apt/methods/http.h, branch 2.1.20

http: Fully flush local file both before/after server read

2020-08-11T11:09:04Z

We do not want to end up in a code path while reading content from the server where we have local data left to write, which can happen if a previous read included both headers and content. Restructure Flush() to accept a new argument to allow incomplete flushs (which do not match our limit), so that it can flush as far as possible, and modify Go() and use that before and after reading from the server.

Use steady clock source for bandwidth limitation

2018-05-29T11:04:59Z

Using the time of day for this is slightly wrong just like it is for progress, just less visible.

Remove unused time-tracking from http method

2018-05-28T15:59:38Z

The Stats method isn't called anywhere, was partly commented out before, but we keep updating the time for it – lets avoid this pointless busywork. Gbp-Dch: Ignore

Remove obsolete RCS keywords

2018-05-07T11:41:31Z

Prompted-by: Jakub Wilk

report transient errors as transient errors

2017-12-13T22:56:29Z

The Fail method for acquire methods has a boolean parameter indicating the transient-nature of a reported error. The problem with this is that Fail is called very late at a point where it is no longer easily identifiable if an error is indeed transient or not, so some calls were and some weren't and the acquire system would later mostly ignore the transient flag and guess by using the FailReason instead. Introducing a tri-state enum we can pass the information about fatal or transient errors through the callstack to generate the correct fails.

allow the auth.conf to be root:root owned

2017-07-26T17:09:04Z

Opening the file before we drop privileges in the methods allows us to avoid chowning in the acquire main process which can apply to the wrong file (imagine Binary scoped settings) and surprises users as their permission setup is overridden. There are no security benefits as the file is open, so an evil method could as before read the contents of the file, but it isn't worse than before and we avoid permission problems in this setup.

http: Add support for CONNECT proxying to HTTPS locations

2017-06-30T13:00:41Z

Proxying HTTPS traffic requires the proxy providing the CONNECT method. This implements the client side of it, although it is a bit hacky. HTTP connect is a normal HTTP CONNECT request, followed by a normal HTTP response, just that the body of the response is the TCP stream of the target host. We use a special wrapper in case there are data bytes in the header packets - in that case, the bytes are stored in a buffer and the buffer will be drained first, afterwards the connection continues directly with the TCP stream (with one more vcall). Also: Do not send full URI to https destinations when proxying, as we are directly interfacing with the destination data stream.

methods: connect: Switch from int fds to new MethodFd

2017-06-28T13:52:38Z

Use std::unique_ptr everywhere we used an integer-based file descriptor before. This allows us to implement stuff like TLS support easily. Gbp-Dch: ignore

rename ServerMethod to BaseHttpMethod

2016-12-31T01:29:21Z

This 'method' is the abstract base for http and https and should as such be called out like this rather using an easily confused name. Gbp-Dch: Ignore

separating state variables regarding server/request

2016-12-31T01:29:21Z

Having a Reset(bool) method to partially reset certain variables like the download size always were strange, so this commit splits the ServerState into an additional RequestState living on the stack for as long as we deal with this request causing an automatic "reset". There is much to do still to make this code look better, but this is a good first step which compiles cleanly and passes all tests, so keeping it as history might be beneficial and due to avoiding explicit memory allocations it ends up fixing a small memory leak in https, too. Closes: #440057