summaryrefslogtreecommitdiff
path: root/debian
Commit message (Collapse)AuthorAgeFilesLines
* Release 2.9.302.9.30Julian Andres Klode2025-02-161-23/+15
|
* Update symbols from experimentalJulian Andres Klode2025-02-161-0/+2
| | | | | Some manual editing, as riscv64 and mips64el are not yet built in exp2
* Release 2.9.29+exp2Julian Andres Klode2025-02-151-0/+13
|
* Add more excludes to the versionscriptJulian Andres Klode2025-02-151-2/+0
|
* cacheset: Drop APT_PUBLIC from templatesJulian Andres Klode2025-02-151-15/+0
| | | | | These templates are all inline and there is not much sense exposing their vtables and typeinfo publicly.
* Remove some more unused functionsJulian Andres Klode2025-02-151-8/+0
| | | | Final ABI cleanup before unstable?!
* Release 2.9.29+exp1Julian Andres Klode2025-02-141-0/+11
|
* Symbols?наб2025-02-141-20/+20
|
* apt-pkg: Avoid exporting any optional symbolsJulian Andres Klode2025-02-141-275/+0
|
* Bump symbolsJulian Andres Klode2025-02-141-1611/+1611
|
* Bump ABI to 7.0Julian Andres Klode2025-02-144-6/+4
|
* Release 2.9.292.9.29Julian Andres Klode2025-02-141-0/+36
|
* Release 2.9.282.9.28Julian Andres Klode2025-02-071-0/+35
|
* Release 2.9.272.9.27Julian Andres Klode2025-02-031-0/+31
|
* Symbols: Update for 2.9.23/2.9.25Julian Andres Klode2025-01-281-2/+3
|
* Release 2.9.262.9.26Julian Andres Klode2025-01-281-0/+22
| | | | | This reflows the documentation po files now using the latest gettext.
* apt-secure manual page is in manual section 8Andreas Rönnquist2025-01-281-1/+1
|
* Release 2.9.252.9.25Julian Andres Klode2025-01-221-0/+6
|
* Release 2.9.242.9.24Julian Andres Klode2025-01-212-0/+23
|
* Release 2.9.232.9.23Julian Andres Klode2025-01-171-0/+12
|
* Release 2.9.222.9.22Julian Andres Klode2025-01-141-0/+32
|
* Merge branch 'remove-gdb-minimal' into 'main'Julian Andres Klode2025-01-141-1/+1
|\ | | | | | | | | d/t/control: Don't depend on gdb-minimal. See merge request apt-team/apt!429
| * d/t/control: Don't depend on gdb-minimal.Sergio Durigan Junior2025-01-111-1/+1
| | | | | | | | | | | | | | | | gdb-minimal will soon be dropped from the archive; it doesn't offer any advantages over the gdb binary package. Just depend on gdb directly. Signed-off-by: Sergio Durigan Junior <sergiodj@debian.org>
* | Remove leftovers from ftp and rsh/ssh methods removalDavid Kalnischkies2025-01-051-2/+2
| | | | | | | | References: fd3684cdbc165ceaa635ed19fcbd231f509b0179
* | Move apt-extractexamples desc line from apt-utils to aptDavid Kalnischkies2025-01-051-2/+2
| | | | | | | | | | References: f4e0e9daf221e840e122b0ffa97007aa512020a6 Closes: #1091344
* | Remove leftovers of the apt-key removalDavid Kalnischkies2025-01-051-1/+0
|/ | | | References: a00fbbdb28cc31e78882301c2efe7218583ab4cb
* debian/changelog: v3 signature packet, not v3 subkeyJulian Andres Klode2025-01-021-1/+1
| | | | I typoed that.
* Release 2.9.212.9.21Julian Andres Klode2025-01-011-0/+20
| | | | | | We updated po/ with libunistring 1.3 as before, but had no doc changes since the manual update with libunstring 1.2, so no churn there. Hooray.
* Extend v3 subkey expiry to 2026, owing to OBS useJulian Andres Klode2025-01-011-0/+2
| | | | | SUSE's Open Build Service is signing multiple repositories using v3 signing keys.
* Release 2.9.202.9.20Julian Andres Klode2024-12-281-0/+7
|
* Re-include std:: symbols in the symbols file as optional againJulian Andres Klode2024-12-281-1/+279
| | | | | | | This will restore most of the symbols from before and ensure reverse dependencies not depending on new symbols can migrate. It also ensures we see any missing symbols.
* symbols: Merge 2.9.19 and fix version for InsertErrnoJulian Andres Klode2024-12-231-2/+2
| | | | | | | | | | Somehow InsertErrno was wrongly formatted as symbol 0.8.11.4 1 and that caused dedup to miss-handle it. The 2.9.19 merge fixes that but kept "1" as the version, change it to say 0.8.11.4 instead.
