summaryrefslogtreecommitdiff
path: root/cmdline
AgeCommit message (Collapse)Author
2014-09-27add and use 'apt-key verify' which prefers gpgv over gpgDavid Kalnischkies
gnupg/gnupg2 can do verify just fine of course, so we don't need to use gpgv here, but it is what we always used in the past, so there might be scripts expecting a certain output and more importantly the output of apt-cdrom contains messages from gpg and even with all the settings we activate to prevent it, it still shows (in some versions) a quiet scary: "gpg: WARNING: Using untrusted key!" message. Keeping the use of gpgv is the simplest way to prevent it. We are increasing also the "Breaks: apt" version from libapt as it requires a newer apt-key than might be installed in partial upgrades.
2014-09-27miscellaneous small cleanups in apt-keyDavid Kalnischkies
Git-Dch: Ignore
2014-09-27add --readonly option for apt-key advDavid Kalnischkies
Some advanced commands can be executed without the keyring being modified like --verify, so this adds an option to disable the mergeback and uses it for our gpg calling code. Git-Dch: Ignore
2014-09-27use only one --keyring in gpg interactionsDavid Kalnischkies
We were down to at most two keyrings before, but gnupg upstream plans dropping support for multiple keyrings in the longrun, so with a single keyring we hope to be future proof – and 'apt-key adv' isn't a problem anymore as every change to the keys is merged back, so we have now the same behavior as before, but support an unlimited amount of trusted.gpg.d keyrings.
2014-09-27add --secret-keyring option for apt-keyDavid Kalnischkies
For some advanced usecases it might be handy to specify the secret keyring to be used (e.g. as it is used in the testcases), but specifying it via a normal option for gnupg might not be available forever: http://lists.gnupg.org/pipermail/gnupg-users/2013-August/047180.html Git-Dch: Ignore
2014-09-27allow to specify fingerprints in 'apt-key del'David Kalnischkies
2014-09-27add a test for apt-key export{,all}David Kalnischkies
Git-Dch: Ignore
2014-09-27respect --keyring also in merged keyring commandsDavid Kalnischkies
Git-Dch: Ignore
2014-09-27support gnupg2 as drop-in replacement for gnupgDavid Kalnischkies
If both are available APT will still prefer gpg over gpg2 as it is a bit more lightweight, but it shouldn't be a problem to use one or the other (at least at the moment, who knows what will happen in the future).
2014-09-27delay gnupg setup in apt-key until it is neededDavid Kalnischkies
'apt-key help' and incorrect usage do not need a functioning gnupg setup, as well as we shouldn't try to setup gnupg before we actually test if it is available (and print a message if it is not).
2014-09-27merge fragment keyrings in apt-key to avoid hitting gpg limitsDavid Kalnischkies
gnupg has a hardlimit of 40 (at the moment) keyrings per invocation, which can be exceeded with (many) repositories. That is rather misfortune as the longrun goal was to drop gnupg dependency at some point in the future, but this can now be considered missed and dropped. It also means that 'apt-key adv' commands might not have the behaviour one would expect it to have as it mainly operates on a big temporary keyring, so commands modifying keys will break. Doing this was never a good idea anyway through, so lets just hope nothing break too badly. Closes: 733028
2014-09-27refactor key removal code to reuse it in next stepDavid Kalnischkies
Git-Dch: Ignore
2014-09-27set a primary-keyring only if we have access to itDavid Kalnischkies
2014-09-27support (multiple) arguments properly in apt-keyDavid Kalnischkies
2014-09-27only create new trusted.gpg if directory is writeableDavid Kalnischkies
2014-09-27all errors should be printed to stderrDavid Kalnischkies
Git-Dch: Ignore
2014-09-27add a (hidden) --quiet option for apt-keyDavid Kalnischkies
2014-09-27remove leftover debug output from multikey softlinkDavid Kalnischkies
Git-Dch: Ignore
2014-09-27adapt to the new CacheSetHelper APIDavid Kalnischkies
Git-Dch: Ignore
2014-09-27rework cachesets API to allow future extensionDavid Kalnischkies
The introduction of Fnmatch showed that each new selector would require multiple new virtual methods in the CacheSetHelper to work correctly, which isn't that great. We now flip to a single virtual method which handles all cases separated by an enum – as new enum values can be added without an ABI break. Great care was taken to make old code work with the new way of organisation, which means in return that you might be bombarded with deprecation warnings now if you don't adapt, but code should still compile and work as before as can be seen in apt itself with this commit. Git-Dch: Ignore
2014-09-27mark pkg(All|Dist)Upgrade as deprecatedDavid Kalnischkies
The comment above their definition marks them already as such, so this is only a formalisation of the deprecation and fixes the occurances we have in our own code together with removing a magic number. Git-Dch: Ignore
2014-09-27count strings more accurately for statsDavid Kalnischkies
So far, only the few strings stored in stringitems were counted, but many more strings are directly inserted into the cache. We account for this now by identifying all these different strings and measure their length. We are still not at the correct size of the cache in 'stats' this way, but we are now again a bit closer. Git-Dch: Ignore
