]> git.saurik.com Git - apt.git/log
apt.git
10 years agoset PR_SET_NO_NEW_PRIVS even if sandbox is disabled
David Kalnischkies [Wed, 15 Oct 2014 01:53:47 +0000 (03:53 +0200)] 
set PR_SET_NO_NEW_PRIVS even if sandbox is disabled

Similar to 8f45798d532223adc378a4ad9ecfc64b3be26e4f, there is no harm to
set this, even if we don't drop privileges.

Git-Dch: Ignore

10 years agotestcases runable as root
David Kalnischkies [Wed, 15 Oct 2014 01:47:50 +0000 (03:47 +0200)] 
testcases runable as root

Running the testcases is usually not a good idea, but it can be handy to
check if the privilege dropping works.

Git-Dch: Ignore

10 years agodon't drop privileges if _apt has not enough rights
David Kalnischkies [Wed, 15 Oct 2014 00:43:44 +0000 (02:43 +0200)] 
don't drop privileges if _apt has not enough rights

Privilege dropping breaks download/source/changelog commands as they
require the _apt user to have write permissions in the current directory,
which is e.g. the case in /tmp, but not in /root, so we disable the
privilege dropping if we deal with such a directory based on idea and
code by Michael Vogt.

The alternative would be to download always to a temp directory and move
it then done, but this breaks partial file support. To resolve this, we
could move to one of our partial/ directories, but this would require a
lock which would block root from using two of these commands in
parallel. As both seems unacceptable we instead let the user choose what
to do: Either a directory is setupped for _apt, downloading as root is
accepted or – which is potentially even better – an unprivileged user is
used for the commands.

10 years agoAdd new configallowinsecurerepositories to the test framework
Michael Vogt [Tue, 14 Oct 2014 15:00:56 +0000 (17:00 +0200)] 
Add new configallowinsecurerepositories to the test framework

Add a new configallowinsecurerepositories that controls the value
of Acquire::AllowInsecureRepositories for the tests. Set it to
"false" for most of the testsuite and only enable it where its
really needed. We want to switch the default for this post-jessie.

10 years agoMerge branch 'debian/sid' into debian/experimental
Michael Vogt [Tue, 14 Oct 2014 07:57:34 +0000 (09:57 +0200)] 
Merge branch 'debian/sid' into debian/experimental

10 years agoreleasing package apt version 1.1~exp5 1.1.exp5
Michael Vogt [Mon, 13 Oct 2014 14:17:27 +0000 (16:17 +0200)] 
releasing package apt version 1.1~exp5

10 years agoChange default of Acquire::AllowInsecureRepositories to "true"
Michael Vogt [Mon, 13 Oct 2014 14:14:49 +0000 (16:14 +0200)] 
Change default of Acquire::AllowInsecureRepositories to "true"

This change is made for backward compatiblity and should be reverted
once jessie is out.

10 years agoupdate symbols file
David Kalnischkies [Mon, 13 Oct 2014 08:54:58 +0000 (10:54 +0200)] 
update symbols file

Git-Dch: Ignore

10 years agodo not load filesize in pkgAcqIndexTrans explicitly
David Kalnischkies [Mon, 13 Oct 2014 08:24:54 +0000 (10:24 +0200)] 
do not load filesize in pkgAcqIndexTrans explicitly

The constructor is calling the baseclass pkgAcqIndex which does this
already – and also does it correctly for compressed files which would
overwise lead to the size of uncompressed files to be expected.

Git-Dch: Ignore

10 years agofix compile and tests error
David Kalnischkies [Mon, 13 Oct 2014 07:54:21 +0000 (09:54 +0200)] 
fix compile and tests error

I am pretty sure I did that before committing broken stuff…

Git-Dch: Ignore

10 years agoFix backward compatiblity of the new pkgAcquireMethod::DropPrivsOrDie()
Michael Vogt [Mon, 13 Oct 2014 08:57:30 +0000 (10:57 +0200)] 
Fix backward compatiblity of the new pkgAcquireMethod::DropPrivsOrDie()

Do not drop privileges in the methods when using a older version of
libapt that does not support the chown magic in partial/ yet. To
do this DropPrivileges() now will ignore a empty Apt::Sandbox::User.

