apt/methods/https.cc, branch 1.4.2Debians commandline package managerhttps://git.kalnischkies.de/apt/atom?h=1.4.22017-01-17T00:59:15Zhttps: Quote path in URL before passing it to curl2017-01-17T00:59:15ZJulian Andres Klodejak@debian.org2016-12-29T13:16:07Zurn:sha1:994515e689dcc5f963f5fed58284831750a5da03
Curl requires URLs to be urlencoded. We are however giving it
undecoded URLs. This causes it go completely nuts if there is
a space in the URI, producing requests like:
GET /a file HTTP/1.1
which the servers then interpret as a GET request for "/a" with
HTTP version "file" or some other non-sense.
This works around the issue by encoding the path component of
the URL. I'm not sure if we should encode other parts of the URL
as well, this one seems to do the trick for the actual issue at
hand.
A more correct fix is to avoid the dequoting and (re-)quoting
of URLs when a redirect occurs / a new request is sent. That's
been on the radar for probably a year or two now, but nobody
bothered implementing that yet.
LP: #1651923
rename ServerMethod to BaseHttpMethod2016-12-31T01:29:21ZDavid Kalnischkiesdavid@kalnischkies.de2016-12-09T14:13:09Zurn:sha1:d8617331afc39281d5925033975b6097128786f4
This 'method' is the abstract base for http and https and should as such
be called out like this rather using an easily confused name.
Gbp-Dch: Ignore
separating state variables regarding server/request2016-12-31T01:29:21ZDavid Kalnischkiesdavid@kalnischkies.de2016-11-09T11:25:44Zurn:sha1:13a9f08de18dea0dfc1951992b0ddeda9c2fa2dd
Having a Reset(bool) method to partially reset certain variables like
the download size always were strange, so this commit splits the
ServerState into an additional RequestState living on the stack for as
long as we deal with this request causing an automatic "reset".
There is much to do still to make this code look better, but this is a
good first step which compiles cleanly and passes all tests, so keeping
it as history might be beneficial and due to avoiding explicit memory
allocations it ends up fixing a small memory leak in https, too.
Closes: #440057
Honour Acquire::ForceIPv4/6 in the https transport2016-12-08T13:48:12ZLukasz Kawczynskin@neuroid.pl2016-12-08T13:48:12Zurn:sha1:49b91f6903804183dbe1abb12ce1f9803a3dee5fdon't sent Range requests if we know its not accepted2016-08-16T16:49:37ZDavid Kalnischkiesdavid@kalnischkies.de2016-08-11T16:24:35Zurn:sha1:d94b1d80d8326334d17f6a43061368e783b8e0aa
If the server told us in a previous request that it isn't supporting
Ranges with bytes via an Accept-Ranges header missing bytes, we don't
try to formulate requests using Ranges.
reorganize server-states resetting in http/https2016-08-16T16:49:37ZDavid Kalnischkiesdavid@kalnischkies.de2016-08-11T14:59:13Zurn:sha1:ebdb6f1810a20ac240b5b2192dc2e6532ff149d2
We keep various information bits about the server around, some only
effecting the currently handled file (like sizes) while others
should be persistent (like pipeline detections). http used to reset all
file-related manually, which is a bit silly if we already have a Reset()
method – which does reset all through –, so extending it with a
parameter for reuse and calling it from https too (as this was
previously resetting by just creating a new state struct – it uses no
value of the persistent state-keeping yet as it supports no pipelining).
Gbp-Dch: Ignore
http: auto-configure for local Tor proxy if called as 'tor'2016-08-10T23:34:39ZDavid Kalnischkiesdavid@kalnischkies.de2016-08-06T20:54:31Zurn:sha1:0568d325ad8660a9966d552634aa17c90ed22516
With apts http transport supporting socks5h proxies and all the work
in terms of configuration of methods based on the name it is called with
it becomes surprisingly easy to implement Tor support equally (and
perhaps even a bit exceeding) what is available currently in
apt-transport-tor.
How this will turn out to be handled packaging wise we will see in
https://lists.debian.org/deity/2016/08/msg00012.html , but until this is
resolved we can add the needed support without actively enabling it for
now, so that this can be tested better.
implement generic config fallback for methods2016-08-10T21:19:44ZDavid Kalnischkiesdavid@kalnischkies.de2016-07-31T16:05:56Zurn:sha1:30060442025824c491f58887ca7369f3c572fa57
The https method implemented for a long while now a hardcoded fallback
to the same options in http, which, while it works, is rather inflexible
if we want to allow the methods to use another name to change their
behavior slightly, like apt-transport-tor does to https – most of the
diff being s#https#tor#g which then fails to do the full circle
fallthrough tor -> https -> http for https sources. With this config
infrastructure this could be implemented now.
use the same redirection handling for http and https2016-08-10T21:19:44ZDavid Kalnischkiesdavid@kalnischkies.de2016-08-02T12:49:58Zurn:sha1:4bba5a88d0f6afde4414b586b64c48a4851d5324
cURL which backs our https implementation can handle redirects on its
own, but by dealing with them on our own we gain finer control over which
redirections will be performed (we don't like https → http) and by whom
so that redirections to other hosts correctly spawn a new https method
dealing with these instead of letting the current one deal with it.
fail on unsupported http/https proxy settings2016-08-10T21:19:44ZDavid Kalnischkiesdavid@kalnischkies.de2016-08-03T19:17:26Zurn:sha1:ece81b7517b1af6f86aff733498f6c11d5aa814f
Closes: #623443