summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* allow Pre-Install-Pkgs hooks to get info over an FD != stdinDavid Kalnischkies2013-08-163-46/+81
| | | | | | | | | | | | | | | This adds ::InfoFD option alongside the ::Version one to request sending the information to the specified FD, by default it is STDIN as it was the case before. The environment variable APT_HOOK_INFO_FD contains the FD the data is on as a confirmation that the APT version used understood the request. Allowing the hook to choose the FD is needed/helpful e.g. for shellscripts which have a hard time accessing FDs above 9 (as >= 10 are usually used internally by them) Closes: #671728
* use malloc instead of new[] in pkgTagFileDavid Kalnischkies2013-08-151-15/+15
| | | | | | | | We don't need initialized memory for pkgTagFile, but more to the point we can use realloc this way which hides the bloody details of increasing the size of the buffer used. Git-Dch: Ignore
* ensure that pkgTagFile isn't writing past Buffer lengthDavid Kalnischkies2013-08-152-9/+25
| | | | | | | | | | | | | | | | | | | | | In 91c4cc14d3654636edf997d23852f05ad3de4853 I removed the +256 from the pkgTagFile call parsing Release files as I couldn't find a mentioning of a reason for why and it was marked as XXX which suggested that at least someone else was suspicious. It turns out that it is indeed "documented", it just didn't found it at first but the changelog of apt 0.6.6 (29. Dec 2003) mentions: * Restore the ugly hack I removed from indexRecords::Load which set the pkgTagFile buffer size to (file size)+256. This is concealing a bug, but I can't fix it right now. This should fix the segfaults that folks are seeing with 0.6.[45]. The bug it is "hiding" is that if pkgTagFile works with a file which doesn't end in a double newline it will be adding it without checking if the Buffer is big enough to store them. Its also not a good idea to let the End pointer be past the end of our space, even if we don't access the data. Closes: 719629
* set MALLOC_CHECK_ and MALLOC_PERTURB_ for testcasesDavid Kalnischkies2013-08-152-6/+6
| | | | | | | In bugreport deb:719629 Paul Wise mentions both to enable some malloc checks and as more testing can't hurt we enable both for all testcases. Git-Dch: Ignore
* rework the parameter creation for the Hashsum testDavid Kalnischkies2013-08-151-3/+5
| | | | | | Avoids having to different places from which test binaries are called Git-Dch: Ignore
* do not call make from libapt/run-tests if its called by makeDavid Kalnischkies2013-08-151-3/+5
| | | | | | | | | If we are called by make everything is build already and so this is just a noise nop we can just skip. (Noisy as it complains about being unable to communicate with the other makes to coordinate with the jobserver) Git-Dch: Ignore
* init the pkgTagFile with the size of the Release fileDavid Kalnischkies2013-08-152-2/+2
| | | | | | | Release files are basically one big Section, so we might safe some Resize circles by starting with the filesize. Git-Dch: Ignore
* * lp:~mvo/apt/add-glob-function:Michael Vogt2013-08-155-0/+83
| | | | | | | - add Glob() to fileutl.{cc,h} Conflicts: apt-pkg/contrib/fileutl.h debian/changelog
* * lp:~mvo/apt/config-clear:Michael Vogt2013-08-154-0/+22
| | | | | | | - support Configuration.Clear() for a clear of the entire configuration Conflicts: debian/changelog
* merge patch from Daniel Hartwig to Show a error message if {,dist-}upgrade ↵Michael Vogt2013-08-152-0/+8
| | | | | | is used with additional arguments (closes: #705510)
* merge patch from Daniel Hartwig to Clarify units of Acquire::http::Dl-Limit ↵Michael Vogt2013-08-152-5/+14
| | | | | | | (closes: #705445) Conflicts: debian/changelog
* fix typo in the test for abi-compliance-checkerMichael Vogt2013-08-121-2/+2
|
* update changelog for uploadMichael Vogt2013-08-121-2/+41
|
* do not call 'apt-key update' in apt.postinstDavid Kalnischkies2013-08-121-1/+0
| | | | | | | | | | | | | | The debian-archive-keyring package ships trusted.gpg.d fragment files for a while now and dropped their call to 'apt-key update', so there is no need for use to call it as the keys will always be available. This also finally allows a user to remove key(ring)s without APT to overriding this decision by readding them with this step. The functionality is kept around in the odd case that an old debian-archive-keyring package is used which still calls 'apt-key update' and depends on the import (hence, we also do not enforce a newer version of the debian-archive-keyring via our dependencies)
* let apt-key del work better with softlink and single key keyringsDavid Kalnischkies2013-08-122-3/+124
| | | | | | | Having fragement files means there is a good chance that there is one key per keyring, so deal with that as well as with setups in which keyrings are linked into trusted.gpg.d as we can't just modify those files (they might be in /usr for example).
