summaryrefslogtreecommitdiff
path: root/apt-pkg/acquire-worker.cc
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2017-10-21 15:44:43 +0200
committerJulian Andres Klode <jak@debian.org>2017-10-22 18:52:16 +0200
commit1a76517470ebc2dd3f96e39ebe6f3706d6dd78da (patch)
tree93b8d79678ba890d53d108c26118ed0807264367 /apt-pkg/acquire-worker.cc
parent404dececf913d3c09368a73ca00aa8172dbf6865 (diff)
Run Proxy-Auto-Detect script from main process
This avoids running the Proxy-Auto-Detect script inside the untrusted (well, less trusted for now) sandbox. This will allow us to restrict the http method from fork()ing or exec()ing via seccomp.
Diffstat (limited to 'apt-pkg/acquire-worker.cc')
-rw-r--r--apt-pkg/acquire-worker.cc12
1 files changed, 12 insertions, 0 deletions
diff --git a/apt-pkg/acquire-worker.cc b/apt-pkg/acquire-worker.cc
index 4aa55a743..49d67e370 100644
--- a/apt-pkg/acquire-worker.cc
+++ b/apt-pkg/acquire-worker.cc
@@ -21,6 +21,7 @@
#include <apt-pkg/error.h>
#include <apt-pkg/fileutl.h>
#include <apt-pkg/hashes.h>
+#include <apt-pkg/proxy.h>
#include <apt-pkg/strutl.h>
#include <algorithm>
@@ -671,6 +672,17 @@ bool pkgAcquire::Worker::QueueItem(pkgAcquire::Queue::QItem *Item)
Message += "URI: " + Item->URI;
Message += "\nFilename: " + Item->Owner->DestFile;
+ URI URL = Item->URI;
+ // FIXME: We should not hard code proxy protocols here.
+ if (URL.Access == "http" || URL.Access == "https")
+ {
+ AutoDetectProxy(URL);
+ if (_config->Exists("Acquire::" + URL.Access + "::proxy::" + URL.Host))
+ {
+ Message += "\nProxy: " + _config->Find("Acquire::" + URL.Access + "::proxy::" + URL.Host);
+ }
+ }
+
HashStringList const hsl = Item->GetExpectedHashes();
for (HashStringList::const_iterator hs = hsl.begin(); hs != hsl.end(); ++hs)
Message += "\nExpected-" + hs->HashType() + ": " + hs->HashValue();