David Kalnischkies [Fri, 25 Sep 2015 17:58:43 +0000 (19:58 +0200)]
allow all dpkg selections to be set via apt-mark and libapt
As we have support for 'hold', we need support for undoing a hold which
in effect means that we implemented most other states as well, just that
they weren't exposed in the interface directly so far.
David Kalnischkies [Fri, 25 Sep 2015 09:25:25 +0000 (11:25 +0200)]
provide public interface to hold/unhold packages
We had this code lying around in apt-mark for a while now, but other
frontends need this (and similar) functionality as well, so its high
time that we provide a public interface in libapt for this stuff.
David Kalnischkies [Fri, 18 Sep 2015 09:14:56 +0000 (11:14 +0200)]
refactor dpkg execution in deb/debsystem
We have a few places and there will be a few more still where we have to
call dpkg to detect/set certain features or settings. Centralizing the
calling infrastructure now seems like a good idea before we add another.
David Kalnischkies [Thu, 17 Sep 2015 11:46:11 +0000 (13:46 +0200)]
switch 'apt-mark hold' from Pkg to Ver based operation
Users hold a package foo (at version X) or try to prevent the
installation of foo (usually based on the information they know about
version X), even if we say that we "hold a package". Conceptionally we
also need to know about which architecture we are talking and that is an
information bound to a version (as a package can change architecture
over time).
We internally did this lookup from Pkg to Ver already, we just move this
to a central place where the user has a change to influence it now.
Git-Dch: Ignore
David Kalnischkies [Thu, 17 Sep 2015 11:13:41 +0000 (13:13 +0200)]
add cacheset push_back wrapping for std::back_inserter
As usual by now, not all containers wrapped by the cacheset containers
support all methods, like push_back now, but they fail on use of these
unusable methods only.
Would be nice to not expose these methods for unsupporting containers at
all, but that means either a lot of classes or a lot of std::enable_if
magic, which seems like too big work for this small wrapper for now.
Git-Dch: Ignore
David Kalnischkies [Thu, 17 Sep 2015 08:50:30 +0000 (10:50 +0200)]
implement operator* for cacheset iterators
Technically an abi-break as we change a template parameter to
std::iterator for this, but this class is empty in all instances and
just causes the right typedefs to be set – which were incorrect as
detected by std::stable_partition as its implementation uses ::pointer
and needs also a operator* implementation.
In practice CacheSets have no external users (yet) and the difference is
visible only at compile time (which was an error before and now works),
not while linking.
The changes to apt-mark are functionally identical to the code before,
just that we use a std:: algorithm now instead of trying hard on our
own.
David Kalnischkies [Tue, 15 Sep 2015 12:12:19 +0000 (14:12 +0200)]
implement a public pkgSystem::ArchitecturesSupported
David Kalnischkies [Tue, 15 Sep 2015 10:44:53 +0000 (12:44 +0200)]
implement a public pkgSystem::MultiArchSupported
Some codepaths need to check if the system (in our case usually dpkg)
supports MultiArch or not. We had copy-pasted the check so far into
these paths, but having it as a system check is better for reusability.
David Kalnischkies [Tue, 15 Sep 2015 10:28:53 +0000 (12:28 +0200)]
travis: move 'make' into the install target
This auto-collapses the output and doesn't run the tests
if we compiling fails as a bonus.
Git-Dch: Ignore
Mert Dirik [Thu, 22 Oct 2015 13:43:58 +0000 (15:43 +0200)]
Turkish program translation update
Closes: 802610
Julian Andres Klode [Tue, 3 Nov 2015 10:20:42 +0000 (11:20 +0100)]
configure.ac: Only require autoconf 2.68
This makes it compileable on the trusty travis-ci instance.
Gbp-Dch: ignore
Julian Andres Klode [Tue, 3 Nov 2015 10:10:53 +0000 (11:10 +0100)]
configure.ac: Run autoupdate
Gbp-Dch: ignore
Julian Andres Klode [Fri, 30 Oct 2015 14:41:13 +0000 (15:41 +0100)]
thread-safety tests: Adjust path to lists
Gbp-Dch: ignore
Julian Andres Klode [Fri, 23 Oct 2015 18:13:00 +0000 (20:13 +0200)]
Provide tests for thread-safety
These scripts currently produce HTML output that is directly
piped into an HTML file on alioth.
