summaryrefslogtreecommitdiff
path: root/methods
Commit message (Collapse)AuthorAgeFilesLines
* handle servers closing encoded connections correctlyDavid Kalnischkies2015-04-191-3/+3
| | | | | | | | | | | | | | | | Servers who advertise that they close the connection get the 'Closes' encoding flag, but this conflicts with servers who response with a transfer-encoding (e.g. encoding) as it is saved in the same flag. We have a better flag for the keep-alive (or not) of the connection anyway, so we check this instead of the encoding. This is in practice not much of a problem as real servers we talk to are HTTP1.1 servers (with keep-alive) and there isn't much point in doing chunked encoding if you are going to close anyway, but our simple testserver stumbles over this if pressed and its a bit cleaner, too. Git-Dch: Ignore
* send Alt-* info for uncompressed based on any compressionsDavid Kalnischkies2015-04-191-19/+24
| | | | | | | | | file sends information about the uncompressed file if it can find it as well as for the compressed file. This was done only for gzip so far, but we support more compression types. That this information isn't used a lot is a different story. Git-Dch: Ignore
* remove duplicated check for same file copyDavid Kalnischkies2015-04-191-9/+1
| | | | Git-Dch: Ignore
* improve https method queue progress reportingDavid Kalnischkies2015-04-193-46/+41
| | | | | | | | | | | | | The worker expects that the methods tell him when they start or finish downloading a file. Various information pieces are passed along in this report including the (expected) filesize. https was using a "global" struct for reporting which made it 'reuse' incorrect values in some cases like a non-existent InRelease fallbacking to Release{,.gpg} resulting in a size-mismatch warning. Reducing the scope and redesigning the setting of the values we can fix this and related issues. Closes: 777565, 781509 Thanks: Robert Edmonds and Anders Kaseorg for initial patchs
* do not unlink https file on general errorDavid Kalnischkies2015-04-191-1/+0
| | | | | | | It might be quite interesting which file (content) made curl freak out and other methods keep the file around as well. Git-Dch: Ignore
* reimplement the last uses of sprintfDavid Kalnischkies2015-04-101-7/+9
| | | | | | | | Working with strings c-style is complicated and error-prune, so by converting to c++ style we gain some simplicity and avoid buffer overflows by later extensions. Git-Dch: Ignore
* derive more of https from http methodDavid Kalnischkies2015-03-165-25/+40
| | | | | | | | | Bug #778375 uncovered that https wasn't properly integrated in the class family tree of http as it was supposed to be leading to a NULL pointer dereference. Fixing this 'properly' was deemed to much diff for practically no gain that late in the release, so commit 0c2dc43d4fe1d026650b5e2920a021557f9534a6 just fixed the synptom, while this commit here is fixing the cause plus adding a test.
* merge debian/sid into debian/experimentalDavid Kalnischkies2015-03-163-15/+26
|\
| * Fix crash in the apt-transport-https when Owner is NULLTomasz Buchert2015-02-231-1/+1
| | | | | | | | | | | | Do not crash in ServerState::HeaderLine if there is no Owner. Closes: #778375
| * Fix missing URIStart() for https downloadsMichael Vogt2015-01-052-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | Add a explicit ReceivedData to HttpsMethod that indicates when we got data from the connection so that we can send URISTart() to the parent. This is needed because URIStart got moved in f9b4f12d from the progress_callback to write_data() and it only checks for Res.Size. In the old code if progress_callback is called by libcurl (and sets Res.Size) before write_data is called then URIStart() is never send. Making this a explicit ReceivedData variable fixes this issue.
