summaryrefslogtreecommitdiff
path: root/apt-pkg/acquire-worker.cc
AgeCommit message (Collapse)Author
2015-06-09rework hashsum verification in the acquire systemDavid Kalnischkies
Having every item having its own code to verify the file(s) it handles is an errorprune process and easy to break, especially if items move through various stages (download, uncompress, patching, …). With a giant rework we centralize (most of) the verification to have a better enforcement rate and (hopefully) less chance for bugs, but it breaks the ABI bigtime in exchange – and as we break it anyway, it is broken even harder. It shouldn't effect most frontends as they don't deal with the acquire system at all or implement their own items, but some do and will need to be patched (might be an opportunity to use apt on-board material). The theory is simple: Items implement methods to decide if hashes need to be checked (in this stage) and to return the expected hashes for this item (in this stage). The verification itself is done in worker message passing which has the benefit that a hashsum error is now a proper error for the acquire system rather than a Done() which is later revised to a Failed().
2015-05-13detect Releasefile IMS hits even if the server doesn'tDavid Kalnischkies
Not all servers we are talking to support If-Modified-Since and some are not even sending Last-Modified for us, so in an effort to detect such hits we run a hashsum check on the 'old' compared to the 'new' file, we got the hashes for the 'new' already for "free" from the methods anyway and hence just need to calculated the old ones. This allows us to detect hits even with unsupported servers, which in turn means we benefit from all the new hit behavior also here.
2015-04-19ensure lists/ files have correct permissions after apt-cdrom addDavid Kalnischkies
Its a bit unpredictable which permissons and owners we will encounter on a CD-ROM (or a USB stick, as apt-cdrom is responsible for those too), so we have to ensure in this codepath as well that everything is nicely setup without waiting for a 'apt-get update' to fix up the (potential) mess.
2014-11-08fix variable naming typo used in debug outputDavid Kalnischkies
Git-Dch: Ignore
2014-10-26move permission changing from -item to -workerDavid Kalnischkies
The worker is the part closest to the methods, which will call the item methods according to what it gets back from the methods, it is therefore a better place to change permissions as it is very central and can do it now at the point the item is assigned to a method rather than then it is queued for download (and as before while dequeued via Done/Failure). Git-Dch: Ignore
2014-10-07Merge branch 'feature/acq-trans' into feature/expected-sizeMichael Vogt
2014-10-07make expected-size a maximum-size check as this is what we want at this pointMichael Vogt
2014-10-07use _apt:root only for partial directoriesDavid Kalnischkies
Using a different user for calling methods is intended to protect us from methods running amok (via remotely exploited bugs) by limiting what can be done by them. By using root:root for the final directories and just have the files in partial writeable by the methods we enhance this in sofar as a method can't modify already verified data in its parent directory anymore. As a side effect, this also clears most of the problems you could have if the final directories are shared without user-sharing or if these directories disappear as they are now again root owned and only the partial directories contain _apt owned files (usually none if apt isn't running) and the directory itself is autocreated with the right permissions.
2014-08-26Pass ExpectedSize to tthe backend methodMichael Vogt
This ensures that we can stop downloading if the server send too much data by accident (or by a malicious attempt)
2014-05-09tell download methods the expected hashesDavid Kalnischkies
Now that we have all hashes in the acquire system, pass the info down to the methods, so that it can use it in the request and/or to precheck the response.
2014-05-09use HashStringList in the acquire systemDavid Kalnischkies
It is not very extensible to have the supported Hashes hardcoded everywhere and especially if it is part of virtual method names. It is also possible that a method does not support the 'best' hash (yet), so we might end up not being able to verify a file even though we have a common subset of supported hashes. And those are just two of the cases in which it is handy to have a more dynamic selection. The downside is that this is a MAJOR API break, but the HashStringList has a string constructor for compatibility, so with a bit of luck the few frontends playing with the acquire system directly are okay.
2014-03-13cleanup headers and especially #includes everywhereDavid Kalnischkies
Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
2014-02-22Fix typos in documentation (codespell)Michael Vogt
2014-02-14allow http protocol to switch to httpsDavid Kalnischkies
switch protocols at random is a bad idea if e.g. http can switch to file, so we limit the possibilities to http to http and http to https. As very few people (less than 1% according to popcon) have https installed this likely changes nothing in terms of failure. The commit is adding a friendly hint which package needs to be installed though.
