allow the auth.conf to be root:root owned

Opening the file before we drop privileges in the methods allows us to
avoid chowning in the acquire main process which can apply to the wrong
file (imagine Binary scoped settings) and surprises users as their
permission setup is overridden.

There are no security benefits as the file is open, so an evil method
could as before read the contents of the file, but it isn't worse than
before and we avoid permission problems in this setup.

1 files changed, 1 insertions, 2 deletions

diff --git a/methods/http.cc b/methods/http.cc
index f0cd77139..fc22180d3 100644
--- a/methods/http.cc
+++ b/methods/http.cc
@@ -329,7 +329,7 @@ struct HttpConnectFd : public MethodFd
 };
 
 bool UnwrapHTTPConnect(std::string Host, int Port, URI Proxy, std::unique_ptr<MethodFd> &Fd,
-		       unsigned long Timeout, aptMethod *Owner)
+		       unsigned long Timeout, aptAuthConfMethod *Owner)
 {
    Owner->Status(_("Connecting to %s (%s)"), "HTTP proxy", URI::SiteOnly(Proxy).c_str());
    // The HTTP server expects a hostname with a trailing :port
@@ -347,7 +347,6 @@ bool UnwrapHTTPConnect(std::string Host, int Port, URI Proxy, std::unique_ptr<Me
       Req << "Host: " << ProperHost << ":" << std::to_string(Proxy.Port) << "\r\n";
    else
       Req << "Host: " << ProperHost << "\r\n";
-   ;
 
    Owner->MaybeAddAuthTo(Proxy);
    if (Proxy.User.empty() == false || Proxy.Password.empty() == false)