summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-08-16don't try pipelining if server closes connectionsDavid Kalnischkies
If a server closes a connection after sending us a file that tends to mean that its a type of server who always closes the connection – it is therefore relatively pointless to try pipelining with it even if it isn't a problem by itself: apt is just restarting the pipeline each time after it got served one file and the connection is closed. The problem starts if one or more proxies are between the server and apt and they disagree about how the connection should be as in the bugreporters case where the responses apt gets contain both Keep-Alive and Proxy-Connection headers (which apt both ignores) indicating a proxy is trying to keep a connection open while the response also contains "Connection: close" indicating the opposite which apt understands and respects as it is required to do. We avoid stepping into this abyss by not performing pipelining anymore if we got a respond with the indication to close connection if the response was otherwise a success – error messages are sent by some servers via this method as their pages tend to be created dynamically and hence their size isn't known a priori to them. Closes: #832113
2016-08-16don't sent Range requests if we know its not acceptedDavid Kalnischkies
If the server told us in a previous request that it isn't supporting Ranges with bytes via an Accept-Ranges header missing bytes, we don't try to formulate requests using Ranges.
2016-08-16reorganize server-states resetting in http/httpsDavid Kalnischkies
We keep various information bits about the server around, some only effecting the currently handled file (like sizes) while others should be persistent (like pipeline detections). http used to reset all file-related manually, which is a bit silly if we already have a Reset() method – which does reset all through –, so extending it with a parameter for reuse and calling it from https too (as this was previously resetting by just creating a new state struct – it uses no value of the persistent state-keeping yet as it supports no pipelining). Gbp-Dch: Ignore
2016-08-15CMake: Install bash completions via cmakeJulian Andres Klode
Having the completions installed only by the packaging was an oversight. Gbp-Dch: ignore
2016-08-13Change anonscm.d.o links to /git/apt/apt.git and httpsJulian Andres Klode
This also fixes Debian/apt#20, but is slightly more complete. I think /git also looks better than /cgit, so let's switch the Vcs entry in control over too.
2016-08-13http(s): allow empty values for header fieldsDavid Kalnischkies
It seems completely pointless from a server-POV to sent empty header fields, so most of them don't do it (simply proven by this limitation existing since day one) – but it is technically allowed by the RFC as the surounding whitespaces are optional and Github seems to like sending "X-Geo-Block-List:\r\n" since recently (bug reports in other http clients indicate July) at least sometimes as the reporter claims to have seen it on https only even through it can happen with both. Closes: 834048
2016-08-12drop incorrect const attribute from DirectoryExistsDavid Kalnischkies
Since its existence in 2010 DirectoryExists was always marked with this attribute, but for no real reason. Arguably a check for the existence of the file is not modifying global state, so theoretically this shouldn't be a problem. It is wrong from a logical point of view through as between two calls the directory could be created so the promise we made to the compiler that it could remove the second call would be wrong, so API wise it is wrong. It's a bit mysterious that this is only observeable on ppc64el and can be fixed by reordering code ever so slightly, but in the end its more our fault for adding this attribute than the compilers fault for doing something silly based on the attribute. LP: 1473674
2016-08-12fileutl: empty file support: Avoid fstat() on -1 fd and check resultJulian Andres Klode
When checking if a file is empty, we forget to check that fstat() actually worked.
2016-08-12tests: don't do boundless string compares with data()David Kalnischkies
Git-Dch: Ignore
2016-08-12ensure a good clock() value for usage and testsDavid Kalnischkies
We use clock() as a very cheap way of getting a "random" value, but the manpage warns that this could return -1, so we should be dealing with this. Additionally, e.g. on hurd-i386 the value increases only slowly – to slow for our fast running tests for randomness hence producing the same range in both samples, so we introduce a simple busy-wait loop (as clock is counting processor time used by the program) in the test which delays the second sample just enough making our randomness a bit more predictable.
