summaryrefslogtreecommitdiff
path: root/methods/https.cc
AgeCommit message (Collapse)Author
2015-04-07properly handle expected filesize in httpsDavid Kalnischkies
The worker expects that the methods tell him when they start or finish downloading a file. Various information pieces are passed along in this report including the (expected) filesize. https is using a "global" struct for reporting which made it 'reuse' incorrect values in some cases like a non-existent InRelease fallbacking to Release{,.gpg} resulting in an incorrect size-mismatch warning scaring and desensitizing users as well as being subject to a race between the write_data and progress callbacks generating incorrect progress reporting and potentially the same error message. Other branches as well as the bugreports contain 'better' fixes making the struct local and other sensible changes, but are larger as a result, so in this version we opted for short diff with minimal effect above else instead. Closes: 777565, 781509 Thanks: Robert Edmonds and Anders Kaseorg for initial patchs
2015-01-05Fix missing URIStart() for https downloadsMichael Vogt
Add a explicit ReceivedData to HttpsMethod that indicates when we got data from the connection so that we can send URISTart() to the parent. This is needed because URIStart got moved in f9b4f12d from the progress_callback to write_data() and it only checks for Res.Size. In the old code if progress_callback is called by libcurl (and sets Res.Size) before write_data is called then URIStart() is never send. Making this a explicit ReceivedData variable fixes this issue.
2014-12-22dispose http(s) 416 error page as non-contentDavid Kalnischkies
Real webservers (like apache) actually send an error page with a 416 response, but our client didn't expect it leaving the page on the socket to be parsed as response for the next request (http) or as file content (https), which isn't what we want at all… Symptom is a "Bad header line" as html usually doesn't parse that well to an http-header. This manifests itself e.g. if we have a complete file (or larger) in partial/ which isn't discarded by If-Range as the server doesn't support it (or it is just newer, think: mirror rotation). It is a sort-of regression of 78c72d0ce22e00b194251445aae306df357d5c1a, which removed the filesize - 1 trick, but this had its own problems… To properly test this our webserver gains the ability to reply with transfer-encoding: chunked as most real webservers will use it to send the dynamically generated error pages. (The tests and their binary helpers had to be slightly modified to apply, but the patch to fix the issue itself is unchanged.) Closes: 768797
2014-09-02Make Proxy-Auto-Detect check for each hostMichael Vogt
When doing Acquire::http{,s}::Proxy-Auto-Detect, run the auto-detect command for each host instead of only once. This should make using "proxy" from libproxy-tools feasible which can then be used for PAC style or other proxy configurations. Closes: #759264
2014-04-26enforce LFS for partial files in https range requestsDavid Kalnischkies
2014-03-13cleanup headers and especially #includes everywhereDavid Kalnischkies
Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
2014-03-13warning: unused parameter ‘foo’ [-Wunused-parameter]David Kalnischkies
Reported-By: gcc -Wunused-parameter Git-Dch: Ignore
2014-03-13warning: extra ‘;’ [-Wpedantic]David Kalnischkies
Git-Dch: Ignore Reported-By: gcc -Wpedantic
2014-02-22Fix typos in documentation (codespell)Michael Vogt
2014-02-14add a testcase to check for forbidden https→http downgradesDavid Kalnischkies
Git-Dch: Ignore
2014-02-14disable https->http redirects in libcurlMichael Vogt
This change prevents changing the protocol from https to http.
2014-02-14report https download start only if we really get itDavid Kalnischkies
Reporting it via progress means that e.g. a redirect will trigger it, too, so you get a Get & Hit while http only reports a Hit as it should be.
2014-02-11use utimes instead of utimensat/futimensDavid Kalnischkies
cppcheck complains about the obsolete utime as it was removed in POSIX1.2008 and recommends usage of utimensat/futimens instead as those are in POSIX and so commit 9ce3cfc9 switched to them. It is just that they aren't as portable as the standard suggests: At least our kFreeBSD and Hurd ports stumble over it at runtime. So to make both, the ports and cppcheck happy, we use utimes instead. Closes: 738567
2014-01-16correct some style/performance/warnings from cppcheckDavid Kalnischkies
The most "visible" change is from utime to utimensat/futimens as the first one isn't part of POSIX anymore. Reported-By: cppcheck Git-Dch: Ignore
2013-10-01handle complete responses to https range requestsDavid Kalnischkies
Servers might respond with a complete file either because they don't support Ranges at all or the If-Range condition isn't statisfied, so we have to parse the headers curl gets ourself to seek or truncate the file we have so far. This also finially adds the testcase testing a bunch of partial situations for both, http and https - which is now all green. Closes: 617643, 667699 LP: 1157943
2013-10-01fix partial (206 and 416) support in httpsDavid Kalnischkies
As lengthy discussed in lp:1157943 partial https support was utterly broken as a 206 response was handled as an (unhandled) error. This is the first part of fixing it by supporting a 206 response and starting to deal with 416.
