]> git.saurik.com Git - apt.git/log
apt.git
10 years agoMerge remote-tracking branch 'mvo/feature/acq-trans' into debian/experimental
Michael Vogt [Wed, 8 Oct 2014 06:36:53 +0000 (08:36 +0200)] 
Merge remote-tracking branch 'mvo/feature/acq-trans' into debian/experimental

10 years agofix http-pipeline-messup testcase
David Kalnischkies [Tue, 7 Oct 2014 22:37:32 +0000 (00:37 +0200)] 
fix http-pipeline-messup testcase

The test generates failures if the created deb files have the same size,
so we try a little harder to avoid having the same size for them.

Git-Dch: Ignore

10 years agodo not show IP in output of testcases
David Kalnischkies [Tue, 7 Oct 2014 21:52:12 +0000 (23:52 +0200)] 
do not show IP in output of testcases

On travis-ci connect.cc detects a rotation, triggering it store the IP
which is later appended to the error message, which is all nice and
great if we deal with a real server, but in the testcases it just
triggers failures as strings do not match.

Git-Dch: Ignore

10 years agoset PR_SET_NO_NEW_PRIVS also if run as non-root
David Kalnischkies [Tue, 7 Oct 2014 19:17:04 +0000 (21:17 +0200)] 
set PR_SET_NO_NEW_PRIVS also if run as non-root

Changing user and co works only as root, but can do some things for
methods run as normal user as well to protect them from being able to
call setuid binaries like sudo to elevate their privileges.
Also uses a cheap trick now to build with old unsupporting kernels.

10 years agofix foldmarkers in fileutl.cc
David Kalnischkies [Tue, 7 Oct 2014 19:03:48 +0000 (21:03 +0200)] 
fix foldmarkers in fileutl.cc

Git-Dch: Ignore

10 years agodon't show ErrorText for Ign by default
David Kalnischkies [Tue, 7 Oct 2014 18:51:07 +0000 (20:51 +0200)] 
don't show ErrorText for Ign by default

Some distributions (or repositories) do not have as much
"Ign-discipline" as I would like to, so that could be pretty distracting
for our users if enabled by default. It is handy for testcases though.

Git-Dch: Ignore

10 years agoMerge remote-tracking branch 'upstream/debian/experimental' into feature/acq-trans
Michael Vogt [Tue, 7 Oct 2014 14:38:03 +0000 (16:38 +0200)] 
Merge remote-tracking branch 'upstream/debian/experimental' into feature/acq-trans

Conflicts:
apt-pkg/acquire-item.cc

10 years agoUpperCase some functions for consistency
Michael Vogt [Tue, 7 Oct 2014 12:01:35 +0000 (14:01 +0200)] 
UpperCase some functions for consistency

changeOwnerAndPermissionOfFile->ChangeOwnerAndPermissionOfFile
preparePartialFile->GetPartialFileName
preparePartialFileFromURI->GetPartialFileNameFromURI

Git-Dch: ignore

10 years agoIgnore EINVAL from prctl(PR_SET_NO_NEW_PRIVS)
Michael Vogt [Tue, 7 Oct 2014 11:34:28 +0000 (13:34 +0200)] 
Ignore EINVAL from prctl(PR_SET_NO_NEW_PRIVS)

Ignore a EINVAL error here as it means that the kernel is too old
to understand this option. We should not fail hard in this case
but just ignore the error.

closes: 764066

10 years agoRename DropPrivs() to DropPrivileges()
Michael Vogt [Tue, 7 Oct 2014 11:30:27 +0000 (13:30 +0200)] 
Rename DropPrivs() to DropPrivileges()

Git-Dch: ignore

10 years agodisplay errortext for all Err as well as Ign logs
David Kalnischkies [Mon, 6 Oct 2014 23:46:30 +0000 (01:46 +0200)] 
display errortext for all Err as well as Ign logs

consistently using Item::Failed in all specializec classes helps setting
up some information bits otherwise unset, so some errors had an empty
reason as an error. Ign is upgraded to display the error message we
ignored to further help in understanding what happens.

