From: Michael Vogt <michael.vogt@ubuntu.com>
Date: Wed, 8 May 2013 15:48:31 +0000 (+0200)
Subject: merged from the debian-wheezy branch
X-Git-Tag: 0.9.8~4
X-Git-Url: https://git.saurik.com/apt.git/commitdiff_plain/597341fe0f0a87c3888a62ce02631db8b25aeb4b?hp=-c

merged from the debian-wheezy branch
---

597341fe0f0a87c3888a62ce02631db8b25aeb4b
diff --combined apt-pkg/algorithms.cc
index 7fcd9f0db,991d425e3..6cde4d6cc
--- a/apt-pkg/algorithms.cc
+++ b/apt-pkg/algorithms.cc
@@@ -550,14 -550,11 +550,14 @@@ void pkgProblemResolver::MakeScores(
     unsigned long Size = Cache.Head().PackageCount;
     memset(Scores,0,sizeof(*Scores)*Size);
  
 -   // Important Required Standard Optional Extra
 +   // Maps to pkgCache::State::VerPriority
 +   //   which is "Important Required Standard Optional Extra"
 +   // (yes, that is confusing, the order of pkgCache::State::VerPriority
 +   //  needs to be adjusted but that requires a ABI break)
     int PrioMap[] = {
        0,
 -      _config->FindI("pkgProblemResolver::Scores::Important",3),
 -      _config->FindI("pkgProblemResolver::Scores::Required",2),
 +      _config->FindI("pkgProblemResolver::Scores::Important",2),
 +      _config->FindI("pkgProblemResolver::Scores::Required",3),
        _config->FindI("pkgProblemResolver::Scores::Standard",1),
        _config->FindI("pkgProblemResolver::Scores::Optional",-1),
        _config->FindI("pkgProblemResolver::Scores::Extra",-2)
@@@ -571,11 -568,11 +571,11 @@@
  
     if (_config->FindB("Debug::pkgProblemResolver::ShowScores",false) == true)
        clog << "Settings used to calculate pkgProblemResolver::Scores::" << endl
 -         << "  Important => " << PrioMap[1] << endl
 -         << "  Required => " << PrioMap[2] << endl
 -         << "  Standard => " << PrioMap[3] << endl
 -         << "  Optional => " << PrioMap[4] << endl
 -         << "  Extra => " << PrioMap[5] << endl
 +         << "  Required => " << PrioMap[pkgCache::State::Required] << endl
 +         << "  Important => " << PrioMap[pkgCache::State::Important] << endl
 +         << "  Standard => " << PrioMap[pkgCache::State::Standard] << endl
 +         << "  Optional => " << PrioMap[pkgCache::State::Optional] << endl
 +         << "  Extra => " << PrioMap[pkgCache::State::Extra] << endl
           << "  Essentials => " << PrioEssentials << endl
           << "  InstalledAndNotObsolete => " << PrioInstalledAndNotObsolete << endl
           << "  Depends => " << PrioDepends << endl
@@@ -648,7 -645,10 +648,10 @@@
  	      D->Type != pkgCache::Dep::Recommends))
  	    continue;	 
  	 
- 	 Scores[I->ID] += abs(OldScores[D.ParentPkg()->ID]);
+ 	 // Do not propagate negative scores otherwise
+ 	 // an extra (-2) package might score better than an optional (-1)
+ 	 if (OldScores[D.ParentPkg()->ID] > 0)
+ 	     Scores[I->ID] += OldScores[D.ParentPkg()->ID];
        }      
     }
  
diff --combined debian/changelog
index 7944d76ef,7775c1b79..182596b62
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,123 -1,16 +1,133 @@@
- apt (0.9.7.9~exp3) experimental; urgency=low
 -apt (0.9.7.9) UNRELEASED; urgency=low
++apt (0.9.8) UNRELEASED; urgency=low
  
