summaryrefslogtreecommitdiff
path: root/methods
Commit message (Collapse)AuthorAgeFilesLines
* Fix http pipeline messup detectionMichael Vogt2014-10-082-2/+18
| | | | | | | | | The Maximum-Size protection breaks the http pipeline reorder code because it relies on that the object got fetched entirely so that it can compare the hash of the downloaded data. So instead of stopping when the Maximum-Size of the expected item is reached we only stop when the maximum size of the biggest item in the queue is reached. This way the pipeline reoder code keeps working.
* Send "Fail-Reason: MaximumSizeExceeded" from the methodMichael Vogt2014-10-074-4/+12
| | | | | Communicate the fail reason from the methods to the parent and Rename() failed files.
* Merge branch 'feature/acq-trans' into feature/expected-sizeMichael Vogt2014-10-072-1/+9
|\
| * Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-295-21/+17
| |\ | | | | | | | | | | | | | | | | | | | | | | | | feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/gpgv.cc
| * \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-256-2/+18
| |\ \ | | | | | | | | | | | | feature/acq-trans
| * \ \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-233-7/+16
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/copy.cc test/integration/test-hashsum-verification
| * \ \ \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-053-63/+6
| |\ \ \ \ | | | | | | | | | | | | | | | | | | feature/acq-trans
| * | | | | make compressed-indexes test pass againMichael Vogt2014-08-241-5/+27
| | | | | |
| * | | | | Download Release first, then Release.gpgMichael Vogt2014-07-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The old way of handling this was that pkgAcqMetaIndex was responsible to check/move both Release and Release.gpg in place. This breaks the assumption of the transaction that each pkgAcquire::Item has a single File that its responsible for.
* | | | | | make expected-size a maximum-size check as this is what we want at this pointMichael Vogt2014-10-076-13/+13
| | | | | |
* | | | | | add ftp expected size checkMichael Vogt2014-10-073-5/+8
| | | | | |
* | | | | | methods/https.cc: use File->Tell() here tooMichael Vogt2014-10-071-2/+1
| | | | | |
* | | | | | make http size check workMichael Vogt2014-10-0611-92/+75
|\ \ \ \ \ \ | | |_|_|_|/ | |/| | | |
| * | | | | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-09-291-7/+4
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/acquire-item.cc
| | * | | | | generalize Acquire::GzipIndexMichael Vogt2014-09-211-7/+4
| | | | | | |
| * | | | | | fix: %i in format string (no. 1) requires 'int' but the argument type isDavid Kalnischkies2014-09-271-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'unsigned int' Git-Dch: Ignore Reported-By: cppcheck
| * | | | | | correct the error messages to refer to apt-key instead of gpgvDavid Kalnischkies2014-09-271-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Git-Dch: Ignore
| * | | | | | fix: Member variable 'X' is not initialized in the constructor.David Kalnischkies2014-09-272-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reported-By: cppcheck Git-Dch: Ignore
| * | | | | | Disable Mth.DropPrivsOrDie() in copy.cc for nowMichael Vogt2014-09-261-1/+0
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | Dch-Ignore: true
| * | | | | releasing package apt version 1.1~exp3Michael Vogt2014-09-241-0/+1
| | | | | |
| * | | | | methods: Fail if we cannot drop privilegesJulian Andres Klode2014-09-246-13/+14
| | | | | |
| * | | | | Drop Privileges to "Debian-apt" in most acquire methodsMichael Vogt2014-09-246-1/+15
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new "Debian-apt" user that owns the /var/lib/apt/lists and /var/cache/apt/archive directories. The methods http, https, ftp, gpgv, gzip switch to this user when they start. Thanks to Julian and "ioerror" and tors "switch_id()" code.
| * | | | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-09-233-11/+34
| |\| | | | | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/cachefilter.h configure.ac debian/changelog
| | * | Fix regression when copy: is used for a relative pathMichael Vogt2014-09-191-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we do a ReverifyAfterIMS() we use the copy: method to verify the hashes again. If the user uses -o Dir=./something/relative this fails because we use the URI class in copy.cc that strips away the leading relative part. By not using URI this is fixed. Closes: #762160
| | * | SECURITY UPDATE for CVE-2014-{0488,0487,0489}Michael Vogt2014-09-161-5/+27
| | | | | | | | | | | | | | | | | | | | | | | | incorrect invalidating of unauthenticated data (CVE-2014-0488) incorect verification of 304 reply (CVE-2014-0487) incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
| | * | Improve Debug::Acquire::http debug outputMichael Vogt2014-09-052-4/+5
| | | | | | | | | | | | | | | | | | | | Prefix all answers with the URL that the answer is for. This helps when debugging and pipeline is enabled.
| * | | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-09-053-63/+6
| |\| | | | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/acquire-item.cc configure.ac debian/changelog doc/apt-verbatim.ent doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pt.po po/ar.po po/ast.po po/bg.po po/bs.po po/ca.po po/cs.po po/cy.po po/da.po po/de.po po/dz.po po/el.po po/es.po po/eu.po po/fi.po po/fr.po po/gl.po po/hu.po po/it.po po/ja.po po/km.po po/ko.po po/ku.po po/lt.po po/mr.po po/nb.po po/ne.po po/nl.po po/nn.po po/pl.po po/pt.po po/pt_BR.po po/ro.po po/ru.po po/sk.po po/sl.po po/sv.po po/th.po po/tl.po po/tr.po po/uk.po po/vi.po po/zh_CN.po po/zh_TW.po test/integration/test-ubuntu-bug-346386-apt-get-update-paywall
| | * Make Proxy-Auto-Detect check for each hostMichael Vogt2014-09-023-63/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | When doing Acquire::http{,s}::Proxy-Auto-Detect, run the auto-detect command for each host instead of only once. This should make using "proxy" from libproxy-tools feasible which can then be used for PAC style or other proxy configurations. Closes: #759264
| * | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-07-081-1/+1
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/deb/deblistparser.cc doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pl.po doc/po/pt.po doc/po/pt_BR.po po/da.po po/mr.po po/vi.po
| | * methods/http.cc: use Req.str() in debug outputMichael Vogt2014-06-241-1/+1
| | |
* | | make https honor ExpectedSize as wellMichael Vogt2014-08-262-1/+8
| | |
* | | Pass ExpectedSize to tthe backend methodMichael Vogt2014-08-264-3/+20
|/ / | | | | | | | | This ensures that we can stop downloading if the server send too much data by accident (or by a malicious attempt)
* / reenable pipelining via hashsum reordering supportDavid Kalnischkies2014-05-092-5/+43
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | Now that methods have the expected hashes available they can check if the response from the server is what they expected. Pipelining is one of those areas in which servers can mess up by not supporting it properly, which forced us to disable it for the time being. Now, we check if we got a response out of order, which we can not only use to disable pipelining automatically for the next requests, but we can fix it up just like the server responded in proper order for the current requests. To ensure that this little trick works pipelining is only attempt if we have hashsums for all the files in the chain which in theory reduces the use of pipelining usage even on the many servers which work properly, but in practice only the InRelease file (or similar such) will be requested without a hashsum – and as it is the only file requested in that stage it can't be pipelined even if we wanted to. Some minor annoyances remain: The display of the progress we have doesn't reflect this change, so it looks like the same package gets downloaded multiple times while others aren't at all. Further more, partial files are not supported in this recovery as the received data was appended to the wrong file, so the hashsum doesn't match. Both seem to be minor enough to reenable pipelining by default until further notice through to test if it really solves the problem. This therefore reverts commit 8221431757c775ee875a061b184b5f6f2330f928.
* enforce LFS for partial files in https range requestsDavid Kalnischkies2014-04-261-5/+5
|
* build http request in a stringstreamDavid Kalnischkies2014-04-261-57/+31
| | | | | beside reducing code a bit, it avoids oddball problems while building the string and doesn't trigger static analyse warnings.
* add a config option to switch uncompress methods to compressDavid Kalnischkies2014-03-131-9/+18
| | | | | | Not very useful in the normal operation of work, but handy for tests. Git-Dch: Ignore
* follow method attribute suggestions by gccDavid Kalnischkies2014-03-134-5/+5
| | | | | Git-Dch: Ignore Reported-By: gcc -Wsuggest-attribute={pure,const,noreturn}
* cleanup headers and especially #includes everywhereDavid Kalnischkies2014-03-1320-60/+80
| | | | | | | | Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
* warning: unused parameter ‘foo’ [-Wunused-parameter]David Kalnischkies2014-03-136-17/+17
| | | | | Reported-By: gcc -Wunused-parameter Git-Dch: Ignore
* StartPos is always positive for http/httpsDavid Kalnischkies2014-03-132-8/+3
| | | | | | | | | server.cc: In member function ‘bool ServerState::HeaderLine(std::string)’: server.cc:198:72: warning: format ‘%llu’ expects argument of type ‘long long unsigned int*’, but argument 3 has type ‘long long int*’ [-Wformat=] else if (sscanf(Val.c_str(),"bytes %llu-%*u/%llu",&StartPos,&Size) != 2) Git-Dch: Ignore Reported-By: gcc -Wpedantic
* warning: extra ‘;’ [-Wpedantic]David Kalnischkies2014-03-137-31/+31
| | | | | Git-Dch: Ignore Reported-By: gcc -Wpedantic
* fix -Wformat= warnings about size_t != %lu on e.g. armelDavid Kalnischkies2014-03-131-6/+6
| | | | | Git-Dch: Ignore Reported-By: gcc
* fix -Wmissing-field-initializers warningsDavid Kalnischkies2014-03-131-2/+2
| | | | | Reported-By: gcc Git-Dch: Ignore
* Fix typos in documentation (codespell)Michael Vogt2014-02-2212-19/+19
|
* add a testcase to check for forbidden https→http downgradesDavid Kalnischkies2014-02-141-1/+2
| | | | Git-Dch: Ignore
* disable https->http redirects in libcurlMichael Vogt2014-02-141-0/+3
| | | | This change prevents changing the protocol from https to http.
* allow http protocol to switch to httpsDavid Kalnischkies2014-02-141-5/+9
| | | | | | | | | switch protocols at random is a bad idea if e.g. http can switch to file, so we limit the possibilities to http to http and http to https. As very few people (less than 1% according to popcon) have https installed this likely changes nothing in terms of failure. The commit is adding a friendly hint which package needs to be installed though.
* report https download start only if we really get itDavid Kalnischkies2014-02-141-1/+2
| | | | | | Reporting it via progress means that e.g. a redirect will trigger it, too, so you get a Get & Hit while http only reports a Hit as it should be.
* use utimes instead of utimensat/futimensDavid Kalnischkies2014-02-117-53/+46
| | | | | | | | | | | cppcheck complains about the obsolete utime as it was removed in POSIX1.2008 and recommends usage of utimensat/futimens instead as those are in POSIX and so commit 9ce3cfc9 switched to them. It is just that they aren't as portable as the standard suggests: At least our kFreeBSD and Hurd ports stumble over it at runtime. So to make both, the ports and cppcheck happy, we use utimes instead. Closes: 738567
* fix various style/performance warnings in rredDavid Kalnischkies2014-01-303-45/+24
| | | | | Reported-By: cppcheck Git-Dch: Ignore
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-11-02 20:26:48 +0000