2016-08-12don't perform int<float in progress bar drawingDavid Kalnischkies
Comparing floating numbers is always fun and in this instance a 9 < 9.0 is "somehow" true on hurd-i386 letting the tests fail by reporting that too much progress achieved. A bit mysterious, but with some rework we can use code which avoids dealing with the floats in this way entirely and make our testcases happy.
2016-08-12ctest: show test output in case of failuresDavid Kalnischkies
ctest as run by cmake by default does not show the output of the tests even if the tests failed. In terms of our tests it could be handy to set it always, but unfortunately it seems like cmake doesn't allow it if the internet is to be believed, so lets enable it at least while building packages and on travis. Gbp-Dch: Ignore
2016-08-11CMake: Exclude .md5 and .map doxygen files from installJulian Andres Klode
This is much better than removing them in debian/rules. Gbp-Dch: ignore
2016-08-11CMake: Use COPYONLY instead of @ONLYJulian Andres Klode
I don't know what happened back in 2009 when I wrote this, but it seems I used the wrong option. These files should not have any variable substitution done to them.
2016-08-11CMake: Mark Doxygen as required and use DOXYGEN_EXECUTABLEJulian Andres Klode
Seems like I missed that when adding doxygen support. Gbp-Dch: ignore
2016-08-11debian/NEWS: Get rid of 1.3~pre3+cmake1 entryJulian Andres Klode
This was only needed temporarily Thanks: Axel Beckert for reporting
2016-08-11Release 1.3~rc11.3_rc1Julian Andres Klode
This commit looks heavy. Most of that comes from the fact that the ordering of files in the translations changed with the switch to CMake. I could have gone the extra mile to figure out the original ordering and replicate it, but I have chosen to re-order everything by file and line number, as that's easier.
2016-08-11doc/po: Adjust translations for programmatic typo fixJulian Andres Klode
This enhances commit b9e6db821a6ddbc5bf6a90c80c296d4e91283a63. Gbp-Dch: ignore
2016-08-11tests: copy 01autoremove from the right placeDavid Kalnischkies
With cmake using BUILDDIRECTORY at this place is not only as wrong as it was before, but it might not even work always copying the system provided one which might or might not be current and hence fails tests needing it to be current like ./test-apt-move-and-forget-manual-sections We don't want to always use the one from the source directory through either like in autopkgtests. Gbp-Dch: Ignore
2016-08-11Merge branch 'feature/apt-dpkg-comm'David Kalnischkies
2016-08-11Merge branch 'feature/methods'David Kalnischkies
2016-08-11http: auto-configure for local Tor proxy if called as 'tor'David Kalnischkies
With apts http transport supporting socks5h proxies and all the work in terms of configuration of methods based on the name it is called with it becomes surprisingly easy to implement Tor support equally (and perhaps even a bit exceeding) what is available currently in apt-transport-tor. How this will turn out to be handled packaging wise we will see in https://lists.debian.org/deity/2016/08/msg00012.html , but until this is resolved we can add the needed support without actively enabling it for now, so that this can be tested better.
2016-08-11block direct connections to .onion domains (RFC7687)David Kalnischkies
Doing a direct connect to an .onion address (if you don't happen to use it as a local domain, which you shouldn't) is bound to fail and does leak the information that you do use Tor and which hidden service you wanted to connect to to a DNS server. Worse, if the DNS is poisoned and actually resolves tricking a user into believing the setup would work correctly… This does block also the usage of wrappers like torsocks with apt, but with native support available and advertised in the error message this shouldn't really be an issue. Inspired-by: https://bugzilla.mozilla.org/show_bug.cgi?id=1228457
2016-08-10disable explicit configuration of all packages at the endDavid Kalnischkies
With b4450f1dd6bca537e60406b2383ab154a3e1485f we dropped what we calculated here later on and now that we don't need it in the meantime either we can just skip the busy work by default and expect dpkg to do the right thing dropping also our little "last explicit configures" removal trick introduced in b4450f1dd6bca537e60406b2383ab154a3e1485f. This enables the last of a bunch of previously experimental options, some of them existing still, but are very special and hence not really worth documenting anymore (especially as it would need to be rewritten now entirely) which is why the documentation is nearly completely dropped. The order of configuration stanzas in the simulation code changes slightly as it isn't concerning itself with finding the 'right' order, but any order is valid anyhow as long as the entire set happens in the same call.