10 years agouse _apt:root only for partial directories
David Kalnischkies [Mon, 6 Oct 2014 12:29:53 +0000 (14:29 +0200)] 
use _apt:root only for partial directories

Using a different user for calling methods is intended to protect us
from methods running amok (via remotely exploited bugs) by limiting what
can be done by them. By using root:root for the final directories and
just have the files in partial writeable by the methods we enhance this
in sofar as a method can't modify already verified data in its parent
directory anymore.

As a side effect, this also clears most of the problems you could have
if the final directories are shared without user-sharing or if these
directories disappear as they are now again root owned and only the
partial directories contain _apt owned files (usually none if apt isn't
running) and the directory itself is autocreated with the right
permissions.

10 years agoensure partial dirs are 0700 and owned by _apt:root
David Kalnischkies [Mon, 6 Oct 2014 09:15:03 +0000 (11:15 +0200)] 
ensure partial dirs are 0700 and owned by _apt:root

Reworks the API involved in creating and setting up the fetcher to be a
bit more pleasent to look at and work with as e.g. an empty string for
no lock isn't very nice. With the lock we can also stop creating all our
partial directories "just in case". This way we can also be a bit more
aggressive with the partial directory itself as with a lock, we know we
will gone need it.

10 years agofixup foldmarkers in acquire-item.cc
David Kalnischkies [Mon, 6 Oct 2014 09:34:07 +0000 (11:34 +0200)] 
fixup foldmarkers in acquire-item.cc

Git-Dch: Ignore

10 years ago[l10n] Updated Czech translation of apt
Miroslav Kure [Mon, 6 Oct 2014 14:31:54 +0000 (16:31 +0200)] 
[l10n] Updated Czech translation of apt

Closes: #764055
10 years agofix warnings
Michael Vogt [Mon, 6 Oct 2014 14:28:56 +0000 (16:28 +0200)] 
fix warnings

10 years agorename StopAuthentication -> CheckStopAuthentication and make it protected
Michael Vogt [Mon, 6 Oct 2014 12:54:53 +0000 (14:54 +0200)] 
rename StopAuthentication -> CheckStopAuthentication and make it protected

10 years agofix test
Michael Vogt [Mon, 6 Oct 2014 12:43:05 +0000 (14:43 +0200)] 
fix test

10 years agorename AuthDone() -> CheckAuthDone()
Michael Vogt [Mon, 6 Oct 2014 12:39:16 +0000 (14:39 +0200)] 
rename AuthDone() -> CheckAuthDone()

10 years agocleanup pkgAcq*::Failed()
Michael Vogt [Mon, 6 Oct 2014 12:34:38 +0000 (14:34 +0200)] 
cleanup pkgAcq*::Failed()

10 years agoadd missing TransactionStageCopy() in pkgAcqDiffIndex::Done()
Michael Vogt [Mon, 6 Oct 2014 11:18:45 +0000 (13:18 +0200)] 
add missing TransactionStageCopy() in pkgAcqDiffIndex::Done()

10 years agoRework pkgAcqMeta{Index,Sig,ClearSig}::Done() for readability
Michael Vogt [Mon, 6 Oct 2014 09:45:42 +0000 (11:45 +0200)] 
Rework pkgAcqMeta{Index,Sig,ClearSig}::Done() for readability

Move common code out but do not use subclassing for ::Done
to make it easier to understand what each class is doing when
its done

10 years agofix incorrect docstrings for AcqMetaBase::TransactionStageRemoval/AcqMetaBase::Transa...
Michael Vogt [Mon, 6 Oct 2014 07:43:48 +0000 (09:43 +0200)] 
fix incorrect docstrings for AcqMetaBase::TransactionStageRemoval/AcqMetaBase::TransactionStageCopy

10 years agoadd new "SetActiveSubprocess()
Michael Vogt [Mon, 6 Oct 2014 07:42:12 +0000 (09:42 +0200)] 
add new "SetActiveSubprocess()

10 years agoupdate test
Michael Vogt [Mon, 6 Oct 2014 07:34:06 +0000 (09:34 +0200)] 
update test

10 years agoapt-get: Create the temporary downloaded changelog inside tmpdir
Guillem Jover [Thu, 2 Oct 2014 15:48:13 +0000 (17:48 +0200)] 
apt-get: Create the temporary downloaded changelog inside tmpdir

The code is creating a secure temporary directory, but then creates
the changelog alongside the tmpdir in the same base directory. This
defeats the secure tmpdir creation, making the filename predictable.