+   [ Ludovico Cavedon ]
+   * properly handle if-modfied-since with libcurl/https 
+     (closes: #705648)
+   
+   [ Andreas Beckman ]
+   * apt-pkg/algorithms.cc:
+     - Do not propagate negative scores from rdepends. Propagating the absolute
+       value of a negative score may boost obsolete packages and keep them
+       installed instead of installing their successors.  (Closes: #699759)
+   
 - -- Michael Vogt <mvo@debian.org>  Wed, 08 May 2013 17:46:10 +0200
 +  [ Michael Vogt ]
 +  * apt-pkg/sourcelist.cc:
 +    - fix segfault when a hostname contains a [, thanks to 
 +      Tzafrir Cohen (closes: #704653)
 +  * debian/control:
 +    - replace manpages-it (closes: #704723)
 +
 +  [ David Kalnischkies ]
 +  * various simple changes to fix cppcheck warnings
 +  * apt-pkg/pkgcachegen.cc:
 +    - do not store the MD5Sum for every description language variant as
 +      it will be the same for all so it can be shared to save cache space
 +    - handle language tags for descriptions are unique strings to be shared
 +    - factor version string creation out of NewDepends, so we can easily reuse
 +      version strings e.g. for implicit multi-arch dependencies
 +    - equal comparisions are used mostly in same-source relations,
 +      so use this to try to reuse some version strings
 +    - sort group and package names in the hashtable on insert
 +    - share version strings between same versions (of different architectures)
 +      to save some space and allow quick comparisions later on
 +  * apt-pkg/pkgcache.cc:
 +    - assume sorted hashtable entries for groups/packages
 +  * apt-pkg/cacheiterators.h:
 +    - provide DepIterator::IsSatisfied as a nicer shorthand for DepCheck
 +  * apt-pkg/deb/debversion.cc:
 +    - add a string-equal shortcut for equal version comparisions
 +
 +  [ Marc Deslauriers ]
 +  * make apt-ftparchive generate missing deb-src hashes (LP: #1078697)
 +  
 +  [ Yaroslav Halchenko ]
 +  * Fix English spelling error in a message ('A error'). Unfuzzy
 +    translations. Closes: #705087
 +
 +  [ Programs translations ]
 +  * French translation completed (Christian Perrier)
 +  
 +  [ Manpages translations ]
 +  * French translation completed (Christian Perrier)
-   
-  -- Michael Vogt <mvo@debian.org>  Mon, 08 Apr 2013 17:09:00 +0200
++
++ -- Michael Vogt <mvo@debian.org>  Mon, 08 Apr 2013 08:43:21 +0200
 +
 +apt (0.9.7.9~exp2) experimental; urgency=low
 +
 +  [ Programs translations ]
 +  * Update all PO files and apt-all.pot
 +  * French translation completed (Christian Perrier)
 +  
 +  [ Daniel Hartwig ]
 +  * cmdline/apt-get.cc:
 +    - do not have space between "-a" and option when cross building
 +      (closes: #703792)
 +  * test/integration/test-apt-get-download:
 +    - fix test now that #1098752 is fixed
 +  * po/{ca,cs,ru}.po:
 +    - fix merge artifact
 +
 +  [ David Kalnischkies ]
 +  * apt-pkg/indexcopy.cc:
 +    - rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
 +  * apt-pkg/contrib/gpgv.cc:
 +    - ExecGPGV is a method which should never return, so mark it as such
 +      and fix the inconsistency of returning in error cases
 +    - don't close stdout/stderr if it is also the statusfd
 +    - if ExecGPGV deals with a clear-signed file it will split this file
 +      into data and signatures, pass it to gpgv for verification
 +    - add method to open (maybe) clearsigned files transparently
 +  * apt-pkg/acquire-item.cc:
 +    - keep the last good InRelease file around just as we do it with
 +      Release.gpg in case the new one we download isn't good for us
 +  * apt-pkg/deb/debmetaindex.cc:
 +    - reenable InRelease by default
 +  * ftparchive/writer.cc,
 +    apt-pkg/deb/debindexfile.cc,
 +    apt-pkg/deb/deblistparser.cc:
 +    - use OpenMaybeClearSignedFile to be free from detecting and
 +      skipping clearsigning metadata in dsc and Release files
 +
 +  [ Michael Vogt ]
 +  * add regression test for CVE-2013-1051
 +  * implement GPGSplit() based on the idea from Ansgar Burchardt
 +    (many thanks!)
 +  * methods/connect.cc:
 +    - use Errno() instead of strerror(), thanks to David Kalnischk
 +  * doc/apt.conf.5.xml:
 +    - document Acquire::ForceIPv{4,6}
 +
 + -- Michael Vogt <mvo@debian.org>  Wed, 03 Apr 2013 14:19:58 +0200
 +
 +apt (0.9.7.9~exp1) experimental; urgency=low
 +
 +  [ Niels Thykier ]
 +  * test/libapt/assert.h, test/libapt/run-tests:
 +    - exit with status 1 on test failure
 +  
 +  [ Daniel Hartwig ]
 +  * test/integration/framework:
 +    - continue after test failure but preserve exit status
 +
 +  [ Programs translation updates ]
 +  * Turkish (Mert Dirik). Closes: #703526
 +
 +  [ Colin Watson ]
 +  * methods/connect.cc:
 +    - provide useful error message in case of EAI_SYSTEM
 +      (closes: #703603)
 +  
 +  [ Michael Vogt ]
 +  * add new config options "Acquire::ForceIPv4" and 
 +    "Acquire::ForceIPv6" to allow focing one or the other
 +    (closes: #611891)
 +  * lp:~mvo/apt/fix-tagfile-hash:
 +    - fix false positives in pkgTagSection.Exists(), thanks to
 +      Niels Thykier for the testcase (closes: #703240)
 +    - this will require rebuilds of the clients as this used to
 +      be a inline function
 +
 + -- Michael Vogt <mvo@debian.org>  Fri, 22 Mar 2013 21:57:08 +0100
  
