diff options
28 files changed, 828 insertions, 89 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index a30e98858..89ca6c670 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1235,9 +1235,20 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash, / } else { + // FIXME: move this into pkgAcqMetaClearSig::Done on the next + // ABI break + + // if we expect a ClearTextSignature (InRelase), ensure that + // this is what we get and if not fail to queue a + // Release/Release.gpg, see #346386 + if (SigFile == DestFile && !StartsWithGPGClearTextSignature(DestFile)) + { + Failed(Message, Cfg); + return; + } + // There was a signature file, so pass it to gpgv for // verification - if (_config->FindB("Debug::pkgAcquire::Auth", false)) std::cerr << "Metaindex acquired, queueing gpg verification (" << SigFile << "," << DestFile << ")\n"; @@ -1730,7 +1741,7 @@ bool pkgAcqArchive::QueueNext() { if(stringcasecmp(ForceHash, "sha512") == 0) ExpectedHash = HashString("SHA512", Parse.SHA512Hash()); - if(stringcasecmp(ForceHash, "sha256") == 0) + else if(stringcasecmp(ForceHash, "sha256") == 0) ExpectedHash = HashString("SHA256", Parse.SHA256Hash()); else if (stringcasecmp(ForceHash, "sha1") == 0) ExpectedHash = HashString("SHA1", Parse.SHA1Hash()); diff --git a/apt-pkg/algorithms.cc b/apt-pkg/algorithms.cc index 7fcd9f0db..b2a40add1 100644 --- a/apt-pkg/algorithms.cc +++ b/apt-pkg/algorithms.cc @@ -550,14 +550,12 @@ void pkgProblemResolver::MakeScores() unsigned long Size = Cache.Head().PackageCount; memset(Scores,0,sizeof(*Scores)*Size); - // Maps to pkgCache::State::VerPriority - // which is "Important Required Standard Optional Extra" - // (yes, that is confusing, the order of pkgCache::State::VerPriority - // needs to be adjusted but that requires a ABI break) + // maps to pkgCache::State::VerPriority: + // Required Important Standard Optional Extra int PrioMap[] = { 0, - _config->FindI("pkgProblemResolver::Scores::Important",2), _config->FindI("pkgProblemResolver::Scores::Required",3), + _config->FindI("pkgProblemResolver::Scores::Important",2), _config->FindI("pkgProblemResolver::Scores::Standard",1), _config->FindI("pkgProblemResolver::Scores::Optional",-1), _config->FindI("pkgProblemResolver::Scores::Extra",-2) diff --git a/apt-pkg/contrib/configuration.cc b/apt-pkg/contrib/configuration.cc index 4de17e3e1..d5334ae72 100644 --- a/apt-pkg/contrib/configuration.cc +++ b/apt-pkg/contrib/configuration.cc @@ -422,6 +422,18 @@ void Configuration::Clear(string const &Name, string const &Value) } /*}}}*/ +// Configuration::Clear - Clear everything /*{{{*/ +// --------------------------------------------------------------------- +void Configuration::Clear() +{ + const Configuration::Item *Top = Tree(0); + while( Top != 0 ) + { + Clear(Top->FullTag()); + Top = Top->Next; + } +} + /*}}}*/ // Configuration::Clear - Clear an entire tree /*{{{*/ // --------------------------------------------------------------------- /* */ diff --git a/apt-pkg/contrib/configuration.h b/apt-pkg/contrib/configuration.h index ea94c2fe6..8e09ea0a6 100644 --- a/apt-pkg/contrib/configuration.h +++ b/apt-pkg/contrib/configuration.h @@ -94,6 +94,7 @@ class Configuration // clear a whole tree void Clear(const std::string &Name); + void Clear(); // remove a certain value from a list (e.g. the list of "APT::Keep-Fds") void Clear(std::string const &List, std::string const &Value); diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 90e49cbfa..a31a8a141 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -41,6 +41,8 @@ #include <dirent.h> #include <signal.h> #include <errno.h> +#include <glob.h> + #include <set> #include <algorithm> @@ -852,6 +854,26 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap) } /*}}}*/ +// StartsWithGPGClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/ +// --------------------------------------------------------------------- +/* */ +bool StartsWithGPGClearTextSignature(string const &FileName) +{ + static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n"; + char buffer[strlen(SIGMSG)+1]; + FILE* gpg = fopen(FileName.c_str(), "r"); + if (gpg == NULL) + return false; + + char const * const test = fgets(buffer, sizeof(buffer), gpg); + fclose(gpg); + if (test == NULL || strcmp(buffer, SIGMSG) != 0) + return false; + + return true; +} + + // FileFd::Open - Open a file /*{{{*/ // --------------------------------------------------------------------- /* The most commonly used open mode combinations are given with Mode */ @@ -1758,3 +1780,32 @@ bool FileFd::Sync() /*}}}*/ gzFile FileFd::gzFd() { return (gzFile) d->gz; } + + +// Glob - wrapper around "glob()" /*{{{*/ +// --------------------------------------------------------------------- +/* */ +std::vector<std::string> Glob(std::string const &pattern, int flags) +{ + std::vector<std::string> result; + glob_t globbuf; + int glob_res, i; + + glob_res = glob(pattern.c_str(), flags, NULL, &globbuf); + + if (glob_res != 0) + { + if(glob_res != GLOB_NOMATCH) { + _error->Errno("glob", "Problem with glob"); + return result; + } + } + + // append results + for(i=0;i<globbuf.gl_pathc;i++) + result.push_back(string(globbuf.gl_pathv[i])); + + globfree(&globbuf); + return result; +} + /*}}}*/ diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index 