apt/apt-pkg/contrib, branch 1.4_beta1Debians commandline package managerhttps://git.kalnischkies.de/apt/atom?h=1.4_beta12016-11-23T23:21:35Zreport apt-key errors via status-fd messages2016-11-23T23:21:35ZDavid Kalnischkiesdavid@kalnischkies.de2016-11-12T22:22:33Zurn:sha1:8e438ede2f179f2f66268308c24d62952ac06fa4
We report warnings from apt-key this way already since
29c590951f812d9e9c4f17706e34f2c3315fb1f6, so reporting errors seems like
a good addition. Most of those errors aren't really from apt-key
through, but from the code setting up and actually calling it which used
to just print to stderr which might or might not intermix them with
(other) progress lines in update calls. Having them as proper error
messages in the system means that the errors are actually collected
later on for the list instead of ending up with our relatively generic
but in those cases bogus hint regarding "is gpgv installed?".
The effective difference is minimal as the errors apply mostly to
systems which have far worse problems than a not as nice looking error
message, which makes this pretty hard to test – but at least now the
hint that your system is broken can be read in proper order (= there
aren't many valid cases in which the permissions of /tmp are messed up…).
LP: #1522988
Compare size before data when ordering cache bucket entries2016-11-22T21:58:19ZJulian Andres Klodejak@debian.org2016-09-27T16:59:11Zurn:sha1:f378b41f9ab2493bcbc5892d482b18826b0b84c0
This has the effect of significantly reducing actual string
comparisons, and should improve the performance of FindGrp
a bit, although it's hardly measureable (callgrind says it
uses 10% instructions less now).
Optimize VersionHash() to not need temporary copy of input2016-11-22T21:58:18ZJulian Andres Klodejak@debian.org2016-09-27T16:28:55Zurn:sha1:f903069c139df58d1ba855f7cf02c4a2d4e51dc3
Stop copying stuff, and just parse the bytes one by-one to the
newly created AddCRC16Byte. This improves the instruction count
for an update run from 720,850,121 to 455,801,749 according to
callgrind.
Introduce tolower_ascii_unsafe() and use it for hashing2016-11-22T21:58:18ZJulian Andres Klodejak@debian.org2016-09-27T16:20:02Zurn:sha1:7a3b00b10b6a5a740e07fc1b68a4f3fb3bcdac23
This one has some obvious collisions for non-alphabetical characters,
like some control characters also hashing to numbers, but we don't
really have those, and these are hash functions which are not
collision free to begin with.
add TMP/TEMP/TEMPDIR to the TMPDIR DropPrivileges dance2016-11-11T22:38:47ZDavid Kalnischkiesdavid@kalnischkies.de2016-11-11T08:18:49Zurn:sha1:e2c8c825a5470e33c25d00e07de188d0e03922c8
apt tools do not really support these other variables, but tools apt
calls might, so lets play save and clean those up as needed.
Reported-By: Paul Wise (pabs) on IRC
reset HOME, USER(NAME), TMPDIR & SHELL in DropPrivileges2016-11-09T18:33:33ZDavid Kalnischkiesdavid@kalnischkies.de2016-11-09T18:15:01Zurn:sha1:34b491e735ad47c4805e63f3b83a659b8d10262b
We can't cleanup the environment like e.g. sudo would do as you usually
want the environment to "leak" into these helpers, but some variables
like HOME should really not have still the value of the root user – it
could confuse the helpers (USER) and HOME isn't accessible anyhow.
Closes: 842877
add support for Build-Depends/Conflicts-Arch2016-11-09T15:18:54ZJohannes Schauerjosch@debian.org2016-11-09T14:28:15Zurn:sha1:c5f22e483cc0f31f2938874370ac776e40792069
These new enum values might cause "interesting" behaviour in tools not
expecting them – like an old apt would think a Build-Conflicts-Arch is
some sort of Build-Depends – but that can't reasonably be avoided and
effects only packages using B-D/C-A so if there is any breakage the
tools can easily be adapted.
The APT_PKG_RELEASE number is increased so that libapt users can detect
the availability of these new enum fields via:
#if APT_PKG_ABI > 500 || (APT_PKG_ABI == 500 && APT_PKG_RELEASE >= 1)
Closes: #837395
Do not read stderr from proxy autodetection scripts2016-10-04T17:30:30ZJulian Andres Klodejak@debian.org2016-10-02T15:20:33Zurn:sha1:0ecceb5bb9cc8727c117195945b7116aceb984fe
This fixes a regression introduced in
commit 8f858d560e3b7b475c623c4e242d1edce246025a
don't leak FD in AutoProxyDetect command return parsing
which accidentally made the proxy autodetection code also read
the scripts output on stderr, not only on stdout when it switched
the code from popen() to Popen().
Reported-By: Tim Small <tim@seoss.co.uk>
try not to call memcpy with length 0 in hash calculations2016-09-01T14:13:14ZDavid Kalnischkiesdavid@kalnischkies.de2016-08-31T08:11:07Zurn:sha1:644478e8db56f305601c3628a74e53de048b28c8
memcpy is marked as nonnull for its input, but ignores the input anyhow
if the declared length is zero. Our SHA2 implementations do this as
well, it was "just" MD5 and SHA1 missing, so we add the length check
here as well as along the callstack as it is really pointless to do all
these method calls for "nothing".
Reported-By: gcc -fsanitize=undefined
Base256ToNum: Fix uninitialized value2016-08-31T15:40:15ZJulian Andres Klodejak@debian.org2016-08-31T15:18:07Zurn:sha1:cf7503d8a09ebce695423fdeb2402c456c18f3d8
If the inner Base256ToNum() returned false, it did not set
Num to a new value, causing it to be uninitialized, and thus
might have caused the function to exit despite a good result.
Also document why the Res = Num, if (Res != Num) magic is done.
Reported-By: valgrind