| * dispose http(s) 416 error page as non-contentDavid Kalnischkies2014-12-224-15/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Real webservers (like apache) actually send an error page with a 416 response, but our client didn't expect it leaving the page on the socket to be parsed as response for the next request (http) or as file content (https), which isn't what we want at all… Symptom is a "Bad header line" as html usually doesn't parse that well to an http-header. This manifests itself e.g. if we have a complete file (or larger) in partial/ which isn't discarded by If-Range as the server doesn't support it (or it is just newer, think: mirror rotation). It is a sort-of regression of 78c72d0ce22e00b194251445aae306df357d5c1a, which removed the filesize - 1 trick, but this had its own problems… To properly test this our webserver gains the ability to reply with transfer-encoding: chunked as most real webservers will use it to send the dynamically generated error pages. (The tests and their binary helpers had to be slightly modified to apply, but the patch to fix the issue itself is unchanged.) Closes: 768797
* | dispose http(s) 416 error page as non-contentDavid Kalnischkies2014-12-094-16/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Real webservers (like apache) actually send an error page with a 416 response, but our client didn't expect it leaving the page on the socket to be parsed as response for the next request (http) or as file content (https), which isn't what we want at all… Symptom is a "Bad header line" as html usually doesn't parse that well to an http-header. This manifests itself e.g. if we have a complete file (or larger) in partial/ which isn't discarded by If-Range as the server doesn't support it (or it is just newer, think: mirror rotation). It is a sort-of regression of 78c72d0ce22e00b194251445aae306df357d5c1a, which removed the filesize - 1 trick, but this had its own problems… To properly test this our webserver gains the ability to reply with transfer-encoding: chunked as most real webservers will use it to send the dynamically generated error pages. Closes: 768797
* | use getline() instead of rolling our ownDavid Kalnischkies2014-11-091-26/+5
| | | | | | | | | | | | | | | | We use it in other places already as well even though it is farly new addition to the POSIX family with 2008, but rolling our own here is really something which should be avoided in such a important method. Git-Dch: Ignore
* | Assert statement calls a function which may have desired side effects: ↵David Kalnischkies2014-11-081-2/+2
| | | | | | | | | | | | | | | | | | | | 'pos_is_okay' It does not have any desired sideeffect, so we just mark it as const to properly advertise this fact to developer, compiler and linter alike. Reported-By: cppcheck Git-Dch: Ignore
* | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-10-141-5/+8
|\|
| * methods/rsh.cc: replace strcat with std::stringMichael Vogt2014-10-081-5/+8
| | | | | | | | | | | | | | Instead of using strcat use a C++ std::string to avoid overflowing this buffer. Thanks to David Garfield Closes: #76442
* | Fix backward compatiblity of the new pkgAcquireMethod::DropPrivsOrDie()Michael Vogt2014-10-137-11/+39
| | | | | | | | | | | | | | | | Do not drop privileges in the methods when using a older version of libapt that does not support the chown magic in partial/ yet. To do this DropPrivileges() now will ignore a empty Apt::Sandbox::User. Cleanup all hardcoded _apt along the way.
* | Fix ServerMethod::FindMaximumObjectSizeInQueue()Michael Vogt2014-10-081-1/+1
| | | | | | | | Git-Dch: ignore
* | Fix http pipeline messup detectionMichael Vogt2014-10-082-2/+18
| | | | | | | | | | | | | | | | | | The Maximum-Size protection breaks the http pipeline reorder code because it relies on that the object got fetched entirely so that it can compare the hash of the downloaded data. So instead of stopping when the Maximum-Size of the expected item is reached we only stop when the maximum size of the biggest item in the queue is reached. This way the pipeline reoder code keeps working.
* | Send "Fail-Reason: MaximumSizeExceeded" from the methodMichael Vogt2014-10-074-4/+12
| | | | | | | | | | Communicate the fail reason from the methods to the parent and Rename() failed files.
* | Merge branch 'feature/acq-trans' into feature/expected-sizeMichael Vogt2014-10-072-1/+9
|\ \
| * \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-295-21/+17
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/gpgv.cc
| * \ \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-256-2/+18
| |\ \ \ | | | | | | | | | | | | | | | feature/acq-trans
| * \ \ \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-233-7/+16
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | feature/acq-trans Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h methods/copy.cc test/integration/test-hashsum-verification
| * \ \ \ \ Merge remote-tracking branch 'upstream/debian/experimental' into ↵Michael Vogt2014-09-053-63/+6
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | feature/acq-trans
| * | | | | | make compressed-indexes test pass againMichael Vogt2014-08-241-5/+27
| | | | | | |
| * | | | | | Download Release first, then Release.gpgMichael Vogt2014-07-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The old way of handling this was that pkgAcqMetaIndex was responsible to check/move both Release and Release.gpg in place. This breaks the assumption of the transaction that each pkgAcquire::Item has a single File that its responsible for.