426664d3a..4d933a307 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -180,6 +180,9 @@ bool WaitFd(int Fd,bool write = false,unsigned long timeout = 0); pid_t ExecFork(); bool ExecWait(pid_t Pid,const char *Name,bool Reap = false); +// check if the given file starts with a PGP cleartext signature +bool StartsWithGPGClearTextSignature(std::string const &FileName); + // File string manipulators std::string flNotDir(std::string File); std::string flNotFile(std::string File); @@ -187,4 +190,7 @@ std::string flNoLink(std::string File); std::string flExtension(std::string File); std::string flCombine(std::string Dir,std::string File); +// simple c++ glob +std::vector<std::string> Glob(std::string const &pattern, int flags=0); + #endif diff --git a/apt-pkg/contrib/netrc.cc b/apt-pkg/contrib/netrc.cc index 0a902f126..b3d30fd4a 100644 --- a/apt-pkg/contrib/netrc.cc +++ b/apt-pkg/contrib/netrc.cc @@ -155,18 +155,6 @@ static int parsenetrc_string (char *host, std::string &login, std::string &passw return retcode; } -// for some unknown reason this method is exported so keep a compatible interface for now … -int parsenetrc (char *host, char *login, char *password, char *netrcfile = NULL) -{ - std::string login_string, password_string; - int const ret = parsenetrc_string(host, login_string, password_string, netrcfile); - if (ret < 0) - return ret; - strncpy(login, login_string.c_str(), LOGINSIZE - 1); - strncpy(password, password_string.c_str(), PASSWORDSIZE - 1); - return ret; -} - void maybe_add_auth (URI &Uri, string NetRCFile) { diff --git a/apt-pkg/contrib/netrc.h b/apt-pkg/contrib/netrc.h index 6feb5b726..7349126c4 100644 --- a/apt-pkg/contrib/netrc.h +++ b/apt-pkg/contrib/netrc.h @@ -25,9 +25,5 @@ class URI; -// kill this export on the next ABI break - strongly doubt its in use anyway -// outside of the apt itself, its really a internal interface -__deprecated int parsenetrc (char *host, char *login, char *password, char *filename); - void maybe_add_auth (URI &Uri, std::string NetRCFile); #endif diff --git a/apt-pkg/contrib/strutl.cc b/apt-pkg/contrib/strutl.cc index ca096d736..df11a80ad 100644 --- a/apt-pkg/contrib/strutl.cc +++ b/apt-pkg/contrib/strutl.cc @@ -752,7 +752,8 @@ bool ReadMessages(int Fd, vector<string> &List) // Look for the end of the message for (char *I = Buffer; I + 1 < End; I++) { - if (I[0] != '\n' || I[1] != '\n') + if (I[1] != '\n' || + (strncmp(I, "\n\n", 2) != 0 && strncmp(I, "\r\n\r\n", 4) != 0)) continue; // Pull the message out @@ -760,7 +761,7 @@ bool ReadMessages(int Fd, vector<string> &List) PartialMessage += Message; // Fix up the buffer - for (; I < End && *I == '\n'; I++); + for (; I < End && (*I == '\r' || *I == '\n'); ++I); End -= I-Buffer; memmove(Buffer,I,End-Buffer); I = Buffer; diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc index 6cb8bc6b6..0e468b590 100644 --- a/apt-pkg/deb/dpkgpm.cc +++ b/apt-pkg/deb/dpkgpm.cc @@ -423,7 +423,7 @@ bool pkgDPkgPM::RunScriptsWithPkgs(const char *Cnf) void pkgDPkgPM::DoStdin(int master) { unsigned char input_buf[256] = {0,}; - ssize_t len = read(0, input_buf, sizeof(input_buf)); + ssize_t len = read(STDIN_FILENO, input_buf, sizeof(input_buf)); if (len) FileFd::Write(master, input_buf, len); else @@ -1205,7 +1205,7 @@ bool pkgDPkgPM::Go(int OutStatusFd) // if tcgetattr does not return zero there was a error // and we do not do any pty magic - if (tcgetattr(0, &tt) == 0) + if (tcgetattr(STDOUT_FILENO, &tt) == 0) { ioctl(0, TIOCGWINSZ, (char *)&win); if (openpty(&master, &slave, NULL, &tt, &win) < 0) @@ -1231,6 +1231,11 @@ bool pkgDPkgPM::Go(int OutStatusFd) tcsetattr(0, TCSAFLUSH, &rtt); sigprocmask(SIG_SETMASK, &original_sigmask, 0); } + } else { + const char *s = _("Can not write log, tcgetattr() failed for stdout"); + fprintf(stderr, "%s", s); + if(d->term_out) + fprintf(d->term_out, "%s",s); } // Fork dpkg pid_t Child; diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc index aa1f01a4a..c0a085316 100644 --- a/apt-pkg/indexcopy.cc +++ b/apt-pkg/indexcopy.cc @@ -654,16 +654,12 @@ bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, { if (File == FileGPG) { - #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n" - char buffer[sizeof(SIGMSG)]; FILE* gpg = fopen(File.c_str(), "r"); if (gpg == NULL) return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str()); - char const * const test = fgets(buffer, sizeof(buffer), gpg); fclose(gpg); - if (test == NULL || strcmp(buffer, SIGMSG) != 0) + if (!StartsWithGPGClearTextSignature(File)) return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str()); - #undef SIGMSG } diff --git a/apt-pkg/init.h b/apt-pkg/init.h index b6f3df753..00d361560 100644 --- a/apt-pkg/init.h +++ b/apt-pkg/init.h @@ -27,7 +27,7 @@ class Configuration; // Non-ABI-Breaks should only increase RELEASE number. // See also buildlib/libversion.mak #define APT_PKG_MAJOR 4 -#define APT_PKG_MINOR 12 +#define APT_PKG_MINOR 13 #define APT_PKG_RELEASE 0 extern const char *pkgVersion; diff --git a/apt-pkg/pkgcache.cc b/apt-pkg/pkgcache.cc index 1de33ff9b..8151475ef 100644 --- a/apt-pkg/pkgcache.cc +++ b/apt-pkg/pkgcache.cc @@ -51,7 +51,7 @@ pkgCache::Header::Header() /* Whenever the structures change the major version should be bumped, whenever the generator changes the