Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.8.0_alpha3.1 2018-12-04T16:48:41Z 2018-12-04T16:48:41Z Julian Andres Klode julian.klode@canonical.com 2018-12-03T16:39:03Z urn:sha1:bbfcc05c1978decd28df9681fd73e2a7d9a8c2a5 This allows us to install matching auth files for sources.list.d files, for example; very useful. This converts aptmethod's authfd from one FileFd to a vector of pointers to FileFd, as FileFd cannot be copied, and move operators are hard. 2018-11-25T16:38:31Z David Kalnischkies david@kalnischkies.de 2018-11-25T16:38:31Z urn:sha1:f313e09d167cc7a83846ac9d4d5d72ba10cc2638 No user visible change expect for some years old changelog entries, so we don't really need to add a new one for this… Reported-By: codespell Gbp-Dch: Ignore 2018-11-25T16:22:43Z David Kalnischkies david@kalnischkies.de 2018-11-25T15:40:42Z urn:sha1:37de1902919ac27d4527edc4210f1f927ea376ef Not needed for common interactions, but for some download-file interactions it could be useful to set a specific referer as some servers do not serve requested files otherwise. 2018-11-13T09:20:09Z Julian Andres Klode julian.klode@canonical.com 2018-11-13T09:19:58Z urn:sha1:9bb831d7d489eac732d4aaccc1a014d923e711ff This reverts commit fb3f36593563d09a8d1727cc7c6deb0b49823ca2. It caused downloads to hang on long-lived connections on certain servers. Gbp-Dch: full 2018-11-12T10:51:56Z Julian Andres Klode julian.klode@canonical.com 2018-11-02T17:19:33Z urn:sha1:fb3f36593563d09a8d1727cc7c6deb0b49823ca2 If the server closed the connection while we're reading data, and we end up not having any data left to write; that is, for example, we received 0 bytes, then we did not exit before, as we only returned success if there was data to write. This is wrong: Obviously, if we have reached our limit, we are done anyway. It's a bit unclear if we actually ever reached this part, but it does make some sense wrt the bug below. LP: #1801338 2018-10-14T19:23:41Z Julian Andres Klode jak@debian.org 2018-10-14T19:23:41Z urn:sha1:b80e48783c183aeaf1d30d898a7743f091d96336 Support subkeys and multiple keyrings in Signed-By options See merge request apt-team/apt!27 2018-09-18T14:07:24Z Julian Andres Klode julian.klode@canonical.com 2018-08-31T14:07:07Z urn:sha1:df696650b7a8c58bbd92e0e1619e956f21010a96 It is perfectly valid behavior for a server to respond with Connection: close eventually, even when pipelining. Turning off pipelining due to that is wrong. For example, some Ubuntu mirrors close the connection after 101 requests. If I have more packages to install, only the first 101 would benefit from pipelining. This commit introduces a new check to only turn of pipelining for future connections if the pipeline for this connection did not have 3 successful fetches before, that should work quite well to detect broken server/proxy combinations like in bug 832113. 2018-09-11T11:16:11Z David Kalnischkies david@kalnischkies.de 2018-08-17T14:33:41Z urn:sha1:8375d5b58038fc026098dcccc3de87cd9d740334 A user can specify multiple fingerprints for a while now, so its seems counter-intuitive to support only one keyring, especially if this isn't really checked or enforced and while unlikely mixtures of both should work properly, too, instead of a kinda random behaviour. 2018-09-11T11:16:11Z David Kalnischkies david@kalnischkies.de 2018-08-17T09:59:45Z urn:sha1:ff8fa4ab4b80384a9240f0df63181f71077a8d83 If we limit a file to be signed by a certain key it should usually accept also being signed by any of this keys subkeys instead of requiring each subkey to be listed explicitly. If the later is really wanted we support now also the same syntax as gpg does with appending an exclamation mark at the end of the fingerprint to force no mapping. 2018-08-19T15:30:31Z David Kalnischkies david@kalnischkies.de 2018-08-16T21:36:41Z urn:sha1:b934870c4f893be28eb1537910c0aadce6dd6e09 gpgs DETAILS documentation file declares that GOODSIG could report keyid or fingerprint since gpg2, but for the time being it is still keyid only. Who knows if that will ever change as that feels like an interface break with dangerous security implications, but lets be better safe than sorry especially as the code dealing with signed-by keyids is prepared for this already. This code is rewritten still to have them all use the same code for this type of problem.