diff options
| author | David Kalnischkies <david@kalnischkies.de> | 2017-05-29 12:37:08 +0200 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2017-06-26 23:31:15 +0200 |
| commit | cbbf185c3c55effe47f218a07e7b1f324973a8a6 (patch) | |
| tree | 9ec40ff5439d1d3ccedb7fb143e3fd32e1348c6d | |
| parent | 188f297a2af4c15cb1d502360d1e478644b5b810 (diff) | |
fail InRelease on non-404 HTTP errorcodes
There are very many HTTP errorcodes which indicate that the repository
isn't available at the moment or the connection has some kind of
problem. Given that we do not require Release files the result was that
these errors were ignored and the user presented with a message like
"Repository is no longer signed" which sends the user in the wrong
direction.
Instead of trying to figure out which http errorcodes indicate a global
problem we accept only 404 for ignoring and consider all the rest as
hard errors now causing us to stop instantly after the InRelease file
and print the errorcode (with short description from server) received.
| -rw-r--r-- | apt-pkg/acquire-item.cc | 6 | ||||
| -rwxr-xr-x | test/integration/test-ubuntu-bug-346386-apt-get-update-paywall | 9 |
2 files changed, 14 insertions, 1 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 3ce0f25cf..574ef4939 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1717,7 +1717,11 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c if (AuthPass == false) { - if (Status == StatAuthError || Status == StatTransientNetworkError) + auto const failreason = LookupTag(Message, "FailReason"); + auto const httperror = "HttpError"; + if (Status == StatAuthError || Status == StatTransientNetworkError || + (strncmp(failreason.c_str(), httperror, strlen(httperror)) == 0 && + failreason != "HttpError404")) { // if we expected a ClearTextSignature (InRelease) but got a network // error or got a file, but it wasn't valid, we end up here (see VerifyDone). diff --git a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall index a756b5df2..46c7c5672 100755 --- a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall +++ b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall @@ -70,3 +70,12 @@ partial' ls "$LISTS" runtests '^E:.*Clearsigned file .*NOSPLIT.*' webserverconfig 'aptwebserver::overwrite::.*InRelease::filename' '/404' runtests '^E:.*Signed file .*NODATA.*' + +webserverconfig 'aptwebserver::overwrite::.*::filename' '/404' +webserverconfig 'aptwebserver::httpcode::404' '511 Network Authentication Required' +rm -rf rootdir/var/lib/apt/lists +testfailureequal "Err:1 http://localhost:${APTHTTPPORT} unstable InRelease + 511 Network Authentication Required +Reading package lists... +E: Failed to fetch http://localhost:${APTHTTPPORT}/dists/unstable/InRelease 511 Network Authentication Required +E: Some index files failed to download. They have been ignored, or old ones used instead." apt update |