Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.2.11 2016-04-14T14:55:35Z 2016-04-14T14:55:35Z David Kalnischkies david@kalnischkies.de 2016-04-14T14:16:06Z urn:sha1:479f6fa454cd6ee9e1bc4d9ecda856d34584092e With the previous fix for file applied we can again hit repositories which contain uncompressed empty files, which since the introduction of the central store: method wasn't accounted for anymore as we forbid empty compressed files. 2016-04-14T14:15:39Z David Kalnischkies david@kalnischkies.de 2016-04-14T14:01:56Z urn:sha1:e169fa4a85e03b2b03bb1bdba716b96654ae6050 A silly of-by-one error in the stripping of the extension to check for the uncompressed filename broken in an attempt to support all compressions in commit a09f6eb8fc67cd2d836019f448f18580396185e5. Fixing this highlights also mistakes in the handling of the Alt-Filename in libapt which would cause apt to remove the file from the repository (if root has the needed rights – aka the disk isn't readonly or similar) 2016-03-28T12:59:33Z Julian Andres Klode jak@debian.org 2016-03-28T01:34:54Z urn:sha1:6a4958d3134a3a61c036bc9ccaccc393c2bb99f2 Introduces APT::Hashes::<NAME> with entries Untrusted and Weak which can be set to true to cause the hash to be treated as untrusted and/or weak. 2016-03-22T00:58:45Z David Kalnischkies david@kalnischkies.de 2016-03-22T00:26:29Z urn:sha1:08b7761a251a36fa65cbe022a86c51d7f091a88d Our own gpgv method can declare a digest algorithm as untrusted and handles these as worthless signatures. If gpgv comes with inbuilt untrusted (which is called weak in official terminology) which it e.g. does for MD5 in recent versions we should handle it in the same way. To check this we use the most uncommon still fully trusted hash as a configureable one via a hidden config option to toggle through all of the three states a hash can be in. 2016-03-21T21:47:17Z David Kalnischkies david@kalnischkies.de 2016-03-21T17:47:10Z urn:sha1:8fa99570816d3a644a9c4386c6a8f2ca21480329 Using erase(pos) is invalid in our case here as pos must be a valid and derefenceable iterator, which isn't the case for an end-iterator (like if we had no good signature). The problem runs deeper still through as VALIDSIG is a keyid while GOODSIG is just a longid so comparing them will always fail. Closes: 818910 2016-03-16T19:37:42Z Julian Andres Klode jak@debian.org 2016-03-16T19:02:53Z urn:sha1:5f060c2776606f3166bd6c64119c31be8ba5d857 There was a complaint that, in the previous message, the key fingerprint could be mistaken for a SHA1 digest due to the (SHA1) after it. Gbp-Dch: ignore 2016-03-16T16:56:50Z Julian Andres Klode jak@debian.org 2016-03-16T15:54:05Z urn:sha1:349c5c89454ff344e4cf693492e7cb62ff549886 This should be easy to extend in the future and allow us to simplify the error handling cases somewhat. Thanks: Ron Lee for wording suggestions 2016-03-15T11:33:21Z Julian Andres Klode jak@debian.org 2016-03-15T11:30:37Z urn:sha1:07ea3af0fe55fdfe976ab847c5c88efd703d1282 We will drop support for those in the future. Also adjust the std::array to be a std::vector, as that's easier to maintain. 2016-03-15T11:33:21Z Julian Andres Klode jak@debian.org 2016-03-15T10:40:10Z urn:sha1:8c9b7725c3d89461e78061aff4bc644cdb237fe7 This can be used by workers to send warnings to the main program. The messages will be passed to _error->Warning() by APT with the URI prepended. We are not going to make that really public now, as the interface might change a bit. 2016-03-15T11:33:21Z Julian Andres Klode jak@debian.org 2016-03-15T09:56:05Z urn:sha1:08fd77e83528fd03795524adf76e359ae2b56e06 We added weak signatures to BadSigners, meaning that a Release file signed by both a weak signature and a strong signature would be rejected; preventing people from migrating from DSA to RSA keys in a sane way. Instead of using BadSigners, treat weak signatures like expired keys: They are no good signatures, and they are worthless. Gbp-Dch: ignore