diff options
author | David Kalnischkies <david@kalnischkies.de> | 2016-08-28 12:58:20 +0200 |
---|---|---|
committer | David Kalnischkies <david@kalnischkies.de> | 2016-08-29 09:22:25 +0200 |
commit | 4ff5e237d5685be187a75c563b86e80ea3e7cc01 (patch) | |
tree | 697f8b969cd205b6e28d441866bdfed38ee2b5b8 /apt-pkg | |
parent | 6a68315e938eb2611806658828ecea86805822e7 (diff) |
randomize acquire order for same type index files
Without randomizing the order in which we download the index files we
leak needlessly information to the mirrors of which architecture is
native or foreign on this system. More importantly, we leak the order in
which description translations will be used which in most cases will e.g.
have the native tongue first.
Note that the leak effect in practice is limited as apt detects if a file
it wants to download is already available in the latest version from a
previous download and does not query the server in such cases. Combined
with the fact that Translation files are usually updated infrequently
and not all at the same time, so a mirror can never be sure if it got asked
about all files the user wants.
Diffstat (limited to 'apt-pkg')
-rw-r--r-- | apt-pkg/acquire-item.cc | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 91d7a3eae..0e1614330 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -46,6 +46,7 @@ #include <ctime> #include <sstream> #include <numeric> +#include <random> #include <apti18n.h> /*}}}*/ @@ -1340,6 +1341,23 @@ void pkgAcqMetaClearSig::QueueIndexes(bool const verify) /*{{{*/ if (hasReleaseFile && verify == false) hasHashes = std::any_of(IndexTargets.begin(), IndexTargets.end(), [&](IndexTarget const &Target) { return TransactionManager->MetaIndexParser->Exists(Target.MetaKey); }); + if (_config->FindB("Acquire::IndexTargets::Randomized", true) && likely(IndexTargets.empty() == false)) + { + /* For fallback handling and to have some reasonable progress information + we can't randomize everything, but at least the order in the same type + can be as we shouldn't be telling the mirrors (and everyone else watching) + which is native/foreign arch, specific order of preference of translations, … */ + auto range_start = IndexTargets.begin(); + std::random_device rd; + std::default_random_engine g(rd()); + do { + auto const type = range_start->Option(IndexTarget::CREATED_BY); + auto const range_end = std::find_if_not(range_start, IndexTargets.end(), + [&type](IndexTarget const &T) { return type == T.Option(IndexTarget::CREATED_BY); }); + std::shuffle(range_start, range_end, g); + range_start = range_end; + } while (range_start != IndexTargets.end()); + } for (auto&& Target: IndexTargets) { // if we have seen a target which is created-by a target this one here is declared a |