From 788a8f42c1ec146c812550d076e5fb720e83ae52 Mon Sep 17 00:00:00 2001 From: "Eugene V. Lyubimkin" Date: Mon, 15 Dec 2008 21:17:39 +0200 Subject: Make apt proxy options have the highest priority, unified proxy determining code. --- methods/https.cc | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) (limited to 'methods/https.cc') diff --git a/methods/https.cc b/methods/https.cc index 98dfeefa1..728869fa2 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -61,19 +61,26 @@ void HttpsMethod::SetupProxy() URI ServerName = Queue->Uri; // Determine the proxy setting - if (getenv("http_proxy") == 0) + string SpecificProxy = _config->Find("Acquire::http::Proxy::" + ServerName.Host); + if (!SpecificProxy.empty()) { - string DefProxy = _config->Find("Acquire::http::Proxy"); - string SpecificProxy = _config->Find("Acquire::http::Proxy::" + ServerName.Host); - if (SpecificProxy.empty() == false) - { - if (SpecificProxy == "DIRECT") - Proxy = ""; - else - Proxy = SpecificProxy; - } - else - Proxy = DefProxy; + if (SpecificProxy == "DIRECT") + Proxy = ""; + else + Proxy = SpecificProxy; + } + else + { + string DefProxy = _config->Find("Acquire::http::Proxy"); + if (!DefProxy.empty()) + { + Proxy = DefProxy; + } + else + { + char* result = getenv("http_proxy"); + Proxy = result ? result : ""; + } } // Parse no_proxy, a , separated list of domains -- cgit v1.2.3-70-g09d2 From f465a80f6e0e0cc3edae1870881135ced824c9e3 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Mon, 12 Oct 2009 16:24:34 +0200 Subject: methods/https.cc: Add support for authentication using netrc (Closes: #518473), patch by Jussi Hakala . --- debian/changelog | 3 +++ methods/https.cc | 1 + 2 files changed, 4 insertions(+) (limited to 'methods/https.cc') diff --git a/debian/changelog b/debian/changelog index 34a35b2f9..68ee83bac 100644 --- a/debian/changelog +++ b/debian/changelog @@ -24,6 +24,9 @@ apt (0.7.25) UNRELEASED; urgency=low - Restrict option names to alphanumerical characters and "/-:._+". - Deprecate #include, we have apt.conf.d nowadays which should be sufficient. + * methods/https.cc: + - Add support for authentication using netrc (Closes: #518473), patch + by Jussi Hakala . -- Michael Vogt Tue, 29 Sep 2009 15:51:34 +0200 diff --git a/methods/https.cc b/methods/https.cc index 37d93e308..79e6fea3f 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -135,6 +135,7 @@ bool HttpsMethod::Fetch(FetchItem *Itm) curl_easy_setopt(curl, CURLOPT_NOPROGRESS, false); curl_easy_setopt(curl, CURLOPT_FAILONERROR, true); curl_easy_setopt(curl, CURLOPT_FILETIME, true); + curl_easy_setopt(curl, CURLOPT_NETRC, CURL_NETRC_OPTIONAL); // SSL parameters are set by default to the common (non mirror-specific) value // if available (or a default one) and gets overload by mirror-specific ones. -- cgit v1.2.3-70-g09d2 From 592b78001c381f9cca6f20d8d1d47696bb98c0d1 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 16 Oct 2009 15:36:28 +0200 Subject: port netrc support from maemon --- apt-pkg/contrib/netrc.cc | 184 +++++++++++++++++++++++++++++++++++++++++++ apt-pkg/contrib/netrc.h | 29 +++++++ apt-pkg/init.cc | 1 + apt-pkg/makefile | 6 +- doc/examples/configure-index | 1 + methods/http.cc | 7 +- methods/https.cc | 3 + po/apt-all.pot | 147 ++++++++++++++++++---------------- 8 files changed, 303 insertions(+), 75 deletions(-) create mode 100644 apt-pkg/contrib/netrc.cc create mode 100644 apt-pkg/contrib/netrc.h (limited to 'methods/https.cc') diff --git a/apt-pkg/contrib/netrc.cc b/apt-pkg/contrib/netrc.cc new file mode 100644 index 000000000..851b661a4 --- /dev/null +++ b/apt-pkg/contrib/netrc.cc @@ -0,0 +1,184 @@ +// -*- mode: cpp; mode: fold -*- +// Description /*{{{*/ +// $Id: netrc.c,v 1.38 2007-11-07 09:21:35 bagder Exp $ +/* ###################################################################### + + netrc file parser - returns the login and password of a give host in + a specified netrc-type file + + Originally written by Daniel Stenberg, , et al. and + placed into the Public Domain, do with it what you will. + + ##################################################################### */ + /*}}}*/ + +#include +#include +#include +#include +#include +#include + +#include "netrc.h" + + +/* Get user and password from .netrc when given a machine name */ + +enum { + NOTHING, + HOSTFOUND, /* the 'machine' keyword was found */ + HOSTCOMPLETE, /* the machine name following the keyword was found too */ + HOSTVALID, /* this is "our" machine! */ + HOSTEND /* LAST enum */ +}; + +/* make sure we have room for at least this size: */ +#define LOGINSIZE 64 +#define PASSWORDSIZE 64 +#define NETRC DOT_CHAR "netrc" + +/* returns -1 on failure, 0 if the host is found, 1 is the host isn't found */ +int parsenetrc (char *host, char *login, char *password, char *netrcfile = NULL) +{ + FILE *file; + int retcode = 1; + int specific_login = (login[0] != 0); + char *home = NULL; + bool netrc_alloc = false; + int state = NOTHING; + + char state_login = 0; /* Found a login keyword */ + char state_password = 0; /* Found a password keyword */ + int state_our_login = false; /* With specific_login, + found *our* login name */ + + if (!netrcfile) { + home = getenv ("HOME"); /* portable environment reader */ + + if (!home) { + struct passwd *pw; + pw = getpwuid (geteuid ()); + if(pw) + home = pw->pw_dir; + } + + if (!home) + return -1; + + asprintf (&netrcfile, "%s%s%s", home, DIR_CHAR, NETRC); + if(!netrcfile) + return -1; + else + netrc_alloc = true; + } + + file = fopen (netrcfile, "r"); + if(file) { + char *tok; + char *tok_buf; + bool done = false; + char netrcbuffer[256]; + + while (!done && fgets(netrcbuffer, sizeof (netrcbuffer), file)) { + tok = strtok_r (netrcbuffer, " \t\n", &tok_buf); + while (!done && tok) { + if(login[0] && password[0]) { + done = true; + break; + } + + switch(state) { + case NOTHING: + if (!strcasecmp ("machine", tok)) { + /* the next tok is the machine name, this is in itself the + delimiter that starts the stuff entered for this machine, + after this we need to search for 'login' and + 'password'. */ + state = HOSTFOUND; + } + break; + case HOSTFOUND: + if (!strcasecmp (host, tok)) { + /* and yes, this is our host! */ + state = HOSTVALID; + retcode = 0; /* we did find our host */ + } + else + /* not our host */ + state = NOTHING; + break; + case HOSTVALID: + /* we are now parsing sub-keywords concerning "our" host */ + if (state_login) { + if (specific_login) + state_our_login = !strcasecmp (login, tok); + else + strncpy (login, tok, LOGINSIZE - 1); + state_login = 0; + } else if (state_password) { + if (state_our_login || !specific_login) + strncpy (password, tok, PASSWORDSIZE - 1); + state_password = 0; + } else if (!strcasecmp ("login", tok)) + state_login = 1; + else if (!strcasecmp ("password", tok)) + state_password = 1; + else if(!strcasecmp ("machine", tok)) { + /* ok, there's machine here go => */ + state = HOSTFOUND; + state_our_login = false; + } + break; + } /* switch (state) */ + + tok = strtok_r (NULL, " \t\n", &tok_buf); + } /* while(tok) */ + } /* while fgets() */ + + fclose(file); + } + + if (netrc_alloc) + free(netrcfile); + + return retcode; +} + +void maybe_add_auth (URI &Uri, string NetRCFile) +{ + if (Uri.Password.empty () == true && Uri.User.empty () == true) + { + if (NetRCFile.empty () == false) + { + char login[64] = ""; + char password[64] = ""; + char *netrcfile = strdup (NetRCFile.c_str ()); + char *host = strdup (Uri.Host.c_str ()); + + if (host && 0 == parsenetrc (host, login, password, netrcfile)) + { + Uri.User = string (login); + Uri.Password = string (password); + } + + if (host) + free (host); + free (netrcfile); + } + } +} + +#ifdef DEBUG +int main(int argc, char* argv[]) +{ + char login[64] = ""; + char password[64] = ""; + + if(argc < 2) + return -1; + + if(0 == parsenetrc (argv[1], login, password, argv[2])) { + printf("HOST: %s LOGIN: %s PASSWORD: %s\n", argv[1], login, password); + } +} +#endif diff --git a/apt-pkg/contrib/netrc.h b/apt-pkg/contrib/netrc.h new file mode 100644 index 000000000..02a5eb09f --- /dev/null +++ b/apt-pkg/contrib/netrc.h @@ -0,0 +1,29 @@ +// -*- mode: cpp; mode: fold -*- +// Description /*{{{*/ +// $Id: netrc.h,v 1.11 2004/01/07 09:19:35 bagder Exp $ +/* ###################################################################### + + netrc file parser - returns the login and password of a give host in + a specified netrc-type file + + Originally written by Daniel Stenberg, , et al. and + placed into the Public Domain, do with it what you will. + + ##################################################################### */ + /*}}}*/ +#ifndef NETRC_H +#define NETRC_H + +#include + +#define DOT_CHAR "." +#define DIR_CHAR "/" + +// Assume: password[0]=0, host[0] != 0. +// If login[0] = 0, search for login and password within a machine section +// in the netrc. +// If login[0] != 0, search for password within machine and login. +int parsenetrc (char *host, char *login, char *password, char *filename); + +void maybe_add_auth (URI &Uri, string NetRCFile); +#endif diff --git a/apt-pkg/init.cc b/apt-pkg/init.cc index 63caade36..2a3dfae74 100644 --- a/apt-pkg/init.cc +++ b/apt-pkg/init.cc @@ -65,6 +65,7 @@ bool pkgInitConfig(Configuration &Cnf) Cnf.Set("Dir::Etc::vendorlist","vendors.list"); Cnf.Set("Dir::Etc::vendorparts","vendors.list.d"); Cnf.Set("Dir::Etc::main","apt.conf"); + Cnf.Set("Dir::ETc::netrc", "auth.conf"); Cnf.Set("Dir::Etc::parts","apt.conf.d"); Cnf.Set("Dir::Etc::preferences","preferences"); Cnf.Set("Dir::Etc::preferencesparts","preferences.d"); diff --git a/apt-pkg/makefile b/apt-pkg/makefile index 92ef58967..26fc9fac5 100644 --- a/apt-pkg/makefile +++ b/apt-pkg/makefile @@ -22,10 +22,10 @@ APT_DOMAIN:=libapt-pkg$(MAJOR) SOURCE = contrib/mmap.cc contrib/error.cc contrib/strutl.cc \ contrib/configuration.cc contrib/progress.cc contrib/cmndline.cc \ contrib/md5.cc contrib/sha1.cc contrib/sha256.cc contrib/hashes.cc \ - contrib/cdromutl.cc contrib/crc-16.cc \ + contrib/cdromutl.cc contrib/crc-16.cc contrib/netrc.cc \ contrib/fileutl.cc -HEADERS = mmap.h error.h configuration.h fileutl.h cmndline.h \ - md5.h crc-16.h cdromutl.h strutl.h sptr.h sha1.h sha256.h hashes.h +HEADERS = mmap.h error.h configuration.h fileutl.h cmndline.h netrc.h\ + md5.h crc-16.h cdromutl.h strutl.h sptr.h sha1.h sha256.h hashes.h # Source code for the core main library SOURCE+= pkgcache.cc version.cc depcache.cc \ diff --git a/doc/examples/configure-index b/doc/examples/configure-index index 5dc7b5246..3c236d7d9 100644 --- a/doc/examples/configure-index +++ b/doc/examples/configure-index @@ -273,6 +273,7 @@ Dir "/" // Config files Etc "etc/apt/" { Main "apt.conf"; + Netrc "auth.conf"; Parts "apt.conf.d/"; Preferences "preferences"; PreferencesParts "preferences.d"; diff --git a/methods/http.cc b/methods/http.cc index 1eba0f279..6bfe80baf 100644 --- a/methods/http.cc +++ b/methods/http.cc @@ -29,6 +29,7 @@ #include #include #include +#include #include #include @@ -42,6 +43,7 @@ #include #include + // Internet stuff #include @@ -49,7 +51,6 @@ #include "connect.h" #include "rfc2553emu.h" #include "http.h" - /*}}}*/ using namespace std; @@ -725,9 +726,11 @@ void HttpMethod::SendReq(FetchItem *Itm,CircleBuf &Out) Base64Encode(Proxy.User + ":" + Proxy.Password) + "\r\n"; if (Uri.User.empty() == false || Uri.Password.empty() == false) + { + maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc")); Req += string("Authorization: Basic ") + Base64Encode(Uri.User + ":" + Uri.Password) + "\r\n"; - + } Req += "User-Agent: Debian APT-HTTP/1.3 ("VERSION")\r\n\r\n"; if (Debug == true) diff --git a/methods/https.cc b/methods/https.cc index 37d93e308..a86c78029 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -14,6 +14,7 @@ #include #include #include +#include #include #include @@ -126,6 +127,8 @@ bool HttpsMethod::Fetch(FetchItem *Itm) curl_easy_reset(curl); SetupProxy(); + maybe_add_auth (Uri, _config->FindFile("Dir::ETc::netrc")); + // callbacks curl_easy_setopt(curl, CURLOPT_URL, Itm->Uri.c_str()); curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_data); diff --git a/po/apt-all.pot b/po/apt-all.pot index a18646290..ec2e73a13 100644 --- a/po/apt-all.pot +++ b/po/apt-all.pot @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2009-07-26 01:10+0200\n" +"POT-Creation-Date: 2009-10-16 15:18+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -989,7 +989,7 @@ msgstr "" msgid "Calculating upgrade... " msgstr "" -#: cmdline/apt-get.cc:1897 methods/ftp.cc:702 methods/connect.cc:112 +#: cmdline/apt-get.cc:1897 methods/ftp.cc:707 methods/connect.cc:112 msgid "Failed" msgstr "" @@ -1281,7 +1281,12 @@ msgstr "" msgid "Error reading archive member header" msgstr "" -#: apt-inst/contrib/arfile.cc:90 apt-inst/contrib/arfile.cc:102 +#: apt-inst/contrib/arfile.cc:90 +#, c-format +msgid "Invalid archive member header %s" +msgstr "" + +#: apt-inst/contrib/arfile.cc:102 msgid "Invalid archive member header" msgstr "" @@ -1381,10 +1386,12 @@ msgstr "" msgid "File %s/%s overwrites the one in the package %s" msgstr "" +#. Only warn if there are no sources.list.d. +#. Only warn if there is no sources.list file. #: apt-inst/extract.cc:464 apt-pkg/contrib/configuration.cc:822 -#: apt-pkg/contrib/cdromutl.cc:157 apt-pkg/sourcelist.cc:163 -#: apt-pkg/sourcelist.cc:169 apt-pkg/sourcelist.cc:324 apt-pkg/acquire.cc:419 -#: apt-pkg/init.cc:89 apt-pkg/init.cc:97 apt-pkg/clean.cc:33 +#: apt-pkg/contrib/cdromutl.cc:157 apt-pkg/sourcelist.cc:166 +#: apt-pkg/sourcelist.cc:172 apt-pkg/sourcelist.cc:327 apt-pkg/acquire.cc:419 +#: apt-pkg/init.cc:90 apt-pkg/init.cc:98 apt-pkg/clean.cc:33 #: apt-pkg/policy.cc:281 apt-pkg/policy.cc:287 #, c-format msgid "Unable to read %s" @@ -1559,147 +1566,147 @@ msgid "Invalid URI, local URIS must not start with //" msgstr "" #. Login must be before getpeername otherwise dante won't work. -#: methods/ftp.cc:162 +#: methods/ftp.cc:167 msgid "Logging in" msgstr "" -#: methods/ftp.cc:168 +#: methods/ftp.cc:173 msgid "Unable to determine the peer name" msgstr "" -#: methods/ftp.cc:173 +#: methods/ftp.cc:178 msgid "Unable to determine the local name" msgstr "" -#: methods/ftp.cc:204 methods/ftp.cc:232 +#: methods/ftp.cc:209 methods/ftp.cc:237 #, c-format msgid "The server refused the connection and said: %s" msgstr "" -#: methods/ftp.cc:210 +#: methods/ftp.cc:215 #, c-format msgid "USER failed, server said: %s" msgstr "" -#: methods/ftp.cc:217 +#: methods/ftp.cc:222 #, c-format msgid "PASS failed, server said: %s" msgstr "" -#: methods/ftp.cc:237 +#: methods/ftp.cc:242 msgid "" "A proxy server was specified but no login script, Acquire::ftp::ProxyLogin " "is empty." msgstr "" -#: methods/ftp.cc:265 +#: methods/ftp.cc:270 #, c-format msgid "Login script command '%s' failed, server said: %s" msgstr "" -#: methods/ftp.cc:291 +#: methods/ftp.cc:296 #, c-format msgid "TYPE failed, server said: %s" msgstr "" -#: methods/ftp.cc:329 methods/ftp.cc:440 methods/rsh.cc:183 methods/rsh.cc:226 +#: methods/ftp.cc:334 methods/ftp.cc:445 methods/rsh.cc:183 methods/rsh.cc:226 msgid "Connection timeout" msgstr "" -#: methods/ftp.cc:335 +#: methods/ftp.cc:340 msgid "Server closed the connection" msgstr "" -#: methods/ftp.cc:338 apt-pkg/contrib/fileutl.cc:541 methods/rsh.cc:190 +#: methods/ftp.cc:343 apt-pkg/contrib/fileutl.cc:541 methods/rsh.cc:190 msgid "Read error" msgstr "" -#: methods/ftp.cc:345 methods/rsh.cc:197 +#: methods/ftp.cc:350 methods/rsh.cc:197 msgid "A response overflowed the buffer." msgstr "" -#: methods/ftp.cc:362 methods/ftp.cc:374 +#: methods/ftp.cc:367 methods/ftp.cc:379 msgid "Protocol corruption" msgstr "" -#: methods/ftp.cc:446 apt-pkg/contrib/fileutl.cc:580 methods/rsh.cc:232 +#: methods/ftp.cc:451 apt-pkg/contrib/fileutl.cc:580 methods/rsh.cc:232 msgid "Write error" msgstr "" -#: methods/ftp.cc:687 methods/ftp.cc:693 methods/ftp.cc:729 +#: methods/ftp.cc:692 methods/ftp.cc:698 methods/ftp.cc:734 msgid "Could not create a socket" msgstr "" -#: methods/ftp.cc:698 +#: methods/ftp.cc:703 msgid "Could not connect data socket, connection timed out" msgstr "" -#: methods/ftp.cc:704 +#: methods/ftp.cc:709 msgid "Could not connect passive socket." msgstr "" -#: methods/ftp.cc:722 +#: methods/ftp.cc:727 msgid "getaddrinfo was unable to get a listening socket" msgstr "" -#: methods/ftp.cc:736 +#: methods/ftp.cc:741 msgid "Could not bind a socket" msgstr "" -#: methods/ftp.cc:740 +#: methods/ftp.cc:745 msgid "Could not listen on the socket" msgstr "" -#: methods/ftp.cc:747 +#: methods/ftp.cc:752 msgid "Could not determine the socket's name" msgstr "" -#: methods/ftp.cc:779 +#: methods/ftp.cc:784 msgid "Unable to send PORT command" msgstr "" -#: methods/ftp.cc:789 +#: methods/ftp.cc:794 #, c-format msgid "Unknown address family %u (AF_*)" msgstr "" -#: methods/ftp.cc:798 +#: methods/ftp.cc:803 #, c-format msgid "EPRT failed, server said: %s" msgstr "" -#: methods/ftp.cc:818 +#: methods/ftp.cc:823 msgid "Data socket connect timed out" msgstr "" -#: methods/ftp.cc:825 +#: methods/ftp.cc:830 msgid "Unable to accept connection" msgstr "" -#: methods/ftp.cc:864 methods/http.cc:991 methods/rsh.cc:303 +#: methods/ftp.cc:869 methods/http.cc:999 methods/rsh.cc:303 msgid "Problem hashing file" msgstr "" -#: methods/ftp.cc:877 +#: methods/ftp.cc:882 #, c-format msgid "Unable to fetch file, server said '%s'" msgstr "" -#: methods/ftp.cc:892 methods/rsh.cc:322 +#: methods/ftp.cc:897 methods/rsh.cc:322 msgid "Data socket timed out" msgstr "" -#: methods/ftp.cc:922 +#: methods/ftp.cc:927 #, c-format msgid "Data transfer failed, server said '%s'" msgstr "" #. Get the files information -#: methods/ftp.cc:997 +#: methods/ftp.cc:1002 msgid "Query" msgstr "" -#: methods/ftp.cc:1109 +#: methods/ftp.cc:1114 msgid "Unable to invoke " msgstr "" @@ -1807,80 +1814,80 @@ msgstr "" msgid "Read error from %s process" msgstr "" -#: methods/http.cc:379 +#: methods/http.cc:385 msgid "Waiting for headers" msgstr "" -#: methods/http.cc:525 +#: methods/http.cc:531 #, c-format msgid "Got a single header line over %u chars" msgstr "" -#: methods/http.cc:533 +#: methods/http.cc:539 msgid "Bad header line" msgstr "" -#: methods/http.cc:552 methods/http.cc:559 +#: methods/http.cc:558 methods/http.cc:565 msgid "The HTTP server sent an invalid reply header" msgstr "" -#: methods/http.cc:588 +#: methods/http.cc:594 msgid "The HTTP server sent an invalid Content-Length header" msgstr "" -#: methods/http.cc:603 +#: methods/http.cc:609 msgid "The HTTP server sent an invalid Content-Range header" msgstr "" -#: methods/http.cc:605 +#: methods/http.cc:611 msgid "This HTTP server has broken range support" msgstr "" -#: methods/http.cc:629 +#: methods/http.cc:635 msgid "Unknown date format" msgstr "" -#: methods/http.cc:782 +#: methods/http.cc:790 msgid "Select failed" msgstr "" -#: methods/http.cc:787 +#: methods/http.cc:795 msgid "Connection timed out" msgstr "" -#: methods/http.cc:810 +#: methods/http.cc:818 msgid "Error writing to output file" msgstr "" -#: methods/http.cc:841 +#: methods/http.cc:849 msgid "Error writing to file" msgstr "" -#: methods/http.cc:869 +#: methods/http.cc:877 msgid "Error writing to the file" msgstr "" -#: methods/http.cc:883 +#: methods/http.cc:891 msgid "Error reading from server. Remote end closed connection" msgstr "" -#: methods/http.cc:885 +#: methods/http.cc:893 msgid "Error reading from server" msgstr "" -#: methods/http.cc:976 apt-pkg/contrib/mmap.cc:215 +#: methods/http.cc:984 apt-pkg/contrib/mmap.cc:215 msgid "Failed to truncate file" msgstr "" -#: methods/http.cc:1141 +#: methods/http.cc:1149 msgid "Bad header data" msgstr "" -#: methods/http.cc:1158 methods/http.cc:1213 +#: methods/http.cc:1166 methods/http.cc:1221 msgid "Connection failed" msgstr "" -#: methods/http.cc:1305 +#: methods/http.cc:1313 msgid "Internal error" msgstr "" @@ -2211,16 +2218,16 @@ msgstr "" msgid "Dependency generation" msgstr "" -#: apt-pkg/depcache.cc:173 apt-pkg/depcache.cc:192 apt-pkg/depcache.cc:196 +#: apt-pkg/depcache.cc:173 apt-pkg/depcache.cc:193 apt-pkg/depcache.cc:197 msgid "Reading state information" msgstr "" -#: apt-pkg/depcache.cc:220 +#: apt-pkg/depcache.cc:223 #, c-format msgid "Failed to open StateFile %s" msgstr "" -#: apt-pkg/depcache.cc:226 +#: apt-pkg/depcache.cc:229 #, c-format msgid "Failed to write temporary StateFile %s" msgstr "" @@ -2260,27 +2267,27 @@ msgstr "" msgid "Malformed line %lu in source list %s (dist parse)" msgstr "" -#: apt-pkg/sourcelist.cc:203 +#: apt-pkg/sourcelist.cc:206 #, c-format msgid "Opening %s" msgstr "" -#: apt-pkg/sourcelist.cc:220 apt-pkg/cdrom.cc:445 +#: apt-pkg/sourcelist.cc:223 apt-pkg/cdrom.cc:445 #, c-format msgid "Line %u too long in source list %s." msgstr "" -#: apt-pkg/sourcelist.cc:240 +#: apt-pkg/sourcelist.cc:243 #, c-format msgid "Malformed line %u in source list %s (type)" msgstr "" -#: apt-pkg/sourcelist.cc:244 +#: apt-pkg/sourcelist.cc:247 #, c-format msgid "Type '%s' is not known on line %u in source list %s" msgstr "" -#: apt-pkg/sourcelist.cc:252 apt-pkg/sourcelist.cc:255 +#: apt-pkg/sourcelist.cc:255 apt-pkg/sourcelist.cc:258 #, c-format msgid "Malformed line %u in source list %s (vendor id)" msgstr "" @@ -2357,12 +2364,12 @@ msgstr "" msgid "Please insert the disc labeled: '%s' in the drive '%s' and press enter." msgstr "" -#: apt-pkg/init.cc:132 +#: apt-pkg/init.cc:133 #, c-format msgid "Packaging system '%s' is not supported" msgstr "" -#: apt-pkg/init.cc:148 +#: apt-pkg/init.cc:149 msgid "Unable to determine a suitable packaging system type" msgstr "" @@ -2719,11 +2726,11 @@ msgstr "" msgid "Completely removed %s" msgstr "" -#: apt-pkg/deb/dpkgpm.cc:820 +#: apt-pkg/deb/dpkgpm.cc:822 msgid "Can not write log, openpty() failed (/dev/pts not mounted?)