There are three categories. The first two check external
library calls to use the ones specified by POSIX to be
thread-safe. The main profile excludes functions that are
thread-safe on Linux or glibc in general, while the portable
output strictly follows posix.
The internal.html output lists internal function calls, such
as configuration setting.
This is supposed to be automated further at some point, so
we can automatically check for regressions.
Julian Andres Klode [Fri, 23 Oct 2015 15:28:27 +0000 (17:28 +0200)]
orderlist: Replace qsort() by thread-safe std::sort()
Gbp-Dch: ignore
Julian Andres Klode [Fri, 23 Oct 2015 15:17:54 +0000 (17:17 +0200)]
algorithms: Replace qsort() by thread-safe std::sort()
Gbp-Dch: ignore
Julian Andres Klode [Fri, 23 Oct 2015 18:36:03 +0000 (20:36 +0200)]
dpkgpm: Convert users of localtime() to localtime_r()
The former is not thread-safe, whereas the latter is.
Gbp-Dch: ignore
Julian Andres Klode [Fri, 30 Oct 2015 13:54:18 +0000 (14:54 +0100)]
cacheset: Fix compilation on new GCC in C++98 mode
Since gcc 4.9, the API for erase slightly changed. In
commit
3dddcdf2432e78f37c74d8c76c2c519a8d935ab2 the
existing checks for __cplusplus where changed to
check the gcc version, as the __cplusplus check
did nothing, because gcc 4.8 already provided the
standard value in there.
Fix the code to check for the gcc version in two
more places, and change the existing checks to
use a convenience macro.
Julian Andres Klode [Fri, 30 Oct 2015 13:44:52 +0000 (14:44 +0100)]
srvrec: Do not expose C++11 tuple use in header
This makes non-C++11 reverse deps wishing to use it FTBFS.
Julian Andres Klode [Fri, 23 Oct 2015 19:17:25 +0000 (21:17 +0200)]
dpkgpm: Use ptsname_r() instead of ptsname() to be thread-safe
This function only exists on a limited number of platforms, so
we add a configure check to make sure it exists.
Gbp-Dch: ignore
Julian Andres Klode [Fri, 23 Oct 2015 18:45:21 +0000 (20:45 +0200)]
dpkgpm: Convert ctime() call to ctime_r()
ctime() is not thread-safe, ctime_r() is.
Gbp-Dch: ignore
Julian Andres Klode [Fri, 23 Oct 2015 18:39:56 +0000 (20:39 +0200)]
aptconfiguration: Convert strtok() to strtok_r()
strtok() is not thread-safe, whereas strtok_r() is.
Gbp-Dch: ignore
Julian Andres Klode [Fri, 23 Oct 2015 18:31:12 +0000 (20:31 +0200)]
GetSrvRecords: Make thread-safe
Gbp-Dch: ignore
Julian Andres Klode [Fri, 23 Oct 2015 16:02:30 +0000 (18:02 +0200)]
deblistparser: Make PrioList const
More safety, less writeable memory.
Michael Vogt [Tue, 20 Oct 2015 17:29:17 +0000 (19:29 +0200)]
releasing 1.1~exp14
Julian Andres Klode [Tue, 20 Oct 2015 16:16:42 +0000 (18:16 +0200)]
Allow -i and -u as aliases for installed and upgradable in list
This makes things much easier to use
Julian Andres Klode [Sun, 11 Oct 2015 13:35:35 +0000 (15:35 +0200)]
.travis.yml: Add pinned vivid for gettext and clean up a bit
This adds a vivid pinned to -1, cleans up the file a bit by
removing duplicate commands, and finally installs gettext
with a new apt-get run that is passed -t vivid.
The syntax for the pinning is some weird YAML stuff I don't
want to think about...
Julian Andres Klode [Sat, 10 Oct 2015 22:41:11 +0000 (00:41 +0200)]
Revert "Fix select timeout to be 50msec instead of 0.5msec" for acquire
The acquire system actually uses usec pulse intervals, so the
previous value was correct (500ms) whereas the new value is
now 5s.
It's a bit unfortunate that the two systems use different units
for pulse intervals, but probably not much we can do about it.
This partially reverts commit
eaf21c2144fa8dc4be8581dc69cf88cb38e30ce2.