Inject a '/' between the tmpdir and the changelog filename.

10 years agoBump library version to libapt-pkg4.14
Michael Vogt [Thu, 2 Oct 2014 21:17:47 +0000 (23:17 +0200)] 
Bump library version to libapt-pkg4.14

10 years agoreally do not download Release if InRelease does not verify
Michael Vogt [Thu, 2 Oct 2014 22:39:20 +0000 (00:39 +0200)] 
really do not download Release if InRelease does not verify

10 years agoimplement MarkAndSweep in cc instead of header
David Kalnischkies [Thu, 2 Oct 2014 22:20:57 +0000 (00:20 +0200)] 
implement MarkAndSweep in cc instead of header

Having it in the header exposes some implementation details, namely
private methods and will cause problems for us if we ever want to change
the actions.

Git-Dch: Ignore

10 years agorename StringType VERSION to VERSIONNUMBER
David Kalnischkies [Thu, 2 Oct 2014 22:18:53 +0000 (00:18 +0200)] 
rename StringType VERSION to VERSIONNUMBER

aptitude has a define for VERSION, so to not generate a FTBFS we just
rename our enum element to a slightly less generic name.

Git-Dch: Ignore

10 years agocleanup around pkgAcqMetaSig and improved tests
Michael Vogt [Thu, 2 Oct 2014 16:28:55 +0000 (18:28 +0200)] 
cleanup around pkgAcqMetaSig and improved tests

10 years agoadd a bunch of docstrings etc
Michael Vogt [Thu, 2 Oct 2014 15:28:20 +0000 (17:28 +0200)] 
add a bunch of docstrings etc

10 years agoensure world-readability for trusted.gpg in postinst
David Kalnischkies [Wed, 1 Oct 2014 21:58:05 +0000 (23:58 +0200)] 
ensure world-readability for trusted.gpg in postinst

apt-key creates trusted.gpg if it needs it with 644 nowadays, but before
it ensured this, it was gpg creating it, which gives it by default 600.
Not a problem as long as our gpgv is run as root, but now that we drop
privileges we have to ensure that we can also read trusted.gpg files
created by earlier apt-key versions.

Closes: 647001
10 years agofix crash
Michael Vogt [Wed, 1 Oct 2014 22:47:33 +0000 (00:47 +0200)] 
fix crash

10 years agodonkults fixes
Michael Vogt [Wed, 1 Oct 2014 22:38:35 +0000 (00:38 +0200)] 
donkults fixes

10 years agoCleanup pkgAcqIndex
Michael Vogt [Wed, 1 Oct 2014 22:05:44 +0000 (00:05 +0200)] 
Cleanup pkgAcqIndex

10 years agorefactor and add pkgAcqIndex::ValidateFile()
Michael Vogt [Wed, 1 Oct 2014 20:41:52 +0000 (22:41 +0200)] 
refactor and add pkgAcqIndex::ValidateFile()

10 years agofix leftover files from Acquire::GzipIndex
Michael Vogt [Wed, 1 Oct 2014 16:01:14 +0000 (18:01 +0200)] 
fix leftover files from Acquire::GzipIndex

10 years agohack around test-apt-update-unauth failure
Michael Vogt [Wed, 1 Oct 2014 15:13:33 +0000 (17:13 +0200)] 
hack around test-apt-update-unauth failure

10 years agofix test-apt-update-nofallback test
Michael Vogt [Wed, 1 Oct 2014 12:22:46 +0000 (14:22 +0200)] 
fix test-apt-update-nofallback test