Cleanup all hardcoded _apt along the way.

10 years agoDocument Acquire{MaxReleaseFileSize,AllowInsecureRepositories,AllowDowngradeToInsecur...
Michael Vogt [Mon, 13 Oct 2014 07:39:25 +0000 (09:39 +0200)] 
Document Acquire{MaxReleaseFileSize,AllowInsecureRepositories,AllowDowngradeToInsecureRepositories} and --no-allow-insecure-repositories

Document the new options to restrict loading unauthenticated data
into our parsers.

10 years agotrusted=yes sources are secure, we just don't know why
David Kalnischkies [Mon, 13 Oct 2014 06:12:06 +0000 (08:12 +0200)] 
trusted=yes sources are secure, we just don't know why

Do not require a special flag to be present to update trusted=yes
sources as this flag in the sources.list is obviously special enough.

Note that this is just disabling the error message, the user will still
be warned about all the (possible) failures the repository generated, it
is just triggering the acceptance of the warnings on a source-by-source
level.

Similarily, the trusted=no flag doesn't require the user to pass
additional flags to update, if the repository looks fine in the view of
apt it will update just fine. The unauthenticated warnings will "just" be
presented then the data is used.

In case you wonder: Both was the behavior in previous versions, too.

10 years agodo not inline virtual destructors with d-pointers
David Kalnischkies [Mon, 13 Oct 2014 06:05:57 +0000 (08:05 +0200)] 
do not inline virtual destructors with d-pointers

Reimplementing an inline method is opening a can of worms we don't want
to open if we ever want to us a d-pointer in those classes, so we do the
only thing which can save us from hell: move the destructors into the cc
sources and we are good.

Technically not an ABI break as the methods inline or not do the same
(nothing), so a program compiled against the old version still works
with the new version (beside that this version is still in experimental,
so nothing really has been build against this library anyway).

Git-Dch: Ignore

10 years agodisplay a warning for unsigned repos
David Kalnischkies [Mon, 13 Oct 2014 05:26:27 +0000 (07:26 +0200)] 
display a warning for unsigned repos

The same message is used for InRelease if fails in gpgv, but the
Release/Release.gpg duo needs to handle the failing download case as
well (InRelease just defers to the duo if download fails) and print a
message accompaning the insecure error to provide a hint on what is
going on.

10 years agomake --allow-insecure-repositories message an error
David Kalnischkies [Mon, 13 Oct 2014 05:22:53 +0000 (07:22 +0200)] 
make --allow-insecure-repositories message an error

Not using this option, but using unsigned (and co) repositories will
cause these repositories to be ignored and data acquiring from them
fails, so this is very well in the realms of an error and helps in
making 'apt-get update' fail with a non-zero error code as well.

10 years agoremove useless pdiff filename output
David Kalnischkies [Fri, 10 Oct 2014 20:03:08 +0000 (22:03 +0200)] 
remove useless pdiff filename output

Looks like a leftover from debugging. Absolutely no need for it and
destroys progess reporting completely.

Closes: 764737
10 years agoOnly rename StatError files in AbortTransaction()
Michael Vogt [Wed, 8 Oct 2014 18:13:56 +0000 (20:13 +0200)] 
Only rename StatError files in AbortTransaction()

This fixes a race that we see in travis when two copy operations
finish at about the same time but the bad one first. This lead to
a rename of the good one and triggers a error when apt tries to
verify the good version but can no longer find it.

10 years agoUpdate Status field values handling
Guillem Jover [Mon, 1 Sep 2014 14:09:48 +0000 (16:09 +0200)] 
Update Status field values handling

Remove long obsolete (hold, hold-reinstreq, removal-failed) or just
wrong (post-inst-failed vs postinst-failed) values, that have been
autoconverted by dpkg at run-time to their new equivalents, so there
should not be any such instance in any recent system (removal-failed
since dpkg 1.1.4 in Apr 1996, hold and hold-reinstreq since dpkg
1.2.0 in May 1996). dpkg even stopped doing the mapping in 1.15.4
and 1.15.8 respectively.