Michael Vogt [Mon, 5 Oct 2015 16:30:30 +0000 (18:30 +0200)]
releasing package apt version 1.1~exp13
Michael Vogt [Mon, 5 Oct 2015 16:30:19 +0000 (18:30 +0200)]
Run "./prepare-release pre-export"
Git-dch: ignore
Michael Vogt [Wed, 30 Sep 2015 13:24:47 +0000 (15:24 +0200)]
Fix select timeout to be 50msec instead of 0.5msec
Closes: #799857
Michael Vogt [Tue, 22 Sep 2015 14:56:34 +0000 (16:56 +0200)]
Use --add-location=file for po/ and doc/po
This avoids churn in the po/pot files when just the location line
number in the source code changes.
Git-Dch: ignore
David Kalnischkies [Tue, 15 Sep 2015 07:56:57 +0000 (09:56 +0200)]
tests: add a -j $jobs mode to test runner for parallel execution
Now that tests can be run in parallel, lets actually do it… The mode has
some downsides like not collecting the failed tests, but it can be a lot
faster than a sequential run and is therefore a good alternative in
testing those "this shouldn't break anything" changes (which tend to
break everything if untested).
Git-Dch: Ignore
David Kalnischkies [Mon, 14 Sep 2015 22:33:12 +0000 (00:33 +0200)]
tests: don't use hardcoded port for http and https
This allows running tests in parallel.
Git-Dch: Ignore
David Kalnischkies [Mon, 14 Sep 2015 12:57:56 +0000 (14:57 +0200)]
fallback to well-known URI if by-hash fails
We uses a small trick to implement the fallback: We make it so, that
by-hash is a special compression algorithm and apt already knows how to
deal with fallback between compression algorithms.
The drawback with implementing this fallback is that a) we are guessing
again and more importantly b) by-hash is only tried for the first
compression algorithm we want to acquire, not for all as before – but
flipping between by-hash and well-known for each compression algorithm
seems to be not really worth it as it seems unlikely that there will
actually be mirrors who only mirror a subset of compressioned files, but
have by-hash enabled.
The user-experience is the usual fallback one: You see "Ign" lines in
the apt update output. The fallback is implemented as a transition
feature, so a (potentially huge) mirror network doesn't need a flagday.
It is not meant as a "someday we might" or "we don't, but some of our
mirrors might" option – we want to cut down on the 'Ign' lines front so
that they become meaningful – if we wanted to spam everyone with them, we
could enable by-hash by default for all repositories…
sources.list and config options are better suited for this.
Closes: 798919
David Kalnischkies [Mon, 14 Sep 2015 11:18:29 +0000 (13:18 +0200)]
add by-hash sources.list option and document all of by-hash
This changes the semantics of the option (which is renamed too) to be a
yes/no value with the special additional value "force" as this allows
by-hash to be disabled even if the repository indicates it would be
supported and is more in line with our other yes/no options like pdiff
which disable themselves if no support can be detected.
The feature wasn't documented so far and hasn't reached a (un)stable
release yet, so changing it without trying too hard to keep
compatibility seems okay.
David Kalnischkies [Mon, 14 Sep 2015 00:26:13 +0000 (02:26 +0200)]
tests: try to support spaces in TMPDIR
Not all tests work yet, most notable the cdrom tests, but those require
changes in libapt itself to have a proper fix and what we have fixed so
far is good enough progress for now.
Git-Dch: Ignore
David Kalnischkies [Sun, 13 Sep 2015 20:16:32 +0000 (22:16 +0200)]
deal with spaces in path, command and filepaths in apt-key
Filenames we get could include spaces, but also the tmpdir we work in
and the failures we print in return a very generic and unhelpful…
Properly supporting spaces is a bit painful as we constructed gpg
command before, which is now moved to (multilevel) calls to temporary
scripts instead.
David Kalnischkies [Sun, 13 Sep 2015 15:25:23 +0000 (17:25 +0200)]
tests: use SHA1 checksum only by default in tests
This is mostly a small speedup for the testcases, but it is also handy
to document which tests actually deal with a specific hash compared to
those which 'just' need some hash which can be important while adding
new hashes.
