Control: tags -1 pending Hi On Sat, Sep 20, 2014 at 09:15:15AM +0200, Michael Vogt wrote: > The downside if of course that if a Packages file is missing (because > of a earlier download error for example) then it won't be fetched > again, so the patch is probably too simplistic. But I think something > like this should be done to avoid the extra verify step if we know > that nothing has changed. This is actually implemented now, some of it in 1.1~exp8 I believe, but most in the version currently in git in all its glory. The acquire system e.g. now even figures out that specific files mentioned within a Release file haven't changed since the previous Release file we have and doesn't even try to download it then (which mostly solves problems with servers who do not even support I-M-S hits), it doesn't calculate checksums it doesn't have in the Release file to compare with (like SHA512 currently) and a bunch of other nifty stuff. See also the test/integration/test-apt-update-* tests for details on what it can do (and prevents attackers from doing). Best regards David Kalnischkies
Attachment:
signature.asc
Description: Digital signature