apt/methods/http.cc, branch 1.5_rc1Debians commandline package managerhttps://git.kalnischkies.de/apt/atom?h=1.5_rc12017-07-26T17:09:04Zallow the auth.conf to be root:root owned2017-07-26T17:09:04ZDavid Kalnischkiesdavid@kalnischkies.de2017-07-07T20:21:44Zurn:sha1:881ec045b6660e2fe0c6953720260e380ceeeb99
Opening the file before we drop privileges in the methods allows us to
avoid chowning in the acquire main process which can apply to the wrong
file (imagine Binary scoped settings) and surprises users as their
permission setup is overridden.
There are no security benefits as the file is open, so an evil method
could as before read the contents of the file, but it isn't worse than
before and we avoid permission problems in this setup.
reimplement and document auth.conf2017-07-26T17:09:04ZDavid Kalnischkiesdavid@kalnischkies.de2017-07-07T14:24:21Zurn:sha1:ea408c560ed85bb4ef7cf8f72f8463653501332c
We have support for an netrc-like auth.conf file since 0.7.25 (closing
518473), but it was never documented in apt that it even exists and
netrc seems to have fallen out of usage as a manpage for it no longer
exists making the feature even more arcane.
On top of that the code was a bit of a mess (as it is written in c-style)
and as a result the matching of machine tokens to URIs also a bit
strange by checking for less specific matches (= without path) first.
We now do a single pass over the stanzas.
In practice early adopters of the undocumented implementation will not
really notice the differences and the 'new' behaviour is simpler to
document and more usual for an apt user.
Closes: #811181
fail early in http if server answer is too small as well2017-07-26T17:07:56ZDavid Kalnischkiesdavid@kalnischkies.de2017-07-26T16:35:42Zurn:sha1:f2f8e89f08cdf01c83a0b8ab053c65329d85ca90
Failing on too much data is good, but we can do better by checking for
exact filesizes as we know with hashsums how large a file should be, so
if we get a file which has a size we do not expect we can drop it
directly, regardless of if the file is larger or smaller than what we
expect which should catch most cases which would end up as hashsum
errors later now a lot sooner.
fail earlier if server answers with too much data2017-07-26T17:07:56ZDavid Kalnischkiesdavid@kalnischkies.de2017-07-24T12:30:41Zurn:sha1:d7518dba50e2285c41c7002a1d86f876401fd9ea
We tend to operate on rather large static files, which means we usually
get Content-Length information from the server. If we combine this
information with the filesize we are expecting (factoring in pipelining)
we can avoid reading a bunch of data we are ending up rejecting anyhow
by just closing the connection saving bandwidth and time both for the
server as well as the client.
Reformat and sort all includes with clang-format2017-07-12T11:57:51ZJulian Andres Klodejak@debian.org2017-07-12T11:40:41Zurn:sha1:87274d0f22e1dfd99b2e5200e2fe75c1b804eac3
This makes it easier to see which headers includes what.
The changes were done by running
git grep -l '#\s*include' \
| grep -E '.(cc|h)$' \
| xargs sed -i -E 's/(^\s*)#(\s*)include/\1#\2 include/'
To modify all include lines by adding a space, and then running
./git-clang-format.sh.
Stop bragging about old speeds in http.cc comments2017-07-03T13:47:22ZJulian Andres Klodejak@debian.org2017-07-03T13:47:22Zurn:sha1:239d0088142c986628305b56764b5f2b7c83bab2
That's just ridiculous these days.
Gbp-Dch: ignore
http: Add support for https:// proxies2017-06-30T13:00:41ZJulian Andres Klodejak@debian.org2017-06-30T11:52:18Zurn:sha1:bafebf1afc59db7df7e0148b723f3f361770272c
HTTPS proxies just require unwrapping the TLS layer at the proxy
connection, that's easy, and of course sending proxy-specific
headers that are sent on "http" proxies.
http: Add support for CONNECT proxying to HTTPS locations2017-06-30T13:00:41ZJulian Andres Klodejak@debian.org2017-06-30T11:24:04Zurn:sha1:64207dad49f1c803d2b004ccf8fc6432789a8cc2
Proxying HTTPS traffic requires the proxy providing the
CONNECT method. This implements the client side of it,
although it is a bit hacky.
HTTP connect is a normal HTTP CONNECT request, followed
by a normal HTTP response, just that the body of the
response is the TCP stream of the target host.
We use a special wrapper in case there are data bytes
in the header packets - in that case, the bytes are
stored in a buffer and the buffer will be drained first,
afterwards the connection continues directly with the
TCP stream (with one more vcall).
Also: Do not send full URI to https destinations when proxying,
as we are directly interfacing with the destination data stream.
support tor+https being handled by http2017-06-28T20:26:56ZDavid Kalnischkiesdavid@kalnischkies.de2017-06-28T20:20:22Zurn:sha1:579f8f1008eceecd3da9ac53923c6a8d08244cb7
The apt-transport-tor package operates via simple symlinks which can
result in 'http' being called as 'tor+https', so it must pick up the
right configuration pieces and trigger https support also in plus names.
methods: http: Drain pending data before selecting2017-06-28T13:52:38ZJulian Andres Klodejak@debian.org2017-06-28T11:20:54Zurn:sha1:f806530b9ea858ca6bda8fb8f43d988aba02dab3
GnuTLS can already have data pending in its buffers, we need
to to drain that first otherwise select() might block
indefinitely.
Gbp-Dch: ignore