2016-08-10simulate all package manager actions explicitlyDavid Kalnischkies
If a planner lets actions to be figured out by dpkg in pending calls these actions aren't mentioned in a simulation. While that might be a good thing for debugging, it would be a change in behavior and especially if a planner avoids explicit removals could be confusing for users. As such we perform the same 'trick' as in the dpkg implementation by performing explicitly what would be done by the pending calls. To save us some work and avoid desyncs we perform a layer violation by using deb/ code in the generic simulation – and further we perform ugly dynamic_cast to avoid breaking the ABI for nothing; aptitude is the only other user of the simulation class according to codesearch.d.n and for that our little trick works. It just isn't working if you happen to extend pkgSimulate or otherwise manage to call the protected Go methods directly – which isn't very realistic/practical.
2016-08-10try to avoid removal of crossgraded packagesDavid Kalnischkies
The user has to approve the removal of a crossgraded package as it might be needed to remove it (temporarily) in the process, but in most cases we can happily avoid it and let dpkg unpack over it skipping the remove. This has some effects on progress reporting and how deal with selections through which makes this a tiny bit complicated.
2016-08-10allow user@host (aka: no password) in URI parsingDavid Kalnischkies
If the URI had no password the username was ignored
2016-08-10fix programmatic typo in apt-key manpageDavid Kalnischkies
Reported-By: Johannes 'josch' Schauer on IRC Gbp-Dch: Ignore
2016-08-10allow methods to be disabled and redirected via configDavid Kalnischkies
To prevent accidents like adding http-sources while using tor+http it can make sense to allow disabling methods. It might even make sense to allow "redirections" and adding "symlinked" methods via configuration. This could e.g. allow using different options for certain sources by adding and configuring a "virtual" new method which picks up the config based on the name it was called with like e.g. http does if called as tor+http.
2016-08-10implement socks5h proxy support for http methodDavid Kalnischkies
Socks support is a requested feature in sofar that the internet is actually believing Acquire::socks::Proxy would exist. It doesn't and this commit isn't adding it as that isn't how our configuration works, but it allows Acquire::http::Proxy="socks5h://…". The HTTPS method was changed already to support socks proxies (all versions) via curl. This commit implements only SOCKS5 (RFC1928) with no auth or pass&user auth (RFC1929), but not GSSAPI which is required by the RFC. The 'h' in the protocol name further indicates that DNS resolution is delegated to the socks proxy rather than performed locally. The implementation works and was tested with Tor as socks proxy for which implementing socks5h only can actually be considered a feature. Closes: 744934
2016-08-10implement generic config fallback for methodsDavid Kalnischkies
The https method implemented for a long while now a hardcoded fallback to the same options in http, which, while it works, is rather inflexible if we want to allow the methods to use another name to change their behavior slightly, like apt-transport-tor does to https – most of the diff being s#https#tor#g which then fails to do the full circle fallthrough tor -> https -> http for https sources. With this config infrastructure this could be implemented now.
2016-08-10use the same redirection handling for http and httpsDavid Kalnischkies
cURL which backs our https implementation can handle redirects on its own, but by dealing with them on our own we gain finer control over which redirections will be performed (we don't like https → http) and by whom so that redirections to other hosts correctly spawn a new https method dealing with these instead of letting the current one deal with it.