  apt (0.9.7.8) unstable; urgency=criticial
  
@@@ -133,58 -26,6 +143,58 @@@
  
   -- Michael Vogt <mvo@debian.org>  Thu, 14 Mar 2013 07:47:36 +0100
  
 +apt (0.9.7.8~exp2) experimental; urgency=low
 +
 +  * include two missing patches to really fix bug #696225, thanks to
 +    Guillem Jover 
 +  * ensure sha512 is really used when available, thanks to Tyler Hicks
 +   (LP: #1098752)
 +
 + -- Michael Vogt <mvo@debian.org>  Fri, 01 Mar 2013 19:06:55 +0100
 +
 +apt (0.9.7.8~exp1) experimental; urgency=low
 +
 +  [ Manpages translation updates ]
 +  * Italian (Beatrice Torracca). Closes: #696601
 +  
 +  [ Programs translation updates ]
 +  * Japanese (Kenshi Muto). Closes: #699783
 +  
 +  [ Michael Vogt ]
 +  * fix pkgProblemResolver::Scores, thanks to Paul Wise. 
 +    Closes: #697577
 +  * fix missing translated apt.8 manpages, thanks to Helge Kreutzmann
 +    for the report. Closes: #696923
 +  * apt-pkg/contrib/progress.cc:
 +    - Make "..." translatable to fix inconsistencies in the output
 +      of e.g. apt-get update. While this adds new translatable strings,
 +      not having translations for them will not break anything.
 +      Thanks to Guillem Jover. Closes: #696225
 +  * debian/apt.cron.daily:
 +    - when reading from /dev/urandom, use less entropy and fix a rare
 +      bug when the random number chksum is less than 1000.
 +      Closes: #695285
 +  * methods/https.cc:
 +    - reuse connection in https, thanks to Thomas Bushnell, BSG for the
 +      patch. LP: #1087543, Closes: #695359
 +    - add missing curl_easy_cleanup()
 +  * methods/http.cc:
 +    - quote spaces in filenames to ensure as the http method is also
 +      (potentially) used for non deb,dsc content that may contain
 +      spaces, thanks to Daniel Hartwig and Thomas Bushnell 
 +      (LP: #1086997)
 +    - quote plus in filenames to work around a bug in the S3 server
 +      (LP: #1003633)
 +  * apt-pkg/indexrecords.cc:
 +    - support '\r' in the Release file
 +
 +  [ David Kalnischkies ]
 +  * apt-pkg/depcache.cc:
 +    - prefer to install packages which have an already installed M-A:same
 +      sibling while choosing providers (LP: #1130419)
 +
 + -- Michael Vogt <mvo@debian.org>  Fri, 01 Mar 2013 14:16:42 +0100
 +
  apt (0.9.7.7) unstable; urgency=low
  