Git-Dch: Ignore
David Kalnischkies [Sun, 13 Sep 2015 15:23:55 +0000 (17:23 +0200)]
add --sha512 option + documentation for apt-ftparchive
David Kalnischkies [Sun, 13 Sep 2015 12:34:15 +0000 (14:34 +0200)]
use APT::FTPArchive hash settings as default for APT::FPArchive::$filetype
David Kalnischkies [Sun, 13 Sep 2015 12:33:14 +0000 (14:33 +0200)]
do not generate bogus hashes if hash is disabled in apt-ftparchive
David Kalnischkies [Sun, 13 Sep 2015 09:58:53 +0000 (11:58 +0200)]
do not ignore differently versioned self-provides
Reported-By: Konomi on IRC
David Kalnischkies [Sat, 12 Sep 2015 08:35:49 +0000 (10:35 +0200)]
various changes to increase test-coverage
And of course, testing obscure things ends up showing obscure 'bugs' or
better shortcomings/inconsitencies, so lets fix them with the tests.
Git-Dch: Ignore
David Kalnischkies [Sat, 12 Sep 2015 08:15:52 +0000 (10:15 +0200)]
implement apt-get source msg 'Please use: $vcs' for git
A bit unfair that only Bzr had this message. Lets at least print it for
git as well with the option of adding more later without string changes.
David Kalnischkies [Sat, 12 Sep 2015 07:52:16 +0000 (09:52 +0200)]
dereference redirect in Vcs-Browser URI to cgit
Git-Dch: Ignore
David Kalnischkies [Fri, 11 Sep 2015 23:23:01 +0000 (01:23 +0200)]
srv test: do 100 pulls twice and compare list
The previous implementation was still a bit unstable in terms of failing
at times. Lets try if we have more luck with this one.
Git-Dch: Ignore
David Kalnischkies [Fri, 11 Sep 2015 19:15:52 +0000 (21:15 +0200)]
fix alloc-dealloc-mismatch (operator new [] vs operator delete)
Reported-By: gcc -fsanitize=address -fno-sanitize=vptr
Git-Dch: Ignore
David Kalnischkies [Fri, 11 Sep 2015 19:02:19 +0000 (21:02 +0200)]
fix two memory leaks reported by gcc
Reported-By: gcc -fsanitize=address -fno-sanitize=vptr
Git-Dch: Ignore
David Kalnischkies [Fri, 11 Sep 2015 18:53:07 +0000 (20:53 +0200)]
use std-algorithms instead of manual loops to avoid overflow warning
Reported-By: gcc
Understandable: no
Git-Dch: Ignore
David Kalnischkies [Fri, 11 Sep 2015 12:19:16 +0000 (14:19 +0200)]
do not report deprecate warnings for the None declaration
This is defined for compatibility, warning about it is intended, but
only in places where it is actually used, rather than at the place we
declare it for compatability…
Git-Dch: Ignore
David Kalnischkies [Fri, 11 Sep 2015 23:26:17 +0000 (01:26 +0200)]
move std=c++11 from CXXFLAGS to CXX
Setting CXXFLAGS like --coverage on the commandline fails if we set the
std too late, so if we set it with the compiler name we set it always
first. A bit hacky as it bends the expectation, but seems to work.
Git-Dch: Ignore
David Kalnischkies [Thu, 10 Sep 2015 20:44:01 +0000 (22:44 +0200)]
fix 'Dead assignment' by dropping unneeded boolean
Reported-By: scan-build
Git-Dch: Ignore
David Kalnischkies [Thu, 10 Sep 2015 19:10:17 +0000 (21:10 +0200)]
tests: use more 'native' instead of 'amd64' if possible
The tests usually run on amd64 boxes, but once in a while I run it on a
(slow) armel box as well, which has its fair share of problems with some
tests, but at least the low hanging fruits can be dealt with: Do not
assume that amd64 is the native dpkg architecture – instead use whatever
dpkg thinks is native as architecture for the test.
Git-Dch: Ignore
David Kalnischkies [Thu, 10 Sep 2015 17:00:51 +0000 (19:00 +0200)]
avoid using global PendingError to avoid failing too often too soon
Our error reporting is historically grown into some kind of mess.
A while ago I implemented stacking for the global error which is used in
this commit now to wrap calls to functions which do not report (all)
errors via return, so that only failures in those calls cause a failure
to propergate down the chain rather than failing if anything
(potentially totally unrelated) has failed at some point in the past.
This way we can avoid stopping the entire acquire process just because a
single source produced an error for example. It also means that after
the acquire process the cache is generated – even if the acquire
process had failures – as we still have the old good data around we can and
should generate a cache for (again).
There are probably more instances of this hiding, but all these looked
like the easiest to work with and fix with reasonable (aka net-positive)
effects.
