summaryrefslogtreecommitdiff
path: root/methods/gpgv.cc
Commit message (Collapse)AuthorAgeFilesLines
* allow acquire method specific options via Binary scopeDavid Kalnischkies2015-11-051-13/+3
| | | | | | | | Allows users who know what they are getting themselves into with this trick to e.g. disable privilege dropping for e.g. file:// until they can fix up the permissions on those repositories. It helps also the test framework and people with a similar setup (= me) to run in less modified environments.
* add c++11 override marker to overridden methodsDavid Kalnischkies2015-08-101-2/+2
| | | | | | | | | C++11 adds the 'override' specifier to mark that a method is overriding a base class method and error out if not. We hide it in the APT_OVERRIDE macro to ensure that we keep compiling in pre-c++11 standards. Reported-By: clang-modernize -add-override -override-macros Git-Dch: Ignore
* implement Signed-By without using gpg for verificationDavid Kalnischkies2015-08-101-9/+60
| | | | | | | | | | The previous commit returns to the possibility of using just gpgv for verification proposes. There is one problem through: We can't enforce a specific keyid without using gpg, but our acquire method can as it parses gpgv output anyway, so it can deal with good signatures from not expected signatures and treats them as unknown keys instead. Git-Dch: Ignore
* implement Signed-By option for sources.listDavid Kalnischkies2015-08-101-8/+10
| | | | | | | | | | Limits which key(s) can be used to sign a repository. Not immensely useful from a security perspective all by itself, but if the user has additional measures in place to confine a repository (like pinning) an attacker who gets the key for such a repository is limited to its potential and can't use the key to sign its attacks for an other (maybe less limited) repository… (yes, this is as weak as it sounds, but having the capability might come in handy for implementing other stuff later).
* use getline() instead of rolling our ownDavid Kalnischkies2014-11-091-26/+5
| | | | | | | | We use it in other places already as well even though it is farly new addition to the POSIX family with 2008, but rolling our own here is really something which should be avoided in such a important method. Git-Dch: Ignore
* Fix backward compatiblity of the new pkgAcquireMethod::DropPrivsOrDie()Michael Vogt2014-10-131-3/+11
| | | | | | | | Do not drop privileges in the methods when using a older version of libapt that does not support the chown magic in partial/ yet. To do this DropPrivileges() now will ignore a empty Apt::Sandbox::User. Cleanup all hardcoded _apt along the way.
* Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-291-5/+5
|\ | | | | | | | | | | | | | | | | feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/gpgv.cc
| * correct the error messages to refer to apt-key instead of gpgvDavid Kalnischkies2014-09-271-6/+6
| | | | | | | | Git-Dch: Ignore
* | Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-251-1/+4
|\| | | | | | | feature/acq-trans
| * methods: Fail if we cannot drop privilegesJulian Andres Klode2014-09-241-2/+2
| |
| * Drop Privileges to "Debian-apt" in most acquire methodsMichael Vogt2014-09-241-0/+3
| | | | | | | | | | | | | | | | | | Add a new "Debian-apt" user that owns the /var/lib/apt/lists and /var/cache/apt/archive directories. The methods http, https, ftp, gpgv, gzip switch to this user when they start. Thanks to Julian and "ioerror" and tors "switch_id()" code.
* | Download Release first, then Release.gpgMichael Vogt2014-07-211-1/+1
|/ | | | | | | The old way of handling this was that pkgAcqMetaIndex was responsible to check/move both Release and Release.gpg in place. This breaks the assumption of the transaction that each pkgAcquire::Item has a single File that its responsible for.