\n" msgstr "" -#: apt-pkg/deb/dpkgpm.cc:848 +#: apt-pkg/deb/dpkgpm.cc:851 msgid "Running dpkg" msgstr "" -- cgit v1.2.3-70-g09d2 From 1de1f70383ea2d44147ccaceff280fd70faf4c81 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 16 Oct 2009 15:42:05 +0200 Subject: add maybe_add_auth for ftp as well --- methods/ftp.cc | 4 +++- methods/http.cc | 2 +- methods/https.cc | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) (limited to 'methods/https.cc') diff --git a/methods/ftp.cc b/methods/ftp.cc index c91600ad5..eb398666f 100644 --- a/methods/ftp.cc +++ b/methods/ftp.cc @@ -982,7 +982,9 @@ bool FtpMethod::Fetch(FetchItem *Itm) FetchResult Res; Res.Filename = Itm->DestFile; Res.IMSHit = false; - + + maybe_add_auth (Get, _config->FindFile("Dir::Etc::netrc")); + // Connect to the server if (Server == 0 || Server->Comp(Get) == false) { diff --git a/methods/http.cc b/methods/http.cc index 6bfe80baf..50478b44c 100644 --- a/methods/http.cc +++ b/methods/http.cc @@ -725,9 +725,9 @@ void HttpMethod::SendReq(FetchItem *Itm,CircleBuf &Out) Req += string("Proxy-Authorization: Basic ") + Base64Encode(Proxy.User + ":" + Proxy.Password) + "\r\n"; + maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc")); if (Uri.User.empty() == false || Uri.Password.empty() == false) { - maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc")); Req += string("Authorization: Basic ") + Base64Encode(Uri.User + ":" + Uri.Password) + "\r\n"; } diff --git a/methods/https.cc b/methods/https.cc index a86c78029..075d655b7 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -127,7 +127,7 @@ bool HttpsMethod::Fetch(FetchItem *Itm) curl_easy_reset(curl); SetupProxy(); - maybe_add_auth (Uri, _config->FindFile("Dir::ETc::netrc")); + maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc")); // callbacks curl_easy_setopt(curl, CURLOPT_URL, Itm->Uri.c_str()); -- cgit v1.2.3-70-g09d2 From 43cf55db7c2ce7015d365556ed9ab0b8b2cec3ca Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 17 Nov 2009 09:51:31 -0600 Subject: * methods/https.cc: - fix incorrect use of CURLOPT_TIMEOUT, closes: #497983, LP: #354972 thanks to Brian Thomason for the patch --- debian/changelog | 3 +++ methods/https.cc | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) (limited to 'methods/https.cc') diff --git a/debian/changelog b/debian/changelog index 15b6eb106..417cd2436 100644 --- a/debian/changelog +++ b/debian/changelog @@ -9,6 +9,9 @@ apt (0.7.22.4) unstable; urgency=low * apt-pkg/packagemanager.cc: - add output about pre-depends configuring when debug::pkgPackageManager is used + * methods/https.cc: + - fix incorrect use of CURLOPT_TIMEOUT, closes: #497983, LP: #354972 + thanks to Brian Thomason for the patch [ Brian Murray ] * apt-pkg/depcache.cc, apt-pkg/indexcopy.cc: diff --git a/methods/https.cc b/methods/https.cc index 37d93e308..3cbb0088a 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -212,8 +212,11 @@ bool HttpsMethod::Fetch(FetchItem *Itm) // set timeout int timeout = _config->FindI("Acquire::http::Timeout",120); - curl_easy_setopt(curl, CURLOPT_TIMEOUT, timeout); curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, timeout); + //set really low lowspeed timeout (see #497983) + int dlMin = 1; + curl_easy_setopt(curl, CURLOPT_LOW_SPEED_LIMIT, dlMin); + curl_easy_setopt(curl, CURLOPT_LOW_SPEED_TIME, timeout); // set redirect options and default to 10 redirects bool AllowRedirect = _config->FindI("Acquire::https::AllowRedirect", true); -- cgit v1.2.3-70-g09d2 From 5085e660679cdbb51783702898c42000d5db4fba Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 17 Nov 2009 09:55:22 -0600 Subject: methods/https.cc: cleanup for CURLOPT_LOW_SPEED_TIME --- methods/https.cc | 3 +-- methods/https.h | 2 ++ 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'methods/https.cc') diff --git a/methods/https.cc b/methods/https.cc index 3cbb0088a..dbc1cf52c 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -214,8 +214,7 @@ bool HttpsMethod::Fetch(FetchItem *Itm) int timeout = _config->FindI("Acquire::http::Timeout",120); curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, timeout); //set really low lowspeed timeout (see #497983) - int dlMin = 1; - curl_easy_setopt(curl, CURLOPT_LOW_SPEED_LIMIT, dlMin); + curl_easy_setopt(curl, CURLOPT_LOW_SPEED_LIMIT, DL_MIN_SPEED); curl_easy_setopt(curl, CURLOPT_LOW_SPEED_TIME, timeout); // set redirect options and default to 10 redirects diff --git a/methods/https.h b/methods/https.h index 2c33d95ee..3f0c416b6 100644 --- a/methods/https.h +++ b/methods/https.h @@ -24,6 +24,8 @@ class HttpsMethod; class HttpsMethod : public pkgAcqMethod { + // minimum speed in bytes/se that triggers download timeout handling + static const int DL_MIN_SPEED = 10; virtual bool Fetch(FetchItem *); static size_t write_data(void *buffer, size_t size, size_t nmemb, void *userp); -- cgit v1.2.3-70-g09d2 From 01fc89305c7b5fc52d719c6898a9fdf03abf3ce6 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 4 Dec 2009 10:22:56 +0100 Subject: * apt-pkg/contrib/netrc.cc: - check for hostname and then host+path - better debug output * methods/https.cc: - fix bug in netrc integration --- apt-pkg/contrib/netrc.cc | 34 +++++++++++++++++++++++++++------- methods/https.cc | 2 +- 2 files changed, 28 insertions(+), 8 deletions(-) (limited to 'methods/https.cc') diff --git a/apt-pkg/contrib/netrc.cc b/apt-pkg/contrib/netrc.cc index 186527306..91fc7dfd7 100644 --- a/apt-pkg/contrib/netrc.cc +++ b/apt-pkg/contrib/netrc.cc @@ -13,6 +13,7 @@ /*}}}*/ #include +#include #include #include #include @@ -148,25 +149,44 @@ int parsenetrc (char *host, char *login, char *password, char *netrcfile = NULL) void maybe_add_auth (URI &Uri, string NetRCFile) { if (_config->FindB("Debug::Acquire::netrc", false) == true) - std::clog << "maybe_add_auth: " << NetRCFile << std::endl; + std::clog << "maybe_add_auth: " << (string)Uri + << " " << NetRCFile << std::endl; if (Uri.Password.empty () == true || Uri.User.empty () == true) { if (NetRCFile.empty () == false) { char login[64] = ""; char password[64] = ""; - char *netrcfile = strdup (NetRCFile.c_str ()); - char *host = strdup (Uri.Host.c_str ()); + char *netrcfile = strdupa (NetRCFile.c_str ()); - if (host && 0 == parsenetrc (host, login, password, netrcfile)) + // first check for a generic host based netrc entry + char *host = strdupa (Uri.Host.c_str ()); + if (host && parsenetrc (host, login, password, netrcfile) == 0) { + if (_config->FindB("Debug::Acquire::netrc", false) == true) + std::clog << "host: " << host + << " user: " << login + << " pass-size: " << strlen(password) + << std::endl; Uri.User = string (login); Uri.Password = string (password); + return; } - if (host) - free (host); - free (netrcfile); + // if host did not work, try Host+Path next + // FIXME: with host+path we need to match url.startswith(host+path) + char *hostpath = strdupa (flNotFile(Uri.Host+Uri.Path).c_str ()); + if (hostpath && parsenetrc (hostpath, login, password, netrcfile) == 0) + { + if (_config->FindB("Debug::Acquire::netrc", false) == true) + std::clog << "hostpath: " << hostpath + << " user: " << login + << " pass-size: " << strlen(password) + << std::endl; + Uri.User = string (login); + Uri.Password = string (password); + return; + } } } } diff --git a/methods/https.cc b/methods/https.cc index 075d655b7..585e13848 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -130,7 +130,7 @@ bool HttpsMethod::Fetch(FetchItem *Itm) maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc")); // callbacks - curl_easy_setopt(curl, CURLOPT_URL, Itm->Uri.c_str()); + curl_easy_setopt(curl, CURLOPT_URL, static_cast(Uri).c_str()); curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_data); curl_easy_setopt(curl, CURLOPT_WRITEDATA, this); curl_easy_setopt(curl, CURLOPT_PROGRESSFUNCTION, progress_callback); -- cgit v1.2.3-70-g09d2 From 9f542bae2b3620887345ebc3e61970f8903123a0 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 11 Dec 2009 00:32:01 +0100 Subject: add config setting for User-Agent in http and https to the Acquire group, thanks Timothy J. Miller! (Closes: #355782) --- debian/changelog | 3 +++ doc/apt.conf.5.xml | 7 ++++++- doc/examples/configure-index | 3 +++ methods/http.cc | 3 ++- methods/https.cc | 5 ++++- 5 files changed, 18 insertions(+), 3 deletions(-) (limited to 'methods/https.cc') diff --git a/debian/changelog b/debian/changelog index c54fb431b..0cfd36c00 100644 --- a/debian/changelog +++ b/debian/changelog @@ -94,6 +94,9 @@ apt (0.7.25) UNRELEASED; urgency=low - rewrite to be able to handle even big patch files - adopt optional mmap+iovec patch from Morten Hustveit (Closes: #463354) which should speed up a bit. Thanks! + * methods/http{,s}.cc + - add config setting for User-Agent to the Acquire group, + thanks Timothy J. Miller! (Closes: #355782) [ Chris Leick ] * doc/ various manpages: diff --git a/doc/apt.conf.5.xml b/doc/apt.conf.5.xml index e2db9defb..726bca2cc 100644 --- a/doc/apt.conf.5.xml +++ b/doc/apt.conf.5.xml @@ -275,7 +275,12 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";}; The used bandwidth can be limited with Acquire::http::Dl-Limit which accepts integer values in kilobyte. The default value is 0 which deactivates the limit and tries uses as much as possible of the bandwidth (Note that this option implicit - deactivates the download from multiple servers at the same time.) + deactivates the download from multiple servers at the same time.) + + Acquire::http::User-Agent can be used to set a different + User-Agent for the http download method as some proxies allow access for clients + only if the client uses a known identifier. + https diff --git a/doc/examples/configure-index b/doc/examples/configure-index index f5f996460..333c8df7e 100644 --- a/doc/examples/configure-index +++ b/doc/examples/configure-index @@ -191,6 +191,7 @@ Acquire Max-Age "86400"; // 1 Day age on index files No-Store "false"; // Prevent the cache from storing archives Dl-Limit "7"; // 7Kb/sec maximum download rate + User-Agent "Debian APT-HTTP/1.3"; }; // HTTPS method configuration: @@ -204,6 +205,8 @@ Acquire CaPath "/etc/ssl/certs"; Verify-Host" "true"; AllowRedirect "true"; + + User-Agent "Debian APT-CURL/1.0"; }; ftp diff --git a/methods/http.cc b/methods/http.cc index 3b210f6b6..2dae87a02 100644 --- a/methods/http.cc +++ b/methods/http.cc @@ -731,7 +731,8 @@ void HttpMethod::SendReq(FetchItem *Itm,CircleBuf &Out) Req += string("Authorization: Basic ") + Base64Encode(Uri.User + ":" + Uri.Password) + "\r\n"; } - Req += "User-Agent: Debian APT-HTTP/1.3 ("VERSION")\r\n\r\n"; + Req += "User-Agent: " + _config->Find("Acquire::http::User-Agent", + "Debian APT-HTTP/1.3 ("VERSION")") + "\r\n\r\n"; if (Debug == true) cerr << Req << endl; diff --git a/methods/https.cc b/methods/https.cc index 86d7f3a6b..a4f39c379 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -211,7 +211,10 @@ bool HttpsMethod::Fetch(FetchItem *Itm) curl_easy_setopt(curl, CURLOPT_MAX_RECV_SPEED_LARGE, dlLimit); // set header - curl_easy_setopt(curl, CURLOPT_USERAGENT,"Debian APT-CURL/1.0 ("VERSION")"); + curl_easy_setopt(curl, CURLOPT_USERAGENT, + _config->Find("Acquire::https::User-Agent", + _config->Find("Acquire::http::User-Agent", + "Debian APT-CURL/1.0 ("VERSION")"))); // set timeout int timeout = _config->FindI("Acquire::http::Timeout",120); -- cgit v1.2.3-70-g09d2 From b9e9a44b3377cae2fb9aca3210f379ae1cb802ba Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 11 Dec 2009 00:38:13 +0100 Subject: add https options which default to the ones from http for the https method as this is more sane than using only the http options without a possibility to override these for https. --- debian/changelog | 2 + doc/apt.conf.5.xml | 8 ++-- doc/examples/configure-index | 33 ++++++++++---- methods/https.cc | 100 +++++++++++++++++++------------------------ 4 files changed, 76 insertions(+), 67 deletions(-) (limited to 'methods/https.cc') diff --git a/debian/changelog b/debian/changelog index 0cfd36c00..e930de0dd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -56,6 +56,7 @@ apt (0.7.25) UNRELEASED; urgency=low * doc/po4a.conf: activate translation of guide.sgml and offline.sgml * doc/apt.conf.5.xml: - provide a few more details about APT::Immediate-Configure + - briefly document the behaviour of the new https options * doc/sources.list.5.xml: - add note about additional apt-transport-methods * doc/apt-mark.8.xml: @@ -97,6 +98,7 @@ apt (0.7.25) UNRELEASED; urgency=low * methods/http{,s}.cc - add config setting for User-Agent to the Acquire group, thanks Timothy J. Miller! (Closes: #355782) + - add https options which default to http ones (Closes: #557085) [ Chris Leick ] * doc/ various manpages: diff --git a/doc/apt.conf.5.xml b/doc/apt.conf.5.xml index 726bca2cc..d7ad51cfb 100644 --- a/doc/apt.conf.5.xml +++ b/doc/apt.conf.5.xml @@ -284,9 +284,11 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";}; https - HTTPS URIs. Cache-control and proxy options are the same as for - http method. - Pipeline-Depth option is not supported yet. + HTTPS URIs. Cache-control, Timeout, AllowRedirect, Dl-Limit and + proxy options are the same as for http method and will also + default to the options from the http method if they are not + explicitly set for https. Pipeline-Depth option is not + supported yet. CaInfo suboption specifies place of file that holds info about trusted certificates. diff --git a/doc/examples/configure-index b/doc/examples/configure-index index 333c8df7e..ced390447 100644 --- a/doc/examples/configure-index +++ b/doc/examples/configure-index @@ -194,19 +194,34 @@ Acquire User-Agent "Debian APT-HTTP/1.3"; }; - // HTTPS method configuration: - // - uses the http proxy config - // - uses the http cache-control values - // - uses the http Dl-Limit values - https + + + // HTTPS method configuration: uses the http + // - proxy config + // - cache-control values + // - Dl-Limit, Timout, ... values + // if not set explicit for https + // + // see /usr/share/doc/apt/examples/apt-https-method-example.conf.gz + // for more examples + https { Verify-Peer "false"; SslCert "/etc/apt/some.pem"; - CaPath "/etc/ssl/certs"; - Verify-Host" "true"; - AllowRedirect "true"; + CaPath "/etc/ssl/certs"; + Verify-Host" "true"; + AllowRedirect "true"; + + Timeout "120"; + AllowRedirect "true"; + + // Cache Control. Note these do not work with Squid 2.0.2 + No-Cache "false"; + Max-Age "86400"; // 1 Day age on index files + No-Store "false"; // Prevent the cache from storing archives + Dl-Limit "7"; // 7Kb/sec maximum download rate - User-Agent "Debian APT-CURL/1.0"; + User-Agent "Debian APT-CURL/1.0"; }; ftp diff --git a/methods/https.cc b/methods/https.cc index a4f39c379..ed1f18150 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -1,4 +1,4 @@ -// -*- mode: cpp; mode: fold -*- +//-*- mode: cpp; mode: fold -*- // Description /*{{{*/ // $Id: http.cc,v 1.59 2004/05/08 19:42:35 mdz Exp $ /* ###################################################################### @@ -57,54 +57,38 @@ HttpsMethod::progress_callback(void *clientp, double dltotal, double dlnow, return 0; } -void HttpsMethod::SetupProxy() -{ - URI ServerName = Queue->Uri; - - // Determine the proxy setting - string SpecificProxy = _config->Find("Acquire::http::Proxy::" + ServerName.Host); - if (!SpecificProxy.empty()) - { - if (SpecificProxy == "DIRECT") - Proxy = ""; - else - Proxy = SpecificProxy; - } - else - { - string DefProxy = _config->Find("Acquire::http::Proxy"); - if (!DefProxy.empty()) - { - Proxy = DefProxy; - } - else - { - char* result = getenv("http_proxy"); - Proxy = result ? result : ""; - } - } - - // Parse no_proxy, a , separated list of domains - if (getenv("no_proxy") != 0) - { - if (CheckDomainList(ServerName.Host,getenv("no_proxy")) == true) - Proxy = ""; - } - - // Determine what host and port to use