| Age | Commit message (Collapse) | Author |
|---|
|
It is a rather strange sight that index items use SiteOnly which strips
the Path, while e.g. deb files are downloaded with NoUserPassword which
does not. Important to note here is that for the file transport Path is
pretty important as there is no Host which would be displayed by Site,
which always resulted in "interesting" unspecific errors for "file:".
Adding a 'middle' ground between the two which does show the Path but
potentially modifies it (it strips a pending / at the end if existing)
solves this "file:" issue, syncs the output and in the end helps to
identify which file is meant exactly in progress output and co as a
single site can have multiple repositories in different paths.
|
|
Having every item having its own code to verify the file(s) it handles
is an errorprune process and easy to break, especially if items move
through various stages (download, uncompress, patching, …). With a giant
rework we centralize (most of) the verification to have a better
enforcement rate and (hopefully) less chance for bugs, but it breaks the
ABI bigtime in exchange – and as we break it anyway, it is broken even
harder.
It shouldn't effect most frontends as they don't deal with the acquire
system at all or implement their own items, but some do and will need to
be patched (might be an opportunity to use apt on-board material).
The theory is simple: Items implement methods to decide if hashes need to
be checked (in this stage) and to return the expected hashes for this
item (in this stage). The verification itself is done in worker message
passing which has the benefit that a hashsum error is now a proper error
for the acquire system rather than a Done() which is later revised to a
Failed().
|
|
Handle Translation-* files exactly like Packages files (with the
expection that it is ok if a download of them fails). Remove all
"guessing" on apts side. This will elimimnate a bunch of errors
releated to captive portals and similar. Its also more correct
and removes another potential attack vector.
|
|
consistently using Item::Failed in all specializec classes helps setting
up some information bits otherwise unset, so some errors had an empty
reason as an error. Ign is upgraded to display the error message we
ignored to further help in understanding what happens.
|
|
Conflicts:
apt-pkg/acquire-item.cc
|
|
Git-Dch: Ignore
|
|
|
|
The line contains everchanging execution statistics which is harmful for
testcases as they need to filter out such lines, but this is hard so we
can just add an option to disable them instead and be done.
Git-Dch: Ignore
|
|
|
|
- CVE-2013-1051
* apt-pkg/deb/debmetaindex.cc,
test/integration/test-bug-595691-empty-and-broken-archive-files,
test/integration/test-releasefile-verification:
- disable InRelease downloading until the verification issue is
fixed, thanks to Ansgar Burchardt for finding the flaw
|
|
ignore the presents (or absence) of lzma if we decided to use xz
|
|
|
|
invalid in most cases anyway
|
|
|
|
* merged lp:~evfool/apt/fix418552:
- Grammar fix for bug LP: #418552, thanks to Robert Roth
|
|
* apt-pkg/aptconfiguration.cc:
- remove the inbuilt Translation files whitelist
|
|
- add a special uncompressed compression type to prefer those files
* methods/{gzip,bzip}.cc:
- print a good error message if FileSize() is zero
|
|
* apt-pkg/deb/deblistparser.cc:
- rewrite LoadReleaseInfo to cope with clearsigned Releasefiles
|
|
not exist to not generate sources.list entries later for them
|
|
- Add a FileFd::FileSize() method to get the size of the underlying
file and not the size of the content in the file as FileFd::Size()
does - the sizes can differ since the direct gzip integration
* methods/{gzip,bzip2}.cc:
- use FileSize() to determine if the file is invalid (Closes: #600852)
|
|
funtions (bash complains)
|
|
|
|
in future that APT plays considerable well with empty archives
|
