Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.9.7 2020-01-15T21:07:25Z 2020-01-15T21:07:25Z Julian Andres Klode julian.klode@canonical.com 2019-12-04T12:58:38Z urn:sha1:a9916c3faa2b8c6fa288599efec65868d050b0ef Commit 93f33052de84e9aeaf19c92291d043dad2665bbd restricted auth.conf entries to only apply to https by default, but this was silent - there was no information why http sources with auth.conf entries suddenly started failing. Add such information, and extend test case to cover it. 2020-01-07T21:51:41Z Julian Andres Klode julian.klode@canonical.com 2020-01-07T21:37:36Z urn:sha1:df4b92bd1df204e7fb0d22e73e143d205d74aea6 2019-11-26T11:36:46Z David Kalnischkies david@kalnischkies.de 2019-09-13T10:01:47Z urn:sha1:35012abf30ec1cfc9b5ee29647d4b1e25d98e99f Unused variable, std::algorithms instead of raw for-loops. There should be no observeable difference in behaviour. Reported-By: cppcheck Gbp-Dch: Ignore 2019-07-10T14:15:30Z David Kalnischkies david@kalnischkies.de 2019-07-10T14:15:30Z urn:sha1:5cfbc5727dba2f4662d24cf4deb7cab7cdd57c14 Also in old changelogs, but nothing really user visible like error messages or alike so barely noteworthy. Reported-By: codespell Gbp-Dch: Ignore 2019-07-08T13:51:17Z David Kalnischkies david@kalnischkies.de 2019-07-08T13:48:59Z urn:sha1:2b734a7ec429825c7007c1093883229e069d36c7 Reported-By: cppcheck 2019-06-17T16:28:52Z Julian Andres Klode julian.klode@canonical.com 2019-06-17T16:28:52Z urn:sha1:97553e635d2265ec4aad96b00b1fd72d98437f15 We are converting to std::string anyway by passing to istringstream, and this removes the need for .c_str() in callers. 2019-06-11T15:27:34Z Simon Körner git@lubiland.de 2019-05-17T22:32:15Z urn:sha1:86d4d98060f36c7e71c34af20a1193a75496ef72 Currently CONNECT requests use the name of the proxy as Host value, instead of the origin server's name. According to RFC 2616 "The Host field value MUST represent the naming authority of the origin server or gateway given by the original URL." The current implementation causes problems with some proxy vendors. This commit fixes this. [jak: Adding a test case] See merge request apt-team/apt!66 2019-06-11T12:16:18Z Julian Andres Klode julian.klode@canonical.com 2019-06-11T12:16:18Z urn:sha1:93e0ba2bfde58e6c1fbad53614083be8754d7ee8 apt Debian release 1.8.2 2019-05-21T12:53:01Z Michael Zhivich mzhivich@akamai.com 2019-05-20T19:07:04Z urn:sha1:f3e109d40937dbf90994bcf74b76837ec670205c When accessing repository protected by TLS mutual auth, apt may receive a "re-handshake" request from the server, which must be handled in order for download to proceed. This situation arises when the server requests a client certificate based on the resource path provided in the GET request, after the inital handshake in UnwrapTLS() has already occurred, and a secure connection has been established. This issue has been observed with Artifactory-backed Debian repository. To address the issue, split TLS handshake code out into its own method in TlsFd, and call it when GNUTLS_E_REHANDSHAKE error is received. Signed-off-by: Michael Zhivich <mzhivich@akamai.com> (merged from Debian/apt#93) LP: #1829861 2019-04-30T15:43:56Z Julian Andres Klode julian.klode@canonical.com 2019-04-30T10:32:54Z urn:sha1:af74a9e2d55d6a9532eb3fbb9b96c65b7ddc1e4d This needs a fair amount of changes elsewhere in the code, hence this is separate from the previous commits.