summaryrefslogtreecommitdiff
path: root/methods
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-10-141-5/+8
|\
| * methods/rsh.cc: replace strcat with std::stringMichael Vogt2014-10-081-5/+8
| | | | | | | | | | | | | | Instead of using strcat use a C++ std::string to avoid overflowing this buffer. Thanks to David Garfield Closes: #76442
* | Fix backward compatiblity of the new pkgAcquireMethod::DropPrivsOrDie()Michael Vogt2014-10-137-11/+39
| | | | | | | | | | | | | | | | Do not drop privileges in the methods when using a older version of libapt that does not support the chown magic in partial/ yet. To do this DropPrivileges() now will ignore a empty Apt::Sandbox::User. Cleanup all hardcoded _apt along the way.
* | Fix ServerMethod::FindMaximumObjectSizeInQueue()Michael Vogt2014-10-081-1/+1
| | | | | | | | Git-Dch: ignore
* | Fix http pipeline messup detectionMichael Vogt2014-10-082-2/+18
| | | | | | | | | | | | | | | | | | The Maximum-Size protection breaks the http pipeline reorder code because it relies on that the object got fetched entirely so that it can compare the hash of the downloaded data. So instead of stopping when the Maximum-Size of the expected item is reached we only stop when the maximum size of the biggest item in the queue is reached. This way the pipeline reoder code keeps working.
* | Send "Fail-Reason: MaximumSizeExceeded" from the methodMichael Vogt2014-10-074-4/+12
| | | | | | | | | | Communicate the fail reason from the methods to the parent and Rename() failed files.
* | Merge branch 'feature/acq-trans' into feature/expected-sizeMichael Vogt2014-10-072-1/+9
|\ \
| * \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-295-21/+17
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/gpgv.cc
| * \ \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-256-2/+18
| |\ \ \ | | | | | | | | | | | | | | | feature/acq-trans
| * \ \ \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-233-7/+16
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/copy.cc test/integration/test-hashsum-verification
| * \ \ \ \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-053-63/+6
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | feature/acq-trans
| * | | | | | make compressed-indexes test pass againMichael Vogt2014-08-241-5/+27
| | | | | | |
| * | | | | | Download Release first, then Release.gpgMichael Vogt2014-07-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The old way of handling this was that pkgAcqMetaIndex was responsible to check/move both Release and Release.gpg in place. This breaks the assumption of the transaction that each pkgAcquire::Item has a single File that its responsible for.
* | | | | | | make expected-size a maximum-size check as this is what we want at this pointMichael Vogt2014-10-076-13/+13
| | | | | | |
* | | | | | | add ftp expected size checkMichael Vogt2014-10-073-5/+8
| | | | | | |
* | | | | | | methods/https.cc: use File->Tell() here tooMichael Vogt2014-10-071-2/+1
| | | | | | |
* | | | | | | make http size check workMichael Vogt2014-10-0611-92/+75
|\ \ \ \ \ \ \ | | |_|_|_|/ / | |/| | | | |
| * | | | | | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-09-291-7/+4
| |\ \ \ \ \ \ | | | |_|_|_|/ | | |/| | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/acquire-item.cc
| | * | | | | generalize Acquire::GzipIndexMichael Vogt2014-09-211-7/+4
| | | | | | |
| * | | | | | fix: %i in format string (no. 1) requires 'int' but the argument type isDavid Kalnischkies2014-09-271-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'unsigned int' Git-Dch: Ignore Reported-By: cppcheck
| * | | | | | correct the error messages to refer to apt-key instead of gpgvDavid Kalnischkies2014-09-271-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Git-Dch: Ignore
| * | | | | | fix: Member variable 'X' is not initialized in the constructor.David Kalnischkies2014-09-272-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reported-By: cppcheck Git-Dch: Ignore
| * | | | | | Disable Mth.DropPrivsOrDie() in copy.cc for nowMichael Vogt2014-09-261-1/+0
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | Dch-Ignore: true
| * | | | | releasing package apt version 1.1~exp3Michael Vogt2014-09-241-0/+1
| | | | | |
| * | | | | methods: Fail if we cannot drop privilegesJulian Andres Klode2014-09-246-13/+14
| | | | | |
| * | | | | Drop Privileges to "Debian-apt" in most acquire methodsMichael Vogt2014-09-246-1/+15
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new "Debian-apt" user that owns the /var/lib/apt/lists and /var/cache/apt/archive directories. The methods http, https, ftp, gpgv, gzip switch to this user when they start. Thanks to Julian and "ioerror" and tors "switch_id()" code.
| * | | | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-09-233-11/+34
| |\| | | | | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/cachefilter.h configure.ac debian/changelog
| | * | Fix regression when copy: is used for a relative pathMichael Vogt2014-09-191-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we do a ReverifyAfterIMS() we use the copy: method to verify the hashes again. If the user uses -o Dir=./something/relative this fails because we use the URI class in copy.cc that strips away the leading relative part. By not using URI this is fixed. Closes: #762160
| | * | SECURITY UPDATE for CVE-2014-{0488,0487,0489}Michael Vogt2014-09-161-5/+27
| | | | | | | | | | | | | | | | | | | | | | | | incorrect invalidating of unauthenticated data (CVE-2014-0488) incorect verification of 304 reply (CVE-2014-0487) incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
| | * | Improve Debug::Acquire::http debug outputMichael Vogt2014-09-052-4/+5
| | | | | | | | | | | | | | | | | | | | Prefix all answers with the URL that the answer is for. This helps when debugging and pipeline is enabled.
| * | | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-09-053-63/+6
| |\| | | | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/acquire-item.cc configure.ac debian/changelog doc/apt-verbatim.ent doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pt.po po/ar.po po/ast.po po/bg.po po/bs.po po/ca.po po/cs.po po/cy.po po/da.po po/de.po po/dz.po po/el.po po/es.po po/eu.po po/fi.po po/fr.po po/gl.po po/hu.po po/it.po po/ja.po po/km.po po/ko.po po/ku.po po/lt.po po/mr.po po/nb.po po/ne.po po/nl.po po/nn.po po/pl.po po/pt.po po/pt_BR.po po/ro.po po/ru.po po/sk.po po/sl.po po/sv.po po/th.po po/tl.po po/tr.po po/uk.po po/vi.po po/zh_CN.po po/zh_TW.po test/integration/test-ubuntu-bug-346386-apt-get-update-paywall
| | * Make Proxy-Auto-Detect check for each hostMichael Vogt2014-09-023-63/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | When doing Acquire::http{,s}::Proxy-Auto-Detect, run the auto-detect command for each host instead of only once. This should make using "proxy" from libproxy-tools feasible which can then be used for PAC style or other proxy configurations. Closes: #759264
| * | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-07-081-1/+1
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/deb/deblistparser.cc doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pl.po doc/po/pt.po doc/po/pt_BR.po po/da.po po/mr.po po/vi.po
| | * methods/http.cc: use Req.str() in debug outputMichael Vogt2014-06-241-1/+1
| | |
* | | make https honor ExpectedSize as wellMichael Vogt2014-08-262-1/+8
| | |
* | | Pass ExpectedSize to tthe backend methodMichael Vogt2014-08-264-3/+20
|/ / | | | | | | | | This ensures that we can stop downloading if the server send too much data by accident (or by a malicious attempt)
* / reenable pipelining via hashsum reordering supportDavid Kalnischkies2014-05-092-5/+43
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | Now that methods have the expected hashes available they can check if the response from the server is what they expected. Pipelining is one of those areas in which servers can mess up by not supporting it properly, which forced us to disable it for the time being. Now, we check if we got a response out of order, which we can not only use to disable pipelining automatically for the next requests, but we can fix it up just like the server responded in proper order for the current requests. To ensure that this little trick works pipelining is only attempt if we have hashsums for all the files in the chain which in theory reduces the use of pipelining usage even on the many servers which work properly, but in practice only the InRelease file (or similar such) will be requested without a hashsum – and as it is the only file requested in that stage it can't be pipelined even if we wanted to. Some minor annoyances remain: The display of the progress we have doesn't reflect this change, so it looks like the same package gets downloaded multiple times while others aren't at all. Further more, partial files are not supported in this recovery as the received data was appended to the wrong file, so the hashsum doesn't match. Both seem to be minor enough to reenable pipelining by default until further notice through to test if it really solves the problem. This therefore reverts commit 8221431757c775ee875a061b184b5f6f2330f928.
* enforce LFS for partial files in https range requestsDavid Kalnischkies2014-04-261-5/+5
|
* build http request in a stringstreamDavid Kalnischkies2014-04-261-57/+31
| | | | | beside reducing code a bit, it avoids oddball problems while building the string and doesn't trigger static analyse warnings.
* add a config option to switch uncompress methods to compressDavid Kalnischkies2014-03-131-9/+18
| | | | | | Not very useful in the normal operation of work, but handy for tests. Git-Dch: Ignore
* follow method attribute suggestions by gccDavid Kalnischkies2014-03-134-5/+5
| | | | | Git-Dch: Ignore Reported-By: gcc -Wsuggest-attribute={pure,const,noreturn}
* cleanup headers and especially #includes everywhereDavid Kalnischkies2014-03-1320-60/+80
| | | | | | | | Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
* warning: unused parameter ‘foo’ [-Wunused-parameter]David Kalnischkies2014-03-136-17/+17
| | | | | Reported-By: gcc -Wunused-parameter Git-Dch: Ignore
* StartPos is always positive for http/httpsDavid Kalnischkies2014-03-132-8/+3
| | | | | | | | | server.cc: In member function ‘bool ServerState::HeaderLine(std::string)’: server.cc:198:72: warning: format ‘%llu’ expects argument of type ‘long long unsigned int*’, but argument 3 has type ‘long long int*’ [-Wformat=] else if (sscanf(Val.c_str(),"bytes %llu-%*u/%llu",&StartPos,&Size) != 2) Git-Dch: Ignore Reported-By: gcc -Wpedantic
* warning: extra ‘;’ [-Wpedantic]David Kalnischkies2014-03-137-31/+31
| | | | | Git-Dch: Ignore Reported-By: gcc -Wpedantic
* fix -Wformat= warnings about size_t != %lu on e.g. armelDavid Kalnischkies2014-03-131-6/+6
| | | | | Git-Dch: Ignore Reported-By: gcc
* fix -Wmissing-field-initializers warningsDavid Kalnischkies2014-03-131-2/+2
| | | | | Reported-By: gcc Git-Dch: Ignore
* Fix typos in documentation (codespell)Michael Vogt2014-02-2212-19/+19
|
* add a testcase to check for forbidden https→http downgradesDavid Kalnischkies2014-02-141-1/+2
| | | | Git-Dch: Ignore
* disable https->http redirects in libcurlMichael Vogt2014-02-141-0/+3
| | | | This change prevents changing the protocol from https to http.
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-11-05 11:32:52 +0000