Sync with apt--main--0--patch-78

Patches applied:

 * apt@packages.debian.org/apt--main--0--patch-77
   Merge apt--mvo--0

 * apt@packages.debian.org/apt--main--0--patch-78
   Update changelog

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-14
   * changelog entry for 0.6.34ubuntu1 added, MinAge default is 2 days now

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-15
   * merged with matts tree

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-16
   * changelog updated

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-17
   * whitespace change to add incomplete log for last patch

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-18
   * honor "Acquire::gpgv::Options" in apt-cdrom too

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-19
   * corrected a incorrect use of string().c_str() (thanks to mdz!)

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 3df9f24073094b8d3a2a6837c85518a536d33662..12dc811a66b53e9c7da328f3491d84c7432a2b7e 100644 (file)
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -369,6 +369,12 @@ pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,
       // File was already in place.  It needs to be re-verified
       // because Release might have changed, so Move it into partial
       Rename(Final,DestFile);
+      // unlink the file and do not try to use I-M-S and Last-Modified
+      // if the users proxy is broken
+      if(_config->FindB("Acquire::BrokenProxy", false) == true) {
+        std::cerr << "forcing re-get of the signature file as requested" << std::endl;
+        unlink(DestFile.c_str());
+      }
    }
 
    QueueURI(Desc);

diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc
index 4b6ac5ce09fa645f14f368f55efaf32f7c1dc69c..1f65062f7c2e29757d08c195ca9500557ffe8bcf 100644 (file)
--- a/apt-pkg/indexcopy.cc
+++ b/apt-pkg/indexcopy.cc
@@ -593,17 +593,45 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector<string> &SigList,
 
       // verify the gpg signature of "Release"
       // gpg --verify "*I+Release.gpg", "*I+Release"
+      const char *Args[400];
+      unsigned int i = 0;
+
       string gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
       string pubringpath = _config->Find("Apt::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg");
+      string releasegpg = *I+"Release.gpg";
+      string release = *I+"Release";
+
+      Args[i++] = gpgvpath.c_str();
+      Args[i++] = "--keyring";
+      Args[i++] = pubringpath.c_str();
+      Configuration::Item const *Opts;
+      Opts = _config->Tree("Acquire::gpgv::Options");
+      if (Opts != 0)
+      {
+         Opts = Opts->Child;
+        for (; Opts != 0; Opts = Opts->Next)
+         {
+            if (Opts->Value.empty() == true)
+               continue;
+            Args[i++] = Opts->Value.c_str();
+           if(i >= 390) { 
+              _error->Error("Argument list from Acquire::gpgv::Options too long. Exiting.");
+              return false;
+           }
+         }
+      }
+      
+      Args[i++] = releasegpg.c_str();
+      Args[i++] = release.c_str();
+      Args[i++] = NULL;
+      
       pid_t pid = ExecFork();
       if(pid < 0) {
         _error->Error("Fork failed");
         return false;
       }
       if(pid == 0) {
-        execlp(gpgvpath.c_str(), gpgvpath.c_str(), "--keyring", 
-               pubringpath.c_str(), string(*I+"Release.gpg").c_str(), 
-               string(*I+"Release").c_str(), NULL);
+        execvp(gpgvpath.c_str(), (char**)Args);
       }
       if(!ExecWait(pid, "gpgv")) {
         _error->Warning("Signature verification failed for: %s",

diff --git a/configure.in b/configure.in
index 3c5d6d69dc04115581868dd4d8dee1a0776f433b..e17a126ba7b595152fafe0787cb07f22ea3e7adc 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -18,7 +18,7 @@ AC_CONFIG_AUX_DIR(buildlib)
 AC_CONFIG_HEADER(include/config.h:buildlib/config.h.in include/apti18n.h:buildlib/apti18n.h.in)
 
 dnl -- SET THIS TO THE RELEASE VERSION --
-AC_DEFINE_UNQUOTED(VERSION,"0.6.35")
+AC_DEFINE_UNQUOTED(VERSION,"0.6.35ubuntu1")
 PACKAGE="apt"
 AC_DEFINE_UNQUOTED(PACKAGE,"$PACKAGE")
 AC_SUBST(PACKAGE)

diff --git a/debian/apt.cron.daily b/debian/apt.cron.daily
index 7ee7e46db947ee9f42da4a8b8376b6c456234593..5145a5d2f52707b1fe888837f8cc98a81bcd826f 100644 (file)
--- a/debian/apt.cron.daily
+++ b/debian/apt.cron.daily
@@ -74,7 +74,7 @@ check_size_constraints()
 {
     # min-age in days
     MaxAge=0
-    MinAge=1
+    MinAge=2
     MaxSize=0
     CacheDir="var/cache/apt"
     CacheArchive="archives/"

diff --git a/debian/changelog b/debian/changelog
index 100125392d0f5a01f9f2456c72fb7fafe817ad97..4cdeee956255dcc96354de7a3d37a87e198f586d 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,10 +1,23 @@
-apt (0.6.35os1) unstable; urgency=low
+apt (0.6.36os1) unstable; urgency=low
 
    * Resync with apt--main--0--patch-71.
      [ This include the DDTP support for testing propose, report bugs
      directly to me ]
 
- -- Otavio Salvador <otavio@debian.org>  Wed, 23 Mar 2005 17:19:28 -0300
+ -- Otavio Salvador <otavio@debian.org>  Thu,  7 Apr 2005 21:16:46 -0300
+
+apt (0.6.36) unstable; urgency=low
+
+  * Merge apt--mvo--0:
+    - apt-pkg/acquire-item.cc:
+      added "Acquire::BrokenProxy" that will force apt to always 
+      re-get the Release.gpg file (for broken proxies)
+    - debian/apt.cron.daily:
+      MinAge is defaulting to 2 days now to prevent over-aggresive removal 
+    - apt-pkg/cdrom.cc:
+      honor "Acquire::gpgv::Options" when verifying the signature (Ubuntu #8496)
+ 
+ -- Michael Vogt <michael.vogt@ubuntu.com>  Thu, 31 Mar 2005 20:37:11 +0200
 
 apt (0.6.35) hoary; urgency=low