summaryrefslogtreecommitdiff
path: root/apt-pkg/deb/debmetaindex.cc
AgeCommit message (Collapse)Author
2014-11-08mark internal interfaces as hiddenDavid Kalnischkies
We have a bunch of classes which are of no use for the outside world, but were still exported and so needed to preserve ABI/API. Marking them as hidden to not export them any longer is a big API break in theory, but in practice nobody is using them – as if they would its a bug.
2014-11-08better non-virtual metaIndex.LocalFileName() implementationDavid Kalnischkies
We can't add a new virtual method without breaking the ABI, but we can freely add new methods, so for older ABIs we just implement this method with a dynamic_cast, so that clients can be more ignorant about the API here and especially don't need to pull a very dirty trick by assuming internal knowledge (like apt-get did here).
2014-11-08use a abi version check similar to the gcc checkDavid Kalnischkies
Git-Dch: Ignore
2014-10-13trusted=yes sources are secure, we just don't know whyDavid Kalnischkies
Do not require a special flag to be present to update trusted=yes sources as this flag in the sources.list is obviously special enough. Note that this is just disabling the error message, the user will still be warned about all the (possible) failures the repository generated, it is just triggering the acceptance of the warnings on a source-by-source level. Similarily, the trusted=no flag doesn't require the user to pass additional flags to update, if the repository looks fine in the view of apt it will update just fine. The unauthenticated warnings will "just" be presented then the data is used. In case you wonder: Both was the behavior in previous versions, too.
2014-09-17use pkgAcqMetaBase as the transactionManagerMichael Vogt
2014-07-31Rework TransactionID stuffMichael Vogt
2014-07-21Download Release first, then Release.gpgMichael Vogt
The old way of handling this was that pkgAcqMetaIndex was responsible to check/move both Release and Release.gpg in place. This breaks the assumption of the transaction that each pkgAcquire::Item has a single File that its responsible for.
2014-05-29Fix more warnings from clangMichael Vogt
Reported-By: clang++ -Werror Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/deb/debmetaindex.h
2014-05-09use HashStringList in the acquire systemDavid Kalnischkies
It is not very extensible to have the supported Hashes hardcoded everywhere and especially if it is part of virtual method names. It is also possible that a method does not support the 'best' hash (yet), so we might end up not being able to verify a file even though we have a common subset of supported hashes. And those are just two of the cases in which it is handy to have a more dynamic selection. The downside is that this is a MAJOR API break, but the HashStringList has a string constructor for compatibility, so with a bit of luck the few frontends playing with the acquire system directly are okay.
2014-05-08Merge remote-tracking branch 'mvo/feature/build-dep-dsc2' into ↵Michael Vogt
debian/experimental Conflicts: apt-pkg/deb/debindexfile.cc apt-pkg/deb/debindexfile.h apt-pkg/deb/debsrcrecords.cc
2014-04-28avoid deb specific code in private-installMichael Vogt
2014-04-28WIP local deb installMichael Vogt
2014-03-13cleanup headers and especially #includes everywhereDavid Kalnischkies
Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
2013-12-05* enable release based selection for deb-src (closes: 731102)Michael Vogt
2013-07-25delete targets dataMichael Vogt
2013-07-11implement arch+= and arch-= for sources.listDavid Kalnischkies
Default is to acquire all architectures from APT::Architectures which can be changed by arch=, but this isn't very flexible if you want "mostly" the default as you have to hardcode the architectures then, so arch-= and arch+= can be used to add/remove architectures from the default set. On a machine with 'amd64' and 'i386' configured the lines: deb [arch+=armel] http://example.org/debian wheezy rocks deb [arch-=amd64] http://example.org/debian jessie rocks will result in the download of: wheezy Packages for 'amd64', 'i386' and 'armel' jessie Packages for 'i386'
2013-03-15 - if ExecGPGV deals with a clear-signed file it will split this fileDavid Kalnischkies
into data and signatures, pass it to gpgv for verification and recombines it after that in a known-good way without unsigned blocks and whitespaces resulting usually in more or less the same file as before, but later code can be sure about the format * apt-pkg/deb/debmetaindex.cc: - reenable InRelease by default
2013-03-14* SECURITY UPDATE: InRelease verification bypass0.9.7.8Michael Vogt
- CVE-2013-1051 * apt-pkg/deb/debmetaindex.cc, test/integration/test-bug-595691-empty-and-broken-archive-files, test/integration/test-releasefile-verification: - disable InRelease downloading until the verification issue is fixed, thanks to Ansgar Burchardt for finding the flaw
2012-02-18* apt-pkg/acquire-item.cc:David Kalnischkies
- drop support for i18n/Index file (introduced in 0.8.11) and use the Release file instead to get the Translations (Closes: #649314) * ftparchive/writer.cc: - add 'Translation-*' to the default patterns i18n/Index was never used outside debian - and even here it isn't used consistently as only 'main' has such a file. As the Release file now includes the Translation-* files we therefore drop support for i18n/Index. A version supporting it was never part of a debian release and still supporting it would mean that we get 99% of the time a 404 as response to the request anyway and confuse archive maintainers who want to provide all files APT tries to acquire.
