From: Michael Vogt Date: Fri, 1 Mar 2013 11:14:42 +0000 (+0100) Subject: merged lp:~mvo/apt/hash-order X-Git-Tag: 1.1.exp1~49 X-Git-Url: https://git.saurik.com/apt.git/commitdiff_plain/fd785e49fa017abbe1871f18af515fdedb3ad183?hp=-c merged lp:~mvo/apt/hash-order --- fd785e49fa017abbe1871f18af515fdedb3ad183 diff --combined apt-pkg/acquire-item.cc index 665dd427e,a71886a87..89ca6c670 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@@ -1235,20 -1235,9 +1235,20 @@@ void pkgAcqMetaIndex::Done(string Messa } else { + // FIXME: move this into pkgAcqMetaClearSig::Done on the next + // ABI break + + // if we expect a ClearTextSignature (InRelase), ensure that + // this is what we get and if not fail to queue a + // Release/Release.gpg, see #346386 + if (SigFile == DestFile && !StartsWithGPGClearTextSignature(DestFile)) + { + Failed(Message, Cfg); + return; + } + // There was a signature file, so pass it to gpgv for // verification - if (_config->FindB("Debug::pkgAcquire::Auth", false)) std::cerr << "Metaindex acquired, queueing gpg verification (" << SigFile << "," << DestFile << ")\n"; @@@ -1741,7 -1730,7 +1741,7 @@@ bool pkgAcqArchive::QueueNext( { if(stringcasecmp(ForceHash, "sha512") == 0) ExpectedHash = HashString("SHA512", Parse.SHA512Hash()); - if(stringcasecmp(ForceHash, "sha256") == 0) + else if(stringcasecmp(ForceHash, "sha256") == 0) ExpectedHash = HashString("SHA256", Parse.SHA256Hash()); else if (stringcasecmp(ForceHash, "sha1") == 0) ExpectedHash = HashString("SHA1", Parse.SHA1Hash()); diff --combined debian/changelog index 36b5bd9d1,ef50ea423..792b12094 --- a/debian/changelog +++ b/debian/changelog @@@ -1,40 -1,11 +1,41 @@@ +apt (0.9.8~exp1) UNRELEASED; urgency=low + + [ David Kalnischkies ] + * apt-pkg/contrib/strutl.cc: + - support \n and \r\n line endings in ReadMessages + + [ Michael Vogt ] + * lp:~mvo/apt/webserver-simulate-broken-with-fix346386: + - fix invalid InRelease file download checking and add regression + test to server broken files to the buildin test webserver + * stop exporting the accidently exported parsenetrc() symbol + * lp:~mvo/apt/add-glob-function: + - add Glob() to fileutl.{cc,h} + * lp:~mvo/apt/config-clear: + - support Configuration.Clear() for a clear of the entire + configuration + * apt-pkg/deb/dpkgpm.cc: + - use tcgetattr() on STDOUT instead of STDIN so that term.log + works for redirected stdin + - print error in log if tcgetattr() fails instead of writing + a empty file ++ * use sha512 when available (LP: #1098752) + - -- David Kalnischkies Mon, 09 Jul 2012 17:36:40 +0200 ++ -- Michael Vogt Fri, 01 Mar 2013 12:12:39 +0100 + apt (0.9.7.8) UNRELEASED; urgency=low [ Manpages translation updates ] * Italian (Beatrice Torracca). Closes: #696601 + [ Programs translation updates ] + * Japanese (Kenshi Muto). Closes: #699783 + [ Michael Vogt ] * fix pkgProblemResolver::Scores, thanks to Paul Wise. Closes: #697577 + * [ABI BREAK] apt-pkg/pkgcache.h: + - adjust pkgCache::State::VerPriority enum, to match reality * fix missing translated apt.8 manpages, thanks to Helge Kreutzmann for the report. Closes: #696923 * apt-pkg/contrib/progress.cc: @@@ -55,10 -26,7 +56,10 @@@ (potentially) used for non deb,dsc content that may contain spaces, thanks to Daniel Hartwig and Thomas Bushnell (LP: #1086997) - * use sha512 when available (LP: #1098752) + - quote plus in filenames to work around a bug in the S3 server + (LP: #1003633) + * apt-pkg/indexrecords.cc: + - support '\r' in the Release file -- Christian Perrier Mon, 24 Dec 2012 07:01:20 +0100