* cleanup headers and especially #includes everywhereDavid Kalnischkies2014-03-131-7/+9
| | | | | | | | Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
* fix various style/performance warnings in rredDavid Kalnischkies2014-01-301-1/+0
| | | | | Reported-By: cppcheck Git-Dch: Ignore
* add missing "free(buffer) for allocated bufferMichael Vogt2013-07-251-0/+1
|
* trigger NODATA error for invalid InRelease filesDavid Kalnischkies2013-06-201-9/+7
| | | | | | | | | | | | | | | | | With the selfgrown splitting we got the problem of not recovering from networks which just reply with invalid data like those sending us login pages to authenticate with the network (e.g. hotels) back. The good thing about the InRelease file is that we know that it must be clearsigned (a Release file might or might not have a detached sig) so if we get a file but are unable to split it something is seriously wrong, so there is not much point in trying further. The Acquire system already looks out for a NODATA error from gpgv, so this adds a new error message sent to the acquire system in case the splitting we do now ourselves failed including this magic word. Closes: #712486
* * apt-pkg/contrib/gpgv.cc:David Kalnischkies2013-03-151-13/+1
| | | | - ExecGPGV is a method which should never return, so mark it as such and fix the inconsistency of returning in error cases
* * apt-pkg/indexcopy.cc:David Kalnischkies2013-03-151-1/+2
| | | - rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
* fix a few esoteric cppcheck errors/warnings/infosDavid Kalnischkies2012-01-201-2/+10
|
* use forward declaration in headers if possible instead of includesDavid Kalnischkies2011-09-191-0/+1
|
* do not pollute namespace in the headers with using (Closes: #500198)David Kalnischkies2011-09-191-0/+3
|
* merge with debian/experimentalDavid Kalnischkies2011-09-131-3/+3
|\
| * cppcheck complains about some possible speed improvements which could beDavid Kalnischkies2011-08-111-3/+3
| | | | | | | | | | | | done on the mirco-optimazation level, so lets fix them: (performance) Possible inefficient checking for emptiness. (performance) Prefer prefix ++/-- operators for non-primitive types.
* | reorder includes: add <config.h> if needed and include it at firstDavid Kalnischkies2011-09-131-2/+4
|/
* fix from David Kalnischkies for the InRelease gpg verification Michael Vogt2011-07-131-5/+8
| | | code (LP: #784473)
* * apt-pkg/init.cc:David Kalnischkies2010-08-191-1/+1
| | | - set the default values for dir::etc::trusted options correctly
* enhance the split out of the gpgv commandline mangling by splitting outDavid Kalnischkies2010-06-091-41/+10
| | | | the call completely
* * apt-pkg/indexcopy.cc:David Kalnischkies2010-06-091-41/+6
| | | - move the gpg codecopy to a new method and use it also in methods/gpgv.cc
* * methods/gpgv.cc:David Kalnischkies2010-05-121-25/+17
| | | - remove the keyrings count limit by using vector magic
* * French manpage translation updateMichael Vogt2010-01-081-44/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | * spot & fix various typos in all manpages * German manpage translation update * cmdline/apt-cache.cc: - remove translatable marker from the "%4i %s\n" string * buildlib/po4a_manpage.mak: - instruct debiandoc to build files with utf-8 encoding * buildlib/tools.m4: - fix some warning from the buildtools * apt-pkg/acquire-item.cc: - add configuration PDiffs::Limit-options to not download too many or too big patches (Closes: #554349) * debian/control: - let all packages depend on ${misc:Depends} * share/*-archive.gpg: - remove the horrible outdated files. We already depend on the keyring so we don't need to ship our own version * cmdline/apt-key: - errors out if wget is not installed (Closes: #545754) - add --keyring option as we have now possibly many * methods/gpgv.cc: - pass all keyrings (TrustedParts) to gpgv instead of using only one trusted.gpg keyring (Closes: #304846) * methods/https.cc: - finally merge the rest of the patchset from Arnaud Ebalard with the CRL and Issuers options, thanks! (Closes: #485963)
* * methods/gpgv.cc:Michael Vogt2009-04-081-6/+34
| | | - properly check for expired and revoked keys (closes: #433091)
* * methods/gpgv.cc:Michael Vogt2008-12-091-1/+1
| | | | | | | | - fix compiler warning * cmdline/apt-get.cc: - fix "apt-get source pkg=ver" if binary name != source name and show a message (LP: #202219) * apt-pkg/deb/debsystem.cc: - make strings i18n able
* * Applied patch from Robert Millan <rmh@aybabtu.com> to fix the errorOtavio Salvador2008-01-171-1/+1
| | | message when gpgv isn't installed, closes: #452640.
* * Applied patch from Robert Millan <rmh@aybabtu.com> to make apt-key andOtavio Salvador2007-12-161-0/+1
| | | apt-get to ignore time conflicts, closes: #451328.