minor version should be bumped. */ - MajorVersion = 8; + MajorVersion = 9; MinorVersion = 0; Dirty = false; diff --git a/apt-pkg/pkgcache.h b/apt-pkg/pkgcache.h index 1a7013551..565ee657c 100644 --- a/apt-pkg/pkgcache.h +++ b/apt-pkg/pkgcache.h @@ -136,7 +136,7 @@ class pkgCache /*{{{*/ /** \brief priority of a package version Zero is used for unparsable or absent Priority fields. */ - enum VerPriority {Important=1,Required=2,Standard=3,Optional=4,Extra=5}; + enum VerPriority {Required=1,Important=2,Standard=3,Optional=4,Extra=5}; enum PkgSelectedState {Unknown=0,Install=1,Hold=2,DeInstall=3,Purge=4}; enum PkgInstState {Ok=0,ReInstReq=1,HoldInst=2,HoldReInstReq=3}; enum PkgCurrentState {NotInstalled=0,UnPacked=1,HalfConfigured=2, diff --git a/cmdline/apt-get.cc b/cmdline/apt-get.cc index 1bb981b20..e3c74a099 100644 --- a/cmdline/apt-get.cc +++ b/cmdline/apt-get.cc @@ -2395,7 +2395,7 @@ bool DoDownload(CommandLine &CmdL) HashString hash; if (rec.SHA512Hash() != "") hash = HashString("sha512", rec.SHA512Hash()); - if (rec.SHA256Hash() != "") + else if (rec.SHA256Hash() != "") hash = HashString("sha256", rec.SHA256Hash()); else if (rec.SHA1Hash() != "") hash = HashString("sha1", rec.SHA1Hash()); diff --git a/configure.in b/configure.in index fa10058ef..bb71bce8e 100644 --- a/configure.in +++ b/configure.in @@ -18,7 +18,7 @@ AC_CONFIG_AUX_DIR(buildlib) AC_CONFIG_HEADER(include/config.h:buildlib/config.h.in include/apti18n.h:buildlib/apti18n.h.in) PACKAGE="apt" -PACKAGE_VERSION="0.9.7.8~20130109" +PACKAGE_VERSION="0.9.8~exp1~20121017" PACKAGE_MAIL="APT Development Team <deity@lists.debian.org>" AC_DEFINE_UNQUOTED(PACKAGE,"$PACKAGE") AC_DEFINE_UNQUOTED(PACKAGE_VERSION,"$PACKAGE_VERSION") diff --git a/debian/changelog b/debian/changelog index 33efd5aa5..46fde5e0c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,44 @@ +apt (0.9.8~exp1) UNRELEASED; urgency=low + + [ David Kalnischkies ] + * apt-pkg/contrib/strutl.cc: + - support \n and \r\n line endings in ReadMessages + + [ Michael Vogt ] + * lp:~mvo/apt/webserver-simulate-broken-with-fix346386: + - fix invalid InRelease file download checking and add regression + test to server broken files to the buildin test webserver + * stop exporting the accidently exported parsenetrc() symbol + * lp:~mvo/apt/add-glob-function: + - add Glob() to fileutl.{cc,h} + * lp:~mvo/apt/config-clear: + - support Configuration.Clear() for a clear of the entire + configuration + * apt-pkg/deb/dpkgpm.cc: + - use tcgetattr() on STDOUT instead of STDIN so that term.log + works for redirected stdin + - print error in log if tcgetattr() fails instead of writing + a empty file + * use sha512 when available (LP: #1098752) + + [ Marc Deslauriers ] + * make apt-ftparchive generate missing deb-src hashes (LP: #1078697) + + -- Michael Vogt <mvo@debian.org> Fri, 01 Mar 2013 12:12:39 +0100 + apt (0.9.7.8) UNRELEASED; urgency=low [ Manpages translation updates ] * Italian (Beatrice Torracca). Closes: #696601 + [ Programs translation updates ] + * Japanese (Kenshi Muto). Closes: #699783 + [ Michael Vogt ] * fix pkgProblemResolver::Scores, thanks to Paul Wise. Closes: #697577 + * [ABI BREAK] apt-pkg/pkgcache.h: + - adjust pkgCache::State::VerPriority enum, to match reality * fix missing translated apt.8 manpages, thanks to Helge Kreutzmann for the report. Closes: #696923 * apt-pkg/contrib/progress.cc: @@ -30,9 +63,6 @@ apt (0.9.7.8) UNRELEASED; urgency=low (LP: #1003633) * apt-pkg/indexrecords.cc: - support '\r' in the Release file - - [ Marc Deslauriers ] - * make apt-ftparchive generate missing deb-src hashes (LP: #1078697) -- Christian Perrier <bubulle@debian.org> Mon, 24 Dec 2012 07:01:20 +0100 @@ -9,7 +9,7 @@ msgstr "" "Project-Id-Version: apt 0.9.7.1\n" "Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n" "POT-Creation-Date: 2012-10-15 09:49+0200\n" -"PO-Revision-Date: 2012-07-01 00:14+0900\n" +"PO-Revision-Date: 2013-02-05 09:41+0900\n" "Last-Translator: Kenshi Muto <kmuto@debian.org>\n" "Language-Team: Debian Japanese List <debian-japanese@lists.debian.org>\n" "Language: ja\n" @@ -227,7 +227,7 @@ msgstr "" " -p=? パッケージキャッシュ\n" " -s=? ソースキャッシュ\n" " -q プログレス表示をしない\n" -" -i umnet コマンドで重要な依存情報のみを表示する\n" +" -i unmet コマンドで重要な依存情報のみを表示する\n" " -c=? 指定した設定ファイルを読み込む\n" " -o=? 指定した設定オプションを読み込む (例: -o dir::cache=/tmp)\n" "詳細は、apt-cache(8) や apt.conf(5) のマニュアルページを参照してください。\n" @@ -448,8 +448,8 @@ msgstr "'%s' のような仮想パッケージは削除できません\n" #, c-format msgid "Package '%s' is not installed, so not removed. Did you mean '%s'?\n" msgstr "" -"パッケージ %s はインストールされていないため、削除はできません。'%s' のことで" -"しょうか?\n" +"パッケージ '%s' はインストールされていないため、削除はできません。'%s' のこと" +"でしょうか?