David Kalnischkies [Thu, 10 Sep 2015 16:46:05 +0000 (18:46 +0200)]
use a less generic special trigger filename for stdin
Git-Dch: Ignore
David Kalnischkies [Thu, 10 Sep 2015 08:03:40 +0000 (10:03 +0200)]
include debug information in the autoremove-kernels file
Figuring out after the fact what went wrong in the kernel hook is kinda
hart, also as the bugreports are usually very lacking on the details
front. Collecting the internal variables in the debug output we attach
to the generated file might help shine some light on the matter.
It's at least not going to hurt…
David Kalnischkies [Wed, 9 Sep 2015 08:56:23 +0000 (10:56 +0200)]
do not discard new manual-bits while applying EDSP solutions
In private-install.cc we call MarkInstall with FromUser=true, which sets
the bit accordingly, but while applying the EDSP solution we call mark
install on all packages with FromUser=false, so MarkInstall believes
this install is an automatic one and sets it to auto – so that a new package
which is explicitely installed via an external solver is marked as auto
and is hence also up for garbage collection in a following call.
Ideally MarkInstall wouldn't reset it, but the detection is hard to do
without regressing in other cases – and ideally ideally MarkInstall
wouldn't deal with the autobit at all – so we work around this on the
calling side for now.
David Kalnischkies [Tue, 8 Sep 2015 20:14:11 +0000 (22:14 +0200)]
implement autobit and pinning in EDSP solver 'apt'
The parser creates a preferences as well as an extended states file
based on the EDSP scenario file, which isn't the most efficient way of
dealing with this as thes text files have to be parsed again by another
layer of the code, but it needs the least changes and works good enough
for now. The 'apt' solver is in the end just a test solver like dump.
David Kalnischkies [Tue, 8 Sep 2015 11:58:55 +0000 (13:58 +0200)]
remove incorrect optimization branches
These assumptions were once true, but they aren't anymore, so what is
supposed to be a speed up is effectively a slowdown [not that it would
be noticible].
Usage of SingleArchFindPkg was nuked in a stable update already as the
included assumption was actually harmful btw, which is why we should get
right of other 'non-harmful' but still untrue assumptions while we can.
Git-Dch: Ignore
David Kalnischkies [Tue, 8 Sep 2015 10:49:04 +0000 (12:49 +0200)]
select kernels to protect from autoremove based on Debian version
This is basically a rewrite of the script with the general idea of
finding the Debian version of the installed kernels – as multiple
flavours will have the same Debian version – select the two newest of
them and translate them back to versions found in package names.
This way we avoid e.g. kernel and kernel-rt to use up the protected
slots even through they are basically the same kernel (just a different
flavour) so it is likely that if kernel doesn't work for some reason,
kernel-rt will not either.
This also deals with foreign kernel packages, kernels on hold and partly
installed kernels (in case multiple kernels are installed in the same
apt run) in a hopefully sensible way.
Closes: 787827
David Kalnischkies [Mon, 7 Sep 2015 19:14:55 +0000 (21:14 +0200)]
copy ReadWrite-error to the bottom to make clang happy
clang detects that fd isn't set in the ReadWrite case – just that this
is supposed to be catched earlier in this method already, but it doesn't
hurt to make it explicit here as well and clang is happy, too.
Git-Dch: Ignore
David Kalnischkies [Mon, 7 Sep 2015 17:32:31 +0000 (19:32 +0200)]
fix insecure use of /tmp in EDSP solver 'dump'
As said in the bugreport, this is hardly a serious problem on a security
front, but it was always on the list to have the filename configurable
somehow and the stable filename is a problem for parallel executions.
Using an environment variable (APT_EDSP_DUMP_FILENAME) for this is more
or less the best we can do here as solvers do not get told about our
configuration and such.
Closes: 795600
David Kalnischkies [Mon, 7 Sep 2015 17:10:21 +0000 (19:10 +0200)]
implement CopyFile without using FileFd::Size()
Pipes and such have no good Size value, but we still want to copy from
it maybe and we don't really need size as we can just as well read as
long as we get data out of a file to copy it.
Git-Dch: Ignore
David Kalnischkies [Mon, 7 Sep 2015 13:05:00 +0000 (15:05 +0200)]
add Source-Version field for EDSP
The syntax of "Source" is different in EDSP compared to the the field of
the same name in 'the rest' of Debian, so documented this accordingly
and send the version as a new field.