* * methods/gpgv.cc:Michael Vogt2007-12-061-17/+0
| | | - remove cruft code that caused timestamp/I-M-S issues
* - methods/gpgv.cc: conversion from string constant to 'char*';Otavio Salvador2007-10-021-3/+3
|
* * methods/gpgv.cc:Michael Vogt2006-07-251-1/+7
| | | | - deal with gpgs NODATA message
* * methods/gpgv.cc: typoMichael Vogt2006-05-011-1/+1
|
* * string i18n handling fixes (debian bug #349298)Michael Vogt2006-04-301-12/+18
|
* * support multiple signaturesMichael Vogt2006-01-061-1/+5
|
* * merged with matts treeMichael Vogt2005-08-011-13/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patches applied: * apt@packages.debian.org/apt--main--0--patch-97 Update priority of apt-utils to important, to match the override file * apt@packages.debian.org/apt--main--0--patch-98 Install only one keyring on each branch (Closes: #316119) * apt@packages.debian.org/apt--main--0--patch-99 Finalize 0.6.39 * apt@packages.debian.org/apt--main--0--patch-100 Use debian.org address in mainline * apt@packages.debian.org/apt--main--0--patch-101 Update pot file * apt@packages.debian.org/apt--main--0--patch-102 Open 0.6.40 * apt@packages.debian.org/apt--main--0--patch-103 Patch from Jordi Mallach to mark some additional strings for translation * apt@packages.debian.org/apt--main--0--patch-104 Updated Catalan translation from Jordi Mallach * apt@packages.debian.org/apt--main--0--patch-105 Merge from bubulle@debian.org--2005/apt--main--0 * bubulle@debian.org--2005/apt--main--0--patch-90 Merge with Matt * bubulle@debian.org--2005/apt--main--0--patch-91 Updated Slovak translation * bubulle@debian.org--2005/apt--main--0--patch-92 Add apt-key French man page * bubulle@debian.org--2005/apt--main--0--patch-93 Update Greek translations * bubulle@debian.org--2005/apt--main--0--patch-94 Merge with Matt * bubulle@debian.org--2005/apt--main--0--patch-95 Sync PO files with the POT file/French translation update
* * merge with matts tree, added documentation for the gpgv stuffMichael Vogt2005-02-091-2/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | Patches applied: * apt@packages.debian.org/apt--main--0--patch-59 Open 0.6.32 * apt@packages.debian.org/apt--main--0--patch-60 Merge apt--mvo--0 * apt@packages.debian.org/apt--main--0--patch-61 Add missing whitespace in new Debug::Acquire::gpgv output
| * Add missing whitespace in new Debug::Acquire::gpgv outputMatt Zimmerman2005-02-091-1/+1
|/
* * slightly cosmetic change in methods/gpgv.ccMichael Vogt2005-02-081-2/+1
|
* * added support for "Acquire::gpgv::options" in methods/gpgv.ccMichael Vogt2005-02-081-5/+35
|
* * merged changes from the conferenceMichael Vogt2004-12-201-0/+261
Patches applied: * apt@arch.ubuntu.com/apt--experimental--0.6--base-0 tag of apt@arch.ubuntu.com/apt--MAIN--0--patch-1190 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-1 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-2 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-3 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-4 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-5 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-6 Creation of branch v0_6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-7 Merge working copy of v0.6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-8 0.6.0 is headed for experimental, not unstable * apt@arch.ubuntu.com/apt--experimental--0.6--patch-9 Date * apt@arch.ubuntu.com/apt--experimental--0.6--patch-10 Update LIB_APT_PKG_MAJOR * apt@arch.ubuntu.com/apt--experimental--0.6--patch-11 - Fix a heap corruption bug in pkgSrcRecords::pkgSrcRec... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-12 Resynch * apt@arch.ubuntu.com/apt--experimental--0.6--patch-13 * Merge apt 0.5.17 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-14 * Rearrange Release file authentication code to be more... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-15 * Convert distribution "../project/experimental" to "ex... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-16 Merge 1.11 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-17 Merge 1.7 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-18 Merge 1.10 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-19 * Make a number of Release file errors into warnings; f... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-20 * Add space between package names when multiple unauthe... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-21 * Provide apt-key with a secret keyring and a trustdb, ... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-22 * Fix typo in apt-key(8) (standard input is '-', not '/') * apt@arch.ubuntu.com/apt--experimental--0.6--patch-23 0.6.2 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-24 Resynch * apt@arch.ubuntu.com/apt--experimental--0.6--patch-25 * Fix MetaIndexURI for flat ("foo/") sources * apt@arch.ubuntu.com/apt--experimental--0.6--patch-26 0.6.3 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-27 * Use the top-level Release file in LoadReleaseInfo, ra... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-28 0.6.4 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-29 Clarify * apt@arch.ubuntu.com/apt--experimental--0.6--patch-30 * Move the authentication check into a separate functio... