Browse Source

Show permission error if ProxyAutoDetect cmd can't be executed

As the proxy commands are not executed as root, a user can run into
permission errors (s)he isn't expecting – as our switching is an
implementation detail – so the error message in that case should really
be better than a generic "error code 100" sending the user in the wrong
direction as that implies the command was executed, but errored out.

Closes: 857885
tags/debian/1.5_alpha1
David Kalnischkies 4 years ago
parent
commit
e250df1a62
3 changed files with 12 additions and 1 deletions
  1. +5
    -1
      apt-pkg/contrib/proxy.cc
  2. +2
    -0
      test/integration/test-apt-helper
  3. +5
    -0
      test/integration/test-bug-717891-abolute-uris-for-proxies

+ 5
- 1
apt-pkg/contrib/proxy.cc View File

@@ -13,7 +13,8 @@
#include<apt-pkg/strutl.h>

#include<iostream>
#include <unistd.h>
#include<fcntl.h>
#include<unistd.h>

#include "proxy.h"
/*}}}*/
@@ -41,6 +42,9 @@ bool AutoDetectProxy(URI &URL)
if (Debug)
std::clog << "Using auto proxy detect command: " << AutoDetectProxyCmd << std::endl;

if (faccessat(AT_FDCWD, AutoDetectProxyCmd.c_str(), R_OK | X_OK, AT_EACCESS) != 0)
return _error->Errno("access", "ProxyAutoDetect command '%s' can not be executed!", AutoDetectProxyCmd.c_str());

std::string const urlstring = URL;
std::vector<const char *> Args;
Args.push_back(AutoDetectProxyCmd.c_str());


+ 2
- 0
test/integration/test-apt-helper View File

@@ -94,6 +94,8 @@ test_apt_helper_detect_proxy() {
W: ProxyAutoDetect command returned an empty line" apthelper auto-detect-proxy http://example.com/
setupproxydetect 'http' 'echo DIRECT'
testsuccessequal "Using proxy 'DIRECT' for URL 'http://example.com/'" apthelper auto-detect-proxy http://example.com/
chmod -x "${TMPWORKINGDIRECTORY}/apt-proxy-detect"
testfailureequal "E: ProxyAutoDetect command '${TMPWORKINGDIRECTORY}/apt-proxy-detect' can not be executed! - access (13: Permission denied)" apthelper auto-detect-proxy http://example.com/

msgmsg "apt-helper $CONFNAME" 'http proxy'
setupproxydetect 'http' 'echo "http://some-proxy"'


+ 5
- 0
test/integration/test-bug-717891-abolute-uris-for-proxies View File

@@ -46,3 +46,8 @@ The following NEW packages will be installed:
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Inst unrelated (0.5~squeeze1 unstable [all])
Conf unrelated (0.5~squeeze1 unstable [all])' aptget install unrelated -s

chmod 444 "${TMPWORKINGDIRECTORY}/apt-proxy-detect"
msgtest 'Check that non-executable proxy commands result in' 'permission error'
testfailure --nomsg aptget update
testsuccess grep 'can not be executed' rootdir/tmp/testfailure.output

Loading…
Cancel
Save