From 25c024910b4c051461a9842d9fe0efc04748c908 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Tue, 5 Feb 2019 16:57:47 +0100 Subject: Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) This allows us to install matching auth files for sources.list.d files, for example; very useful. This converts aptmethod's authfd from one FileFd to a vector of pointers to FileFd, as FileFd cannot be copied, and move operators are hard. (parts cherry-picked from commit feed3ec105cd6be7b5d23da14c6cfca8572ee725) LP: #1811120 TODO: test/integration/test-authentication-basic is missing, what to do? --- apt-pkg/init.cc | 1 + methods/ftp.cc | 17 +++++++++++++++++ methods/http.cc | 18 ++++++++++++++++++ methods/https.cc | 16 ++++++++++++++++ 4 files changed, 52 insertions(+) diff --git a/apt-pkg/init.cc b/apt-pkg/init.cc index 241628632..cbfa13722 100644 --- a/apt-pkg/init.cc +++ b/apt-pkg/init.cc @@ -66,6 +66,7 @@ bool pkgInitConfig(Configuration &Cnf) Cnf.CndSet("Dir::Etc::vendorparts","vendors.list.d"); Cnf.CndSet("Dir::Etc::main","apt.conf"); Cnf.CndSet("Dir::Etc::netrc", "auth.conf"); + Cnf.CndSet("Dir::Etc::netrcparts", "auth.conf.d"); Cnf.CndSet("Dir::Etc::parts","apt.conf.d"); Cnf.CndSet("Dir::Etc::preferences","preferences"); Cnf.CndSet("Dir::Etc::preferencesparts","preferences.d"); diff --git a/methods/ftp.cc b/methods/ftp.cc index 66787a7be..5bcdfd803 100644 --- a/methods/ftp.cc +++ b/methods/ftp.cc @@ -994,6 +994,23 @@ bool FtpMethod::Fetch(FetchItem *Itm) Res.IMSHit = false; maybe_add_auth (Get, _config->FindFile("Dir::Etc::netrc")); + if(Get.User.empty() || Get.Password.empty()) + { + std::string const netrcparts = _config->FindDir("Dir::Etc::netrcparts"); + if (not netrcparts.empty()) + { + _error->PushToStack(); + std::vector files = GetListOfFilesInDir(netrcparts, "conf", true, true); + for (std::vector::const_iterator netrc = files.begin(); netrc != files.end(); netrc++) + { + maybe_add_auth (Get, *netrc); + if (Get.User.empty() == false || Get.Password.empty() == false) + break; + } + _error->RevertToStack(); + } + } + // Connect to the server if (Server == 0 || Server->Comp(Get) == false) diff --git a/methods/http.cc b/methods/http.cc index d3a5d718f..5f5cd2631 100644 --- a/methods/http.cc +++ b/methods/http.cc @@ -758,7 +758,25 @@ void HttpMethod::SendReq(FetchItem *Itm) Req += string("Proxy-Authorization: Basic ") + Base64Encode(Server->Proxy.User + ":" + Server->Proxy.Password) + "\r\n"; + maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc")); + if(Uri.User.empty() || Uri.Password.empty()) + { + std::string const netrcparts = _config->FindDir("Dir::Etc::netrcparts"); + if (not netrcparts.empty()) + { + _error->PushToStack(); + std::vector files = GetListOfFilesInDir(netrcparts, "conf", true, true); + for (std::vector::const_iterator netrc = files.begin(); netrc != files.end(); netrc++) + { + maybe_add_auth (Uri, *netrc); + if (Uri.User.empty() == false || Uri.Password.empty() == false) + break; + } + _error->RevertToStack(); + } + } + if (Uri.User.empty() == false || Uri.Password.empty() == false) { Req += string("Authorization: Basic ") + diff --git a/methods/https.cc b/methods/https.cc index 087604b6d..dd678ca7f 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -177,6 +177,22 @@ bool HttpsMethod::Fetch(FetchItem *Itm) SetupProxy(); maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc")); + if(Uri.User.empty() || Uri.Password.empty()) + { + std::string const netrcparts = _config->FindDir("Dir::Etc::netrcparts"); + if (not netrcparts.empty()) + { + _error->PushToStack(); + std::vector files = GetListOfFilesInDir(netrcparts, "conf", true, true); + for (std::vector::const_iterator netrc = files.begin(); netrc != files.end(); netrc++) + { + maybe_add_auth (Uri, *netrc); + if (Uri.User.empty() == false || Uri.Password.empty() == false) + break; + } + _error->RevertToStack(); + } + } // callbacks curl_easy_setopt(curl, CURLOPT_URL, static_cast(Uri).c_str()); -- cgit v1.2.3