10 years agodebian/rules: add hardening=+all
Michael Vogt [Wed, 1 Oct 2014 06:22:26 +0000 (08:22 +0200)] 
debian/rules: add hardening=+all

Because of dpkg-buildflags we already get most of the hardening
features, +all adds -fPIE and ld -z now

Thanks: Simon Ruderich, Markus Waldeck

10 years agoupdate test/integration/test-releasefile-verification
Michael Vogt [Wed, 1 Oct 2014 12:06:01 +0000 (14:06 +0200)] 
update test/integration/test-releasefile-verification

10 years agoUse Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}
Michael Vogt [Wed, 1 Oct 2014 10:21:55 +0000 (12:21 +0200)] 
Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}

The configuration key Acquire::AllowInsecureRepositories controls if
apt allows loading of unsigned repositories at all.

The configuration Acquire::AllowDowngradeToInsecureRepositories
controls if a signed repository can ever become unsigned. This
should really never be needed but we provide it to avoid having
to mess around in /var/lib/apt/lists if there is a use-case for
this (which I can't think of right now).

10 years agoadd verify for the .diff/Index download and add FIXME for pkgAcqIndexDiffs/pkgAcqMerg...
Michael Vogt [Wed, 1 Oct 2014 09:20:08 +0000 (11:20 +0200)] 
add verify for the .diff/Index download and add FIXME for pkgAcqIndexDiffs/pkgAcqMergeDiffs

10 years agoTurkish program translation update
Mert Dirik [Wed, 1 Oct 2014 06:18:32 +0000 (08:18 +0200)] 
Turkish program translation update

Closes: 763379
10 years agoMerge remote-tracking branch 'donkult/debian/experimental' into debian/experimental
Michael Vogt [Tue, 30 Sep 2014 13:21:52 +0000 (15:21 +0200)] 
Merge remote-tracking branch 'donkult/debian/experimental' into debian/experimental

10 years agoadjust version numbers for the planed upload
Michael Vogt [Tue, 30 Sep 2014 13:21:44 +0000 (15:21 +0200)] 
adjust version numbers for the planed upload

10 years agofix another instance of warning: extra ‘;’ [-Wpedantic]
David Kalnischkies [Tue, 30 Sep 2014 01:00:42 +0000 (03:00 +0200)] 
fix another instance of warning: extra ‘;’ [-Wpedantic]

Git-Dch: Ignore

10 years agosupport parsing of all hashes for pdiff
David Kalnischkies [Mon, 29 Sep 2014 20:45:52 +0000 (22:45 +0200)] 
support parsing of all hashes for pdiff

The fileformat of a pdiff index stores currently only SHA1 hashes. With
this change, we look for all other hashes we support as well and take
what we get, so that we can work after the release of jessie to get
right of SHA1 if we want to.

Note that the completely patched file is and was checked against the
hashes collected from the Release file, so this transition isn't mission
critical.

10 years agomark private methods as hidden
David Kalnischkies [Mon, 29 Sep 2014 13:41:12 +0000 (15:41 +0200)] 
mark private methods as hidden

We are the only possible users of private methods, so we are also the
only users who can potentially export them via using them in inline
methods. The point is: We don't need these symbols exported if we don't
do this, so marking them as hidden removes some methods from the API
without breaking anything as nobody could have used them.

Git-Dch: Ignore

10 years agocleanup
Michael Vogt [Mon, 29 Sep 2014 15:38:23 +0000 (17:38 +0200)] 
cleanup

10 years agofix Configuration::FindVector API
David Kalnischkies [Mon, 29 Sep 2014 12:00:33 +0000 (14:00 +0200)] 
fix Configuration::FindVector API

Git-Dch: Ignore

10 years agoupdate symbols file
David Kalnischkies [Mon, 29 Sep 2014 11:25:07 +0000 (13:25 +0200)] 
update symbols file