* | | | | | | make expected-size a maximum-size check as this is what we want at this pointMichael Vogt2014-10-076-13/+13
| | | | | | |
* | | | | | | add ftp expected size checkMichael Vogt2014-10-073-5/+8
| | | | | | |
* | | | | | | methods/https.cc: use File->Tell() here tooMichael Vogt2014-10-071-2/+1
| | | | | | |
* | | | | | | make http size check workMichael Vogt2014-10-0611-92/+75
|\ \ \ \ \ \ \ | | |_|_|_|/ / | |/| | | | |
| * | | | | | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-09-291-7/+4
| |\ \ \ \ \ \ | | | |_|_|_|/ | | |/| | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/acquire-item.cc
| | * | | | | generalize Acquire::GzipIndexMichael Vogt2014-09-211-7/+4
| | | | | | |
| * | | | | | fix: %i in format string (no. 1) requires 'int' but the argument type isDavid Kalnischkies2014-09-271-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'unsigned int' Git-Dch: Ignore Reported-By: cppcheck
| * | | | | | correct the error messages to refer to apt-key instead of gpgvDavid Kalnischkies2014-09-271-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Git-Dch: Ignore
| * | | | | | fix: Member variable 'X' is not initialized in the constructor.David Kalnischkies2014-09-272-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reported-By: cppcheck Git-Dch: Ignore
| * | | | | | Disable Mth.DropPrivsOrDie() in copy.cc for nowMichael Vogt2014-09-261-1/+0
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | Dch-Ignore: true
| * | | | | releasing package apt version 1.1~exp3Michael Vogt2014-09-241-0/+1
| | | | | |
| * | | | | methods: Fail if we cannot drop privilegesJulian Andres Klode2014-09-246-13/+14
| | | | | |
| * | | | | Drop Privileges to "Debian-apt" in most acquire methodsMichael Vogt2014-09-246-1/+15
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new "Debian-apt" user that owns the /var/lib/apt/lists and /var/cache/apt/archive directories. The methods http, https, ftp, gpgv, gzip switch to this user when they start. Thanks to Julian and "ioerror" and tors "switch_id()" code.
| * | | | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-09-233-11/+34
| |\| | | | | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/cachefilter.h configure.ac debian/changelog
| | * | Fix regression when copy: is used for a relative pathMichael Vogt2014-09-191-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we do a ReverifyAfterIMS() we use the copy: method to verify the hashes again. If the user uses -o Dir=./something/relative this fails because we use the URI class in copy.cc that strips away the leading relative part. By not using URI this is fixed. Closes: #762160
| | * | SECURITY UPDATE for CVE-2014-{0488,0487,0489}Michael Vogt2014-09-161-5/+27
| | | | | | | | | | | | | | | | | | | | | | | | incorrect invalidating of unauthenticated data (CVE-2014-0488) incorect verification of 304 reply (CVE-2014-0487) incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
| | * | Improve Debug::Acquire::http debug outputMichael Vogt2014-09-052-4/+5
| | | | | | | | | | | | | | | | | | | | Prefix all answers with the URL that the answer is for. This helps when debugging and pipeline is enabled.
| * | | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-09-053-63/+6
| |\| | | | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/acquire-item.cc configure.ac debian/changelog doc/apt-verbatim.ent doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pt.po po/ar.po po/ast.po po/bg.po po/bs.po po/ca.po po/cs.po po/cy.po po/da.po po/de.po po/dz.po po/el.po po/es.po po/eu.po po/fi.po po/fr.po po/gl.po po/hu.po po/it.po po/ja.po po/km.po po/ko.po po/ku.po po/lt.po po/mr.po po/nb.po po/ne.po po/nl.po po/nn.po po/pl.po po/pt.po po/pt_BR.po po/ro.po po/ru.po po/sk.po po/sl.po po/sv.po po/th.po po/tl.po po/tr.po po/uk.po po/vi.po po/zh_CN.po po/zh_TW.po test/integration/test-ubuntu-bug-346386-apt-get-update-paywall
| | * Make Proxy-Auto-Detect check for each hostMichael Vogt2014-09-023-63/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | When doing Acquire::http{,s}::Proxy-Auto-Detect, run the auto-detect command for each host instead of only once. This should make using "proxy" from libproxy-tools feasible which can then be used for PAC style or other proxy configurations. Closes: #759264
| * | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-07-081-1/+1
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/deb/deblistparser.cc doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pl.po doc/po/pt.po doc/po/pt_BR.po po/da.po po/mr.po po/vi.po
| | * methods/http.cc: use Req.str() in debug outputMichael Vogt2014-06-241-1/+1
| | |
* | | make https honor ExpectedSize as wellMichael Vogt2014-08-262-1/+8
| | |
* | | Pass ExpectedSize to tthe backend methodMichael Vogt2014-08-264-3/+20
|/ / | | | | | | | | This ensures that we can stop downloading if the server send too much data by accident (or by a malicious attempt)
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-11-05 03:35:59 +0000