\n" #: cmdline/apt-get.cc:743 cmdline/apt-get.cc:946 #, c-format @@ -679,7 +679,7 @@ msgstr[0] "" #: cmdline/apt-get.cc:1421 msgid "Note: This is done automatically and on purpose by dpkg." -msgstr "注意: これは dpkg により自動でわざと行われれます。" +msgstr "注意: これは dpkg により自動でわざと行われます。" #: cmdline/apt-get.cc:1559 #, c-format @@ -2726,7 +2726,7 @@ msgstr "" #: apt-pkg/sourcelist.cc:116 #, c-format msgid "Malformed line %lu in source list %s ([%s] has no key)" -msgstr "ソースリスト %2$s の %1$lu 行目が不正です ([%3$s にキーがありません)" +msgstr "ソースリスト %2$s の %1$lu 行目が不正です ([%3$s] にキーがありません)" #: apt-pkg/sourcelist.cc:119 #, c-format diff --git a/test/integration/framework b/test/integration/framework index 1c4872c8e..11f1c7be2 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -690,20 +690,30 @@ signreleasefiles() { } changetowebserver() { - if which weborf > /dev/null; then - weborf -xb aptarchive/ 2>&1 > /dev/null & + if [ -n "$1" ] && ! test -x ${BUILDDIRECTORY}/aptwebserver; then + msgdie 'Need the aptwebserver when passing arguments' + fi + + local LOG='/dev/null' + if test -x ${BUILDDIRECTORY}/aptwebserver; then + cd aptarchive + LD_LIBRARY_PATH=${BUILDDIRECTORY} ${BUILDDIRECTORY}/aptwebserver $@ 2> $LOG > $LOG & + addtrap "kill $!;" + cd - > /dev/null + elif which weborf > /dev/null; then + weborf -xb aptarchive/ 2> $LOG > $LOG & addtrap "kill $!;" elif which gatling > /dev/null; then cd aptarchive - gatling -p 8080 -F -S 2>&1 > /dev/null & + gatling -p 8080 -F -S 2> $LOG > $LOG & addtrap "kill $!;" cd - > /dev/null elif which lighttpd > /dev/null; then echo "server.document-root = \"$(readlink -f ./aptarchive)\" server.port = 8080 server.stat-cache-engine = \"disable\"" > lighttpd.conf - lighttpd -t -f lighttpd.conf >/dev/null || msgdie 'Can not change to webserver: our lighttpd config is invalid' - lighttpd -D -f lighttpd.conf 2>/dev/null >/dev/null & + lighttpd -t -f lighttpd.conf 2> $LOG > $LOG || msgdie 'Can not change to webserver: our lighttpd config is invalid' + lighttpd -D -f lighttpd.conf 2> $LOG > $LOG & addtrap "kill $!;" else msgdie 'You have to install weborf or lighttpd first' diff --git a/test/integration/skip-aptwebserver b/test/integration/skip-aptwebserver new file mode 100755 index 000000000..0622941ce --- /dev/null +++ b/test/integration/skip-aptwebserver @@ -0,0 +1,25 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'amd64' + +buildsimplenativepackage 'apt' 'all' '1.0' 'stable' + +setupaptarchive +changetowebserver + +rm -rf rootdir/var/lib/apt/lists +aptget update -qq +testequal 'Hit http://localhost stable InRelease +Hit http://localhost stable/main Sources +Hit http://localhost stable/main amd64 Packages +Hit http://localhost stable/main Translation-en +Reading package lists...' aptget update + +mv rootdir/var/lib/apt/lists/localhost* rootdir/var/lib/apt/lists/partial +aptget update + diff --git a/test/integration/skip-bug-602412-dequote-redirect b/test/integration/skip-bug-602412-dequote-redirect deleted file mode 100755 index 689b671ce..000000000 --- a/test/integration/skip-bug-602412-dequote-redirect +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -set -e - -TESTDIR=$(readlink -f $(dirname $0)) -. $TESTDIR/framework -setupenvironment -configarchitecture 'i386' - -if ! which lighttpd > /dev/null; then - msgdie 'You need lighttpd for this testcase, sorry…' - exit 1 -fi - -buildsimplenativepackage 'unrelated' 'all' '0.5~squeeze1' 'unstable' - -setupaptarchive - -echo "server.modules = ( \"mod_redirect\" ) -server.document-root = \"$(readlink -f ./aptarchive)\" -server.port = 8080 -server.stat-cache-engine = \"disable\" -url.redirect = ( \"^/pool/(.*)$\" => \"/newpool/\$1\", - \"^/dists/(.*)$\" => \"/newdists/\$1\" )" > lighttpd.conf - -mv aptarchive/pool aptarchive/newpool -mv aptarchive/dists aptarchive/newdists - -lighttpd -t -f lighttpd.conf >/dev/null || msgdie 'Can not change to webserver: our lighttpd config is invalid' -lighttpd -D -f lighttpd.conf 2>/dev/null >/dev/null & -addtrap "kill $!;" - -APTARCHIVE="file://$(readlink -f ./aptarchive)" -for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do - sed -i $LIST -e "s#$APTARCHIVE#http://localhost:8080/#" -done - -aptget update || msgdie 'apt-get update failed' -aptget install unrelated --download-only || msgdie 'downloading package failed' diff --git a/test/integration/test-bug-602412-dequote-redirect b/test/integration/test-bug-602412-dequote-redirect new file mode 100755 index 000000000..f1e67c6d8 --- /dev/null +++ b/test/integration/test-bug-602412-dequote-redirect @@ -0,0 +1,29 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'amd64' + +buildsimplenativepackage 'unrelated' 'all' '0.5~squeeze1' 'unstable' + +setupaptarchive +changetowebserver -o aptwebserver::redirect::replace::/pool/=/newpool/ \ + -o aptwebserver::redirect::replace::/dists/=/newdists/ + +mv aptarchive/pool aptarchive/newpool +mv aptarchive/dists aptarchive/newdists + +msgtest 'Test redirection works in' 'apt-get update' +aptget update -qq && msgpass || msgfail + +# check that I-M-S header is kept in redirections +testequal 'Hit http://localhost unstable InRelease +Hit http://localhost unstable/main Sources +Hit http://localhost unstable/main amd64 Packages +Hit http://localhost unstable/main Translation-en +Reading package lists...' aptget update + +msgtest 'Test redirection works in' 'package download' +aptget install unrelated --download-only -qq && msgpass || msgfail diff --git a/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall new file mode 100755 index 000000000..25cccf067 --- /dev/null +++ b/test/integration/test-ubuntu-bug-346386-apt-get-update-paywall @@ -0,0 +1,47 @@ +#!