At the same time sort the list in the same order as they appear in
the dpkg code.

10 years agomethods/rsh.cc: replace strcat with std::string
Michael Vogt [Wed, 8 Oct 2014 09:35:48 +0000 (11:35 +0200)] 
methods/rsh.cc: replace strcat with std::string

Instead of using strcat use a C++ std::string to avoid overflowing
this buffer. Thanks to David Garfield

Closes: #76442
10 years agoadd CVE-2014-7206 to 1.0.9.2
Michael Vogt [Wed, 8 Oct 2014 09:12:45 +0000 (11:12 +0200)] 
add CVE-2014-7206 to 1.0.9.2

10 years agoreleasing package apt version 1.1~exp4 1.1.exp4
Michael Vogt [Wed, 8 Oct 2014 07:48:54 +0000 (09:48 +0200)] 
releasing package apt version 1.1~exp4

10 years agoprepare 1.1~exp4
Michael Vogt [Wed, 8 Oct 2014 07:46:56 +0000 (09:46 +0200)] 
prepare 1.1~exp4

10 years agoFix ServerMethod::FindMaximumObjectSizeInQueue()
Michael Vogt [Wed, 8 Oct 2014 07:45:11 +0000 (09:45 +0200)] 
Fix ServerMethod::FindMaximumObjectSizeInQueue()

Git-Dch: ignore

10 years agopkgAcqArchive::QueueNext(): change owner/permission of DestFile
Michael Vogt [Wed, 8 Oct 2014 07:16:59 +0000 (09:16 +0200)] 
pkgAcqArchive::QueueNext(): change owner/permission of DestFile

The code was using FinalFile before but we only test the existance
of DestFile so we use that instead.

10 years agoMerge branch 'debian/sid' into debian/experimental
Michael Vogt [Wed, 8 Oct 2014 06:37:30 +0000 (08:37 +0200)] 
Merge branch 'debian/sid' into debian/experimental

Conflicts:
debian/changelog

10 years agoMerge remote-tracking branch 'mvo/feature/expected-size' into debian/experimental
Michael Vogt [Wed, 8 Oct 2014 06:37:01 +0000 (08:37 +0200)] 
Merge remote-tracking branch 'mvo/feature/expected-size' into debian/experimental

10 years agoMerge remote-tracking branch 'mvo/feature/acq-trans' into debian/experimental
Michael Vogt [Wed, 8 Oct 2014 06:36:53 +0000 (08:36 +0200)] 
Merge remote-tracking branch 'mvo/feature/acq-trans' into debian/experimental

10 years agoFix http pipeline messup detection
Michael Vogt [Wed, 8 Oct 2014 06:32:42 +0000 (08:32 +0200)] 
Fix http pipeline messup detection

The Maximum-Size protection breaks the http pipeline reorder code
because it relies on that the object got fetched entirely so that
it can compare the hash of the downloaded data. So instead of
stopping when the Maximum-Size of the expected item is reached we
only stop when the maximum size of the biggest item in the queue
is reached. This way the pipeline reoder code keeps working.

10 years agoMerge remote-tracking branch 'donkult/feature/acq-trans' into feature/expected-size
Michael Vogt [Wed, 8 Oct 2014 06:05:18 +0000 (08:05 +0200)] 
Merge remote-tracking branch 'donkult/feature/acq-trans' into feature/expected-size

10 years agofix http-pipeline-messup testcase
David Kalnischkies [Tue, 7 Oct 2014 22:37:32 +0000 (00:37 +0200)] 
fix http-pipeline-messup testcase

The test generates failures if the created deb files have the same size,
so we try a little harder to avoid having the same size for them.