2011-10-05* apt-pkg/deb/debmetaindex.cc:David Kalnischkies
- none is a separator, not a language: no need for Index (Closes: #624218) * apt-pkg/aptconfiguration.cc: - do not builtin languages only if none is forced (Closes: #643787)
2011-10-05merge with current debian apt/experimentalDavid Kalnischkies
2011-10-05* apt-pkg/contrib/configuration.cc:Michael Vogt
- fix double delete (LP: #848907) - ignore only the invalid regexp instead of all options * apt-pkg/acquire-item.h, apt-pkg/deb/debmetaindex.cc: - fix fetching language information by adding OptionalSubIndexTarget * methods/https.cc: - cleanup broken downloads properly * ftparchive/cachedb.cc: - fix buffersize in bytes2hex * apt-pkg/deb/deblistparser.cc: - fix crash when the dynamic mmap needs to be grown in LoadReleaseInfo (LP: #854090)
2011-09-19use forward declaration in headers if possible instead of includesDavid Kalnischkies
2011-09-16* apt-pkg/acquire-item.h, apt-pkg/deb/debmetaindex.cc:Michael Vogt
- fix fetching language information by adding OptionalSubIndexTarget
2011-09-13merge with debian/experimentalDavid Kalnischkies
2011-09-13reorder includes: add <config.h> if needed and include it at firstDavid Kalnischkies
2011-08-15merged from the debian-sid branchMichael Vogt
2011-08-11cppcheck complains about some possible speed improvements which could beDavid Kalnischkies
done on the mirco-optimazation level, so lets fix them: (performance) Possible inefficient checking for emptiness. (performance) Prefer prefix ++/-- operators for non-primitive types.
2011-07-14* apt-pkg/deb/debmetaindex.cc:David Kalnischkies
- add trusted=yes option to mark unsigned (local) repository as trusted based on a patch from Ansgar Burchardt, thanks a lot! (Closes: #596498) Note that "apt-get update" still warns about unknown signatures even when [trusted=yes] is given for the source.
2011-04-26* apt-pkg/deb/debmetaindex.cc:David Kalnischkies
- do not download TranslationIndex if no Translation-* will be downloaded later on anyway (Closes: #624218)
2011-01-28 - download and use i18n/Index to choose which Translations to downloadDavid Kalnischkies
* apt-pkg/aptconfiguration.cc: - remove the inbuilt Translation files whitelist
2011-01-20 - try downloading clearsigned InRelease before trying Release.gpgDavid Kalnischkies
* apt-pkg/deb/deblistparser.cc: - rewrite LoadReleaseInfo to cope with clearsigned Releasefiles
2010-07-11fix typo preventing display of architecture in Info()David Kalnischkies
2010-07-11* apt-pkg/deb/debmetaindex.cc:David Kalnischkies
- do not query each architecture for flat file archives
2010-03-30rename ExplodeString to VectorizeStringDavid Kalnischkies
2010-02-18doesn't use a default separator in ExplodeString (halfway losted in merge)David Kalnischkies
2010-02-15* aptconfiguration.cc:David Kalnischkies
- include all existing Translation files in the Cache (Closes: 564137) Previously if APT was executed with a different LC_* all these invocations needed to rebuild the Cache as too many files were included or missing: Now the lists-directory is checked for Translation-files and all these included in getLanguages() regardless of the environment setting (after a "none" so APT will not use them for displaying information).
