apt/apt-pkg/contrib/hashes.cc, branch 1.6_alpha2

Reformat and sort all includes with clang-format

2017-07-12T11:57:51Z

This makes it easier to see which headers includes what. The changes were done by running git grep -l '#\s*include' \ | grep -E '.(cc|h)$' \ | xargs sed -i -E 's/(^\s*)#(\s*)include/\1#\2 include/' To modify all include lines by adding a space, and then running ./git-clang-format.sh.

avoid explicit types for pkg counts by auto

2017-06-26T21:31:15Z

Changes nothing on the program front and as the datatypes are sufficently comparable fixes no bug either, but problems later on if we ever change the types of those and prevent us using types which are too large for the values we want to store waste (a tiny bit of) resources. Gbp-Dch: Ignore

try not to call memcpy with length 0 in hash calculations

2016-09-01T14:13:14Z

memcpy is marked as nonnull for its input, but ignores the input anyhow if the declared length is zero. Our SHA2 implementations do this as well, it was "just" MD5 and SHA1 missing, so we add the length check here as well as along the callstack as it is really pointless to do all these method calls for "nothing". Reported-By: gcc -fsanitize=undefined

Allow lowering trust level of a hash via config

2016-03-28T12:59:33Z

Introduces APT::Hashes:: with entries Untrusted and Weak which can be set to true to cause the hash to be treated as untrusted and/or weak.

Do not consider SHA1 usable

2016-03-13T12:01:14Z

SHA1 is not reasonably secure anymore, so we should not consider it usable anymore. The test suite is adjusted to account for this.

use unusable-for-security hashes for integrity checks

2015-09-01T12:19:44Z

We want to declare some hashes as not enough for security, so that a user will need --allow-unauthenticated or similar to get data secured only by those hashes, but we can still us these hashes for integrity checks if we got them.

Consider md5sum no longer a usable hash

2015-09-01T09:29:49Z

The md5sum hash is broken since some time and we should no longer consider it a usable hash. Also update the tests to reflect this.

make all d-pointer * const pointers

2015-08-10T15:25:25Z

Doing this disables the implicit copy assignment operator (among others) which would cause hovac if used on the classes as it would just copy the pointer, not the data the d-pointer points to. For most of the classes we don't need a copy assignment operator anyway and in many classes it was broken before as many contain a pointer of some sort. Only for our Cacheset Container interfaces we define an explicit copy assignment operator which could later be implemented to copy the data from one d-pointer to the other if we need it. Git-Dch: Ignore

apply various style suggestions by cppcheck

2015-08-10T15:24:01Z

Some of them modify the ABI, but given that we prepare a big one already, these few hardly count for much. Git-Dch: Ignore

support hashes for compressed pdiff files

2015-06-09T10:57:36Z

At the moment we only have hashes for the uncompressed pdiff files, but via the new '$HASH-Download' field in the .diff/Index hashes can be provided for the .gz compressed pdiff file, which apt will pick up now and use to verify the download. Now, we "just" need a buy in from the creators of repositories…