David Kalnischkies [Sun, 6 Sep 2015 11:32:07 +0000 (13:32 +0200)]
implement dpkgs vision of interpreting pkg:<arch> dependencies
How the Multi-Arch field and pkg:<arch> dependencies interact was
discussed at DebConf15 in the "MultiArch BoF". dpkg and apt (among other
tools like dose) had a different interpretation in certain scenarios
which we resolved by agreeing on dpkg view – and this commit realizes
this agreement in code.
As was the case so far libapt sticks to the idea of trying to hide
MultiArch as much as possible from individual frontends and instead
translates it to good old SingleArch. There are certainly situations
which can be improved in frontends if they know that MultiArch is upon
them, but these are improvements – not necessary changes needed
to unbreak a frontend.
The implementation idea is simple: If we parse a dependency on foo:amd64
the dependency is formed on a package 'foo:amd64' of arch 'any'. This
package is provided by package 'foo' of arch 'amd64', but not by 'foo'
of arch 'i386'. Both of those foo packages provide each other through
(assuming foo is M-A:foreign) to allow a dependency on 'foo' to be
satisfied by either foo of amd64 or i386. Packages can also declare to
provide 'foo:amd64' which is translated to providing 'foo:amd64:any' as
well.
This indirection over provides was chosen as the alternative would be to
teach dependency resolvers how to deal with architecture specific
dependencies – which violates the design idea of avoiding resolver
changes, especially as architecture-specific dependencies are a
cornercase with quite a few subtil rules. Handling it all over versioned
provides as we already did for M-A in general seems much simpler as it
just works for them.
This switch to :any has actually a "surprising" benefit as well: Even
frontends showing a package name via .Name() [which doesn't show the
architecture] will display the "architecture" for dependencies in which
it was explicitely requested, while we will not show the 'strange' :any
arch in FullName(true) [= pretty-print] either. Before you had to
specialcase these and by default you wouldn't get these details shown.
The only identifiable disadvantage is that this complicates error
reporting and handling. apt-get's ShowBroken has existing problems with
virtual packages [it just shows the name without any reason], so that
has to be worked on eventually. The other case is that detecting if a
package is completely unknown or if it was at least referenced somewhere
needs to acount for this "split" – not that it makes a practical
difference which error is shown… but its one of the improvements
possible.
David Kalnischkies [Sun, 6 Sep 2015 10:35:17 +0000 (12:35 +0200)]
tests: allow to run (selfbuilt) dpkg under gdb
Git-Dch: Ignore
David Kalnischkies [Sat, 5 Sep 2015 11:29:50 +0000 (13:29 +0200)]
M-A: allowed pkgs of unconfigured archs do not statisfy :any
We parse all architectures we encounter recently, which means we also
parse packages from architectures which are neither native nor foreign,
but still came onto the system somehow (usually via heavy force).
David Kalnischkies [Sat, 5 Sep 2015 10:58:04 +0000 (12:58 +0200)]
store ':any' pseudo-packages with 'any' as architecture
Previously we had python:any:amd64, python:any:i386, … in the cache and
the dependencies of an amd64 package would be on python:any:amd64, of an
i386 on python:any:i386 and so on. That seems like a relatively
pointless endeavor given that they will all be provided by the same
packages and therefore also a waste of space.
Git-Dch: Ignore
David Kalnischkies [Fri, 4 Sep 2015 09:44:51 +0000 (11:44 +0200)]
tests: refactor printing of the quiet failure header
Git-Dch: Ignore
David Kalnischkies [Fri, 4 Sep 2015 09:31:36 +0000 (11:31 +0200)]
tests: store msgmsg message for display in fail as well
Git-Dch: Ignore
David Kalnischkies [Thu, 3 Sep 2015 17:25:28 +0000 (19:25 +0200)]
tests: -y is the default on travis, but not on other ci's
Git-Dch: Ignore
Julian Andres Klode [Mon, 14 Sep 2015 10:35:28 +0000 (12:35 +0200)]
po: Sort domains
This should make things even more predictable.
Gbp-Dch: ignore
Michael Vogt [Sat, 12 Sep 2015 09:06:34 +0000 (11:06 +0200)]
Sort pot input files
Git-Dch: ignore
Michael Vogt [Sat, 12 Sep 2015 06:46:39 +0000 (08:46 +0200)]
Use xgettext --no-location in make update-pot
This avoid the large diff we have that is mostly caused by the
line numbers changing in the po/pot files.