2014-09-05Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/acquire-item.cc configure.ac debian/changelog doc/apt-verbatim.ent doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pt.po po/ar.po po/ast.po po/bg.po po/bs.po po/ca.po po/cs.po po/cy.po po/da.po po/de.po po/dz.po po/el.po po/es.po po/eu.po po/fi.po po/fr.po po/gl.po po/hu.po po/it.po po/ja.po po/km.po po/ko.po po/ku.po po/lt.po po/mr.po po/nb.po po/ne.po po/nl.po po/nn.po po/pl.po po/pt.po po/pt_BR.po po/ro.po po/ru.po po/sk.po po/sl.po po/sv.po po/th.po po/tl.po po/tr.po po/uk.po po/vi.po po/zh_CN.po po/zh_TW.po test/integration/test-ubuntu-bug-346386-apt-get-update-paywall
2014-09-02Use heap to allocate PatternMatch to avoid potential stack overflowMichael Vogt
When apt-cache search with many args (> 130) is given the allocation of PatternMatch on the stack may fail resulting in a segmentation fault. By using the heap the max size is much bigger and we also get a bad_alloc expection instead of a segfault (which we can catch *if* this ever becomes a pratical problem). No test for the crash as its not reproducable with the MALLOC_ settings in framework. Closes: 759612
2014-09-02Make Proxy-Auto-Detect check for each hostMichael Vogt
When doing Acquire::http{,s}::Proxy-Auto-Detect, run the auto-detect command for each host instead of only once. This should make using "proxy" from libproxy-tools feasible which can then be used for PAC style or other proxy configurations. Closes: #759264
2014-08-26add dpkg::source-options for dpkg-source invocationDavid Kalnischkies
dpkg-source can be told to enforce signature checks with --require-valid-signature, but while this isn't feasible as default for Debian itself at the moment, a local admin should be able to use it. This commit also fixes the size limit on the construction of the command being called for dpkg-source and dpkg-buildpackage. Closes: 757534
2014-07-08Only allow "apt-get build-dep path" when path starts with ./ or /Michael Vogt
This avoid the subtle problem that someone might have a directory with the same package name as the build-depends he/she is trying to fetch. Also print a note that the specific file/dir is used.
2014-07-08Fix ar and tar code to be LFS-safeGuillem Jover
This is an ABI break. Closes: #742882
2014-06-18correct 'apt-cache stats' to include moreDavid Kalnischkies
It still doesn't reflect the size the cache has on the disk compared to what is given as total size (90 vs 103 MB), but by counting all structs in we are at least a bit closer to the reality. Git-Dch: ignore
2014-06-18cleanup datatypes mix used in binary cacheDavid Kalnischkies
We had a wild mixture of (unsigned) int, long and long long here without much sense, so this commit adds a few typedefs to get some sense in the typesystem and ensures that a ID isn't sometimes computed as int, stored as long and compared with a long long… as this could potentially bite us later on as the size of the archive only increases over time.
2014-06-18Merge remote-tracking branch 'donkult/debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-private/private-install.cc
2014-06-18show our broken packages message in 'apt' solverDavid Kalnischkies
2014-06-18Merge remote-tracking branch 'mvo/feature/drop-rights' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/contrib/fileutl.cc apt-pkg/contrib/fileutl.h
2014-06-18Merge remote-tracking branch 'mvo/feature/hash-stats' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/deb/debmetaindex.h apt-pkg/pkgcache.cc test/integration/test-apt-ftparchive-src-cachedb
2014-06-18Provide ShowHashTableStats functionMichael Vogt
2014-06-18improve formating of the hash statsMichael Vogt
2014-06-18Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: debian/changelog
2014-06-11DropPrivs in the solvers (just to be on the safe side)Michael Vogt
2014-06-10Merge remote-tracking branch 'mvo/feature/apt-update-info' into debian/sidMichael Vogt
2014-06-10Merge remote-tracking branch ↵Michael Vogt
'mvo/bugfix/apt-get-source-unauthenticated-warning' into debian/sid
2014-06-10support Acquire::GzipIndexes in dumpavailDavid Kalnischkies
Closes: 742835
2014-06-06cmdline/apt-helper.cc: use less generic description/short-descriptionMichael Vogt
2014-06-02Show unauthenticated warning for source packages as wellMichael Vogt
This will show the same unauthenticated warning for source packages as for binary packages and will not download a source package if it is unauthenticated. This can be overridden with --allow-unauthenticated Closes: #749795
2014-05-30print error stack on failure of 'apt' solverDavid Kalnischkies
Git-Dch: ignore
2014-05-29cmdline/apt-extracttemplates.cc: remove unused private varMichael Vogt
Reported-By: clang -Wall
2014-05-29Merge remote-tracking branch 'upstream/debian/sid' into debian/experimentalMichael Vogt
Conflicts: test/integration/test-bug-747261-arch-specific-conflicts
2014-05-29add hashtable statsMichael Vogt
2014-05-28cmdline/apt-extracttemplates.cc: remove unused private varMichael Vogt
Reported-By: clang -Wall
2014-05-22fix screen width detection for apt/apt-get listsSebastian Schmidt
3163087b moved SigWinch(int) from apt-get.cc to private-output.cc without moving #include <sys/ioctl.h>, making SigWinch a nop. Closes: 748430, 747942
2014-05-22show upgradable packages after apt updateMichael Vogt
Closes: 748389