10 years agoMerge remote-tracking branch 'debian/debian/experimental' into feature/acq-trans
Michael Vogt [Mon, 29 Sep 2014 09:47:20 +0000 (11:47 +0200)] 
Merge remote-tracking branch 'debian/debian/experimental' into feature/acq-trans

10 years agomore test fixes
Michael Vogt [Mon, 29 Sep 2014 09:47:03 +0000 (11:47 +0200)] 
more test fixes

10 years agoTest if TMPDIR is a directory in apt-key and if not unset it
Michael Vogt [Mon, 29 Sep 2014 09:43:37 +0000 (11:43 +0200)] 
Test if TMPDIR is a directory in apt-key and if not unset it

This prevents a failure in mktemp -d - it will blindly trust
TMPDIR and not use something else if the dir is not there.

10 years agofix DestFile ext
Michael Vogt [Mon, 29 Sep 2014 09:26:30 +0000 (11:26 +0200)] 
fix DestFile ext

10 years agotest fixes
Michael Vogt [Mon, 29 Sep 2014 09:03:02 +0000 (11:03 +0200)] 
test fixes

10 years agorefactor
Michael Vogt [Mon, 29 Sep 2014 08:43:00 +0000 (10:43 +0200)] 
refactor

10 years agoAdjust DestFile in ReverifyAfterIMS() to not include compr Extension
Michael Vogt [Mon, 29 Sep 2014 08:41:31 +0000 (10:41 +0200)] 
Adjust DestFile in ReverifyAfterIMS() to not include compr Extension

10 years agoMerge remote-tracking branch 'upstream/debian/experimental' into feature/acq-trans
Michael Vogt [Mon, 29 Sep 2014 07:58:38 +0000 (09:58 +0200)] 
Merge remote-tracking branch 'upstream/debian/experimental' into feature/acq-trans

Conflicts:
apt-pkg/acquire-item.cc
apt-pkg/acquire-item.h
methods/gpgv.cc

10 years agoAdd missing "adduser" dependency (for the new _apt user)
Michael Vogt [Mon, 29 Sep 2014 06:37:48 +0000 (08:37 +0200)] 
Add missing "adduser" dependency (for the new _apt user)

Closes: #763004
Thanks: Russ Allbery

10 years agoMerge branch 'debian/sid' into debian/experimental
Michael Vogt [Mon, 29 Sep 2014 06:33:33 +0000 (08:33 +0200)] 
Merge branch 'debian/sid' into debian/experimental

Conflicts:
apt-pkg/acquire-item.cc

10 years agoSet STRIP_FROM_PATH for doxygen
Trần Ngọc Quân [Sun, 28 Sep 2014 08:33:19 +0000 (15:33 +0700)] 
Set STRIP_FROM_PATH for doxygen

Signed-off-by: Trần Ngọc Quân <vnwildman@gmail.com>
10 years agoreplace c-string Mode with c++-string ActiveSubprocess
David Kalnischkies [Sat, 27 Sep 2014 23:57:49 +0000 (01:57 +0200)] 
replace c-string Mode with c++-string ActiveSubprocess

A long-lasting FIXME in the acquire code points out the problem that we
e.g. for decompressors assign c-string representations of c++-strings to
the Mode variable, which e.g. cppcheck points out as very bad.

In practice, nothing major happens as the c++-strings do not run out of
scope until Mode would do, but that is bad style and fragile, so the
obvious proper fix is to use a c++ string for storage to begin with.

The slight complications stems from the fact that progress reporting
code in frontends potentially uses Mode and compares it with NULL, which
can't be done with std::string, so instead of just changing the type we
introduce a new variable and deprecate the old one.

Git-Dch: Ignore

10 years agoallow options between command and -- on commandline
David Kalnischkies [Sat, 27 Sep 2014 23:25:21 +0000 (01:25 +0200)] 
allow options between command and -- on commandline

This used to work before we implemented a stricter commandline parser
and e.g. the dd-schroot-cmd command constructs commandlines like this.