    [ Program translation updates ]
diff --combined debian/control
index 49647340a,4a73239f7..6507f6d6d
--- a/debian/control
+++ b/debian/control
@@@ -7,18 -7,18 +7,18 @@@ Uploaders: Michael Vogt <mvo@debian.org
   Julian Andres Klode <jak@debian.org>
  Standards-Version: 3.9.3
  Build-Depends: dpkg-dev (>= 1.15.8), debhelper (>= 8.1.3~), libdb-dev,
-  gettext (>= 0.12), libcurl4-gnutls-dev (>= 7.19.0),
+  gettext (>= 0.12), libcurl4-gnutls-dev (>= 7.19.4~),
   zlib1g-dev, libbz2-dev, xsltproc, docbook-xsl, docbook-xml,
   po4a (>= 0.34-2), autotools-dev, autoconf, automake
  Build-Depends-Indep: doxygen, debiandoc-sgml
  Build-Conflicts: autoconf2.13, automake1.4
 -Vcs-Bzr: http://bzr.debian.org/apt/debian-wheezy/
 -Vcs-Browser: http://bzr.debian.org/loggerhead/apt/debian-wheezy/
 +Vcs-Bzr: http://bzr.debian.org/apt/debian-sid/
 +Vcs-Browser: http://bzr.debian.org/loggerhead/apt/debian-sid/
  
  Package: apt
  Architecture: any
  Depends: ${shlibs:Depends}, ${misc:Depends}, debian-archive-keyring, gnupg
 -Replaces: manpages-pl (<< 20060617-3~)
 +Replaces: manpages-pl (<< 20060617-3~), manpages-it
  Conflicts: python-apt (<< 0.7.93.2~)
  Suggests: aptitude | synaptic | wajig, dpkg-dev, apt-doc, xz-utils, python-apt
  Description: commandline package manager
diff --combined methods/https.cc
index 11d4ba8aa,d85415b2f..b44642ab2
--- a/methods/https.cc
+++ b/methods/https.cc
@@@ -124,6 -124,7 +124,6 @@@ bool HttpsMethod::Fetch(FetchItem *Itm
     curl_easy_setopt(curl, CURLOPT_PROGRESSFUNCTION, progress_callback);
     curl_easy_setopt(curl, CURLOPT_PROGRESSDATA, this);
     curl_easy_setopt(curl, CURLOPT_NOPROGRESS, false);
 -   curl_easy_setopt(curl, CURLOPT_FAILONERROR, true);
     curl_easy_setopt(curl, CURLOPT_FILETIME, true);
  
     // SSL parameters are set by default to the common (non mirror-specific) value
@@@ -239,7 -240,6 +239,7 @@@
        curl_easy_setopt(curl, CURLOPT_VERBOSE, true);
  
     // error handling
 +   curl_errorstr[0] = '\0';
     curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, curl_errorstr);
  
     // If we ask for uncompressed files servers might respond with content-
@@@ -285,10 -285,15 +285,15 @@@
     long curl_servdate;
     curl_easy_getinfo(curl, CURLINFO_FILETIME, &curl_servdate);
  
+    // If the server returns 200 OK but the If-Modified-Since condition is not
+    // met, CURLINFO_CONDITION_UNMET will be set to 1
+    long curl_condition_unmet = 0;
+    curl_easy_getinfo(curl, CURLINFO_CONDITION_UNMET, &curl_condition_unmet);
+ 
     File->Close();
  
     // cleanup
 -   if(success != 0) 
 +   if(success != 0 || (curl_responsecode != 200 && curl_responsecode != 304))
     {
        _error->Error("%s", curl_errorstr);
        // unlink, no need keep 401/404 page content in partial/
@@@ -312,7 -317,7 +317,7 @@@
        Res.Filename = File->Name();
        Res.LastModified = Buf.st_mtime;
        Res.IMSHit = false;
-       if (curl_responsecode == 304)
+       if (curl_responsecode == 304 || curl_condition_unmet)
        {
  	 unlink(File->Name().c_str());
  	 Res.IMSHit = true;