/bin/sh +set -e + +ensure_n_canary_strings_in_dir() { + DIR=$1 + CANARY_STRING=$2 + EXPECTED_N=$3 + + msgtest "Testing for $EXPECTED_N canary strings '$CANARY_STRING' in in" "$DIR" + + N=$(grep "$CANARY_STRING" $DIR/* 2>/dev/null |wc -l ) + if [ "$N" = "$EXPECTED_N" ]; then + msgpass + return 0 + else + msgfail "Expected $EXPECTED_N canaries, got $N" + return 1 + fi +} + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'native' + +insertpackage 'unstable' 'unrelated' 'all' '1.0' 'stable' + +setupaptarchive +changetowebserver --simulate-paywall + +rm -rf rootdir/var/lib/apt/lists +msgtest 'excpected failure of' 'apt-get update' +aptget update -qq 2>/dev/null && msgfail || msgpass + +ensure_n_canary_strings_in_dir rootdir/var/lib/apt/lists/ 'ni ni ni' 0 +testequal 'partial' ls rootdir/var/lib/apt/lists/ + +# again, this time with pre-existing files valid data +for f in Release Release.gpg main_binary-amd64_Packages stable_main_source_Sources; do + echo "canary" > rootdir/var/lib/apt/lists/localhost:8080_dists_stable_${f} +done + +# this will fail, the important part is that the canaries remain +msgtest 'excpected failure of' 'apt-get update' +aptget update -qq 2>/dev/null && msgfail || msgpass +ensure_n_canary_strings_in_dir rootdir/var/lib/apt/lists/ 'canary' 4 diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc new file mode 100644 index 000000000..ff60d64a3 --- /dev/null +++ b/test/interactive-helper/aptwebserver.cc @@ -0,0 +1,513 @@ +#include <config.h> + +#include <apt-pkg/strutl.h> +#include <apt-pkg/fileutl.h> +#include <apt-pkg/error.h> +#include <apt-pkg/cmndline.h> +#include <apt-pkg/configuration.h> +#include <apt-pkg/init.h> + +#include <vector> +#include <string> +#include <list> +#include <sstream> + +#include <sys/socket.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <netinet/in.h> +#include <unistd.h> +#include <errno.h> +#include <time.h> +#include <stdlib.h> +#include <dirent.h> +#include <signal.h> + +char const * const httpcodeToStr(int const httpcode) { /*{{{*/ + switch (httpcode) { + // Informational 1xx + case 100: return "100 Continue"; + case 101: return "101 Switching Protocols"; + // Successful 2xx + case 200: return "200 OK"; + case 201: return "201 Created"; + case 202: return "202 Accepted"; + case 203: return "203 Non-Authoritative Information"; + case 204: return "204 No Content"; + case 205: return "205 Reset Content"; + case 206: return "206 Partial Content"; + // Redirections 3xx + case 300: return "300 Multiple Choices"; + case 301: return "301 Moved Permanently"; + case 302: return "302 Found"; + case 303: return "303 See Other"; + case 304: return "304 Not Modified"; + case 305: return "304 Use Proxy"; + case 307: return "307 Temporary Redirect"; + // Client errors 4xx + case 400: return "400 Bad Request"; + case 401: return "401 Unauthorized"; + case 402: return "402 Payment Required"; + case 403: return "403 Forbidden"; + case 404: return "404 Not Found"; + case 405: return "405 Method Not Allowed"; + case 406: return "406 Not Acceptable"; + case 407: return "407 Proxy Authentication Required"; + case 408: return "408 Request Time-out"; + case 409: return "409 Conflict"; + case 410: return "410 Gone"; + case 411: return "411 Length Required"; + case 412: return "412 Precondition Failed"; + case 413: return "413 Request Entity Too Large"; + case 414: return "414 Request-URI Too Large"; + case 415: return "415 Unsupported Media Type"; + case 416: return "416 Requested range not satisfiable"; + case 417: return "417 Expectation Failed"; + // Server error 5xx + case 500: return "500 Internal Server Error"; + case 501: return "501 Not Implemented"; + case 502: return "502 Bad Gateway"; + case 503: return "503 Service Unavailable"; + case 504: return "504 Gateway Time-out"; + case 505: return "505 HTTP Version not supported"; + } + return NULL; +} + /*}}}*/ +void addFileHeaders(std::list<std::string> &headers, FileFd &data) { /*{{{*/ + std::ostringstream contentlength; + contentlength << "Content-Length: " << data.FileSize(); + headers.push_back(contentlength.str()); + + std::string lastmodified("Last-Modified: "); + lastmodified.append(TimeRFC1123(data.ModificationTime())); + headers.push_back(lastmodified); + + std::string const fileext = flExtension(data.Name()); + if (fileext.empty() == false && fileext != data.Name()) { + std::string confcontenttype("aptwebserver::ContentType::"); + confcontenttype.append(fileext); + std::string const contenttype = _config->Find(confcontenttype); + if (contenttype.empty() == false) { + std::string header("Content-Type: "); + header.append(contenttype); + headers.push_back(header); + } + } +} + /*}}}*/ +void addDataHeaders(std::list<std::string> &headers, std::string &data) {/*{{{*/ + std::ostringstream contentlength; + contentlength << "Content-Length: " << data.size(); + headers.push_back(contentlength.str()); +} + /*}}}*/ +bool sendHead(int const client, int const httpcode, std::list<std::string> &headers) { /*{{{*/ + std::string response("HTTP/1.1 "); + response.append(httpcodeToStr(httpcode)); + headers.push_front(response); + + headers.push_back("Server: APT webserver"); + + std::string date("Date: "); + date.append(TimeRFC1123(time(NULL))); + headers.push_back(date); + + headers.push_back("Accept-Ranges: bytes"); + + std::clog << ">>> RESPONSE >>>" << std::endl; + bool Success = true; + for (std::list<std::string>::const_iterator h = headers.begin(); + Success == true && h != headers.end(); ++h) { + Success &= FileFd::Write(client, h->c_str(), h->size()); + if (Success == true) + Success &= FileFd::Write(client, "\r\n", 2); + std::clog << *h << std::endl; + } + if (Success == true) + Success &= FileFd::Write(client, "\r\n", 2); + std::clog << "<<<<<<<<<<<<<<<<" << std::endl; + return Success; +} + /*}}}*/ +bool sendFile(int const client, FileFd &data) { /*{{{*/ + bool Success = true; + char buffer[500]; + unsigned long long actual = 0; + while ((Success &= data.Read(buffer, sizeof(buffer), &actual)) == true) { + if (actual == 0) + break; + if (Success == true) + Success &= FileFd::Write(client, buffer, actual); + } + if (Success == true) + Success &= FileFd::Write(client, "\r\n", 2); + return Success; +} + /*}}}*/ +bool sendData(int const client, std::string const &data) { /*{{{*/ + bool Success = true; + Success &= FileFd::Write(client, data.c_str(), data.size()); + if (Success == true) + Success &= FileFd::Write(client, "\r\n", 2); + return Success; +} + /*}}}*/ +void sendError(int const client, int const httpcode, std::string const &request, bool content, std::string const &error = "") { /*{{{*/ + std::list<std::string> headers; + std::string response("<html><head><title>"); + response.append(httpcodeToStr(httpcode)).append("</title></head>"); + response.append("<body><h1>").append(httpcodeToStr(httpcode)).append("</h1>"); + if (error.empty() == false) + response.append("<p><em>Error</em>: ").append(error).append("</p>"); + response.append("This error is a result of the request: <pre>"); + response.append(request).append("</pre></body></html>"); + addDataHeaders(headers, response); + sendHead(client, httpcode, headers); + if (content == true) + sendData(client, response); +} + /*}}}*/ +void sendRedirect(int const client, int const httpcode, std::string const &uri, std::string const &request, bool content) { /*{{{*/ + std::list<std::string> headers; + std::string response("<html><head><title>"); + response.append(httpcodeToStr(httpcode)).append("</title></head>"); + response.append("<body><h1>").append(httpcodeToStr(httpcode)).append("</h1"); + response.append("<p>You should be redirected to <em>").append(uri).append("</em></p>"); + response.append("This page is a result of the request: <pre>"); + response.append(request).append("</pre></body></html>"); + addDataHeaders(headers, response); + std::string location("Location: "); + if (strncmp(uri.c_str(), "http://", 7) != 0) + location.append("http://").append(LookupTag(request, "Host")).append("/").append(uri); + else + location.append(uri); + headers.push_back(location); + sendHead(client, httpcode, headers); + if (content == true) + sendData(client, response); +} + /*}}}*/ +// sendDirectoryLisiting /*{{{*/ +int filter_hidden_files(const struct dirent *a) { + if (a->d_name[0] == '.') + return 0; +#ifdef _DIRENT_HAVE_D_TYPE + // if we have the d_type check that only files and dirs will be included + if (a->d_type != DT_UNKNOWN && + a->d_type != DT_REG && + a->d_type != DT_LNK && // this includes links to regular files + a->d_type != DT_DIR) + return 0; +#endif + return 1; +} +int grouped_alpha_case_sort(const struct dirent **a, const struct dirent **b) { +#ifdef _DIRENT_HAVE_D_TYPE + if ((*a)->d_type == DT_DIR && (*b)->d_type == DT_DIR); + else if ((*a)->d_type == DT_DIR && (*b)->d_type == DT_REG) + return -1; + else if ((*b)->d_type == DT_DIR && (*a)->d_type == DT_REG) + return 1; + else +#endif + { + struct stat f_prop; //File's property + stat((*a)->d_name, &f_prop); + int const amode = f_prop.st_mode; + stat((*b)->d_name, &f_prop); + int const bmode = f_prop.st_mode; + if (S_ISDIR(amode) && S_ISDIR(bmode)); + else if (S_ISDIR(amode)) + return -1; + else if (S_ISDIR(bmode)) + return 1; + } + return strcasecmp((*a)->d_name, (*b)->d_name); +} +void sendDirectoryListing(int const client, std::string const &dir, std::string const &request, bool content) { + std::list<std::string> headers; + std::ostringstream listing; + + struct dirent **namelist; + int const counter = scandir(dir.c_str(), &namelist, filter_hidden_files, grouped_alpha_case_sort); + if (counter == -1) { + sendError(client, 500, request, content); + return; + } + + listing << "<html><head><title>Index of " << dir << "</title>" + << "<style type=\"text/css\"><!-- td {padding: 0.02em 0.5em 0.02em 0.5em;}" + << "tr:nth-child(even){background-color:#dfdfdf;}" + << "h1, td:nth-child(3){text-align:center;}" + << "table {margin-left:auto;margin-right:auto;} --></style>" + << "</head>" << std::endl + << "<body><h1>Index of " << dir << "</h1>" << std::endl + << "<table><tr><th>#</th><th>Name</th><th>Size</th><th>Last-Modified</th></tr>" << std::endl; + if (dir != ".") + listing << "<tr><td>d</td><td><a href=\"..