summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2017-06-28 22:20:22 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2017-06-28 22:26:56 +0200
commit579f8f1008eceecd3da9ac53923c6a8d08244cb7 (patch)
tree8ce37c04a5589f2172ca5261b2ce31b0ae5e9825
parentc9390165718d4cf0ec43a0af01f06d6628717905 (diff)
support tor+https being handled by http
The apt-transport-tor package operates via simple symlinks which can result in 'http' being called as 'tor+https', so it must pick up the right configuration pieces and trigger https support also in plus names.
-rw-r--r--methods/http.cc13
-rwxr-xr-xtest/integration/test-apt-https-no-redirect9
2 files changed, 18 insertions, 4 deletions
diff --git a/methods/http.cc b/methods/http.cc
index b302c896d..4ad4d389c 100644
--- a/methods/http.cc
+++ b/methods/http.cc
@@ -343,13 +343,15 @@ bool HttpServerState::Open()
if (Proxy.empty() == false)
Owner->AddProxyAuth(Proxy, ServerName);
- bool tls = ServerName.Access == "https";
+ bool tls = (ServerName.Access == "https" || APT::String::Endswith(ServerName.Access, "+https"));
+ auto const DefaultService = tls ? "https" : "http";
+ auto const DefaultPort = tls ? 443 : 80;
if (Proxy.Access == "socks5h")
{
if (Connect(Proxy.Host, Proxy.Port, "socks", 1080, ServerFd, TimeOut, Owner) == false)
return false;
- if (UnwrapSocks(ServerName.Host, ServerName.Port == 0 ? 80 : ServerName.Port,
+ if (UnwrapSocks(ServerName.Host, ServerName.Port == 0 ? DefaultPort : ServerName.Port,
Proxy, ServerFd, Owner->ConfigFindI("TimeOut", 120), Owner) == false)
return false;
}
@@ -372,7 +374,7 @@ bool HttpServerState::Open()
Port = Proxy.Port;
Host = Proxy.Host;
}
- if (!Connect(Host, Port, tls ? "https" : "http", tls ? 443 : 80, ServerFd, TimeOut, Owner))
+ if (!Connect(Host, Port, DefaultService, DefaultPort, ServerFd, TimeOut, Owner))
return false;
}
@@ -853,6 +855,11 @@ HttpMethod::HttpMethod(std::string &&pProg) : BaseHttpMethod(pProg.c_str(), "1.2
addName = "http";
auto const plus = Binary.find('+');
if (plus != std::string::npos)
+ {
+ auto name2 = Binary.substr(plus + 1);
+ if (std::find(methodNames.begin(), methodNames.end(), name2) == methodNames.end())
+ addName = std::move(name2);
addName = Binary.substr(0, plus);
+ }
}
/*}}}*/
diff --git a/test/integration/test-apt-https-no-redirect b/test/integration/test-apt-https-no-redirect
index 05e97159c..1c388098b 100755
--- a/test/integration/test-apt-https-no-redirect
+++ b/test/integration/test-apt-https-no-redirect
@@ -15,6 +15,7 @@ changetohttpswebserver
webserverconfig 'aptwebserver::redirect::replace::/redirectme/' "http://localhost:${APTHTTPPORT}/"
webserverconfig 'aptwebserver::redirect::replace::/redirectme2/' "https://localhost:${APTHTTPSPORT}/"
echo 'Dir::Bin::Methods::https+http "http";' > rootdir/etc/apt/apt.conf.d/99add-https-http-method
+echo 'Dir::Bin::Methods::foo+https "http";' > rootdir/etc/apt/apt.conf.d/99add-foo-https-method
msgtest 'download of a file works via' 'http'
testsuccess --nomsg downloadfile "http://localhost:${APTHTTPPORT}/working" httpfile
@@ -32,10 +33,16 @@ rm -f httpfile
msgtest 'download of a file does not work if' 'https redirected to http'
testfailure --nomsg downloadfile "https://localhost:${APTHTTPSPORT}/redirectme/working" redirectfile
-
msgtest 'libcurl has forbidden access in last request to' 'http resource'
testsuccess --nomsg grep -q -E -- "Redirection from https to 'http://.*' is forbidden" rootdir/tmp/testfailure.output
+rm -f redirectfile
msgtest 'download of a file does work if' 'https+http redirected to https'
testsuccess --nomsg downloadfile "https+http://localhost:${APTHTTPPORT}/redirectme2/working" redirectfile
testfileequal redirectfile 'alright'
+rm -f redirectfile
+
+msgtest 'download of a file does work if' 'foo+https redirected to https'
+testsuccess --nomsg downloadfile "foo+https://localhost:${APTHTTPSPORT}/redirectme2/working" redirectfile
+testfileequal redirectfile 'alright'
+rm -f redirectfile