2016-08-10detect redirection loops in acquire instead of workersDavid Kalnischkies
Having the detection handled in specific (http) workers means that a redirection loop over different hostnames isn't detected. Its also not a good idea have this implement in each method independently even if it would work
2016-08-10fail on unsupported http/https proxy settingsDavid Kalnischkies
Closes: #623443
2016-08-10suggest transport-packages based on established nameschemeDavid Kalnischkies
apt-transports not shipped in apt directly are usually named apt-transport-% with % being what is in the name of the transport. tor additional introduced aliases via %+something, which isn't a bad idea, so be strip the +something part from the method name before suggesting the installation of an apt-transport-% package. This avoids us the maintainance of a list of existing transports creating a two class system of known and unknown transports which would be quite arbitrary and is unfriendly to backports.
2016-08-10support all socks-proxy known to curl in https methodDavid Kalnischkies
2016-08-10ensure all removes are reported to hook scriptsDavid Kalnischkies
Same reason and implementation as for configure.
2016-08-10ensure all configures are reported to hook scriptsDavid Kalnischkies
A planner might not explicitly configure all packages, but we need to know all packages which will be configured for progress reporting and to tell the hook scripts about them as they rely on this for their own functionality.
2016-08-10don't purge directly, but remove and do purge at the endDavid Kalnischkies
If we want a package to be purged from the system tell dpkg in the ordering (if it has to touch it explicitly) to remove it and cover the purging of the config files at the end with a --purge --pending call. That should help packages move conffiles around between packages correctly even if the user is purging packages directly in big actions like dist-upgrades involving many packages.
2016-08-10call dpkg with --no-triggers by defaultDavid Kalnischkies
Implemented a long while ago now with relatively good progress reporting involving triggers is a good time to try delaying the execution of triggers across dpkg invocations finally by default. Note: The bugreport talks also about 'smarter' configuration which is a much bigger part and approached from multiple directions, but doesn't really involve triggers per-se so considering it decoupled should help in getting it done… Closes: #626599
2016-08-10select remove/purge packages early on for dpkgDavid Kalnischkies
Telling dpkg early on that we are going to remove these packages later helps it with auto-deconfiguration decisions and its another area where a planner can ignore the nitty gritty details and let dpkg decide the course of action if there are no special requirements.
2016-08-10save and restore selection states before/after calling dpkgDavid Kalnischkies
dpkg decides certain things on its own based on selections and especially if we want to call --pending on purge/remove actions, we need to ensure a clean slate or otherwise we surprise the user by removing packages we weren't allowed to remove by the user in this run (the selection might be an overarching plan for the not-yet "future"). Ideally dpkg would have some kind of temporal selection interface for this case, but it hasn't, so we make it temporal with the risk of loosing state if we don't manage to restore them.
2016-08-10use dpkg --unpack --recursive to avoid long cmdlinesDavid Kalnischkies
Having long commandlines split into two is a huge problem if it happens and additionally if we want to introduce planners which perform less micromanagment its a good idea to leave the details for dpkg to decide. In practice this doesn't work yet unconditionally as a bug is hiding in the ordering code of dpkg, but it works if apt imposes its ordering so this commit allows for now at least to solve the first problem.
2016-08-10pass --force-remove-essential to dpkg only if neededDavid Kalnischkies
APT (usually) knows which package is essential or not, so we can avoid passing this force flag to dpkg unconditionally if the user hasn't chosen a non-default essential handling obscuring the information.
2016-08-10Do not set the binary dir in run-tests, it breaks stuffJulian Andres Klode
This breaks -j and does all sort of other weird stuff I did not notice in the previous (non-parallel) runs. Gbp-Dch: ignore
2016-08-10Fix some indentation issues in README.mdJulian Andres Klode
2016-08-10Merge branch 'cmake'Julian Andres Klode
2016-08-10test: Automatically discover CMake build directoryJulian Andres Klode
Look at the project root, and all directories directly below it and pick the directory with the newest CMakeCache.txt file. Gbp-Dch: ignore
2016-08-10Update gitignore for cmakeJulian Andres Klode
We cannot be sure if you are not running the build tree, so this is a bit ugly. Gbp-Dch: ignore
2016-08-10Get rid of the old buildsystemJulian Andres Klode
Bye, bye, old friend.