summaryrefslogtreecommitdiff
path: root/apt-pkg/contrib/proxy.cc
diff options
context:
space:
mode:
Diffstat (limited to 'apt-pkg/contrib/proxy.cc')
-rw-r--r--apt-pkg/contrib/proxy.cc52
1 files changed, 38 insertions, 14 deletions
diff --git a/apt-pkg/contrib/proxy.cc b/apt-pkg/contrib/proxy.cc
index a99f44f49..9a9a9f29c 100644
--- a/apt-pkg/contrib/proxy.cc
+++ b/apt-pkg/contrib/proxy.cc
@@ -12,9 +12,11 @@
#include <apt-pkg/configuration.h>
#include <apt-pkg/error.h>
#include <apt-pkg/fileutl.h>
+#include <apt-pkg/string_view.h>
#include <apt-pkg/strutl.h>
#include <algorithm>
+#include <array>
#include <iostream>
#include <fcntl.h>
#include <unistd.h>
@@ -22,6 +24,16 @@
#include "proxy.h"
/*}}}*/
+bool CanURIBeAccessedViaProxy(URI const &URL) /*{{{*/
+{
+ // for some methods a proxy doesn't make sense, so we don't have to fork
+ if (URL.Host.empty() ||
+ APT::String::Startswith(URL.Access, "mirror+") || URL.Access.find("+mirror+") != std::string::npos || APT::String::Endswith(URL.Access, "+mirror"))
+ return false;
+ std::array const noproxy{"file", "copy", "store", "gpgv", "rred", "cdrom", "mirror"};
+ return std::find(noproxy.begin(), noproxy.end(), URL.Access) == noproxy.end();
+}
+ /*}}}*/
// AutoDetectProxy - auto detect proxy /*{{{*/
// ---------------------------------------------------------------------
/* */
@@ -29,16 +41,19 @@ static std::vector<std::string> CompatibleProxies(URI const &URL)
{
if (URL.Access == "http" || URL.Access == "https")
return {"http", "https", "socks5h"};
- return {URL.Access};
+ if (URL.Access == "tor" || URL.Access == "tor+http" || URL.Access == "tor+https")
+ return {"socks5h"};
+ if (URL.Access == "ftp")
+ return {"ftp"};
+ return {};
}
-
bool AutoDetectProxy(URI &URL)
{
- // we support both http/https debug options
- bool Debug = _config->FindB("Debug::Acquire::"+URL.Access,false);
+ if (not CanURIBeAccessedViaProxy(URL))
+ return true;
// the user already explicitly set a proxy for this host
- if(_config->Find("Acquire::"+URL.Access+"::proxy::"+URL.Host, "") != "")
+ if (not _config->Find("Acquire::" + URL.Access + "::proxy::" + URL.Host, "").empty())
return true;
// option is "Acquire::http::Proxy-Auto-Detect" but we allow the old
@@ -49,6 +64,7 @@ bool AutoDetectProxy(URI &URL)
if (AutoDetectProxyCmd.empty())
return true;
+ bool const Debug = _config->FindB("Debug::Acquire::" + URL.Access, false);
if (Debug)
std::clog << "Using auto proxy detect command: " << AutoDetectProxyCmd << std::endl;
@@ -73,7 +89,7 @@ bool AutoDetectProxy(URI &URL)
// and apt will use the generic proxy settings
if (goodread == false)
return true;
- auto const cleanedbuf = _strstrip(buf);
+ APT::StringView const cleanedbuf = _strstrip(buf);
// We warn about this as the implementor probably meant to use DIRECT instead
if (cleanedbuf[0] == '\0')
{
@@ -82,17 +98,25 @@ bool AutoDetectProxy(URI &URL)
}
if (Debug)
- std::clog << "auto detect command returned: '" << cleanedbuf << "'" << std::endl;
+ std::clog << "auto detect command returned: '" << cleanedbuf.data() << "'" << std::endl;
- auto compatibleTypes = CompatibleProxies(URL);
- bool compatible = strcmp(cleanedbuf, "DIRECT") == 0 ||
- compatibleTypes.end() != std::find_if(compatibleTypes.begin(),
- compatibleTypes.end(), [cleanedbuf](std::string &compat) {
- return strstr(cleanedbuf, compat.c_str()) == cleanedbuf;
- });
+ bool compatible = true;
+ if (cleanedbuf != "DIRECT")
+ {
+ if (auto const compatibleTypes = CompatibleProxies(URL); not compatibleTypes.empty())
+ compatible = std::any_of(compatibleTypes.begin(), compatibleTypes.end(),
+ [cleanedbuf](std::string const &compat)
+ {
+ return cleanedbuf.substr(0, compat.size()) == compat;
+ });
+ }
+ else if (URL.Access == "tor" || URL.Access == "tor+http" || URL.Access == "tor+https")
+ compatible = false; // Accepting DIRECT would silently disable tor
if (compatible)
- _config->Set("Acquire::"+URL.Access+"::proxy::"+URL.Host, cleanedbuf);
+ _config->Set("Acquire::"+URL.Access+"::proxy::"+URL.Host, cleanedbuf.data());
+ else
+ _error->Warning("ProxyAutoDetect command returned incompatible proxy '%s' for access type %s", cleanedbuf.data(), URL.Access.c_str());
return true;
}