Git-Dch: Ignore

10 years agodo not show IP in output of testcases
David Kalnischkies [Tue, 7 Oct 2014 21:52:12 +0000 (23:52 +0200)] 
do not show IP in output of testcases

On travis-ci connect.cc detects a rotation, triggering it store the IP
which is later appended to the error message, which is all nice and
great if we deal with a real server, but in the testcases it just
triggers failures as strings do not match.

Git-Dch: Ignore

10 years agoSend "Fail-Reason: MaximumSizeExceeded" from the method
Michael Vogt [Tue, 7 Oct 2014 20:36:09 +0000 (22:36 +0200)] 
Send "Fail-Reason: MaximumSizeExceeded" from the method

Communicate the fail reason from the methods to the parent
and Rename() failed files.

10 years agoset PR_SET_NO_NEW_PRIVS also if run as non-root
David Kalnischkies [Tue, 7 Oct 2014 19:17:04 +0000 (21:17 +0200)] 
set PR_SET_NO_NEW_PRIVS also if run as non-root

Changing user and co works only as root, but can do some things for
methods run as normal user as well to protect them from being able to
call setuid binaries like sudo to elevate their privileges.
Also uses a cheap trick now to build with old unsupporting kernels.

10 years agofix foldmarkers in fileutl.cc
David Kalnischkies [Tue, 7 Oct 2014 19:03:48 +0000 (21:03 +0200)] 
fix foldmarkers in fileutl.cc

Git-Dch: Ignore

10 years agodon't show ErrorText for Ign by default
David Kalnischkies [Tue, 7 Oct 2014 18:51:07 +0000 (20:51 +0200)] 
don't show ErrorText for Ign by default

Some distributions (or repositories) do not have as much
"Ign-discipline" as I would like to, so that could be pretty distracting
for our users if enabled by default. It is handy for testcases though.

Git-Dch: Ignore

10 years agoAdd new Acquire::MaxReleaseFileSize=10*1000*1000 option
Michael Vogt [Tue, 7 Oct 2014 18:40:37 +0000 (20:40 +0200)] 
Add new Acquire::MaxReleaseFileSize=10*1000*1000 option

This option controls the maximum size of Release/Release.gpg/InRelease
files. The rational is that we do not know the size of these files in
advance and we want to protect against a denial of service attack
where someone sends us endless amounts of data until the disk is full
(we do know the size all other files (Packages/Sources/debs)).

10 years agoMerge branch 'feature/acq-trans' into feature/expected-size
Michael Vogt [Tue, 7 Oct 2014 18:06:44 +0000 (20:06 +0200)] 
Merge branch 'feature/acq-trans' into feature/expected-size

10 years agomake expected-size a maximum-size check as this is what we want at this point
Michael Vogt [Tue, 7 Oct 2014 15:47:30 +0000 (17:47 +0200)] 
make expected-size a maximum-size check as this is what we want at this point

10 years agoMerge remote-tracking branch 'upstream/debian/experimental' into feature/acq-trans
Michael Vogt [Tue, 7 Oct 2014 14:38:03 +0000 (16:38 +0200)] 
Merge remote-tracking branch 'upstream/debian/experimental' into feature/acq-trans

Conflicts:
apt-pkg/acquire-item.cc

10 years agoUpperCase some functions for consistency
Michael Vogt [Tue, 7 Oct 2014 12:01:35 +0000 (14:01 +0200)] 
UpperCase some functions for consistency

changeOwnerAndPermissionOfFile->ChangeOwnerAndPermissionOfFile
preparePartialFile->GetPartialFileName
preparePartialFileFromURI->GetPartialFileNameFromURI

Git-Dch: ignore

10 years agoIgnore EINVAL from prctl(PR_SET_NO_NEW_PRIVS)
Michael Vogt [Tue, 7 Oct 2014 11:34:28 +0000 (13:34 +0200)] 
Ignore EINVAL from prctl(PR_SET_NO_NEW_PRIVS)