* ensure that testcases exiting because of set -e aren't successfulDavid Kalnischkies2013-08-121-1/+11
| | | | Git-Dch: Ignore
* make the keyring locations in apt-key configurableDavid Kalnischkies2013-08-122-1/+44
| | | | Might come in handy for more than just a simple testcase.
* do not double-slash paths in apt-keyDavid Kalnischkies2013-08-121-1/+6
| | | | Closes: 665411
* use a tmpfile for trustdb.gpg in apt-keyDavid Kalnischkies2013-08-122-22/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | for some "interesting" reason gpg decides that it needs to update its trustdb.gpg file in a --list-keys command even if right before gpg is asked to --check-trustdb. That wouldn't be as bad if it wouldn't modify the keyring being listed at that moment as well, which generates not only warnings which are not a problem for us, but as the keyring modified can be in /usr it modified files which aren't allowed to be modified. The suggested solution in the bugreport is running --check-trustdb unconditionally in an 'apt-key update' call, but this command will not be used in the future and this could still potentially bite us in net-update or adv calls. All of this just to keep a file around, which we do not need… The commit therefore switches to the use of a temporary created trusted.gpg file for everyone and asks gpg to not try to update the trustdb after its intial creation, which seems to avoid the problem altogether. It is using your also faked secring btw as calling the check-trustdb without a keyring is a lot slower … Closes: #687611 Thanks: Andreas Beckmann for the initial patch!
* always use our own trustdb.gpg in apt-keyDavid Kalnischkies2013-08-121-6/+14
| | | | | | | | | | | | APT doesn't care for the trustdb.gpg, but gnupg requires one even for the simplest commands, so we either use the one root has available in /etc or if we don't have access to it (as only root can read that file) we create a temporary directory to store a trustdb.gpg in it. We can't create just a temporary file as gpg requires the given trustdb.gpg file to be valid (if it exists), so we would have to remove the file before calling gnupg which would allow mktemp (and co) to hand exactly this filename out to another program (unlikely, but still).
* add a not documented apt-key --fakeroot optionDavid Kalnischkies2013-08-121-32/+41
| | | | | | | | Usually, most apt-key commands require root, so the script is checking for being run as root, but in your tests we use a non-root location, so we don't need to be root and therefore need an option to skip the check. Git-Dch: Ignore
* use our _error stack to generate openpty errorsDavid Kalnischkies2013-08-121-7/+13
| | | | | | | | While we don't want these error messages on our usual stack, we can use our usual infrastructure to generate an error message with all the usual bells like errno and strerror attached. Git-Dch: Ignore
* do not try to chown if not run as rootDavid Kalnischkies2013-08-121-8/+9
| | | | | | | | | | | | | | If this code is run as non-root we are in a special situation (e.g. in our testcases) where it is obvious that we can't enforce user/group on any file, so skip this code altogether instead of bugging users with an error message – which we also switch to a warning as a failure to open the file is "just" a warning, so the 'wrong' owner shouldn't be that much of an issue. The file is still handled with chmod, so all the security we can enforce is still enforced of course, which also gets a warning if it fails. Git-Dch: Ignore
* fix output redirection orderDavid Kalnischkies2013-08-124-7/+7
| | | | | | | First redirect output to a file, then redirect other outputs to this output, not the other way around as this will not work. Git-Dch: Ignore
* fix: --print-uris removes authenticationDavid Kalnischkies2013-08-124-5/+71
| | | | | | | | | | | | | | | | | The constructors of our (clear)sign-acquire-items move a pre-existent file for error-recovery away, which gets restored or discarded later as the acquire progresses, but --print-uris never really starts the acquire process, so the files aren't restored (as they should). To fix this both get a destructor which checks for signs of acquire doing anything and if it hasn't the file is restored. Note that these virtual destructors theoretically break the API, but only with classes extending the sign-acquire-items and nobody does this, as it would be insane for library users to fiddle with Acquire internals – and these classes are internals. Closes: 719263
* add chronic-like testsuccess/testfailure helpersDavid Kalnischkies2013-08-1226-93/+125
| | | | | | | | | | For many commands the output isn't stable (like then dpkg is called) but the exitcode is, so this helper enhances the common && msgpass || msgfail by generating automatically a msgtest and showing the output of the command in case of failure instead of discarding it unconditionally, the later being chronic-like behaviour Git-Dch: Ignore
* test Release file handling with expired keysDavid Kalnischkies2013-08-124-8/+62
| | | | | | | | | Signing files with expired keys is not as easy as it sounds, so the framework jumps a few loops to do it, but it might come in handy to have an expired key around for later tests even if it is not that different from having no key in regards to APT behaviour. Git-Dch: Ignore
* improve error messageMichael Vogt2013-08-121-1/+2
|
* use the 'abi-complicance-checker package instead of using the buildin copy ↵Michael Vogt2013-08-122-7326/+6
| | | | for the abi checks
* Complete Japanese translationChristian PERRIER2013-08-111-12/+13
|
* Merge branch 'debian/sid' of git://git.debian.org/git/apt/apt into debian/sidChristian PERRIER2013-08-1011-111/+138
|\
| * fix -Wall errorsMichael Vogt2013-08-085-6/+10
| |
| * use pkgTagFile to parse "header" of Release filesDavid Kalnischkies2013-08-081-85/+19
| | | | | | | | | | | | | | | | | | | | The handwritten parsing here was mostly done as we couldn't trust the Release file we got, but nowadays we are sure that the Release file is valid and contains just a single section we want it to include. Beside reducing code it also fixes a bug: Fieldnames in deb822 formatted files are case-insensitive and pkgTagFile does it correctly, but this selfbuilt stuff here didn't.
