Age | Commit message (Collapse) | Author |
|
Using a different user for calling methods is intended to protect us
from methods running amok (via remotely exploited bugs) by limiting what
can be done by them. By using root:root for the final directories and
just have the files in partial writeable by the methods we enhance this
in sofar as a method can't modify already verified data in its parent
directory anymore.
As a side effect, this also clears most of the problems you could have
if the final directories are shared without user-sharing or if these
directories disappear as they are now again root owned and only the
partial directories contain _apt owned files (usually none if apt isn't
running) and the directory itself is autocreated with the right
permissions.
|
|
Now that we have all hashes in the acquire system, pass the info down to
the methods, so that it can use it in the request and/or to precheck the
response.
|
|
It is not very extensible to have the supported Hashes hardcoded
everywhere and especially if it is part of virtual method names.
It is also possible that a method does not support the 'best' hash
(yet), so we might end up not being able to verify a file even though we
have a common subset of supported hashes. And those are just two of the
cases in which it is handy to have a more dynamic selection.
The downside is that this is a MAJOR API break, but the HashStringList
has a string constructor for compatibility, so with a bit of luck the
few frontends playing with the acquire system directly are okay.
|
|
Beside being a bit cleaner it hopefully also resolves oddball problems
I have with high levels of parallel jobs.
Git-Dch: Ignore
Reported-By: iwyu (include-what-you-use)
|
|
|
|
switch protocols at random is a bad idea if e.g. http can switch to
file, so we limit the possibilities to http to http and http to https.
As very few people (less than 1% according to popcon) have https
installed this likely changes nothing in terms of failure. The commit is
adding a friendly hint which package needs to be installed though.
|
|
(closes: #705648)
|
|
- handle redirections in the worker with the right method instead of
in the method the redirection occured in (Closes: #668111)
* methods/http.cc:
- forbid redirects to change protocol
|
|
- revert the use of FileFd::Write in OutFdReady as we don't want error
reports about EAGAIN here as we retry later. Thanks to YOSHINO Yoshihito
for the report. (Closes: #671721)
|
|
- use Dump() to generate the configuration message for sending
|
|
|
|
- check return of write() as gcc recommends
* apt-pkg/acquire.cc:
- check return of write() as gcc recommends
* apt-pkg/cdrom.cc:
- check return of chdir() and link() as gcc recommends
* apt-pkg/clean.cc:
- check return of chdir() as gcc recommends
* apt-pkg/contrib/netrc.cc:
- check return of asprintf() as gcc recommends
|
|
size are pretty unlikely for now, but we need it for deb
packages which could become bigger than 4GB now (LP: #815895)
|
|
|
|
- try even harder to support really big files in the fetcher by
converting (hopefully) everything to 'long long' (Closes: #632271)
|
|
- print filename in the unmatching size warning (Closes: #623137)
|
|
- when downloading data, show the mirror being used
|
|
- show error details of failed methods
* apt-pkg/contrib/fileutl.cc:
- if a process aborts with signal, show signal number
* methods/http.cc:
- ignore SIGPIPE, we deal with EPIPE from write in
HttpMethod::ServerDie() (LP: #385144)
|
|
Jeff Licquia and Anthony Towns
|
|
- consider a ResolveError a transient-network problem
|
|
- only pass a hash if we actually got one from the method
* methods/copy.cc:
- take hashes here too (*sigh*)
|
|
- rename "hash" into ExpectedHash in pkgAcqFile, pkgAcqIndex
- add missing HashSum() call to class pkgAcqIndex
- use the data provided by acquire-method (and send via the
{SHA256,SHA1,MD5Sum}-Hash tag when comparing the hash, this
avoids calculating the hash twice (just like old libapt)
* apt-pkg/acquire-method.cc:
- send MD5Sum-Hash tag to libapt to be consistant with
HashString::SupportedHashes()
* apt-pkg/acquire-worker.cc:
- check with "Owner->HashSum().HashType()" what hash the frontend
is expecting and pass it to pkgAcquireItem::Done() in the new
HashString format
- add some debugging output
* apt-pkg/contrib/hashes.cc:
- fix off-by-one error when constructing a HashString from a single
input string
* apt-pkg/contrib/hashes.h:
- add "HashType()" method
* apt-pkg/init.h, apt-pkg/makefile, methods/makefile:
- break ABI
|
|
|
|
|
|
apt-pkg/acquire-item.h:
- add new pkgAcquire::Item::StatTransientNetworkError status
apt-pkg/acquire-item.cc:
- if we get a StatTransientNetworkError use old sigfile and indexfiles
apt-pkg/acquire-worker.cc:
- set StatTransientNetworkError on "Timeout", "TmpResolveFailure", "ConnectionRefused"
cmdline/apt-get.cc:
- handle a StatTransientNetworkError different than a normal error (warning instead of error)
|
|
|
|
|
|
Author: jgg
Date: 2001-05-22 04:42:54 GMT
G++3 fixes from Randolph
|
|
Author: jgg
Date: 2001-03-23 01:47:14 GMT
More snprintf stuff
|
|
Author: jgg
Date: 2001-02-20 07:03:16 GMT
Join with aliencode
|
|
Author: jgg
Date: 2000-05-10 05:56:23 GMT
Typo in Algorithms.cc. Closes: #63577
|
|
Author: jgg
Date: 2000-01-27 04:15:09 GMT
Bug fixes, new major version
|
|
Author: jgg
Date: 2000-01-17 07:11:49 GMT
More CD fixes
|
|
Author: jgg
Date: 1999-10-18 00:37:35 GMT
CDROMs are unmounted
|
|
Author: jgg
Date: 1999-08-28 01:49:07 GMT
Fixed sign conversion
|
|
Author: jgg
Date: 1999-08-03 05:19:41 GMT
Random fixes..
|
|
Author: jgg
Date: 1999-08-03 02:25:38 GMT
Small segv bug fix
|
|
Author: jgg
Date: 1999-07-30 05:36:52 GMT
Fixed up dpkginit and acquire stuff..
|
|
Author: jgg
Date: 1999-07-26 17:46:07 GMT
Minor cleanups, fix for checksum lowercase bug
|
|
Author: jgg
Date: 1999-05-23 06:47:43 GMT
Fixed the cps resume problem
|
|
Author: jgg
Date: 1999-04-20 05:02:09 GMT
Working apt-get source build stuff
|
|
Author: jgg
Date: 1999-03-16 00:43:55 GMT
Signal safety
|
|
Author: jgg
Date: 1999-01-30 08:08:54 GMT
Retry support
|
|
Author: jgg
Date: 1999-01-27 02:48:52 GMT
Moved strutl.h
|
|
Author: jgg
Date: 1999-01-20 05:11:25 GMT
Hide hit for local uris
|
|
Author: jgg
Date: 1998-12-14 06:54:41 GMT
Havocs _exit
|
|
Author: jgg
Date: 1998-12-05 01:45:19 GMT
Fixed cdrom method problems
|
|
Author: jgg
Date: 1998-12-04 21:16:46 GMT
CDROM support
|
|
Author: jgg
Date: 1998-11-29 01:24:14 GMT
Minor Acquire cleanup
|
|
Author: jgg
Date: 1998-11-14 01:39:41 GMT
Local file fixes
|