Ignore a EINVAL error here as it means that the kernel is too old
to understand this option. We should not fail hard in this case
but just ignore the error.

closes: 764066

10 years agoRename DropPrivs() to DropPrivileges()
Michael Vogt [Tue, 7 Oct 2014 11:30:27 +0000 (13:30 +0200)] 
Rename DropPrivs() to DropPrivileges()

Git-Dch: ignore

10 years agofix test-cve-2013-1051-InRelease-parsing (fails now in the method)
Michael Vogt [Tue, 7 Oct 2014 11:17:16 +0000 (13:17 +0200)] 
fix test-cve-2013-1051-InRelease-parsing (fails now in the method)

10 years agoadd ftp expected size check
Michael Vogt [Tue, 7 Oct 2014 06:43:46 +0000 (08:43 +0200)] 
add ftp expected size check

10 years agomethods/https.cc: use File->Tell() here too
Michael Vogt [Tue, 7 Oct 2014 06:16:51 +0000 (08:16 +0200)] 
methods/https.cc: use File->Tell() here too

10 years agodisplay errortext for all Err as well as Ign logs
David Kalnischkies [Mon, 6 Oct 2014 23:46:30 +0000 (01:46 +0200)] 
display errortext for all Err as well as Ign logs

consistently using Item::Failed in all specializec classes helps setting
up some information bits otherwise unset, so some errors had an empty
reason as an error. Ign is upgraded to display the error message we
ignored to further help in understanding what happens.

10 years agouse _apt:root only for partial directories
David Kalnischkies [Mon, 6 Oct 2014 12:29:53 +0000 (14:29 +0200)] 
use _apt:root only for partial directories

Using a different user for calling methods is intended to protect us
from methods running amok (via remotely exploited bugs) by limiting what
can be done by them. By using root:root for the final directories and
just have the files in partial writeable by the methods we enhance this
in sofar as a method can't modify already verified data in its parent
directory anymore.

As a side effect, this also clears most of the problems you could have
if the final directories are shared without user-sharing or if these
directories disappear as they are now again root owned and only the
partial directories contain _apt owned files (usually none if apt isn't
running) and the directory itself is autocreated with the right
permissions.

10 years agoensure partial dirs are 0700 and owned by _apt:root
David Kalnischkies [Mon, 6 Oct 2014 09:15:03 +0000 (11:15 +0200)] 
ensure partial dirs are 0700 and owned by _apt:root

Reworks the API involved in creating and setting up the fetcher to be a
bit more pleasent to look at and work with as e.g. an empty string for
no lock isn't very nice. With the lock we can also stop creating all our
partial directories "just in case". This way we can also be a bit more
aggressive with the partial directory itself as with a lock, we know we
will gone need it.

10 years agofixup foldmarkers in acquire-item.cc
David Kalnischkies [Mon, 6 Oct 2014 09:34:07 +0000 (11:34 +0200)] 
fixup foldmarkers in acquire-item.cc

Git-Dch: Ignore

10 years agomake http size check work
Michael Vogt [Mon, 6 Oct 2014 15:42:39 +0000 (17:42 +0200)] 
make http size check work

10 years ago[l10n] Updated Czech translation of apt
Miroslav Kure [Mon, 6 Oct 2014 14:31:54 +0000 (16:31 +0200)] 
[l10n] Updated Czech translation of apt

Closes: #764055
10 years agofix warnings
Michael Vogt [Mon, 6 Oct 2014 14:28:56 +0000 (16:28 +0200)] 
fix warnings

10 years agorename StopAuthentication -> CheckStopAuthentication and make it protected
Michael Vogt [Mon, 6 Oct 2014 12:54:53 +0000 (14:54 +0200)] 
rename StopAuthentication -> CheckStopAuthentication and make it protected

10 years agoimplement the updated build profile spec
josch [Tue, 19 Aug 2014 08:29:29 +0000 (10:29 +0200)] 
implement the updated build profile spec

10 years agofix test
Michael Vogt [Mon, 6 Oct 2014 12:43:05 +0000 (14:43 +0200)] 
fix test

