David Kalnischkies
|
2fac0dd5a7
gpgv: show always webportal error on NODATA
|
8 years ago |
David Kalnischkies
|
46e00c9062
support multiple fingerprints in signed-by
|
8 years ago |
David Kalnischkies
|
5419a6ce20
gpgv: cleanup statusfd parsing a bit
|
8 years ago |
David Kalnischkies
|
fb7b11ebb8
don't show NO_PUBKEY warning if repo is signed by another key
|
8 years ago |
David Kalnischkies
|
1af227c2ea
gpgv: handle expired sig as worthless
|
8 years ago |
David Kalnischkies
|
f13b413a3b
gpgv: use EXPKEYSIG instead of KEYEXPIRED
|
8 years ago |
Julian Andres Klode
|
6a4958d313
Allow lowering trust level of a hash via config
|
8 years ago |
David Kalnischkies
|
08b7761a25
handle gpgv's weak-digests ERRSIG
|
8 years ago |
David Kalnischkies
|
8fa9957081
properly check for "all good sigs are weak"
|
8 years ago |
Julian Andres Klode
|
5f060c2776
Make the weak signature message less ambigious
|
8 years ago |
Julian Andres Klode
|
349c5c8945
methods/gpgv: Rewrite error handling and message
|
8 years ago |
Julian Andres Klode
|
07ea3af0fe
methods/gpgv: Warn about SHA1 (and RIPEMD-160)
|
8 years ago |
Julian Andres Klode
|
08fd77e835
methods/gpgv: Correctly handle weak signatures with multiple keys
|
8 years ago |
Julian Andres Klode
|
d91051242d
methods/gpgv: Reject weak digest algorithms
|
8 years ago |
Julian Andres Klode
|
0d80586a67
Revert "Handle ERRSIG in the gpgv method like BADSIG"
|
8 years ago |
Julian Andres Klode
|
76a71a1237
Handle ERRSIG in the gpgv method like BADSIG
|
8 years ago |
David Kalnischkies
|
23e64f6d0f
allow acquire method specific options via Binary scope
|
9 years ago |
David Kalnischkies
|
3b3028467c
add c++11 override marker to overridden methods
|
9 years ago |
David Kalnischkies
|
4e03c47de1
implement Signed-By without using gpg for verification
|
9 years ago |
David Kalnischkies
|
b0d4085477
implement Signed-By option for sources.list
|
9 years ago |
David Kalnischkies
|
bf6ac7ca61
use getline() instead of rolling our own
|
10 years ago |
Michael Vogt
|
9983999d29
Fix backward compatiblity of the new pkgAcquireMethod::DropPrivsOrDie()
|
10 years ago |
Michael Vogt
|
4c333a25a8
Merge remote-tracking branch 'upstream/debian/experimental' into feature/acq-trans
|
10 years ago |
David Kalnischkies
|
b39bb552f8
correct the error messages to refer to apt-key instead of gpgv
|
10 years ago |
Michael Vogt
|
e31a89e668
Merge remote-tracking branch 'upstream/debian/experimental' into feature/acq-trans
|
10 years ago |
Julian Andres Klode
|
7b18d5592f
methods: Fail if we cannot drop privileges
|
10 years ago |
Michael Vogt
|
3927c6da48
Drop Privileges to "Debian-apt" in most acquire methods
|
10 years ago |
Michael Vogt
|
2737f28a1c
Download Release first, then Release.gpg
|
10 years ago |
David Kalnischkies
|
453b82a388
cleanup headers and especially #includes everywhere
|
10 years ago |
David Kalnischkies
|
25d99f3b42
fix various style/performance warnings in rred
|
10 years ago |