From 5b63d2a9a2e088bb7df7c703e9452af7efc88210 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 8 May 2013 17:50:15 +0200 Subject: merged patch from Daniel Hartwig to fix URI and proxy releated issues --- apt-pkg/contrib/strutl.cc | 9 +++++---- debian/changelog | 17 +++++++++++++++++ methods/http.cc | 14 +++++++------- methods/https.cc | 20 +++++++++++++++++++- .../test-bug-595691-empty-and-broken-archive-files | 14 +++++++------- test/integration/test-releasefile-verification | 4 ++-- test/libapt/uri_test.cc | 8 ++++++++ 7 files changed, 65 insertions(+), 21 deletions(-) diff --git a/apt-pkg/contrib/strutl.cc b/apt-pkg/contrib/strutl.cc index 03b98e93..f4dd3407 100644 --- a/apt-pkg/contrib/strutl.cc +++ b/apt-pkg/contrib/strutl.cc @@ -1483,9 +1483,12 @@ URI::operator string() if (User.empty() == false) { - Res += User; + // FIXME: Technically userinfo is permitted even less + // characters than these, but this is not conveniently + // expressed with a blacklist. + Res += QuoteString(User, ":/?#[]@"); if (Password.empty() == false) - Res += ":" + Password; + Res += ":" + QuoteString(Password, ":/?#[]@"); Res += "@"; } @@ -1524,7 +1527,6 @@ string URI::SiteOnly(const string &URI) U.User.clear(); U.Password.clear(); U.Path.clear(); - U.Port = 0; return U; } /*}}}*/ @@ -1536,7 +1538,6 @@ string URI::NoUserPassword(const string &URI) ::URI U(URI); U.User.clear(); U.Password.clear(); - U.Port = 0; return U; } /*}}}*/ diff --git a/debian/changelog b/debian/changelog index 182596b6..d5ae8448 100644 --- a/debian/changelog +++ b/debian/changelog @@ -50,6 +50,23 @@ apt (0.9.8) UNRELEASED; urgency=low [ Manpages translations ] * French translation completed (Christian Perrier) + [ Daniel Hartwig ] + * apt-pkg/contrib/strutl.cc: + - include port in shortened URIs (e.g. with apt-cache policy, progress + display) thanks to James McCoy (Closes: #154868, #322074) + - percent-encode username and password when writing URIs + * methods/http.cc: + - properly escape IP-literals (e.g. IPv6 address) when building + Host headers and URIs (Closes: #620344) + * methods/https.cc: + - use https_proxy environment variable if present, falling back to + http_proxy otherwise + - use authentication credentials from proxy URI + (Closes: #651640, LP: #1087512) + - environment variables do not override an explicit no proxy + directive ("DIRECT") in apt.conf + - disregard all_proxy environment variable, like other methods + -- Michael Vogt Mon, 08 Apr 2013 08:43:21 +0200 apt (0.9.7.9~exp2) experimental; urgency=low diff --git a/methods/http.cc b/methods/http.cc index fddf8a78..db1085a2 100644 --- a/methods/http.cc +++ b/methods/http.cc @@ -667,7 +667,12 @@ void HttpMethod::SendReq(FetchItem *Itm,CircleBuf &Out) // The HTTP server expects a hostname with a trailing :port char Buf[1000]; - string ProperHost = Uri.Host; + string ProperHost; + + if (Uri.Host.find(':') != string::npos) + ProperHost = '[' + Uri.Host + ']'; + else + ProperHost = Uri.Host; if (Uri.Port != 0) { sprintf(Buf,":%u",Uri.Port); @@ -975,12 +980,7 @@ HttpMethod::DealWithHeaders(FetchResult &Res,ServerState *Srv) { URI Uri = Queue->Uri; if (Uri.Host.empty() == false) - { - if (Uri.Port != 0) - strprintf(NextURI, "http://%s:%u", Uri.Host.c_str(), Uri.Port); - else - NextURI = "http://" + Uri.Host; - } + NextURI = URI::SiteOnly(Uri); else NextURI.clear(); NextURI.append(DeQuoteString(Srv->Location)); diff --git a/methods/https.cc b/methods/https.cc index b44642ab..84ce2d68 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -63,6 +63,12 @@ void HttpsMethod::SetupProxy() /*{{{*/ { URI ServerName = Queue->Uri; + // Curl should never read proxy settings from the environment, as + // we determine which proxy to use. Do this for consistency among + // methods and prevent an environment variable overriding a + // no-proxy ("DIRECT") setting in apt.conf. + curl_easy_setopt(curl, CURLOPT_PROXY, ""); + // Determine the proxy setting - try https first, fallback to http and use env at last string UseProxy = _config->Find("Acquire::https::Proxy::" + ServerName.Host, _config->Find("Acquire::http::Proxy::" + ServerName.Host).c_str()); @@ -81,7 +87,14 @@ void HttpsMethod::SetupProxy() /*{{{*/ if (getenv("no_proxy") != 0 && CheckDomainList(ServerName.Host,getenv("no_proxy")) == true) return; } else { - const char* result = getenv("http_proxy"); + const char* result = getenv("https_proxy"); + // FIXME: Fall back to http_proxy is to remain compatible with + // existing setups and behaviour of apt.conf. This should be + // deprecated in the future (including apt.conf). Most other + // programs do not fall back to http proxy settings and neither + // should Apt. + if (result == NULL) + result = getenv("http_proxy"); UseProxy = result == NULL ? "" : result; } @@ -92,6 +105,11 @@ void HttpsMethod::SetupProxy() /*{{{*/ if (Proxy.Port != 1) curl_easy_setopt(curl, CURLOPT_PROXYPORT, Proxy.Port); curl_easy_setopt(curl, CURLOPT_PROXY, Proxy.Host.c_str()); + if (Proxy.User.empty() == false || Proxy.Password.empty() == false) + { + curl_easy_setopt(curl, CURLOPT_PROXYUSERNAME, Proxy.User.c_str()); + curl_easy_setopt(curl, CURLOPT_PROXYPASSWORD, Proxy.Password.c_str()); + } } } /*}}}*/ // HttpsMethod::Fetch - Fetch an item /*{{{*/ diff --git a/test/integration/test-bug-595691-empty-and-broken-archive-files b/test/integration/test-bug-595691-empty-and-broken-archive-files index 4611b8b8..a05ed5fa 100755 --- a/test/integration/test-bug-595691-empty-and-broken-archive-files +++ b/test/integration/test-bug-595691-empty-and-broken-archive-files @@ -103,23 +103,23 @@ testoverhttp() { setupcompressor "$1" createemptyfile 'en' - testaptgetupdate "Get: http://localhost Packages [] -Get: http://localhost Translation-en + testaptgetupdate "Get: http://localhost:8080 Packages [] +Get: http://localhost:8080 Translation-en Reading package lists..." "empty file en.$COMPRESS over http" createemptyarchive 'en' - testaptgetupdate "Get: http://localhost Packages [] -Get: http://localhost Translation-en [] + testaptgetupdate "Get: http://localhost:8080 Packages [] +Get: http://localhost:8080 Translation-en [] Reading package lists..." "empty archive en.$COMPRESS over http" createemptyarchive 'Packages' - testaptgetupdate "Get: http://localhost Packages [] + testaptgetupdate "Get: http://localhost:8080 Packages [] Reading package lists..." "empty archive Packages.$COMPRESS over http" createemptyfile 'Packages' #FIXME: we should response with a good error message instead - testaptgetupdate "Get: http://localhost Packages -Err http://localhost Packages + testaptgetupdate "Get: http://localhost:8080 Packages +Err http://localhost:8080 Packages Empty files can't be valid archives W: Failed to fetch ${COMPRESSOR}:$(readlink -f rootdir/var/lib/apt/lists/partial/localhost:8080_Packages) Empty files can't be valid archives diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index 01fb2e52..fba7ab29 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -37,7 +37,7 @@ The following NEW packages will be installed: apt 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. After this operation, 5370 kB of additional disk space will be used. -Get:1 http://localhost/ apt 0.7.25.3 +Get:1 http://localhost:8080/ apt 0.7.25.3 Download complete and in download only mode' aptget install apt -dy } @@ -50,7 +50,7 @@ The following NEW packages will be installed: apt 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. After this operation, 5808 kB of additional disk space will be used. -Get:1 http://localhost/ apt 0.8.0~pre1 +Get:1 http://localhost:8080/ apt 0.8.0~pre1 Download complete and in download only mode' aptget install apt -dy } diff --git a/test/libapt/uri_test.cc b/test/libapt/uri_test.cc index 99bb3067..16fde503 100644 --- a/test/libapt/uri_test.cc +++ b/test/libapt/uri_test.cc @@ -108,5 +108,13 @@ int main() { equals("/debian/", U.Path); } + // Percent-encoding. + { + URI U("ftp://foo:b%40r@example.org"); + equals("foo", U.User); + equals("b@r", U.Password); + equals("ftp://foo:b%40r@example.org", (std::string) U); + } + return 0; } -- cgit v1.2.3