Reported-By: Helmut Grohne
10 years agocleanup partial directory of lists in apt-get clean
David Kalnischkies [Sat, 27 Sep 2014 18:09:44 +0000 (20:09 +0200)] 
cleanup partial directory of lists in apt-get clean

Not really the intended usecase for apt-get clean, but users expect it
to help them in recovery and it can't really hurt as this directory
should be empty if everything was fine and proper anyway.

Closes: #762889
10 years agoallow fetcher setup without directory creation
David Kalnischkies [Sat, 27 Sep 2014 17:45:30 +0000 (19:45 +0200)] 
allow fetcher setup without directory creation

apt-get download and changelog as well as apt-helper reuse the acquire
system for their own proposes without requiring the directories the
fetcher wants to create, which is a problem if you run them as non-root
and the directories do not exist as it greets you with:
E: Archives directory /var/cache/apt/archives/partial is missing. -
Acquire (13: Permission denied)

Closes: 762898
10 years agoJapanese program translation update
Kenshi Muto [Sat, 27 Sep 2014 17:37:30 +0000 (19:37 +0200)] 
Japanese program translation update

Closes: 763033
10 years agostore source name and version in binary cache
David Kalnischkies [Fri, 20 Jun 2014 17:34:40 +0000 (19:34 +0200)] 
store source name and version in binary cache

Accessing the package records to acquire this information is pretty
costly, so that information wasn't used so far in many places. The most
noticeable user by far is EDSP at the moment, but there are ideas to
change that which this commit tries to enable.

10 years agofix: %i in format string (no. 1) requires 'int' but the argument type is
David Kalnischkies [Fri, 26 Sep 2014 23:00:14 +0000 (01:00 +0200)] 
fix: %i in format string (no. 1) requires 'int' but the argument type is
'unsigned int'

Git-Dch: Ignore
Reported-By: cppcheck
10 years agofix: The class 'pkgSourceList' defines member variable with name 'SrcList' also defin...
David Kalnischkies [Fri, 26 Sep 2014 22:51:03 +0000 (00:51 +0200)] 
fix: The class 'pkgSourceList' defines member variable with name 'SrcList' also defined in its parent class 'pkgSource'

Git-Dch: Ignore
Reported-By: cppcheck
10 years agofix: Prefer prefix ++/-- operators for non-primitive types
David Kalnischkies [Fri, 26 Sep 2014 22:49:25 +0000 (00:49 +0200)] 
fix: Prefer prefix ++/-- operators for non-primitive types

Git-Dch: Ignore
Reported-By: cppcheck
10 years agofix: Consecutive return, break, continue, goto or throw statements are unnecessary.
David Kalnischkies [Fri, 26 Sep 2014 22:46:43 +0000 (00:46 +0200)] 
fix: Consecutive return, break, continue, goto or throw statements are unnecessary.

Git-Dch: Ignore
Reported-By: cppcheck
10 years agoMerge branch 'feature/gnupglimit' into debian/experimental
David Kalnischkies [Fri, 26 Sep 2014 22:12:44 +0000 (00:12 +0200)] 
Merge branch 'feature/gnupglimit' into debian/experimental

10 years agoadd gnupg and gnupg2 as test-dependency
David Kalnischkies [Fri, 26 Sep 2014 21:09:01 +0000 (23:09 +0200)] 
add gnupg and gnupg2 as test-dependency

apt can work with both, so it has an or-dependency on them,
but the tests want to play with both of them.

Git-Dch: Ignore

10 years agoensure apt-key del handles 16-byte key ids
James McCoy [Mon, 18 Aug 2014 10:54:19 +0000 (12:54 +0200)] 
ensure apt-key del handles 16-byte key ids

The original patch does not apply against the rewritten apt-key,
but an additional test doesn't hurt.

