apt/test/libapt, branch 1.8.0_alpha3.1Debians commandline package managerhttps://git.kalnischkies.de/apt/atom?h=1.8.0_alpha3.12018-08-14T17:44:28ZCMake: Use ${PROJECT_NAME} instead of hardcoding apt2018-08-14T17:44:28ZDavid Kalnischkiesdavid@kalnischkies.de2018-06-28T16:23:36Zurn:sha1:9a521ed76019fc7bdad1bf09c063bd3550536ef0
Completely pointless as it makes no difference for apt,
but copying the file to other projects becomes a lot easier.
Gbp-Dch: Ignore
Fix various typos reported by spellcheckers2018-05-04T22:34:27ZDavid Kalnischkiesdavid@kalnischkies.de2018-05-04T17:56:41Zurn:sha1:b12bdeaf8acd050c5526ecc05526db70df5fd485
Reported-By: codespell & spellintian
Gbp-Dch: Ignore
Prevent GTest from flooding us with compiler warnings2018-05-04T16:42:37ZDavid Kalnischkiesdavid@kalnischkies.de2018-05-04T16:24:57Zurn:sha1:1d77c915005f7630949e2ce706055ee3235009b6
GTest has a bunch of undefined macros which causes the compiler to spit
out warnings for each one on each test file. There isn't much we can do,
so we just disable the warning for the testcases. Other warnings like
sign-promo and sign-compare we can avoid by being more explicit about
our expected integer constants being unsigned.
As we are just changing testcases, there is no user visible change which
would deserve to be noted in the changelog.
Gbp-Dch: Ignore
Reported-By: gcc-8
Fix build with new gtest2018-05-04T15:35:49ZJulian Andres Klodejulian.klode@canonical.com2018-05-04T14:07:12Zurn:sha1:39d9e217a22901892647499ee695ba472a111d25
Still allow the older one to be used.
Closes: #897149
apt-pkg: Add support for zstd2018-03-12T07:56:59ZJulian Andres Klodejulian.klode@canonical.com2018-03-08T08:33:39Zurn:sha1:4de4200ec2717e777bbf99ed82d1b4344f078ec2
zstd is a compression algorithm developed by facebook. At level 19,
it is about 6% worse in size than xz -6, but decompression is multiple
times faster, saving about 40% install time, especially with eatmydata
on cloud instances.
Support cleartext signed InRelease files with CRLF line endings2018-01-02T22:39:30ZDavid Kalnischkiesdavid@kalnischkies.de2018-01-02T14:14:58Zurn:sha1:dcc0759fea4bf65d5477678e287880927d2cc9be
Commit 89c4c588b275 ("fix from David Kalnischkies for the InRelease gpg
verification code (LP: #784473)") amended verification of cleartext
signatures by a check whether the file to be verified actually starts
with "-----BEGIN PGP SIGNATURE-----\n".
However cleartext signed InRelease files have been found in the wild
which use \r\n as line ending for this armor header line, presumably
generated by a Windows PGP client. Such files are incorrectly deemed
unsigned and result in the following (misleading) error:
Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)
RFC 4880 specifies in 6.2 Forming ASCII Armor:
That is to say, there is always a line ending preceding the
starting five dashes, and following the ending five dashes. The
header lines, therefore, MUST start at the beginning of a line, and
MUST NOT have text other than whitespace following them on the same
line.
RFC 4880 does not seem to specify whether LF or CRLF is used as line
ending for armor headers, but CR is generally considered whitespace
(e.g. "man perlrecharclass"), hence using CRLF is legal even under
the assumption that LF must be used.
SplitClearSignedFile() is stripping whitespace (including CR) on lineend
already before matching the string, so StartsWithGPGClearTextSignature() is
adapted to use the same ignoring. As the earlier method is responsible
for what apt will end up actually parsing nowadays as signed/unsigned this
change has no implications for security.
Thanks: Lukas Wunner for detailed report & initial patch!
References: 89c4c588b275d098af33f36eeddea6fd75068342
Closes: 884922
support multiline values in LookupTag2017-12-13T22:56:29ZDavid Kalnischkiesdavid@kalnischkies.de2017-07-17T08:52:09Zurn:sha1:07cd99066c30e70a9f41851c80e7c51f4e507163
LookupTag is a little helper to deal with rfc822-style strings we use in
apt e.g. to pass acquire messages around for cases in which our usual
rfc822 parser is too heavy. All the fields it had to deal with so far
were single line, but if they aren't it should really produce the right
output and not just return the first line. Error messages are a prime
candidate for becoming multiline as at the moment they are stripped of
potential newlines due to the previous insufficiency of LookupTag.
avoid some useless casts reported by -Wuseless-cast2017-12-13T22:53:41ZDavid Kalnischkiesdavid@kalnischkies.de2017-12-13T20:39:16Zurn:sha1:1adcf56bec7d2127d83aa423916639740fe8e586
The casts are useless, but the reports show some where we can actually
improve the code by replacing them with better alternatives like
converting whatever int type into a string instead of casting to a
specific one which might in the future be too small.
Reported-By: gcc -Wuseless-cast
Work around float rounding change in gcc 7 on i3862017-08-12T14:03:26ZJulian Andres Klodejak@debian.org2017-08-12T14:02:45Zurn:sha1:79c0a12d5c2d4fd8e6bfcf3a632a452239c07fe0
This caused a build failure in the test suite.
reimplement and document auth.conf2017-07-26T17:09:04ZDavid Kalnischkiesdavid@kalnischkies.de2017-07-07T14:24:21Zurn:sha1:ea408c560ed85bb4ef7cf8f72f8463653501332c
We have support for an netrc-like auth.conf file since 0.7.25 (closing
518473), but it was never documented in apt that it even exists and
netrc seems to have fallen out of usage as a manpage for it no longer
exists making the feature even more arcane.
On top of that the code was a bit of a mess (as it is written in c-style)
and as a result the matching of machine tokens to URIs also a bit
strange by checking for less specific matches (= without path) first.
We now do a single pass over the stanzas.
In practice early adopters of the undocumented implementation will not
really notice the differences and the 'new' behaviour is simpler to
document and more usual for an apt user.
Closes: #811181