\">Parent Directory</a></td><td>-</td><td>-</td></tr>"; + for (int i = 0; i < counter; ++i) { + struct stat fs; + std::string filename(dir); + filename.append("/").append(namelist[i]->d_name); + stat(filename.c_str(), &fs); + if (S_ISDIR(fs.st_mode)) { + listing << "<tr><td>d</td>" + << "<td><a href=\"" << namelist[i]->d_name << "/\">" << namelist[i]->d_name << "</a></td>" + << "<td>-</td>"; + } else { + listing << "<tr><td>f</td>" + << "<td><a href=\"" << namelist[i]->d_name << "\">" << namelist[i]->d_name << "</a></td>" + << "<td>" << SizeToStr(fs.st_size) << "B</td>"; + } + listing << "<td>" << TimeRFC1123(fs.st_mtime) << "</td></tr>" << std::endl; + } + listing << "</table></body></html>" << std::endl; + + std::string response(listing.str()); + addDataHeaders(headers, response); + sendHead(client, 200, headers); + if (content == true) + sendData(client, response); +} + /*}}}*/ +bool parseFirstLine(int const client, std::string const &request, std::string &filename, bool &sendContent, bool &closeConnection) { /*{{{*/ + if (strncmp(request.c_str(), "HEAD ", 5) == 0) + sendContent = false; + if (strncmp(request.c_str(), "GET ", 4) != 0) + { + sendError(client, 501, request, true); + return false; + } + + size_t const lineend = request.find('\n'); + size_t filestart = request.find(' '); + for (; request[filestart] == ' '; ++filestart); + size_t fileend = request.rfind(' ', lineend); + if (lineend == std::string::npos || filestart == std::string::npos || + fileend == std::string::npos || filestart == fileend) { + sendError(client, 500, request, sendContent, "Filename can't be extracted"); + return false; + } + + size_t httpstart = fileend; + for (; request[httpstart] == ' '; ++httpstart); + if (strncmp(request.c_str() + httpstart, "HTTP/1.1\r", 9) == 0) + closeConnection = strcasecmp(LookupTag(request, "Connection", "Keep-Alive").c_str(), "Keep-Alive") != 0; + else if (strncmp(request.c_str() + httpstart, "HTTP/1.0\r", 9) == 0) + closeConnection = strcasecmp(LookupTag(request, "Connection", "Keep-Alive").c_str(), "close") == 0; + else { + sendError(client, 500, request, sendContent, "Not an HTTP/1.{0,1} request"); + return false; + } + + filename = request.substr(filestart, fileend - filestart); + if (filename.find(' ') != std::string::npos) { + sendError(client, 500, request, sendContent, "Filename contains an unencoded space"); + return false; + } + filename = DeQuoteString(filename); + + // this is not a secure server, but at least prevent the obvious … + if (filename.empty() == true || filename[0] != '/' || + strncmp(filename.c_str(), "//", 2) == 0 || + filename.find_first_of("\r\n\t\f\v") != std::string::npos || + filename.find("/../") != std::string::npos) { + sendError(client, 400, request, sendContent, "Filename contains illegal character (sequence)"); + return false; + } + + // nuke the first character which is a / as we assured above + filename.erase(0, 1); + if (filename.empty() == true) + filename = "."; + return true; +} + /*}}}*/ +int main(int const argc, const char * argv[]) +{ + CommandLine::Args Args[] = { + {0, "simulate-paywall", "aptwebserver::Simulate-Paywall", + CommandLine::Boolean}, + {0, "port", "aptwebserver::port", CommandLine::HasArg}, + {'c',"config-file",0,CommandLine::ConfigFile}, + {'o',"option",0,CommandLine::ArbItem}, + {0,0,0,0} + }; + + CommandLine CmdL(Args, _config); + if(CmdL.Parse(argc,argv) == false) { + _error->DumpErrors(); + exit(1); + } + + // create socket, bind and listen to it {{{ + // ignore SIGPIPE, this can happen on write() if the socket closes connection + signal(SIGPIPE, SIG_IGN); + int sock = socket(AF_INET6, SOCK_STREAM, 0); + if(sock < 0 ) { + _error->Errno("aptwerbserver", "Couldn't create socket"); + _error->DumpErrors(std::cerr); + return 1; + } + + // get the port + int const port = _config->FindI("aptwebserver::port", 8080); + bool const simulate_broken_server = _config->FindB("aptwebserver::Simulate-Paywall", false); + + // ensure that we accept all connections: v4 or v6 + int const iponly = 0; + setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &iponly, sizeof(iponly)); + // to not linger to an address + int const enable = 1; + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &enable, sizeof(enable)); + + struct sockaddr_in6 locAddr; + memset(&locAddr, 0, sizeof(locAddr)); + locAddr.sin6_family = AF_INET6; + locAddr.sin6_port = htons(port); + locAddr.sin6_addr = in6addr_any; + + if (bind(sock, (struct sockaddr*) &locAddr, sizeof(locAddr)) < 0) { + _error->Errno("aptwerbserver", "Couldn't bind"); + _error->DumpErrors(std::cerr); + return 2; + } + + if (simulate_broken_server) { + std::clog << "Simulating a broken web server that return nonsense " + "for all querries" << std::endl; + } else { + std::clog << "Serving ANY file on port: " << port << std::endl; + } + + listen(sock, 1); + /*}}}*/ + + std::vector<std::string> messages; + int client; + while ((client = accept(sock, NULL, NULL)) != -1) { + std::clog << "ACCEPT client " << client + << " on socket " << sock << std::endl; + + while (ReadMessages(client, messages)) { + bool closeConnection = false; + for (std::vector<std::string>::const_iterator m = messages.begin(); + m != messages.end() && closeConnection == false; ++m) { + std::clog << ">>> REQUEST >>>>" << std::endl << *m + << std::endl << "<<<<<<<<<<<<<<<<" << std::endl; + std::list<std::string> headers; + std::string filename; + bool sendContent = true; + if (parseFirstLine(client, *m, filename, sendContent, closeConnection) == false) + continue; + + std::string host = LookupTag(*m, "Host", ""); + if (host.empty() == true) { + // RFC 2616 §14.23 requires Host + sendError(client, 400, *m, sendContent, "Host header is required"); + continue; + } + + if (simulate_broken_server == true) { + std::string data("ni ni ni\n"); + addDataHeaders(headers, data); + sendHead(client, 200, headers); + sendData(client, data); + } + else