Closes: 754436
10 years agoremove empty keyrings in trusted.gpg.d on upgrade
David Kalnischkies [Fri, 24 Jan 2014 14:45:09 +0000 (15:45 +0100)] 
remove empty keyrings in trusted.gpg.d on upgrade

Adding and deleting many repositories could cause (empty) keyring files
to pill up in older apt-key versions, which in the end might cause gnupg
to run into its internal limit of at most 40 keyrings

10 years agoadd and use 'apt-key verify' which prefers gpgv over gpg
David Kalnischkies [Mon, 14 Apr 2014 16:24:17 +0000 (18:24 +0200)] 
add and use 'apt-key verify' which prefers gpgv over gpg

gnupg/gnupg2 can do verify just fine of course, so we don't need to use
gpgv here, but it is what we always used in the past, so there might be
scripts expecting a certain output and more importantly the output of
apt-cdrom contains messages from gpg and even with all the settings we
activate to prevent it, it still shows (in some versions) a quiet scary:
"gpg: WARNING: Using untrusted key!" message. Keeping the use of gpgv is
the simplest way to prevent it.

We are increasing also the "Breaks: apt" version from libapt as it
requires a newer apt-key than might be installed in partial upgrades.

10 years agomiscellaneous small cleanups in apt-key
David Kalnischkies [Thu, 6 Feb 2014 17:43:55 +0000 (18:43 +0100)] 
miscellaneous small cleanups in apt-key

Git-Dch: Ignore

10 years agoadd --readonly option for apt-key adv
David Kalnischkies [Thu, 6 Feb 2014 16:56:28 +0000 (17:56 +0100)] 
add --readonly option for apt-key adv

Some advanced commands can be executed without the keyring being
modified like --verify, so this adds an option to disable the mergeback
and uses it for our gpg calling code.

Git-Dch: Ignore

10 years agouse only one --keyring in gpg interactions
David Kalnischkies [Mon, 27 Jan 2014 21:07:16 +0000 (22:07 +0100)] 
use only one --keyring in gpg interactions

We were down to at most two keyrings before, but gnupg upstream plans
dropping support for multiple keyrings in the longrun, so with a
single keyring we hope to be future proof – and 'apt-key adv' isn't a
problem anymore as every change to the keys is merged back, so we have
now the same behavior as before, but support an unlimited amount of
trusted.gpg.d keyrings.

10 years agoadd --secret-keyring option for apt-key
David Kalnischkies [Mon, 27 Jan 2014 17:26:44 +0000 (18:26 +0100)] 
add --secret-keyring option for apt-key

For some advanced usecases it might be handy to specify the secret
keyring to be used (e.g. as it is used in the testcases), but specifying
it via a normal option for gnupg might not be available forever:
http://lists.gnupg.org/pipermail/gnupg-users/2013-August/047180.html

Git-Dch: Ignore

10 years agoallow to specify fingerprints in 'apt-key del'
David Kalnischkies [Mon, 27 Jan 2014 16:04:53 +0000 (17:04 +0100)] 
allow to specify fingerprints in 'apt-key del'

10 years agoadd a test for apt-key export{,all}
David Kalnischkies [Mon, 27 Jan 2014 15:59:46 +0000 (16:59 +0100)] 
add a test for apt-key export{,all}

Git-Dch: Ignore

10 years agouse apt-key to wrap gpg calls in testcases
David Kalnischkies [Sun, 26 Jan 2014 18:23:58 +0000 (19:23 +0100)] 
use apt-key to wrap gpg calls in testcases

beside testing apt-key a bit it also avoids duplicating gpghome setup
code in apt-key and the test framework

Git-Dch: Ignore

10 years agorespect --keyring also in merged keyring commands
David Kalnischkies [Sun, 26 Jan 2014 18:14:13 +0000 (19:14 +0100)] 
respect --keyring also in merged keyring commands

Git-Dch: Ignore

10 years agosupport gnupg2 as drop-in replacement for gnupg
David Kalnischkies [Sun, 26 Jan 2014 17:28:50 +0000 (18:28 +0100)] 
support gnupg2 as drop-in replacement for gnupg

If both are available APT will still prefer gpg over gpg2 as it is a bit
more lightweight, but it shouldn't be a problem to use one or the other
(at least at the moment, who knows what will happen in the future).