based on the proxy settings - string Host; - if (Proxy.empty() == true || Proxy.Host.empty() == true) - { - } - else - { - if (Proxy.Port != 0) - curl_easy_setopt(curl, CURLOPT_PROXYPORT, Proxy.Port); - curl_easy_setopt(curl, CURLOPT_PROXY, Proxy.Host.c_str()); - } -} - - +void HttpsMethod::SetupProxy() { /*{{{*/ + URI ServerName = Queue->Uri; + + // Determine the proxy setting - try https first, fallback to http and use env at last + string UseProxy = _config->Find("Acquire::https::Proxy::" + ServerName.Host, + _config->Find("Acquire::http::Proxy::" + ServerName.Host)); + + if (UseProxy.empty() == true) + UseProxy = _config->Find("Acquire::https::Proxy", _config->Find("Acquire::http::Proxy")); + + // User want to use NO proxy, so nothing to setup + if (UseProxy == "DIRECT") + return; + + if (UseProxy.empty() == false) { + // Parse no_proxy, a comma (,) separated list of domains we don't want to use + // a proxy for so we stop right here if it is in the list + if (getenv("no_proxy") != 0 && CheckDomainList(ServerName.Host,getenv("no_proxy")) == true) + return; + } else { + const char* result = getenv("http_proxy"); + UseProxy = result == NULL ? "" : result; + } + + // Determine what host and port to use based on the proxy settings + if (UseProxy.empty() == false) { + Proxy = UseProxy; + if (Proxy.Port != 1) + curl_easy_setopt(curl, CURLOPT_PROXYPORT, Proxy.Port); + curl_easy_setopt(curl, CURLOPT_PROXY, Proxy.Host.c_str()); + } +} /*}}}*/ // HttpsMethod::Fetch - Fetch an item /*{{{*/ // --------------------------------------------------------------------- /* This adds an item to the pipeline. We keep the pipeline at a fixed @@ -191,12 +175,15 @@ bool HttpsMethod::Fetch(FetchItem *Itm) curl_easy_setopt(curl, CURLOPT_SSLVERSION, final_version); // cache-control - if(_config->FindB("Acquire::http::No-Cache",false) == false) + if(_config->FindB("Acquire::https::No-Cache", + _config->FindB("Acquire::http::No-Cache",false)) == false) { // cache enabled - if (_config->FindB("Acquire::http::No-Store",false) == true) + if (_config->FindB("Acquire::https::No-Store", + _config->FindB("Acquire::http::No-Store",false)) == true) headers = curl_slist_append(headers,"Cache-Control: no-store"); - ioprintf(ss, "Cache-Control: max-age=%u", _config->FindI("Acquire::http::Max-Age",0)); + ioprintf(ss, "Cache-Control: max-age=%u", _config->FindI("Acquire::https::Max-Age", + _config->FindI("Acquire::http::Max-Age",0))); headers = curl_slist_append(headers, ss.str().c_str()); } else { // cache disabled by user @@ -206,7 +193,8 @@ bool HttpsMethod::Fetch(FetchItem *Itm) curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); // speed limit - int dlLimit = _config->FindI("Acquire::http::Dl-Limit",0)*1024; + int dlLimit = _config->FindI("Acquire::https::Dl-Limit", + _config->FindI("Acquire::http::Dl-Limit",0))*1024; if (dlLimit > 0) curl_easy_setopt(curl, CURLOPT_MAX_RECV_SPEED_LARGE, dlLimit); @@ -217,14 +205,16 @@ bool HttpsMethod::Fetch(FetchItem *Itm) "Debian APT-CURL/1.0 ("VERSION")"))); // set timeout - int timeout = _config->FindI("Acquire::http::Timeout",120); + int timeout = _config->FindI("Acquire::https::Timeout", + _config->FindI("Acquire::http::Timeout",120)); curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, timeout); //set really low lowspeed timeout (see #497983) curl_easy_setopt(curl, CURLOPT_LOW_SPEED_LIMIT, DL_MIN_SPEED); curl_easy_setopt(curl, CURLOPT_LOW_SPEED_TIME, timeout); // set redirect options and default to 10 redirects - bool AllowRedirect = _config->FindI("Acquire::https::AllowRedirect", true); + bool AllowRedirect = _config->FindB("Acquire::https::AllowRedirect", + _config->FindB("Acquire::http::AllowRedirect",true)); curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, AllowRedirect); curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 10); -- cgit v1.2.3-70-g09d2 From e4c2981b6ecb3c506d8470d4ce39fb8af29339c7 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 11 Dec 2009 12:45:04 +0100 Subject: fix the backport of the https methods as they would require an ABI break otherwise in the Configuration class. --- methods/https.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'methods/https.cc') diff --git a/methods/https.cc b/methods/https.cc index ed1f18150..ad21ef0d3 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -62,10 +62,10 @@ void HttpsMethod::SetupProxy() { /*{{{*/ // Determine the proxy setting - try https first, fallback to http and use env at last string UseProxy = _config->Find("Acquire::https::Proxy::" + ServerName.Host, - _config->Find("Acquire::http::Proxy::" + ServerName.Host)); + _config->Find("Acquire::http::Proxy::" + ServerName.Host).c_str()); if (UseProxy.empty() == true) - UseProxy = _config->Find("Acquire::https::Proxy", _config->Find("Acquire::http::Proxy")); + UseProxy = _config->Find("Acquire::https::Proxy", _config->Find("Acquire::http::Proxy").c_str()); // User want to use NO proxy, so nothing to setup if (UseProxy == "DIRECT") @@ -202,7 +202,7 @@ bool HttpsMethod::Fetch(FetchItem *Itm) curl_easy_setopt(curl, CURLOPT_USERAGENT, _config->Find("Acquire::https::User-Agent", _config->Find("Acquire::http::User-Agent", - "Debian APT-CURL/1.0 ("VERSION")"))); + "Debian APT-CURL/1.0 ("VERSION")").c_str()).c_str()); // set timeout int timeout = _config->FindI("Acquire::https::Timeout", -- cgit v1.2.3-70-g09d2