Browse Source

support tor+https being handled by http

The apt-transport-tor package operates via simple symlinks which can
result in 'http' being called as 'tor+https', so it must pick up the
right configuration pieces and trigger https support also in plus names.
tags/debian/1.5_alpha2
David Kalnischkies 4 years ago
parent
commit
579f8f1008
2 changed files with 18 additions and 4 deletions
  1. +10
    -3
      methods/http.cc
  2. +8
    -1
      test/integration/test-apt-https-no-redirect

+ 10
- 3
methods/http.cc View File

@@ -343,13 +343,15 @@ bool HttpServerState::Open()
if (Proxy.empty() == false)
Owner->AddProxyAuth(Proxy, ServerName);

bool tls = ServerName.Access == "https";
bool tls = (ServerName.Access == "https" || APT::String::Endswith(ServerName.Access, "+https"));
auto const DefaultService = tls ? "https" : "http";
auto const DefaultPort = tls ? 443 : 80;
if (Proxy.Access == "socks5h")
{
if (Connect(Proxy.Host, Proxy.Port, "socks", 1080, ServerFd, TimeOut, Owner) == false)
return false;

if (UnwrapSocks(ServerName.Host, ServerName.Port == 0 ? 80 : ServerName.Port,
if (UnwrapSocks(ServerName.Host, ServerName.Port == 0 ? DefaultPort : ServerName.Port,
Proxy, ServerFd, Owner->ConfigFindI("TimeOut", 120), Owner) == false)
return false;
}
@@ -372,7 +374,7 @@ bool HttpServerState::Open()
Port = Proxy.Port;
Host = Proxy.Host;
}
if (!Connect(Host, Port, tls ? "https" : "http", tls ? 443 : 80, ServerFd, TimeOut, Owner))
if (!Connect(Host, Port, DefaultService, DefaultPort, ServerFd, TimeOut, Owner))
return false;
}

@@ -853,6 +855,11 @@ HttpMethod::HttpMethod(std::string &&pProg) : BaseHttpMethod(pProg.c_str(), "1.2
addName = "http";
auto const plus = Binary.find('+');
if (plus != std::string::npos)
{
auto name2 = Binary.substr(plus + 1);
if (std::find(methodNames.begin(), methodNames.end(), name2) == methodNames.end())
addName = std::move(name2);
addName = Binary.substr(0, plus);
}
}
/*}}}*/

+ 8
- 1
test/integration/test-apt-https-no-redirect View File

@@ -15,6 +15,7 @@ changetohttpswebserver
webserverconfig 'aptwebserver::redirect::replace::/redirectme/' "http://localhost:${APTHTTPPORT}/"
webserverconfig 'aptwebserver::redirect::replace::/redirectme2/' "https://localhost:${APTHTTPSPORT}/"
echo 'Dir::Bin::Methods::https+http "http";' > rootdir/etc/apt/apt.conf.d/99add-https-http-method
echo 'Dir::Bin::Methods::foo+https "http";' > rootdir/etc/apt/apt.conf.d/99add-foo-https-method

msgtest 'download of a file works via' 'http'
testsuccess --nomsg downloadfile "http://localhost:${APTHTTPPORT}/working" httpfile
@@ -32,10 +33,16 @@ rm -f httpfile

msgtest 'download of a file does not work if' 'https redirected to http'
testfailure --nomsg downloadfile "https://localhost:${APTHTTPSPORT}/redirectme/working" redirectfile

msgtest 'libcurl has forbidden access in last request to' 'http resource'
testsuccess --nomsg grep -q -E -- "Redirection from https to 'http://.*' is forbidden" rootdir/tmp/testfailure.output
rm -f redirectfile

msgtest 'download of a file does work if' 'https+http redirected to https'
testsuccess --nomsg downloadfile "https+http://localhost:${APTHTTPPORT}/redirectme2/working" redirectfile
testfileequal redirectfile 'alright'
rm -f redirectfile

msgtest 'download of a file does work if' 'foo+https redirected to https'
testsuccess --nomsg downloadfile "foo+https://localhost:${APTHTTPSPORT}/redirectme2/working" redirectfile
testfileequal redirectfile 'alright'
rm -f redirectfile

Loading…
Cancel
Save