if (RealFileExists(filename) == true) { + FileFd data(filename, FileFd::ReadOnly); + std::string condition = LookupTag(*m, "If-Modified-Since", ""); + if (condition.empty() == false) { + time_t cache; + if (RFC1123StrToTime(condition.c_str(), cache) == true && + cache >= data.ModificationTime()) { + sendHead(client, 304, headers); + continue; + } + } + condition = LookupTag(*m, "If-Range", ""); + bool ignoreRange = false; + if (condition.empty() == false) { + time_t cache; + if (RFC1123StrToTime(condition.c_str(), cache) == false || + cache < data.ModificationTime()) + ignoreRange = true; + } + condition = LookupTag(*m, "Range", ""); + if (ignoreRange == false && condition.empty() == false && + strncmp(condition.c_str(), "bytes=", 6) == 0) { + size_t end = condition.find(','); + // FIXME: support multiple byte-ranges + if (end == std::string::npos) { + size_t start = 6; + unsigned long long filestart = strtoull(condition.c_str() + start, NULL, 10); + // FIXME: no fileend support + size_t dash = condition.find('-') + 1; + unsigned long long fileend = strtoull(condition.c_str() + dash, NULL, 10); + unsigned long long filesize = data.FileSize(); + if (fileend == 0 || fileend == filesize) { + if (filesize > filestart) { + data.Skip(filestart); + std::ostringstream contentlength; + contentlength << "Content-Length: " << (filesize - filestart); + headers.push_back(contentlength.str()); + std::ostringstream contentrange; + contentrange << "Content-Range: bytes " << filestart << "-" + << filesize - 1 << "/" << filesize; + headers.push_back(contentrange.str()); + sendHead(client, 206, headers); + if (sendContent == true) + sendFile(client, data); + continue; + } else { + headers.push_back("Content-Length: 0"); + std::ostringstream contentrange; + contentrange << "Content-Range: bytes 0-0/" << filesize; + headers.push_back(contentrange.str()); + sendHead(client, 416, headers); + continue; + } + } + } + } + + addFileHeaders(headers, data); + sendHead(client, 200, headers); + if (sendContent == true) + sendFile(client, data); + } + else if (DirectoryExists(filename) == true) { + if (filename == "." || filename[filename.length()-1] == '/') + sendDirectoryListing(client, filename, *m, sendContent); + else + sendRedirect(client, 301, filename.append("/"), *m, sendContent); + } + else + { + ::Configuration::Item const *Replaces = _config->Tree("aptwebserver::redirect::replace"); + if (Replaces != NULL) { + std::string redirect = "/" + filename; + for (::Configuration::Item *I = Replaces->Child; I != NULL; I = I->Next) + redirect = SubstVar(redirect, I->Tag, I->Value); + redirect.erase(0,1); + if (redirect != filename) { + sendRedirect(client, 301, redirect, *m, sendContent); + continue; + } + } + sendError(client, 404, *m, sendContent); + } + } + _error->DumpErrors(std::cerr); + messages.clear(); + if (closeConnection == true) + break; + } + + std::clog << "CLOSE client " << client + << " on socket " << sock << std::endl; + close(client); + } + return 0; +} diff --git a/test/interactive-helper/makefile b/test/interactive-helper/makefile index 10d1e44ec..fee94cd77 100644 --- a/test/interactive-helper/makefile +++ b/test/interactive-helper/makefile @@ -37,3 +37,10 @@ include $(PROGRAM_H) #SLIBS = -lapt-pkg -lrpm #SOURCE = rpmver.cc #include $(PROGRAM_H) + +# very simple webserver for APT testing +PROGRAM=aptwebserver +SLIBS = -lapt-pkg +LIB_MAKES = apt-pkg/makefile +SOURCE = aptwebserver.cc +include $(PROGRAM_H) diff --git a/test/libapt/configuration_test.cc b/test/libapt/configuration_test.cc index 87d5699ef..2c974ee0a 100644 --- a/test/libapt/configuration_test.cc +++ b/test/libapt/configuration_test.cc @@ -98,6 +98,10 @@ int main(int argc,const char *argv[]) { equals(Cnf.FindDir("Dir::State"), "/rootdir/dev/null"); equals(Cnf.FindDir("Dir::State::lists"), "/rootdir/dev/null"); + Cnf.Set("Moo::Bar", "1"); + Cnf.Clear(); + equals(Cnf.Find("Moo::Bar"), ""); + //FIXME: Test for configuration file parsing; // currently only integration/ tests test them implicitly diff --git a/test/libapt/fileutl_test.cc b/test/libapt/fileutl_test.cc new file mode 100644 index 000000000..b6b8ac579 --- /dev/null +++ b/test/libapt/fileutl_test.cc @@ -0,0 +1,42 @@ +#include <apt-pkg/error.h> +#include <apt-pkg/fileutl.h> + +#include "assert.h" +#include <string> +#include <vector> + +#include <stdio.h> +#include <iostream> +#include <stdlib.h> + + +int main(int argc,char *argv[]) +{ + std::vector<std::string> files; + + // normal match + files = Glob("*.lst"); + if (files.size() != 1) + { + _error->DumpErrors(); + return 1; + } + + // not there + files = Glob("xxxyyyzzz"); + if (files.size() != 0 || _error->PendingError()) + { + _error->DumpErrors(); + return 1; + } + + // many matches (number is a bit random) + files = Glob("*.cc"); + if (files.size() < 10) + { + _error->DumpErrors(); + return 1; + } + + return 0; +} diff --git a/test/libapt/makefile b/test/libapt/makefile index 5e225f240..578f2da4d 100644 --- a/test/libapt/makefile +++ b/test/libapt/makefile @@ -97,4 +97,9 @@ include $(PROGRAM_H) PROGRAM = IndexCopyToSourceList${BASENAME} SLIBS = -lapt-pkg SOURCE = indexcopytosourcelist_test.cc + +# test fileutls +PROGRAM = FileUtl${BASENAME} +SLIBS = -lapt-pkg +SOURCE = fileutl_test.cc include $(PROGRAM_H) |