10 years agodelay gnupg setup in apt-key until it is needed
David Kalnischkies [Sun, 26 Jan 2014 16:37:00 +0000 (17:37 +0100)] 
delay gnupg setup in apt-key until it is needed

'apt-key help' and incorrect usage do not need a functioning gnupg
setup, as well as we shouldn't try to setup gnupg before we actually
test if it is available (and print a message if it is not).

10 years agocorrect the error messages to refer to apt-key instead of gpgv
David Kalnischkies [Sun, 26 Jan 2014 16:23:50 +0000 (17:23 +0100)] 
correct the error messages to refer to apt-key instead of gpgv

Git-Dch: Ignore

10 years agouse apt-key adv (+ gnupg) instead of gpgv for verify
David Kalnischkies [Fri, 24 Jan 2014 22:48:11 +0000 (23:48 +0100)] 
use apt-key adv (+ gnupg) instead of gpgv for verify

apt-key does the keyring merge as we need it, so we just call it instead
of reimplementing it to do the merging before gpgv. This means we don't
use gpgv anymore (we never depended on it explicitly - bad style), but
it also means that the message in apt-cdrom add is a bit less friendly
as it says loudly "untrusted key", but for a one-time command its okay.

10 years agomerge fragment keyrings in apt-key to avoid hitting gpg limits
David Kalnischkies [Fri, 24 Jan 2014 21:40:52 +0000 (22:40 +0100)] 
merge fragment keyrings in apt-key to avoid hitting gpg limits

gnupg has a hardlimit of 40 (at the moment) keyrings per invocation,
which can be exceeded with (many) repositories. That is rather
misfortune as the longrun goal was to drop gnupg dependency at some
point in the future, but this can now be considered missed and dropped.

It also means that 'apt-key adv' commands might not have the behaviour
one would expect it to have as it mainly operates on a big temporary
keyring, so commands modifying keys will break. Doing this was never a
good idea anyway through, so lets just hope nothing break too badly.

Closes: 733028
10 years agorefactor key removal code to reuse it in next step
David Kalnischkies [Fri, 24 Jan 2014 17:24:43 +0000 (18:24 +0100)] 
refactor key removal code to reuse it in next step

Git-Dch: Ignore

10 years agoset a primary-keyring only if we have access to it
David Kalnischkies [Fri, 24 Jan 2014 16:41:35 +0000 (17:41 +0100)] 
set a primary-keyring only if we have access to it

10 years agosupport (multiple) arguments properly in apt-key
David Kalnischkies [Fri, 24 Jan 2014 16:24:56 +0000 (17:24 +0100)] 
support (multiple) arguments properly in apt-key

10 years agoonly create new trusted.gpg if directory is writeable
David Kalnischkies [Fri, 24 Jan 2014 16:14:52 +0000 (17:14 +0100)] 
only create new trusted.gpg if directory is writeable

10 years agoall errors should be printed to stderr
David Kalnischkies [Fri, 24 Jan 2014 15:44:49 +0000 (16:44 +0100)] 
all errors should be printed to stderr

Git-Dch: Ignore

10 years agoadd a (hidden) --quiet option for apt-key
David Kalnischkies [Fri, 24 Jan 2014 15:43:19 +0000 (16:43 +0100)] 
add a (hidden) --quiet option for apt-key

10 years agorename postrm to apt.postrm
David Kalnischkies [Fri, 24 Jan 2014 14:18:14 +0000 (15:18 +0100)] 
rename postrm to apt.postrm

It helps in identifying its affiliation.
Also removes the old postinst which was hidden by apt.postinst for a
long time now and would just install a sources.list in edgecases which
is probably not a good idea (e.g. on my system /etc/apt/sources.list
does not exist). It is better done by the installer of the distro.

Git-Dch: Ignore

10 years agoremove leftover debug output from multikey softlink
David Kalnischkies [Fri, 24 Jan 2014 14:02:39 +0000 (15:02 +0100)] 
remove leftover debug output from multikey softlink

Git-Dch: Ignore