10 years agorename AuthDone() -> CheckAuthDone()
Michael Vogt [Mon, 6 Oct 2014 12:39:16 +0000 (14:39 +0200)] 
rename AuthDone() -> CheckAuthDone()

10 years agocleanup pkgAcq*::Failed()
Michael Vogt [Mon, 6 Oct 2014 12:34:38 +0000 (14:34 +0200)] 
cleanup pkgAcq*::Failed()

10 years agoadd missing TransactionStageCopy() in pkgAcqDiffIndex::Done()
Michael Vogt [Mon, 6 Oct 2014 11:18:45 +0000 (13:18 +0200)] 
add missing TransactionStageCopy() in pkgAcqDiffIndex::Done()

10 years agoRework pkgAcqMeta{Index,Sig,ClearSig}::Done() for readability
Michael Vogt [Mon, 6 Oct 2014 09:45:42 +0000 (11:45 +0200)] 
Rework pkgAcqMeta{Index,Sig,ClearSig}::Done() for readability

Move common code out but do not use subclassing for ::Done
to make it easier to understand what each class is doing when
its done

10 years agofix incorrect docstrings for AcqMetaBase::TransactionStageRemoval/AcqMetaBase::Transa...
Michael Vogt [Mon, 6 Oct 2014 07:43:48 +0000 (09:43 +0200)] 
fix incorrect docstrings for AcqMetaBase::TransactionStageRemoval/AcqMetaBase::TransactionStageCopy

10 years agoadd new "SetActiveSubprocess()
Michael Vogt [Mon, 6 Oct 2014 07:42:12 +0000 (09:42 +0200)] 
add new "SetActiveSubprocess()

10 years agoupdate test
Michael Vogt [Mon, 6 Oct 2014 07:34:06 +0000 (09:34 +0200)] 
update test

10 years agoapt-get: Create the temporary downloaded changelog inside tmpdir
Guillem Jover [Thu, 2 Oct 2014 15:48:13 +0000 (17:48 +0200)] 
apt-get: Create the temporary downloaded changelog inside tmpdir

The code is creating a secure temporary directory, but then creates
the changelog alongside the tmpdir in the same base directory. This
defeats the secure tmpdir creation, making the filename predictable.

Inject a '/' between the tmpdir and the changelog filename.

10 years agoBump library version to libapt-pkg4.14
Michael Vogt [Thu, 2 Oct 2014 21:17:47 +0000 (23:17 +0200)] 
Bump library version to libapt-pkg4.14

10 years agoreally do not download Release if InRelease does not verify
Michael Vogt [Thu, 2 Oct 2014 22:39:20 +0000 (00:39 +0200)] 
really do not download Release if InRelease does not verify

10 years agoimplement MarkAndSweep in cc instead of header
David Kalnischkies [Thu, 2 Oct 2014 22:20:57 +0000 (00:20 +0200)] 
implement MarkAndSweep in cc instead of header

Having it in the header exposes some implementation details, namely
private methods and will cause problems for us if we ever want to change
the actions.

Git-Dch: Ignore

10 years agorename StringType VERSION to VERSIONNUMBER
David Kalnischkies [Thu, 2 Oct 2014 22:18:53 +0000 (00:18 +0200)] 
rename StringType VERSION to VERSIONNUMBER

aptitude has a define for VERSION, so to not generate a FTBFS we just
rename our enum element to a slightly less generic name.

Git-Dch: Ignore

10 years agoreleasing package apt version 1.0.9.2 1.0.9.2
Michael Vogt [Thu, 2 Oct 2014 20:07:25 +0000 (22:07 +0200)] 
releasing package apt version 1.0.9.2

10 years agoapt-get: Create the temporary downloaded changelog inside tmpdir
Guillem Jover [Thu, 2 Oct 2014 15:48:13 +0000 (17:48 +0200)] 
apt-get: Create the temporary downloaded changelog inside tmpdir

The code is creating a secure temporary directory, but then creates
the changelog alongside the tmpdir in the same base directory. This
defeats the secure tmpdir creation, making the filename predictable.

