diff options
| author | David Kalnischkies <david@kalnischkies.de> | 2017-07-26 19:09:59 +0200 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2017-07-26 19:09:59 +0200 |
| commit | 2920e9428e26004f90a1f1ea86f07850b2204f85 (patch) | |
| tree | 601b38dc82e987ad0ed141caa31b480e6f6fb4ca /apt-private | |
| parent | f2f8e89f08cdf01c83a0b8ab053c65329d85ca90 (diff) | |
| parent | 8580574ec63fedd39a3ab3b9f0025e08eae5f620 (diff) | |
Merge branch 'feature/authconf'
Diffstat (limited to 'apt-private')
| -rw-r--r-- | apt-private/private-update.cc | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/apt-private/private-update.cc b/apt-private/private-update.cc index 8949dab30..c9113ddd3 100644 --- a/apt-private/private-update.cc +++ b/apt-private/private-update.cc @@ -8,6 +8,7 @@ #include <apt-pkg/configuration.h> #include <apt-pkg/error.h> #include <apt-pkg/fileutl.h> +#include <apt-pkg/metaindex.h> #include <apt-pkg/sourcelist.h> #include <apt-pkg/update.h> @@ -79,6 +80,44 @@ bool DoUpdate(CommandLine &CmdL) if (Cache.BuildCaches(false) == false) return false; + if (_config->FindB("APT::Get::Update::SourceListWarnings", true)) + { + List = Cache.GetSourceList(); + for (pkgSourceList::const_iterator S = List->begin(); S != List->end(); ++S) + { + if (APT::String::Startswith((*S)->GetURI(), "ftp://") == false) + continue; + pkgCache::RlsFileIterator const RlsFile = (*S)->FindInCache(Cache, false); + if (RlsFile.end() || RlsFile->Origin == 0 || RlsFile->Label == 0) + continue; + char const *const affected[][2] = { + {"Debian", "Debian"}, + {"Debian", "Debian-Security"}, + {"Debian Backports", "Debian Backports"}, + }; + auto const matchRelease = [&](decltype(affected[0]) a) { + return strcmp(RlsFile.Origin(), a[0]) == 0 && strcmp(RlsFile.Label(), a[1]) == 0; + }; + if (std::find_if(std::begin(affected), std::end(affected), matchRelease) != std::end(affected)) + _error->Warning("Debian shuts down public FTP services currently still used in your sources.list(5) as '%s'.\n" + "See press release %s for details.", + (*S)->GetURI().c_str(), "https://debian.org/News/2017/20170425"); + } + for (pkgSourceList::const_iterator S = List->begin(); S != List->end(); ++S) + { + URI uri((*S)->GetURI()); + if (uri.User.empty() && uri.Password.empty()) + continue; + // we can't really predict if a +http method supports everything http does, + // so we play it safe and use a whitelist here. + char const *const affected[] = {"http", "https", "tor+http", "tor+https", "ftp"}; + if (std::find(std::begin(affected), std::end(affected), uri.Access) != std::end(affected)) + // TRANSLATOR: the first two are manpage references, the last the URI from a sources.list + _error->Notice(_("Usage of %s should be preferred over embedding login information directly in the %s entry for '%s'"), + "apt_auth.conf(5)", "sources.list(5)", URI::ArchiveOnly(uri).c_str()); + } + } + // show basic stats (if the user whishes) if (_config->FindB("APT::Cmd::Show-Update-Stats", false) == true) { |