2013-05-08merged patch from Daniel Hartwig to fix URI and proxy releated issuesMichael Vogt
2013-05-08merged from the debian-wheezy branchMichael Vogt
2013-05-08properly handle if-modfied-since with libcurl/https Michael Vogt
(closes: #705648)
2013-01-09* methods/https.cc:Michael Vogt
- reuse connection in https, thanks to Thomas Bushnell, BSG for the patch. LP: #1087543, Closes: #695359
2012-05-17add spaces around PACKAGE_VERSION to fix FTBFS with -std=c++11David Kalnischkies
2012-03-22the previously used VERSION didn't work everywhere so we are switchingDavid Kalnischkies
to the more standard PACKAGE_VERSION and make it work in every file
2012-01-30* methods/http{s,}.cc:David Kalnischkies
- if a file without an extension is requested send an 'Accept: text/*' header to avoid that the server chooses unsupported compressed files in a content-negotation attempt (Closes: #657560)
2012-01-19* methods/https.cc:David Kalnischkies
- use curls list append instead of appending Range and If-Range by hand which generates malformed requests, thanks Mel Collins for the hint! (Closes: #646381)
2011-12-17try to avoid direct usage of .Fd() if possible and do read()s and coDavid Kalnischkies
on the FileFd instead
2011-10-05merge with current debian apt/experimentalDavid Kalnischkies
2011-10-05* apt-pkg/contrib/configuration.cc:Michael Vogt
- fix double delete (LP: #848907) - ignore only the invalid regexp instead of all options * apt-pkg/acquire-item.h, apt-pkg/deb/debmetaindex.cc: - fix fetching language information by adding OptionalSubIndexTarget * methods/https.cc: - cleanup broken downloads properly * ftparchive/cachedb.cc: - fix buffersize in bytes2hex * apt-pkg/deb/deblistparser.cc: - fix crash when the dynamic mmap needs to be grown in LoadReleaseInfo (LP: #854090)
2011-09-20* methods/https.cc:Michael Vogt
- cleanup broken downloads properly
2011-09-19use forward declaration in headers if possible instead of includesDavid Kalnischkies
2011-09-13Support large files in the complete toolset. Indexes of thisDavid Kalnischkies
size are pretty unlikely for now, but we need it for deb packages which could become bigger than 4GB now (LP: #815895)
2011-09-13reorder includes: add <config.h> if needed and include it at firstDavid Kalnischkies
2011-01-12* methods/https.cc:David Kalnischkies
- fix CURLOPT_SSL_VERIFYHOST by really passing 2 to it if enabled
2010-01-08* French manpage translation updateMichael Vogt
* spot & fix various typos in all manpages * German manpage translation update * cmdline/apt-cache.cc: - remove translatable marker from the "%4i %s\n" string * buildlib/po4a_manpage.mak: - instruct debiandoc to build files with utf-8 encoding * buildlib/tools.m4: - fix some warning from the buildtools * apt-pkg/acquire-item.cc: - add configuration PDiffs::Limit-options to not download too many or too big patches (Closes: #554349) * debian/control: - let all packages depend on ${misc:Depends} * share/*-archive.gpg: - remove the horrible outdated files. We already depend on the keyring so we don't need to ship our own version * cmdline/apt-key: - errors out if wget is not installed (Closes: #545754) - add --keyring option as we have now possibly many * methods/gpgv.cc: - pass all keyrings (TrustedParts) to gpgv instead of using only one trusted.gpg keyring (Closes: #304846) * methods/https.cc: - finally merge the rest of the patchset from Arnaud Ebalard with the CRL and Issuers options, thanks! (Closes: #485963)
2009-12-14merged patches from david (many thanks)Michael Vogt
2009-12-11fix the backport of the https methods as they would require an ABI breakDavid Kalnischkies
otherwise in the Configuration class.
2009-12-11add https options which default to the ones from http for the httpsDavid Kalnischkies
method as this is more sane than using only the http options without a possibility to override these for https.
2009-12-11add config setting for User-Agent in http and https to the Acquire group,David Kalnischkies
thanks Timothy J. Miller! (Closes: #355782)
2009-12-10merged -r1875..1886 from lp:~donkult/apt/sidMichael Vogt
2009-12-10* merge lp:~mvo/apt/netrc branch, this adds support for aMichael Vogt
/etc/apt/auth.conf that can be used to store username/passwords in a "netrc" style file (with the extension that it supports "/" in a machine definition). Based on the maemo git branch. * apt-pkg/deb/dpkgpm.cc: - add "purge" to list of known actions
2009-12-07merge lp:~mvo/apt/netrc branch, this adds support for aMichael Vogt
/etc/apt/auth.conf that can be used to store username/passwords in a "netrc" style file (with the extension that it supports "/" in a machine definition). Based on the maemo git branch.
2009-12-04* apt-pkg/contrib/netrc.cc:Michael Vogt
- check for hostname and then host+path - better debug output * methods/https.cc: - fix bug in netrc integration
2009-12-02* apt-pkg/packagemanager.cc:Michael Vogt
- add output about pre-depends configuring when debug::pkgPackageManager is used * methods/https.cc: - fix incorrect use of CURLOPT_TIMEOUT, closes: #497983, LP: #354972 thanks to Brian Thomason for the patch * apt-pkg/depcache.cc, apt-pkg/indexcopy.cc: - typo fix (LP: #462328) * cmdline/apt-key: - Emit a warning if removed keys keyring is missing and skip associated checks (LP: #218971)
2009-11-17methods/https.cc: cleanup for CURLOPT_LOW_SPEED_TIMEMichael Vogt
2009-11-17* methods/https.cc:Michael Vogt
- fix incorrect use of CURLOPT_TIMEOUT, closes: #497983, LP: #354972 thanks to Brian Thomason for the patch
2009-10-16add maybe_add_auth for ftp as wellMichael Vogt
2009-10-16port netrc support from maemonMichael Vogt
2009-10-12methods/https.cc: Add support for authentication using netrc (Closes: #518473),Julian Andres Klode
patch by Jussi Hakala <jussi.hakala@hut.fi>.
2009-08-19merged from the jackyf-devel branchMichael Vogt
2009-02-03* methods/https.cc:Michael Vogt
- add Acquire::https::AllowRedirect support
2009-02-03methods/https.cc: do not unlink partial files (thanks to robbiew)Michael Vogt