Inject a '/' between the tmpdir and the changelog filename.

10 years agocleanup around pkgAcqMetaSig and improved tests
Michael Vogt [Thu, 2 Oct 2014 16:28:55 +0000 (18:28 +0200)] 
cleanup around pkgAcqMetaSig and improved tests

10 years agoadd a bunch of docstrings etc
Michael Vogt [Thu, 2 Oct 2014 15:28:20 +0000 (17:28 +0200)] 
add a bunch of docstrings etc

10 years agoensure world-readability for trusted.gpg in postinst
David Kalnischkies [Wed, 1 Oct 2014 21:58:05 +0000 (23:58 +0200)] 
ensure world-readability for trusted.gpg in postinst

apt-key creates trusted.gpg if it needs it with 644 nowadays, but before
it ensured this, it was gpg creating it, which gives it by default 600.
Not a problem as long as our gpgv is run as root, but now that we drop
privileges we have to ensure that we can also read trusted.gpg files
created by earlier apt-key versions.

Closes: 647001
10 years agofix crash
Michael Vogt [Wed, 1 Oct 2014 22:47:33 +0000 (00:47 +0200)] 
fix crash

10 years agodonkults fixes
Michael Vogt [Wed, 1 Oct 2014 22:38:35 +0000 (00:38 +0200)] 
donkults fixes

10 years agoCleanup pkgAcqIndex
Michael Vogt [Wed, 1 Oct 2014 22:05:44 +0000 (00:05 +0200)] 
Cleanup pkgAcqIndex

10 years agorefactor and add pkgAcqIndex::ValidateFile()
Michael Vogt [Wed, 1 Oct 2014 20:41:52 +0000 (22:41 +0200)] 
refactor and add pkgAcqIndex::ValidateFile()

10 years agofix leftover files from Acquire::GzipIndex
Michael Vogt [Wed, 1 Oct 2014 16:01:14 +0000 (18:01 +0200)] 
fix leftover files from Acquire::GzipIndex

10 years agohack around test-apt-update-unauth failure
Michael Vogt [Wed, 1 Oct 2014 15:13:33 +0000 (17:13 +0200)] 
hack around test-apt-update-unauth failure

10 years agodebian/rules: add hardening=+all
Michael Vogt [Wed, 1 Oct 2014 06:22:26 +0000 (08:22 +0200)] 
debian/rules: add hardening=+all

Because of dpkg-buildflags we already get most of the hardening
features, +all adds -fPIE and ld -z now

Thanks: Simon Ruderich, Markus Waldeck

10 years agofix test-apt-update-nofallback test
Michael Vogt [Wed, 1 Oct 2014 12:22:46 +0000 (14:22 +0200)] 
fix test-apt-update-nofallback test

10 years agodebian/rules: add hardening=+all
Michael Vogt [Wed, 1 Oct 2014 06:22:26 +0000 (08:22 +0200)] 
debian/rules: add hardening=+all

Because of dpkg-buildflags we already get most of the hardening
features, +all adds -fPIE and ld -z now

Thanks: Simon Ruderich, Markus Waldeck

10 years agoupdate test/integration/test-releasefile-verification
Michael Vogt [Wed, 1 Oct 2014 12:06:01 +0000 (14:06 +0200)] 
update test/integration/test-releasefile-verification

10 years agoUse Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}
Michael Vogt [Wed, 1 Oct 2014 10:21:55 +0000 (12:21 +0200)] 
Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}

The configuration key Acquire::AllowInsecureRepositories controls if
apt allows loading of unsigned repositories at all.

The configuration Acquire::AllowDowngradeToInsecureRepositories
controls if a signed repository can ever become unsigned. This
should really never be needed but we provide it to avoid having
to mess around in /var/lib/apt/lists if there is a use-case for
this (which I can't think of right now).