Michael Vogt [Fri, 11 Sep 2015 21:37:01 +0000 (23:37 +0200)]
releasing package apt version 1.1~exp12
Julian Andres Klode [Fri, 11 Sep 2015 19:54:22 +0000 (21:54 +0200)]
apt-pkg/tagfile.h: Include stdint.h, fixes rdep build failures
Michael Vogt [Mon, 7 Sep 2015 10:47:30 +0000 (12:47 +0200)]
Set APT::FTPArchive::DoByHash to false by default
"apt-ftparchive release" will create the by-hash files if
this mode is enabled. This maybe unexpected by existing users
so make it a opt-in.
Git-Dch: ignore
Michael Vogt [Mon, 7 Sep 2015 09:39:52 +0000 (11:39 +0200)]
Ensure that no by-hash file for "Release/InRelease is written"
Git-Dch: ignore
Brown-paperbag: yes
Thanks: Donkult
Michael Vogt [Fri, 4 Sep 2015 21:29:38 +0000 (23:29 +0200)]
Add support for writing by-hash dirs in apt-ftparchive
This option is enabled via the APT::FTPArchive::DoByHash switch.
It will also honor the option APT::FTPArchive::By-Hash-Keep that
controls how many previous generation of by-hash files should be
kept (defaults to 3).
Merged from https://github.com/mvo5/apt/tree/feature/apt-ftparchive-by-hash
David Kalnischkies [Wed, 2 Sep 2015 10:35:22 +0000 (12:35 +0200)]
avoid triggering the c++11 erase api change on travis
Git-Dch: Ignore
David Kalnischkies [Wed, 2 Sep 2015 09:31:32 +0000 (11:31 +0200)]
tests: collect more details about failed checkdiffs
Git-Dch: Ignore
David Kalnischkies [Tue, 1 Sep 2015 16:32:22 +0000 (18:32 +0200)]
use clock() as source for SRV randomness
Initializing a random number generator with the time since epoch could
be good enough, but reaches its limits in test code as the 100
iterations might very well happen in the same second and hence the seed
number is always the same… clock() has a way lower resolution so it
changes more often and not unimportant: If many users start the update
at the same time it isn't to unlikely the SRV record will be ordered in
the same second choosing the same for them all, but it seems less likely
that the exact same clock() time has passed for them.
And if I have to touch this, lets change a few other things as well to
make me and/or compilers a bit happier (clang complained about the usage
of a GNU extension in the testcase for example).
David Kalnischkies [Tue, 1 Sep 2015 11:58:00 +0000 (13:58 +0200)]
use unusable-for-security hashes for integrity checks
We want to declare some hashes as not enough for security, so that a
user will need --allow-unauthenticated or similar to get data secured
only by those hashes, but we can still us these hashes for integrity
checks if we got them.
Michael Vogt [Tue, 1 Sep 2015 09:13:48 +0000 (11:13 +0200)]
Consider md5sum no longer a usable hash
The md5sum hash is broken since some time and we should no longer
consider it a usable hash. Also update the tests to reflect this.
David Kalnischkies [Tue, 1 Sep 2015 00:29:27 +0000 (02:29 +0200)]
improve CheckDropPrivsMustBeDisabled further
Various smaller improvements so that the check deals better with already
downloaded files, relative paths and other things.
Git-Dch: Ignore
David Kalnischkies [Mon, 31 Aug 2015 21:52:30 +0000 (23:52 +0200)]
travis: use -q mode to reduce the verbosity greatly
Git-Dch: Ignore
David Kalnischkies [Mon, 31 Aug 2015 21:22:55 +0000 (23:22 +0200)]
test: show the highlevel test for lowerranking ones
testsuccess checks the return code, but it does also some autotests
based on the command like grepping for dpkg warnings in a apt-get
install call – but if this finds something it is just showing the grep
command. With this change it will additionally show the first msgtest
which in this case will detail the actual apt-get install call.
Git-Dch: Ignore
David Kalnischkies [Mon, 31 Aug 2015 19:00:56 +0000 (21:00 +0200)]
tests: store msgtest in -q mode for display in msgfail
Not-quiet output is very verbose and with our growing array of tests
generates many many lines which e.g. kills the log display in travis-ci
and obscures failures and uncatched output in a wall of details.
