaBase as the transactionManagerMichael Vogt
2014-09-16SECURITY UPDATE for CVE-2014-{0488,0487,0489}Michael Vogt
incorrect invalidating of unauthenticated data (CVE-2014-0488) incorect verification of 304 reply (CVE-2014-0487) incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
2014-09-16add a bunch of dpointersMichael Vogt
2014-09-16remove pkgAcqSubIndexMichael Vogt
2014-08-25add shared code into pkgAcqMetaSigBase::GenerateAuthWarning()Michael Vogt
2014-08-02really move clearsign check into pkgAcqMetaClearSig::Done()Michael Vogt
2014-08-02add ims check verifyMichael Vogt
2014-08-01fix transactionid passingMichael Vogt
2014-08-01mve MetaKey into pkgAcqBaseIndexMichael Vogt
2014-07-31Rework TransactionID stuffMichael Vogt
2014-07-22WIP cleanup pkgAcqMetaSigMichael Vogt
2014-07-21Download Release first, then Release.gpgMichael Vogt
The old way of handling this was that pkgAcqMetaIndex was responsible to check/move both Release and Release.gpg in place. This breaks the assumption of the transaction that each pkgAcquire::Item has a single File that its responsible for.
2014-07-18WIP transaction based updateMichael Vogt
2014-07-08Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/deb/deblistparser.cc doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pl.po doc/po/pt.po doc/po/pt_BR.po po/da.po po/mr.po po/vi.po
2014-07-03Try not to parse invalid translation files (LP: #756317)Michael Vogt
2014-06-18apt-pkg/acquire-item.h: add default argument to ExpectedHashes to avoid API ↵Michael Vogt
break
2014-06-18Merge remote-tracking branch 'mvo/feature/update-by-hash' into ↵Michael Vogt
debian/experimental
2014-05-29Fix more warnings from clangMichael Vogt
Reported-By: clang++ -Werror Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/deb/debmetaindex.h
2014-05-22move ByHash into its own functionMichael Vogt
2014-05-14Merge remote-tracking branch 'donkult/debian/experimental' into ↵Michael Vogt
debian/experimental Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h
2014-05-14Add new pkgAcqBaseIndex as base class for ↵Michael Vogt
pkgAcq{DiffIndex,IndexMerge,pkgAcqBaseIndex, pkgAcqIndex}
2014-05-14Pass struct IndexTarget/indexRecords to pkgAcqIndex{,Merge}DiffsMichael Vogt
If one of the pkgAcqIndex{,Merge}Diffs fails, they will run pkgAcqIndex() which needs the IndexTarget/indexRecords data. So we pass it along.
2014-05-09promote ExpectedHashes to a pkgAcquire::Item memberDavid Kalnischkies
Beside being another big API break with hopefully zero fallout in reality it avoids having the same member and helper code in each and every subclass.
2014-05-09use HashStringList in the acquire systemDavid Kalnischkies
It is not very extensible to have the supported Hashes hardcoded everywhere and especially if it is part of virtual method names. It is also possible that a method does not support the 'best' hash (yet), so we might end up not being able to verify a file even though we have a common subset of supported hashes. And those are just two of the cases in which it is handy to have a more dynamic selection. The downside is that this is a MAJOR API break, but the HashStringList has a string constructor for compatibility, so with a bit of luck the few frontends playing with the acquire system directly are okay.
2014-04-17pass Target/MetaIndexParser around into pkgAcqDiffIndex so that this can be ↵Michael Vogt
used to create a proper pkgAcqIndex() with size information
2014-04-16calculate Percent as part of pkgAcquireStatus to provide a weighted percent ↵Michael Vogt
for both items and bytes