10 years agoadd verify for the .diff/Index download and add FIXME for pkgAcqIndexDiffs/pkgAcqMerg...
Michael Vogt [Wed, 1 Oct 2014 09:20:08 +0000 (11:20 +0200)] 
add verify for the .diff/Index download and add FIXME for pkgAcqIndexDiffs/pkgAcqMergeDiffs

10 years agoTurkish program translation update
Mert Dirik [Wed, 1 Oct 2014 06:18:32 +0000 (08:18 +0200)] 
Turkish program translation update

Closes: 763379
10 years agoMerge remote-tracking branch 'donkult/debian/experimental' into debian/experimental
Michael Vogt [Tue, 30 Sep 2014 13:21:52 +0000 (15:21 +0200)] 
Merge remote-tracking branch 'donkult/debian/experimental' into debian/experimental

10 years agoadjust version numbers for the planed upload
Michael Vogt [Tue, 30 Sep 2014 13:21:44 +0000 (15:21 +0200)] 
adjust version numbers for the planed upload

10 years agofix another instance of warning: extra ‘;’ [-Wpedantic]
David Kalnischkies [Tue, 30 Sep 2014 01:00:42 +0000 (03:00 +0200)] 
fix another instance of warning: extra ‘;’ [-Wpedantic]

Git-Dch: Ignore

10 years agosupport parsing of all hashes for pdiff
David Kalnischkies [Mon, 29 Sep 2014 20:45:52 +0000 (22:45 +0200)] 
support parsing of all hashes for pdiff

The fileformat of a pdiff index stores currently only SHA1 hashes. With
this change, we look for all other hashes we support as well and take
what we get, so that we can work after the release of jessie to get
right of SHA1 if we want to.

Note that the completely patched file is and was checked against the
hashes collected from the Release file, so this transition isn't mission
critical.

10 years agomark private methods as hidden
David Kalnischkies [Mon, 29 Sep 2014 13:41:12 +0000 (15:41 +0200)] 
mark private methods as hidden

We are the only possible users of private methods, so we are also the
only users who can potentially export them via using them in inline
methods. The point is: We don't need these symbols exported if we don't
do this, so marking them as hidden removes some methods from the API
without breaking anything as nobody could have used them.

Git-Dch: Ignore

10 years agocleanup
Michael Vogt [Mon, 29 Sep 2014 15:38:23 +0000 (17:38 +0200)] 
cleanup

10 years agofix Configuration::FindVector API
David Kalnischkies [Mon, 29 Sep 2014 12:00:33 +0000 (14:00 +0200)] 
fix Configuration::FindVector API

Git-Dch: Ignore

10 years agoupdate symbols file
David Kalnischkies [Mon, 29 Sep 2014 11:25:07 +0000 (13:25 +0200)] 
update symbols file

10 years agoMerge remote-tracking branch 'debian/debian/experimental' into feature/acq-trans
Michael Vogt [Mon, 29 Sep 2014 09:47:20 +0000 (11:47 +0200)] 
Merge remote-tracking branch 'debian/debian/experimental' into feature/acq-trans

10 years agomore test fixes
Michael Vogt [Mon, 29 Sep 2014 09:47:03 +0000 (11:47 +0200)] 
more test fixes

10 years agoTest if TMPDIR is a directory in apt-key and if not unset it
Michael Vogt [Mon, 29 Sep 2014 09:43:37 +0000 (11:43 +0200)] 
Test if TMPDIR is a directory in apt-key and if not unset it

This prevents a failure in mktemp -d - it will blindly trust
TMPDIR and not use something else if the dir is not there.

10 years agofix DestFile ext
Michael Vogt [Mon, 29 Sep 2014 09:26:30 +0000 (11:26 +0200)] 
fix DestFile ext

10 years agotest fixes
Michael Vogt [Mon, 29 Sep 2014 09:03:02 +0000 (11:03 +0200)] 
test fixes

10 years agorefactor
Michael Vogt [Mon, 29 Sep 2014 08:43:00 +0000 (10:43 +0200)] 
refactor