Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.6_beta1 2018-02-19T14:56:09Z 2018-02-19T14:56:09Z David Kalnischkies david@kalnischkies.de 2018-01-05T22:47:45Z urn:sha1:d90eb8132961aa481b94e63246a0ed23fc36d182 It is sad that we can't wrap the cdrom method tighter at the moment, but due to its ability to mount drives into arbitrary places via an external suid binary we can't really do a lot better at the moment. What we can do is set the options in the configuration space through as it is standard in the other methods instead of doing it in main() which is assumed to be more boilerplatey than actually doing something. Gbp-Dch: Ignore 2018-01-03T18:42:45Z David Kalnischkies david@kalnischkies.de 2017-11-18T11:38:21Z urn:sha1:4df5483994d510290677abab5720445f71babe65 A mirror list we get from an non-local source like http shouldn't be able to include e.g. file sources and even with other online sources we need to be careful: They also shouldn't include prefixed methods like 'tor+http'. So apply magic based on how the method is called: mirror+file will be allowed to redirect to any source while tor+mirror+file allows all, but sends them to their tor+ variant. 2018-01-03T18:42:45Z David Kalnischkies david@kalnischkies.de 2017-10-27T16:27:54Z urn:sha1:a839efb126af066dc2e58400fb5e25911cb2a9f1 The old implementation used to construct a query string including the release(s) the mirrorlist should be for, but that is hard to deal with as this rules out that partial mirrors are included in the list and it turns out that nobody ended up implementing it on the server side. Controlling this on the client side allows partial mirrors to be included and as a bonus prevents that we tell the mirrorlist server (this rather generic) user information. 2018-01-03T18:42:45Z David Kalnischkies david@kalnischkies.de 2017-10-27T22:01:27Z urn:sha1:04ab37fecaf286f724bef2e0969d2b67ab5ac1b1 Allowing a method to request work from other methods is a powerful capability which could be misused or exploited, so to slightly limited the surface let method opt-in into this capability on startup. 2018-01-03T17:55:41Z David Kalnischkies david@kalnischkies.de 2017-10-27T16:39:36Z urn:sha1:57fa854e4cdb060e87ca265abd5a83364f9fa681 Embedding an entire acquire stack and HTTP logic in the mirror method made it rather heavy weight and fragile. This reimplement goes the other way by doing only the bare minimum in the method itself and instead redirect the actual download of files to their proper methods. The reimplementation drops the (in the real world) unused query-string feature as it isn't really implementable in the new architecture. 2018-01-03T15:33:36Z Julian Andres Klode jak@debian.org 2018-01-03T15:28:59Z urn:sha1:5b197e9de5376e191018562309e2d42123c27a1d Commit 47c0bdc310c8cd62374ca6e6bb456dd183bdfc07 ("report transient errors as transient error") accidentally changed some connection failures to become non-transient, because the result of the error checks where being ignored and then fatal error was returned if an error was pending - even if that error was trivial. After the merge of pu/happy-eyeballs2a this becomes a lot clearer, and easy to fix. Gbp-Dch: ignore Regression-Of: 47c0bdc310c8cd62374ca6e6bb456dd183bdfc07 2018-01-03T14:31:36Z Julian Andres Klode jak@debian.org 2018-01-02T21:15:50Z urn:sha1:3bbd328396745d0dd6c5585935040082a2c41e3e Try establishing connections in alternating address families in rapid intervals of 250 ms, adding more connections to the wait list until one succeeds (RFC 8305, happy eyeballs 2). It is important that WaitAndCheckErrors() waits until it has a successful connection, a time out, or all connections failed - otherwise the timing between tries might be wrong, and the final long wait might exit early because one connection failed without trying the others. Timing wise, this only works correctly on Linux, as select() counts down there. But we rely on that in some other places too, so this is not the time to fix that. Timeouts are only reported in the final long wait - the short inner waits are expected to time out more often, and multiple times, we do not want to report them. Closes: #668948 LP: #1308200 Gbp-Dch: paragraph 2018-01-03T14:26:51Z Julian Andres Klode jak@debian.org 2018-01-02T20:59:02Z urn:sha1:53bdec3ebea66153b320ee497871355eb526e0f2 Extracting the error checking method allows us to reuse it in different places, so we can move the waiting and checking out of DoConnect() eventually. Gbp-Dch: ignore 2018-01-03T14:26:51Z Julian Andres Klode jak@debian.org 2018-01-02T20:56:40Z urn:sha1:c9a5a6f2140758c0ed08764a07dd454a8f3ff986 There's no real point in storing the IP address while resolving it - failure messages include the IP address in any case. Do this when picking the connection for actual use instead. 2018-01-03T14:26:47Z Julian Andres Klode jak@debian.org 2018-01-02T20:53:46Z urn:sha1:2369d1249ce7119abb30b616182454a56f124f8d This struct holds information about a connection attempt, like the addrinfo, the resolved address, the fd for the connection, and so on. Gbp-Dch: ignore