2013-05-08properly handle if-modfied-since with libcurl/https Michael Vogt
(closes: #705648)
2012-05-14* apt-pkg/acquire*.cc:Raphael Geissert
- handle redirections in the worker with the right method instead of in the method the redirection occured in (Closes: #668111) * methods/http.cc: - forbid redirects to change protocol
2012-05-07* apt-pkg/acquire-worker.cc:YOSHINO Yoshihito
- revert the use of FileFd::Write in OutFdReady as we don't want error reports about EAGAIN here as we retry later. Thanks to YOSHINO Yoshihito for the report. (Closes: #671721)
2012-04-22* apt-pkg/acquire-worker.cc:David Kalnischkies
- use Dump() to generate the configuration message for sending
2012-04-11use a static FileFd::Write overload to reduce duplication of write()-retry codeDavid Kalnischkies
2012-03-20* apt-pkg/acquire-worker.cc:David Kalnischkies
- check return of write() as gcc recommends * apt-pkg/acquire.cc: - check return of write() as gcc recommends * apt-pkg/cdrom.cc: - check return of chdir() and link() as gcc recommends * apt-pkg/clean.cc: - check return of chdir() as gcc recommends * apt-pkg/contrib/netrc.cc: - check return of asprintf() as gcc recommends
2011-09-13Support large files in the complete toolset. Indexes of thisDavid Kalnischkies
size are pretty unlikely for now, but we need it for deb packages which could become bigger than 4GB now (LP: #815895)
2011-09-13reorder includes: add <config.h> if needed and include it at firstDavid Kalnischkies
2011-07-05* apt-pkg/acquire*.{cc,h}:David Kalnischkies
- try even harder to support really big files in the fetcher by converting (hopefully) everything to 'long long' (Closes: #632271)
2011-04-26* apt-pkg/acquire-worker.cc:David Kalnischkies
- print filename in the unmatching size warning (Closes: #623137)
2011-03-14* mirror method:Michael Vogt
- when downloading data, show the mirror being used
2009-07-02* apt-pkg/acquire-worker.cc:Michael Vogt
- show error details of failed methods * apt-pkg/contrib/fileutl.cc: - if a process aborts with signal, show signal number * methods/http.cc: - ignore SIGPIPE, we deal with EPIPE from write in HttpMethod::ServerDie() (LP: #385144)
2009-01-30[ABI break] merge support for http redirects, thanks toMichael Vogt
Jeff Licquia and Anthony Towns
2008-01-07* apt-pkg/acquire-worker.cc, methods/connect.cc:Michael Vogt
- consider a ResolveError a transient-network problem
2007-08-08* apt-pkg/acquire-worker.cc:Michael Vogt
- only pass a hash if we actually got one from the method * methods/copy.cc: - take hashes here too (*sigh*)
2007-07-30* apt-pkg/acquire-item.{cc,h}:Michael Vogt
- rename "hash" into ExpectedHash in pkgAcqFile, pkgAcqIndex - add missing HashSum() call to class pkgAcqIndex - use the data provided by acquire-method (and send via the {SHA256,SHA1,MD5Sum}-Hash tag when comparing the hash, this avoids calculating the hash twice (just like old libapt) * apt-pkg/acquire-method.cc: - send MD5Sum-Hash tag to libapt to be consistant with HashString::SupportedHashes() * apt-pkg/acquire-worker.cc: - check with "Owner->HashSum().HashType()" what hash the frontend is expecting and pass it to pkgAcquireItem::Done() in the new HashString format - add some debugging output * apt-pkg/contrib/hashes.cc: - fix off-by-one error when constructing a HashString from a single input string * apt-pkg/contrib/hashes.h: - add "HashType()" method * apt-pkg/init.h, apt-pkg/makefile, methods/makefile: - break ABI
2007-06-09* merged the remaining bits from the apt--no-pragma branchMichael Vogt
2007-06-08* remove all the remaining #pragma implementationMichael Vogt
2006-02-21* more work for the DefaultAptSources specMichael Vogt
apt-pkg/acquire-item.h: - add new pkgAcquire::Item::StatTransientNetworkError status apt-pkg/acquire-item.cc: - if we get a StatTransientNetworkError use old sigfile and indexfiles apt-pkg/acquire-worker.cc: - set StatTransientNetworkError on "Timeout", "TmpResolveFailure", "ConnectionRefused" cmdline/apt-get.cc: - handle a StatTransientNetworkError different than a normal error (warning instead of error)
2005-08-31* include a human readable string for the MediaChange status-fd message as wellMichael Vogt
2005-08-31* meda-change message is send over status-fd nowMichael Vogt
2004-09-20G++3 fixes from RandolphArch Librarian
Author: jgg Date: 2001-05-22 04:42:54 GMT G++3 fixes from Randolph
2004-09-20More snprintf stuffArch Librarian
Author: jgg Date: 2001-03-23 01:47:14 GMT More snprintf stuff
2004-09-20Join with aliencodeArch Librarian
Author: jgg Date: 2001-02-20 07:03:16 GMT Join with aliencode
2004-09-20Typo in Algorithms.cc. Closes: #63577Arch Librarian
Author: jgg Date: 2000-05-10 05:56:23 GMT Typo in Algorithms.cc. Closes: #63577
2004-09-20Bug fixes, new major versionArch Librarian
Author: jgg Date: 2000-01-27 04:15:09 GMT Bug fixes, new major version
2004-09-20More CD fixesArch Librarian
Author: jgg Date: 2000-01-17 07:11:49 GMT More CD fixes
2004-09-20CDROMs are unmountedArch Librarian
Author: jgg Date: 1999-10-18 00:37:35 GMT CDROMs are unmounted
2004-09-20Fixed sign conversionArch Librarian
Author: jgg Date: 1999-08-28 01:49:07 GMT Fixed sign conversion
2004-09-20Random fixes..Arch Librarian
Author: jgg Date: 1999-08-03 05:19:41 GMT Random fixes..
2004-09-20Small segv bug fixArch Librarian
Author: jgg Date: 1999-08-03 02:25:38 GMT Small segv bug fix
2004-09-20Fixed up dpkginit and acquire stuff..Arch Librarian
Author: jgg Date: 1999-07-30 05:36:52 GMT Fixed up dpkginit and acquire stuff..
2004-09-20Minor cleanups, fix for checksum lowercase bugArch Librarian
Author: jgg Date: 1999-07-26 17:46:07 GMT Minor cleanups, fix for checksum lowercase bug
2004-09-20Fixed the cps resume problemArch Librarian
Author: jgg Date: 1999-05-23 06:47:43 GMT Fixed the cps resume problem
2004-09-20Working apt-get source build stuffArch Librarian
Author: jgg Date: 1999-04-20 05:02:09 GMT Working apt-get source build stuff
2004-09-20Signal safetyArch Librarian
Author: jgg Date: 1999-03-16 00:43:55 GMT Signal safety