Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.8.0_rc4 2019-02-05T11:50:05Z 2019-02-05T11:50:05Z Julian Andres Klode julian.klode@canonical.com 2019-02-05T11:48:46Z urn:sha1:e435312f0692996232fc12786be59513a2536489 This is a special case here, a best effort write, so there's no point in having warnings about it for every method. 2019-01-22T11:24:22Z David Kalnischkies david@kalnischkies.de 2018-09-11T23:44:18Z urn:sha1:7bf533967fb385b9625a1ee4dd7c6542a84b489c Telling the acquire system which keys caused the gpgv method to succeed allows us for now just a casual check if the gpgv method really executed catching bugs like CVE-2018-0501, but we will make use of the information for better features in the following commits. 2019-01-22T11:24:22Z David Kalnischkies david@kalnischkies.de 2018-09-11T14:45:06Z urn:sha1:6b01cd087e6f92c5511fe6eea73699e075aa699a Having a method take a bunch of string vectors is bad style, so we change this to a wrapping struct and adapt the rest of the code brushing it up slightly in the process, which results even in a slightly "better" debug output, no practical change otherwise. Gbp-Dch: Ignore 2018-12-04T16:48:41Z Julian Andres Klode julian.klode@canonical.com 2018-12-03T16:39:03Z urn:sha1:bbfcc05c1978decd28df9681fd73e2a7d9a8c2a5 This allows us to install matching auth files for sources.list.d files, for example; very useful. This converts aptmethod's authfd from one FileFd to a vector of pointers to FileFd, as FileFd cannot be copied, and move operators are hard. 2018-11-25T16:38:31Z David Kalnischkies david@kalnischkies.de 2018-11-25T16:38:31Z urn:sha1:f313e09d167cc7a83846ac9d4d5d72ba10cc2638 No user visible change expect for some years old changelog entries, so we don't really need to add a new one for this… Reported-By: codespell Gbp-Dch: Ignore 2018-11-25T16:22:43Z David Kalnischkies david@kalnischkies.de 2018-11-25T15:40:42Z urn:sha1:37de1902919ac27d4527edc4210f1f927ea376ef Not needed for common interactions, but for some download-file interactions it could be useful to set a specific referer as some servers do not serve requested files otherwise. 2018-11-13T09:20:09Z Julian Andres Klode julian.klode@canonical.com 2018-11-13T09:19:58Z urn:sha1:9bb831d7d489eac732d4aaccc1a014d923e711ff This reverts commit fb3f36593563d09a8d1727cc7c6deb0b49823ca2. It caused downloads to hang on long-lived connections on certain servers. Gbp-Dch: full 2018-11-12T10:51:56Z Julian Andres Klode julian.klode@canonical.com 2018-11-02T17:19:33Z urn:sha1:fb3f36593563d09a8d1727cc7c6deb0b49823ca2 If the server closed the connection while we're reading data, and we end up not having any data left to write; that is, for example, we received 0 bytes, then we did not exit before, as we only returned success if there was data to write. This is wrong: Obviously, if we have reached our limit, we are done anyway. It's a bit unclear if we actually ever reached this part, but it does make some sense wrt the bug below. LP: #1801338 2018-10-14T19:23:41Z Julian Andres Klode jak@debian.org 2018-10-14T19:23:41Z urn:sha1:b80e48783c183aeaf1d30d898a7743f091d96336 Support subkeys and multiple keyrings in Signed-By options See merge request apt-team/apt!27 2018-09-18T14:07:24Z Julian Andres Klode julian.klode@canonical.com 2018-08-31T14:07:07Z urn:sha1:df696650b7a8c58bbd92e0e1619e956f21010a96 It is perfectly valid behavior for a server to respond with Connection: close eventually, even when pipelining. Turning off pipelining due to that is wrong. For example, some Ubuntu mirrors close the connection after 101 requests. If I have more packages to install, only the first 101 would benefit from pipelining. This commit introduces a new check to only turn of pipelining for future connections if the pipeline for this connection did not have 3 successful fetches before, that should work quite well to detect broken server/proxy combinations like in bug 832113.