| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
This will make it possible to select either the current locale or a
specified one, currently only C is selectable.
We use this because the uselocale(3) POSIX API is recent, and the system
might not have it available, so we might need to fallback to use
setlocale(3) instead, which even though is not thread-safe, it's better
than nothing.
|
|
Warned-by: cppcheck
|
|
Fixes: commit 438db7a31e074691e70e8ace7fff91631030624b
Closes: #929727
Stable-Candidate: 1.18.x
|
|
If the header is not valid, we should not try to normalize or even
consider it is in any sane state.
|
|
We separate the function in one that takes one callback, and another
that takes two. This simplifies most of the call sites which only need
one callback.
|
|
Rename matching types and macros, so that the purpose of the symbols
is clear, and to open the way for moving the fsys files list from the
dpkg clientdata.
|
|
This makes it extra clear the precedence of the operators.
Warned-by: cppcheck
|
|
Fix a couple of function parameter typos surfaced by the new warning.
Warned-by: clang
|
|
Guarantee that the DEBIAN pathname does not exist.
Closes: #879982
Reported-by: Jakub Wilk <jwilk@jwilk.net>
|
|
|
|
|
|
Here Debian refers to the distribution and in English this needs to be
capitalized. No translation will be unfuzzed, as the capitalization
rules change among locales.
Warned-by: spellintian
|
|
Add support for negating the option via --no-uniform-compression.
|
|
This sets the control member entries always to root:root, and makes it
possible to do the same for the data member entries via the new
--root-onwer-group option.
Closes: #291320
Based-on-patch-by: Niels Thykier <niels@thykier.net>
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
|
|
This is a well-known executable maintainer script, that ideally should
be handled by dpkg itself. But for now we will at least sanity check its
file type and permissions.
|
|
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
The ar format is not standardized and some systems might provide a
different format than the one used by dpkg. For example on AIX.
|
|
Warned-by: clang
|
|
Closes: #787980
|
|
|
|
|
|
|
|
Make all of them consistently follow the pattern --with-lib<name>.
Rename the m4 macros, preprocessor defines, and automake _LIBS flags.
|
|
The ar and tar file entries contain a timestamp which is usually filled
with the current build time and the file mtime respectively. This causes
the generated deb(5) packages to not be reproducible for the same source
package and same build environment.
We now check if the environment variable SOURCE_DATE_EPOCH is defined,
parse that and use it as the timestamp for ar and to clamp the mtime in
the tar file entries.
This variable is specified to contain the timestamp of the source
release date in seconds since the epoch.
Closes: #759999
Base-on-patch-by: Jérémy Bobbio <lunar@debian.org>
|
|
We use the same timestamp for all ar members, and the tarball mtime
clamping for each tar file entry.
|
|
This will guarantee that no file in binary packages has an mtime later
than the specified time. Which will be required to make binary packages
reproducible.
The option was officially added in GNU tar 1.29, but in Debian it was
introduced as a vendor patch in 1.28, so on Debian we depend on the
latter instead of the former version.
Closes: #759886
|
|
Switch current code to use dpkg_ar instead of taking a filename and a
file descriptor arguments.
|
|
|
|
|
|
We still accept source and binary packages with missing or empty
Architecture fields, but when building either of these, we require
the field to be present.
|
|
We reduce external dependencies on commands, and get sorted file lists.
Closes: #719845
|
|
We reduce external dependencies on commands, avoid a read syscall per
byte on the pipe, reduce code substantially, and get sorted file lists.
|
|
This affects old format .deb packages.
Fixes: CVE-2015-0860
Warned-by: afl
Signed-off-by: Guillem Jover <guillem@debian.org>
Stable-Candidate: 1.16.x 1.17.x
|
|
It should make the code more clear, and in many cases it avoids having
to use a temporary variable.
|
|
|
|
|
|
|
|
Closes: #798324
Warned-by: afl
Reported-by: Jacek Wielemborek <d33tah@gmail.com>
Stable-Candidate: 1.16.x 1.17.x
|
|
With tar > 1.28 the --no-recursion option is now positional, and needs
to be passed before the -T option, otherwise the tarball will end up
with duplicated entries.
Stable-Candidate: 1.16.x 1.17.x
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
Conflicts:
debian/changelog
debian/dpkg.manpages
lib/compat/strsignal.c
scripts/Dpkg/Shlibs.pm
|
|
Regression introduced in commit f1f9887b8f96965d6046857d12fda24c053c6d4b.
The compressor independent way to denote the default value has been to
use -1, but that needs to be fixed up to the actual default value per
compressor, before the compressor specific setup.
When using the gzip command-line tool this is a fatal error as it does
not recognize the argument «-c-1». When using the zlib shared library
this makes the code always default to the compression level 1, as ‘-’
is ignored by gzdopen().
The current minimal fix is to call compressor_check_params() when
setting up the default control.tar compressor paramaters, although
that makes the API hard to use correctly. This will be improved in
the future.
Closes: #786654
|
|
This avoids confusing the project-wide macro with the DPKG_VERSION_
namespaced ones.
|
|
None of the deb toolchain supports embedded newlines in filenames, we
could try to escape them but then we'd need to add support in other
tools to unescape these too, and this does not sem worth the trouble.
Closes: #720761
|
|
Signed-off-by: Niels Thykier <niels@thykier.net>
|
|
|
|
|
|
That is "" or '', and not the unbalanced `' pair.
|
|
|