The -q mode fixed this by callapsing passed tests to a single P and now
with some rework we can even get failures properly displayed with the
message from msgtest.
Git-Dch: Ignore
David Kalnischkies [Mon, 31 Aug 2015 15:48:54 +0000 (17:48 +0200)]
fix some unused parameter/variable warnings
Reported-By: gcc
Git-Dch: Ignore
David Kalnischkies [Mon, 31 Aug 2015 15:28:33 +0000 (17:28 +0200)]
tavis: run testcases a second time, but as root
Git-Dch: Ignore
David Kalnischkies [Mon, 31 Aug 2015 14:13:36 +0000 (16:13 +0200)]
do delay the test for http, too, to make it more reliable
The file method was already slowed down and somehow I thought I had done
the same for http, but it turns out that I didn't. Giving it the same
delay as file should help in making this test slower and therefore more
likely to successfully test what it is supposed to test.
Git-Dch: Ignore
David Kalnischkies [Mon, 31 Aug 2015 12:27:04 +0000 (14:27 +0200)]
remove Christian Perrier from Uploaders as requested
Closes: #783337
Thanks: Christian for all the l10n, code & social contributions!
Miroslav Kure [Mon, 31 Aug 2015 11:15:13 +0000 (13:15 +0200)]
Czech program translation update
Closes: 797329
David Kalnischkies [Mon, 31 Aug 2015 09:42:15 +0000 (11:42 +0200)]
fix valid-until-min typo in sources.list(5)
Git-Dch: Ignore
David Kalnischkies [Mon, 31 Aug 2015 09:00:12 +0000 (11:00 +0200)]
if file is inaccessible for _apt, disable privilege drop in acquire
We had a very similar method previously for our own private usage, but
with some generalisation we can move this check into the acquire system
proper so that all frontends profit from this compatibility change.
As we are disabling a security feature here a warning is issued and
frontends are advised to consider reworking their download logic if
possible.
Note that this is implemented as an all or nothing situation: We can't
just (not) drop privileges for a subset of the files in a fetcher, so in
case you have to download some files with and some without you need to
use two fetchers.
David Kalnischkies [Mon, 31 Aug 2015 00:31:10 +0000 (02:31 +0200)]
ignore for _apt inaccessible TMPDIR in pkgAcqChangelog
Using libpam-tmpdir caused us to create our download tmp directory in
root's private tmp before changing to _apt, which wouldn't have access
to it.
By extending our GetTempDir method with an optional wrapper changing the
effective user, we can test if a given user can access the directory and
ignore TMPDIR if not instead of ignoring TMPDIR completely.
Closes: 797270
David Kalnischkies [Sun, 30 Aug 2015 20:34:28 +0000 (22:34 +0200)]
detect and deal with indextarget duplicates
Multiple targets downloading the same file is bad™ as it leads us to all
sorts of problems like the acquire system breaking or simply a problem
of which settings to use for them. Beside that this is most likely a
mistake and silently ignoring it doesn't help the user realizing his
mistake…
On the other hand, we have 'duplicates' which are 'created' by how we
create indextargets, so we have to prevent those from being created to
but do not emit a warning for them as this is an implementation detail.
And then, there is the absolute and most likely user mistake: Having the
same target(s) activated in multiple entries.
David Kalnischkies [Sun, 30 Aug 2015 10:14:06 +0000 (12:14 +0200)]
implement $(NATIVE_ARCHITECTURE) substvar for indextargets
David Kalnischkies [Sat, 29 Aug 2015 17:55:19 +0000 (19:55 +0200)]
try xz instead of bz2 first for compressed files
xz has pretty much won "the compressor war" and e.g. the Debian archive
doesn't even distribute bz2 anymore in favor of 'xz' and 'gz', so by
changing the default order we have a more realistic --print-uris
behavior as it will always show the first compressor.
In practice this effects repositories without a Release file (very bad,
we don't want to support them anymore anyhow) as xz will be tried before
bz2 now [which is probably not available, but so might be bz2…] AND
repositories which provide both, bz2 and xz (which isn't too common) in
sofar as apt will now download xz instead of bz2.
Users with special needs can stick with bz2 as first compressor tried
with Acquire::CompressionTypes::Order:: "bz2"; (see man apt.conf) – but
users with special needs usually prefer "gz" anyhow, so the realworld
change is expected to be very low.