diff options
author | Julian Andres Klode <julian.klode@canonical.com> | 2019-02-05 16:57:47 +0100 |
---|---|---|
committer | Julian Andres Klode <julian.klode@canonical.com> | 2019-03-01 11:40:32 +0000 |
commit | 25c024910b4c051461a9842d9fe0efc04748c908 (patch) | |
tree | da0c02a6438077a575081f3449b3e91d01a5e7bc | |
parent | 54e1ee73059bbad881908028abce574039ec77b9 (diff) |
Add support for /etc/apt/auth.conf.d/*.conf (netrcparts)
This allows us to install matching auth files for sources.list.d
files, for example; very useful.
This converts aptmethod's authfd from one FileFd to a vector of
pointers to FileFd, as FileFd cannot be copied, and move operators
are hard.
(parts cherry-picked from commit feed3ec105cd6be7b5d23da14c6cfca8572ee725)
LP: #1811120
TODO: test/integration/test-authentication-basic is missing, what to do?
-rw-r--r-- | apt-pkg/init.cc | 1 | ||||
-rw-r--r-- | methods/ftp.cc | 17 | ||||
-rw-r--r-- | methods/http.cc | 18 | ||||
-rw-r--r-- | methods/https.cc | 16 |
4 files changed, 52 insertions, 0 deletions
diff --git a/apt-pkg/init.cc b/apt-pkg/init.cc index 241628632..cbfa13722 100644 --- a/apt-pkg/init.cc +++ b/apt-pkg/init.cc @@ -66,6 +66,7 @@ bool pkgInitConfig(Configuration &Cnf) Cnf.CndSet("Dir::Etc::vendorparts","vendors.list.d"); Cnf.CndSet("Dir::Etc::main","apt.conf"); Cnf.CndSet("Dir::Etc::netrc", "auth.conf"); + Cnf.CndSet("Dir::Etc::netrcparts", "auth.conf.d"); Cnf.CndSet("Dir::Etc::parts","apt.conf.d"); Cnf.CndSet("Dir::Etc::preferences","preferences"); Cnf.CndSet("Dir::Etc::preferencesparts","preferences.d"); diff --git a/methods/ftp.cc b/methods/ftp.cc index 66787a7be..5bcdfd803 100644 --- a/methods/ftp.cc +++ b/methods/ftp.cc @@ -994,6 +994,23 @@ bool FtpMethod::Fetch(FetchItem *Itm) Res.IMSHit = false; maybe_add_auth (Get, _config->FindFile("Dir::Etc::netrc")); + if(Get.User.empty() || Get.Password.empty()) + { + std::string const netrcparts = _config->FindDir("Dir::Etc::netrcparts"); + if (not netrcparts.empty()) + { + _error->PushToStack(); + std::vector<std::string> files = GetListOfFilesInDir(netrcparts, "conf", true, true); + for (std::vector<std::string>::const_iterator netrc = files.begin(); netrc != files.end(); netrc++) + { + maybe_add_auth (Get, *netrc); + if (Get.User.empty() == false || Get.Password.empty() == false) + break; + } + _error->RevertToStack(); + } + } + // Connect to the server if (Server == 0 || Server->Comp(Get) == false) diff --git a/methods/http.cc b/methods/http.cc index d3a5d718f..5f5cd2631 100644 --- a/methods/http.cc +++ b/methods/http.cc @@ -758,7 +758,25 @@ void HttpMethod::SendReq(FetchItem *Itm) Req += string("Proxy-Authorization: Basic ") + Base64Encode(Server->Proxy.User + ":" + Server->Proxy.Password) + "\r\n"; + maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc")); + if(Uri.User.empty() || Uri.Password.empty()) + { + std::string const netrcparts = _config->FindDir("Dir::Etc::netrcparts"); + if (not netrcparts.empty()) + { + _error->PushToStack(); + std::vector<std::string> files = GetListOfFilesInDir(netrcparts, "conf", true, true); + for (std::vector<std::string>::const_iterator netrc = files.begin(); netrc != files.end(); netrc++) + { + maybe_add_auth (Uri, *netrc); + if (Uri.User.empty() == false || Uri.Password.empty() == false) + break; + } + _error->RevertToStack(); + } + } + if (Uri.User.empty() == false || Uri.Password.empty() == false) { Req += string("Authorization: Basic ") + diff --git a/methods/https.cc b/methods/https.cc index 087604b6d..dd678ca7f 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -177,6 +177,22 @@ bool HttpsMethod::Fetch(FetchItem *Itm) SetupProxy(); maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc")); + if(Uri.User.empty() || Uri.Password.empty()) + { + std::string const netrcparts = _config->FindDir("Dir::Etc::netrcparts"); + if (not netrcparts.empty()) + { + _error->PushToStack(); + std::vector<std::string> files = GetListOfFilesInDir(netrcparts, "conf", true, true); + for (std::vector<std::string>::const_iterator netrc = files.begin(); netrc != files.end(); netrc++) + { + maybe_add_auth (Uri, *netrc); + if (Uri.User.empty() == false || Uri.Password.empty() == false) + break; + } + _error->RevertToStack(); + } + } // callbacks curl_easy_setopt(curl, CURLOPT_URL, static_cast<string>(Uri).c_str()); |