summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulian Andres Klode <julian.klode@canonical.com>2019-02-05 16:57:47 +0100
committerJulian Andres Klode <julian.klode@canonical.com>2019-03-01 11:40:32 +0000
commit25c024910b4c051461a9842d9fe0efc04748c908 (patch)
treeda0c02a6438077a575081f3449b3e91d01a5e7bc
parent54e1ee73059bbad881908028abce574039ec77b9 (diff)
Add support for /etc/apt/auth.conf.d/*.conf (netrcparts)
This allows us to install matching auth files for sources.list.d files, for example; very useful. This converts aptmethod's authfd from one FileFd to a vector of pointers to FileFd, as FileFd cannot be copied, and move operators are hard. (parts cherry-picked from commit feed3ec105cd6be7b5d23da14c6cfca8572ee725) LP: #1811120 TODO: test/integration/test-authentication-basic is missing, what to do?
-rw-r--r--apt-pkg/init.cc1
-rw-r--r--methods/ftp.cc17
-rw-r--r--methods/http.cc18
-rw-r--r--methods/https.cc16
4 files changed, 52 insertions, 0 deletions
diff --git a/apt-pkg/init.cc b/apt-pkg/init.cc
index 241628632..cbfa13722 100644
--- a/apt-pkg/init.cc
+++ b/apt-pkg/init.cc
@@ -66,6 +66,7 @@ bool pkgInitConfig(Configuration &Cnf)
Cnf.CndSet("Dir::Etc::vendorparts","vendors.list.d");
Cnf.CndSet("Dir::Etc::main","apt.conf");
Cnf.CndSet("Dir::Etc::netrc", "auth.conf");
+ Cnf.CndSet("Dir::Etc::netrcparts", "auth.conf.d");
Cnf.CndSet("Dir::Etc::parts","apt.conf.d");
Cnf.CndSet("Dir::Etc::preferences","preferences");
Cnf.CndSet("Dir::Etc::preferencesparts","preferences.d");
diff --git a/methods/ftp.cc b/methods/ftp.cc
index 66787a7be..5bcdfd803 100644
--- a/methods/ftp.cc
+++ b/methods/ftp.cc
@@ -994,6 +994,23 @@ bool FtpMethod::Fetch(FetchItem *Itm)
Res.IMSHit = false;
maybe_add_auth (Get, _config->FindFile("Dir::Etc::netrc"));
+ if(Get.User.empty() || Get.Password.empty())
+ {
+ std::string const netrcparts = _config->FindDir("Dir::Etc::netrcparts");
+ if (not netrcparts.empty())
+ {
+ _error->PushToStack();
+ std::vector<std::string> files = GetListOfFilesInDir(netrcparts, "conf", true, true);
+ for (std::vector<std::string>::const_iterator netrc = files.begin(); netrc != files.end(); netrc++)
+ {
+ maybe_add_auth (Get, *netrc);
+ if (Get.User.empty() == false || Get.Password.empty() == false)
+ break;
+ }
+ _error->RevertToStack();
+ }
+ }
+
// Connect to the server
if (Server == 0 || Server->Comp(Get) == false)
diff --git a/methods/http.cc b/methods/http.cc
index d3a5d718f..5f5cd2631 100644
--- a/methods/http.cc
+++ b/methods/http.cc
@@ -758,7 +758,25 @@ void HttpMethod::SendReq(FetchItem *Itm)
Req += string("Proxy-Authorization: Basic ") +
Base64Encode(Server->Proxy.User + ":" + Server->Proxy.Password) + "\r\n";
+
maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc"));
+ if(Uri.User.empty() || Uri.Password.empty())
+ {
+ std::string const netrcparts = _config->FindDir("Dir::Etc::netrcparts");
+ if (not netrcparts.empty())
+ {
+ _error->PushToStack();
+ std::vector<std::string> files = GetListOfFilesInDir(netrcparts, "conf", true, true);
+ for (std::vector<std::string>::const_iterator netrc = files.begin(); netrc != files.end(); netrc++)
+ {
+ maybe_add_auth (Uri, *netrc);
+ if (Uri.User.empty() == false || Uri.Password.empty() == false)
+ break;
+ }
+ _error->RevertToStack();
+ }
+ }
+
if (Uri.User.empty() == false || Uri.Password.empty() == false)
{
Req += string("Authorization: Basic ") +
diff --git a/methods/https.cc b/methods/https.cc
index 087604b6d..dd678ca7f 100644
--- a/methods/https.cc
+++ b/methods/https.cc
@@ -177,6 +177,22 @@ bool HttpsMethod::Fetch(FetchItem *Itm)
SetupProxy();
maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc"));
+ if(Uri.User.empty() || Uri.Password.empty())
+ {
+ std::string const netrcparts = _config->FindDir("Dir::Etc::netrcparts");
+ if (not netrcparts.empty())
+ {
+ _error->PushToStack();
+ std::vector<std::string> files = GetListOfFilesInDir(netrcparts, "conf", true, true);
+ for (std::vector<std::string>::const_iterator netrc = files.begin(); netrc != files.end(); netrc++)
+ {
+ maybe_add_auth (Uri, *netrc);
+ if (Uri.User.empty() == false || Uri.Password.empty() == false)
+ break;
+ }
+ _error->RevertToStack();
+ }
+ }
// callbacks
curl_easy_setopt(curl, CURLOPT_URL, static_cast<string>(Uri).c_str());