* Release 2.9.192.9.19Julian Andres Klode2024-12-232-0/+34
|
* Merge branch 'symbols'Julian Andres Klode2024-12-231-119/+74
|\
| * Symbols: Merge stable, noble, testing, unstableJulian Andres Klode2024-12-231-119/+74
| | | | | | | | | | | | | | Hand edit 2.7.14build2 to 2.7.14 The funny 999:0misbuilt version number gets auto-reduced to the current version when building which is sad, but it works.
* | debian: Plug sqv into the package buildJulian Andres Klode2024-12-223-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Our goal is for each platform to have one blessed OpenPGP verification system: Platforms that support sqv get sqv, platforms that don't get gpgv. To do so we hardcode the architecture list at build time. At build time we check if /usr/bin/sqv exists, which is the condition that apt uses to see if it should build with sqv support. We use a slight hack here to build with sqv on the official Debian buildds but use gpgv on Ubuntu by abusing the fact that Ubuntu resolves alternative build dependencies, and gpgv is installed in the buildd image.
* | debian: Add default policy to allow SHA-1 self-signatures until 2026Julian Andres Klode2024-12-222-0/+3
|/ | | | | | | | Many repositories still have SHA-1 self-signatures, and they are not security relevant for APT repositories in the first place since we do not use a web of trust model, but rather a set of trusted keyrings, and the subkey can essentially be always considered trusted even if it cannot be verified.
* hashes, methods: Add OpenSSL backendsJulian Andres Klode2024-12-221-2/+1
| | | | | | | | | | | | | | | | | | | | Introduce an OpenSSL::Crypto backend for the hashes library and an OpenSSL::SSL backend for the TLS support in our https method. Many thanks to curl for showing the way with how to handle a CRL file. There are some memory leaks here with the TlsFd itself as well as the proxy support; and we should reorganize the code to generate the ssl object as late as possible. A peculiar aspect of OpenSSL is that SSL_has_pending() returns 1 even if SSL_read() will fail to read anything and return the equivalent of EAGAIN. We work around this here by also peeking ahead 1 byte. I was running a very high RTT connection from Germany to Australia for testing, and with the peeking it's using negligible amounts of CPU; before that, it was busy looping at 100%. Bad OpenSSL!
* Remove gnupg and versioned gpgv test dependsJulian Andres Klode2024-12-201-2/+1
|
* Use sq in the test suite, remove apt-keyJulian Andres Klode2024-12-191-0/+2
| | | | | | | | | | | | | Remove the test case for MD5 and expired signatures, as we can't create them (can't set signing digest, and can't set signature expiry). Tests for them have been added to test-method-gpgv instead. We override sq in a function with cert-store and key-store set to none. This supports both sq 0.40 and sq 1.0.
* Release 2.9.182.9.18Julian Andres Klode2024-12-191-0/+14
|
* Introduce automatic pager for read commandsJulian Andres Klode2024-12-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatically show the output of `show`, `policy`, `list`, `search`, `showsrc` in a pager. The pager setup is inspired by git's pager setup. Notably, the pager is found using APT_PAGER and PAGER variables. We wait for the pager to be setup somewhat correctly by using a notify pipe to figure out whether execvp() was succesful - then the pipe will read EOF as the other end got closed by CLOEXEC during exec - or not, then the pipe will contain an errno. We set up the correct handlers for signals and exit to close the fds and wait for the pager. Notably inside the signal handler we cannot flush our streams, only close them, so there is some duplication. We call the InitOutputPager() function from inside the various Do...() functions rather than setting it up generally in InitOutput(). Doing so allows us to first render the progress without a pager, and then setup the pager for the content only which improves user experience. When we setup a pager we also take care to disable standard input, as we should not be prompting users while a pager is running (the pager will be reading from the tty directly). We do this by dup2-ing() a /dev/null over it; if we just close()d the fd, another open() might reuse the fd number and problems could occur.
* Release 2.9.172.9.17Julian Andres Klode2024-12-071-0/+16
|
* Remove the apt-key manual page and add documentation to apt-secureJulian Andres Klode2024-12-071-2/+0
| | | | | | | We move the user configuration section to the top of the manual page as that is going to be what most are interested in and rewrite it to cover all the modern ways to configure keys in a succinct way.
* Stop installing apt-key, make it a test suite helperJulian Andres Klode2024-12-071-1/+0
|
* Release 2.9.162.9.16Julian Andres Klode2024-11-291-0/+8
|
* Release 2.9.152.9.15Julian Andres Klode2024-11-282-0/+32
|
* Release 2.9.142.9.14Julian Andres Klode2024-11-221-0/+39
| | | | | Oh well I accidentally committed everything from my work email today but I'm off today ...
* test: Ensure we test both gpgv-g10code and gpgv-sqJulian Andres Klode2024-11-221-0/+1
|
* Release 2.9.132.9.13Julian Andres Klode2024-11-201-0/+19
|