| * stop skipping "-----" sections in Release filesDavid Kalnischkies2013-08-081-11/+6
| | | | | | | | | | | | | | | | | | The file we read will always be a Release file as the clearsign is stripped earlier in this method, so this check is just wasting CPU Its also removing the risk that this could ever be part of a valid section, even if I can't imagine how that should be valid. Git-Dch: Ignore
| * specific pins below 1000 cause downgradesDavid Kalnischkies2013-08-082-7/+99
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We start your quest by using the version of a package applying to a specific pin, but that version could very well be below the current version, which causes APT to suggest a downgrade even if it is advertised that it never does this below 1000. Its of course questionable what use a specific pin on a package has which has a newer version already installed, but reacting with the suggestion of a downgrade is really not appropriated (even if its kinda likely that this is actually the intend the user has – it could just as well be an outdated pin) and as pinning is complicated enough we should atleast do what is described in the manpage. So we look out for the specific pin and if we haven't seen it at the moment we see the installed version, we ignore the specific pin. Closes: 543966
| * Merge remote-tracking branch 'upstream/debian/sid' into bugfix/coverityMichael Vogt2013-08-0573-13136/+14689
| |\
| * | fix some unitialized data membersMichael Vogt2013-08-053-3/+5
| | |
* | | Japanese translation update. Closes: #719279Christian PERRIER2013-08-102-18/+18
| |/ |/|
* | Vietnamese translation update. Closes: #718615Christian PERRIER2013-08-032-70/+76
| |
* | prefer native arch over higher priority for providersColin Watson2013-08-012-3/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The rational from the buglog: > The problem here is that the Priority field in one of the Packages files > is incorrect due to a mishap with reprepro configuration, […] the > amd64 version is Priority: standard but the arm64 version is Priority: > optional (and has a stray "optional: interpreters" field). > […] > However, Priority is a rather weak property of a package because it's > typically applied via overrides, and it's easy for maintainers of > third-party repositories to misconfigure them so that overrides aren't > applied correctly. It shouldn't be ranked ahead of choosing packages > from the native architecture. In this case, I have no user-mode > emulation for arm64 set up, so choosing m4:arm64 simply won't work. This effectly makes the priority the least interesting data point in chosing a provider, which is in line with the other checks we have already order above priority in the past and also has a certain appeal by the soft irony it provides. Closes: #718482
* | unset LANGUAGE for showing [Y/n] answer hintsDavid Kalnischkies2013-08-0147-12521/+13387
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nl_langinfo is used to acquire the YESEXPR of the language used, but it will return the one from LC_MESSAGES, which might be different from the language chosen for display of the question (based on LANGUAGE) so this commit removes the [Y/n] help text from the questions itself and moves it to the prompt creation in which the usage of LC_MESSAGES is forced for it, so that the helptext shown actually represents the characters accepted as input for the question. There is still room for problems of course starting with an untranslated "[Y/n]" but a translated YESEXPR or the problem that the question is asked in a completely different language which might have a conflicting definition of [Y/n] input or the user simple ignores the helptext and assumes that an answer matching the question language is accepted, but the mayority of users will never have this problem to begin with, so we should be fine (or at least a bit finer than before). Closes nothing really, but should at least help a bit with bugs like deb:194614, deb:471102, lp:1205578, and countless others.
* | Merge remote-tracking branch 'mvo/bugfix/coverity' into debian/sidMichael Vogt2013-07-2817-26/+41
|\|
| * fix another missing va_end()Michael Vogt2013-07-261-3/+3
| |
| * fix missing va_end()Michael Vogt2013-07-262-0/+3
| |
| * fix some coverity chroot() releated warningsMichael Vogt2013-07-263-4/+5
| |
| * add missing test makeMichael Vogt2013-07-261-0/+3
| |
| * add missing "make test" for travisMichael Vogt2013-07-261-1/+1
| |
| * build tree firstMichael Vogt2013-07-261-1/+1
| |
| * make setup in travis.yml a bit more verboseMichael Vogt2013-07-262-5/+2
| |
| * fix travis.ymlMichael Vogt2013-07-251-1/+1
| |