2009-12-23merge Goswin Brederlow "support download of index files for different archs"David Kalnischkies
patch which includes the following big changes: - Declare the unused [vendor] field in sources.list as option field, e.g. deb [arch=amd64,i386 lang=en_GB have=fun] http://example.org - When fetching index files download them for all APT::Architectures (overrideable with the options field above) - Allow all architectures of APT::Architectures to be in the Cache - Add the architecture to status and progress informations - Add b= (Binary architecture) to policy This commit doesn't incude the "pin-hack" as the Group structure will take care of this (and does it already to some extend).
2009-11-26[BREAK] add possibility to download and use multiplyDavid Kalnischkies
Translation files, configurable with Acquire::Languages accessable with APT::Configuration::getLanguages() and as always with documentation in apt.conf. The commit also includes a very very simple testapp.
2009-06-30merged r1811..1815 from lp:~donkult/apt/experimentalMichael Vogt
2008-02-04* apt-pkg/deb/debmetaindex.cc:Michael Vogt
- add missing "Release" file uri when apt-get update --print-uris is run
2007-10-02 - apt-pkg/deb/debmetaindex.cc: comparison with string literal resultsOtavio Salvador
in unspecified behaviour;
2007-07-26* implement sha256/sha1/md5 checking with proper backward compatibilityMichael Vogt
and fallback
2007-06-09* merged the remaining bits from the apt--no-pragma branchMichael Vogt
2007-06-08* remove all the remaining #pragma implementationMichael Vogt
2006-07-25* merged with the latest ddtp branch fixesMichael Vogt
2006-07-25* apt-pkg/deb/debmetaindex.cc:Michael Vogt
- don't queue translations for deb-src entries
2005-10-20* merged with mainMichael Vogt
Patches applied: * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-77 * renamed Trust-CDROM to TrustCDROM to make it consistent with ubuntu
2005-10-20* renamed Trust-CDROM to TrustCDROM to make it consistent with ubuntuMichael Vogt
2005-10-19* merged with mainlineMichael Vogt
Patches applied: * bubulle@debian.org--2005/apt--main--0--patch-105 Proofread by Fred Bothamy * bubulle@debian.org--2005/apt--main--0--patch-106 Merge with mvo * bubulle@debian.org--2005/apt--main--0--patch-107 Italian translation corrected * bubulle@debian.org--2005/apt--main--0--patch-108 Italian translation update * bubulle@debian.org--2005/apt--main--0--patch-109 Italian translation completed * bubulle@debian.org--2005/apt--main--0--patch-110 Swedish translation update * bubulle@debian.org--2005/apt--main--0--patch-111 Merge with Michael * bubulle@debian.org--2005/apt--main--0--patch-112 Swedish translation completed * bubulle@debian.org--2005/apt--main--0--patch-113 Silly update to French translation (testing) * bubulle@debian.org--2005/apt--main--0--patch-114 Basque translation update * bubulle@debian.org--2005/apt--main--0--patch-115 Basque translation completed * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-62 * leak fix for debian #250583 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-63 * changelog update * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-64 * merged with bubulle * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-65 * inital support for "apt-get source -t dist" (but no downgrades yet * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-66 * full support for apt-get source -t now (and honor pining too) * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-67 * added APT::Authentication::Trust-CDROM option * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-68 * fix a crash in apt-ftparchive * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-69 * sparc64 alignment fix * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-70 * fix segfault when there is no Archive for a VerFile * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-71 * don't get candidate release as version tag for FindSrc by default. because it break for bin-NMUs :/ (e.g. dpkg source is 1.13.11, but i386 version string is 1.13.11.0.1) * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-72 * corrections in the changelog * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-73 * init the default ScreenWidth to 79 columns by default (Closes: #324921) * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-74 apt-cdrom.cc:fix some missing gettext() calls (closes: #334539); doc/apt-cache.8.xml: fix typo (closes: #334714) * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-75 * seting section to "admin" to match override file * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-76 * finalized the changelog * michael.vogt@ubuntu.com--2005/apt--trust-cdrom--0--base-0 tag of apt@packages.debian.org/apt--main--0--patch-79 * michael.vogt@ubuntu.com--2005/apt--trust-cdrom--0--patch-1 * implemented "TrustCDROM" mode * michael.vogt@ubuntu.com--2005/apt--trust-cdrom--0--patch-2 * added APT::Authentication::TrustCDROM to the configure-index