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-31 * Fix display of unauthenticated packages when they are... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-32 * Move the authentication check into a separate functio... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-33 * Restore the ugly hack I removed from indexRecords::Lo... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-34 0.6.6 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-35 * Forgot to revert part of the changes to tagfile in 0.... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-36 * Add a config option and corresponding command line option * apt@arch.ubuntu.com/apt--experimental--0.6--patch-37 0.6.8 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-38 hopefully avoid more segfaults * apt@arch.ubuntu.com/apt--experimental--0.6--patch-39 XXX * apt@arch.ubuntu.com/apt--experimental--0.6--patch-40 * Another tagfile workaround * apt@arch.ubuntu.com/apt--experimental--0.6--patch-41 * Use "Codename" (woody, sarge, etc.) to supply the val... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-42 * Support IMS requests of Release.gpg and Release * apt@arch.ubuntu.com/apt--experimental--0.6--patch-43 * Have pkgAcquireIndex calculate an MD5 sum if one is n... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-44 * Merge 0.5.18 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-45 apt (0.6.13) experimental; urgency=low * apt@arch.ubuntu.com/apt--experimental--0.6--patch-46 0.6.13 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-47 Merge 0.5.20 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-48 The source list works a bit differently in 0.6; fix the... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-49 * s/Debug::Acquire::gpg/&v/ * apt@arch.ubuntu.com/apt--experimental--0.6--patch-50 * Honor the [vendor] syntax in sources.list again (thou... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-51 * Don't ship vendors.list(5) since it isn't used yet * apt@arch.ubuntu.com/apt--experimental--0.6--patch-52 * Revert change from 0.6.10; it was right in the first ... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-53 * Fix some cases where the .gpg file could be left in p... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-54 Print a warning if gnupg is not installed * apt@arch.ubuntu.com/apt--experimental--0.6--patch-55 * Handle more IMS stuff correctly * apt@arch.ubuntu.com/apt--experimental--0.6--patch-56 0.6.17 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-57 * Merge 0.5.21 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-58 * Add new Debian Archive Automatic Signing Key to the d... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-59 0.6.18 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-60 * Merge 0.5.22 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-61 * Convert apt-key(8) to docbook XML * apt@arch.ubuntu.com/apt--experimental--0.6--patch-62 Merge 0.5.23 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-63 Remove bogus partial 0.5.22 changelog entry * apt@arch.ubuntu.com/apt--experimental--0.6--patch-64 Make the auth warning a bit less redundant * apt@arch.ubuntu.com/apt--experimental--0.6--patch-65 * Merge 0.5.24 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-66 * Make the unauthenticated packages prompt more intuiti... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-67 Merge 0.5.25 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-68 * Remove obsolete pkgIterator::TargetVer() (Closes: #230159) * apt@arch.ubuntu.com/apt--experimental--0.6--patch-69 * Reverse test in CheckAuth to match new prompt (Closes... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-70 Update version * apt@arch.ubuntu.com/apt--experimental--0.6--patch-71 Fix backwards sense of CheckAuth prompt * apt@arch.ubuntu.com/apt--experimental--0.6--patch-72 0.6.24 * apt@arch.ubuntu.com/apt--experimental--0.6--patch-73 Close bug * apt@arch.ubuntu.com/apt--experimental--0.6--patch-74 * Fix handling of two-part sources for sources.list deb... * apt@arch.ubuntu.com/apt--experimental--0.6--patch-75 0.6.25 * apt@packages.debian.org/apt--authentication--0--base-0 tag of apt@arch.ubuntu.com/apt--experimental--0.6--patch-75 * apt@packages.debian.org/apt--authentication--0--patch-1 Michael Vogt's merge of apt--experimental--0 onto apt--main--0 * apt@packages.debian.org/apt--authentication--0--patch-2 Merge from apt--main--0 * apt@packages.debian.org/apt--authentication--0--patch-3 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-4 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-5 Update version number in configure.in * apt@packages.debian.org/apt--authentication--0--patch-6 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-7 Merge from main * apt@packages.debian.org/apt--authentication--0--patch-8 Merge from mvo's branch * apt@packages.debian.org/apt--authentication--0--patch-9 Merge from mvo's tree * apt@packages.debian.org/apt--authentication--0--patch-10 Merge from mvo * apt@packages.debian.org/apt--authentication--0--patch-11 Fix permissions AGAIN * apt@packages.debian.org/apt--bzip2-debs--0--base-0 tag of apt@packages.debian.org/apt--main--0--patch-30 * apt@packages.debian.org/apt--bzip2-debs--0--patch-1 Create baz branch * apt@packages.debian.org/apt--bzip2-debs--0--patch-2 Implement data.tar.bz2 support * apt@packages.debian.org/apt--main--0--patch-30 Fix changelog * apt@packages.debian.org/apt--main--0--patch-31 Fix permissions again * apt@packages.debian.org/apt--main--0--patch-32 Fix permissions again * apt@packages.debian.org/apt--main--0--patch-33 Use baz instead of tla * apt@packages.debian.org/apt--main--0--patch-34 Merge bzip2-debs branch * apt@packages.debian.org/apt--main--0--patch-35 Fix changelog * apt@packages.debian.org/apt--main--0--patch-36 untagged-source precious * apt@packages.debian.org/apt--main--0--patch-37 Add .arch-inventory files * apt@packages.debian.org/apt--main--0--patch-38 Fix permissions again * apt@packages.debian.org/apt--main--0--patch-39 Merge apt--authentication--0 * apt@packages.debian.org/apt--main--0--patch-40 Merge misc-abi-changes * apt@packages.debian.org/apt--main--0--patch-41 Merge from mvo * apt@packages.debian.org/apt--misc-abi-changes--0--base-0 tag of apt@packages.debian.org/apt--main--0--patch-16 * apt@packages.debian.org/apt--misc-abi-changes--0--patch-1 Fix apt-get -s remove to not display the candidate version * apt@packages.debian.org/apt--misc-abi-changes--0--patch-2 Merge from main * apt@packages.debian.org/apt--misc-abi-changes--0--patch-3 Use pid_t throughout to hold process IDs * michael.vogt@canonical.com--2004--laptop/apt--authentication-mvo--0--base-0 tag of michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-12 * michael.vogt@canonical.com--2004--laptop/apt--authentication-mvo--0--patch-1 * star-merged matt's changes (bz2 support for data-members in debs) * michael.vogt@canonical.com--2004--laptop/apt--authentication-mvo--0--patch-2 * ignore errors when a Packages.bz2/Sources.bz2 can't be found and try with Packages.gz/Sources.gz again * michael.vogt@canonical.com--2004--laptop/apt--mvo--0--base-0 tag of apt@packages.debian.org/apt--main--0--patch-34 * michael.vogt@canonical.com--2004--laptop/apt--mvo--0--patch-1 * merged matt's tree (with all those apt-authentication changes) * michael.vogt@canonical.com--2004--laptop/apt--mvo--0--patch-2 don't display a error if a bzip2 package can not be downloaded, just ignore (Ign) it * michael.vogt@canonical.com--2004--laptop/apt--mvo--0--patch-3 * "chmod 755 cmdline/apt-key", changed version to 0.6.27ubuntu1 * michael.vogt@canonical.com--2004--laptop/apt--mvo--0--patch-4 * fix for a stupid merge error (from 0.5->0.6) * michael.vogt@canonical.com--2004--laptop/apt--mvo--0--patch-5 * unstable should really be hoary * michael.vogt@canonical.com--2004--laptop/apt--mvo--0--patch-6 * stronger dependencies for libapt-pkg-dev (depends on the source version of apt and apt-watch now) * michael.vogt@canonical.com--2004--laptop/apt--mvo--0--patch-7 * distro really should be hoary, not unstable :/ * michael.vogt@canonical.com--2004--laptop/apt--mvo--0--patch-8 * documented the "--allow-unauthenticated" switch * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-1 tag of apt@packages.debian.org/apt--authentication--0--base-0 * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-2 merged "tla apply-delta -A foo@ apt@arch.ubuntu.com/apt--MAIN--0--patch-1190 apt@arch.ubuntu.com/apt--MAIN--0--patch-1343" and cleaned up conflicts * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-3 * missing bits from the merge added * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-4 * star-merged with apt@packages.debian.org/apt--main--0 * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-5 * tree-synced to the apt--authentication tree * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-6 * use the ubuntu-key in this version * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-7 * imported the patches from mdz * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-8 * apt-get update --print-uris works now as before (fallback to 0.5.x behaviour) * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-9 * fix for the "if any source unauthenticated, all other sources are unauthenticated too" problem * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-10 * reworked the "--print-uris" patch. it no longer uses: "APT::Get::Print-URIs" in the library * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-11 * version of the library set to 3.6 * michael.vogt@canonical.com--2004/apt--authentication-mvo--0--patch-12 * changelog finallized, will upload to people.ubuntulinux.org/~mvo/apt-authentication * michael.vogt@canonical.com--2004/apt--main-authentication--0--base-0 tag of apt@packages.debian.org/apt--main--0--patch-22 * michael.vogt@canonical.com--2004/apt--main-authentication--0--patch-1 * star-merge from apt--experimental--0.6 * michael.vogt@canonical.com--2004/apt--main-authentication--0--patch-2 * compile failure fix for methods/http.cc, po-file fixes
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2026-05-14 14:26:33 +0000