A Lua script to check the health of Devuan Linux package mirrors. The master repo is at https://sledjhamr.org/cgit/apt-panopticon/ and the master issues tracker is at https://sledjhamr.org/mantisbt/project_page.php?project_id=13 https://sledjhamr.org/cgit/apt-panopticon/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1308 lines
57 KiB

#!/usr/bin/env luajit
local now = os.time()
local APT = require 'apt-panopticommon'
local D = APT.D
local I = APT.I
local T = APT.T
local W = APT.W
local E = APT.E
local C = APT.C
local arg, sendArgs = APT.parseArgs({...})
APT.html = true
local defaultURL = {scheme = "http"}
local releaseFiles =
{
-- Release file.
"Release", -- 3.7 MB
"Release.gpg", --
-- "InRelease", -- 3.7 MB
-- "main/binary-all/Packages.xz", -- 2.6 GB for all that changed recently.
-- Contents files. -- 3.3 GB
-- "main/Contents-all.xz",
-- "main/Contents-amd64.xz",
-- "main/Contents-arm64.xz",
-- "-security/main/Contents-all.xz",
-- "-security/main/Contents-amd64.xz",
-- "-security/main/Contents-arm64.xz",
}
local notExist =
{
"ceres-security" -- This will never exist, it's our code name for the testing suite.
}
local referenceDebs =
{
-- Debian package.
"merged/pool/DEBIAN/main/d/debian-keyring/debian-keyring_2019.02.25_all.deb",
-- Debian security package. NOTE this one should always be redirected?
"merged/pool/DEBIAN-SECURITY/updates/main/a/apt/apt-transport-https_1.4.11_amd64.deb",
}
local referenceDevs =
{
-- Devuan package. NOTE this one should not get redirected, but that's more a warning than an error.
"merged/pool/DEVUAN/main/d/devuan-keyring/devuan-keyring_2022.09.04_all.deb",
}
local keyring = "/usr/share/keyrings/devuan-archive-keyring.gpg"
--local keyring = "/etc/apt/trusted.gpg.d/devuan-keyring-2022-archive.gpg"
local curlStatus =
{
[1 ] = "Unsupported protocol. This build of curl has no support for this protocol.",
[2 ] = "Failed to initialize.",
[3 ] = "URL malformed. The syntax was not correct.",
[4 ] = "A feature or option that was needed to perform the desired request was not enabled or was explicitly disabled at build-time. To make curl able to do this, you probably need another build of libcurl!",
[5 ] = "Couldn't resolve proxy. The given proxy host could not be resolved.",
[6 ] = "Couldn't resolve host. The given remote host was not resolved.",
[7 ] = "Failed to connect to host.",
[8 ] = "Weird server reply. The server sent data curl couldn't parse.",
[9 ] = "FTP access denied. The server denied login or denied access to the particular resource or directory you wanted to reach. Most often you tried to change to a directory that doesn't exist on the server.",
[10] = "While waiting for the server to connect back when an active FTP session is used, an error code was sent over the control connection or similar.",
[11] = "FTP weird PASS reply. Curl couldn't parse the reply sent to the PASS request.",
[12] = "During an active FTP session while waiting for the server to connect, the CURLOPT_ACCEPTTIMEOUT_MS (or the internal default) timeout expired.",
[13] = "FTP weird PASV reply, Curl couldn't parse the reply sent to the PASV request.",
[14] = "FTP weird 227 format. Curl couldn't parse the 227-line the server sent.",
[15] = "FTP can't get host. Couldn't resolve the host IP we got in the 227-line.",
[16] = "A problem was detected in the HTTP2 framing layer. This is somewhat generic and can be one out of several problems, see the error buffer for details.",
[17] = "FTP couldn't set binary. Couldn't change transfer method to binary.",
[18] = "Partial file. Only a part of the file was transferred.",
[19] = "FTP couldn't download/access the given file, the RETR (or similar) command failed.",
[21] = "FTP quote error. A quote command returned error from the server.",
[22] = "HTTP page not retrieved. The requested url was not found or returned another error with the HTTP error code being 400 or above. This return code only appears if -f, --fail is used.",
[23] = "Write error. Curl couldn't write data to a local filesystem or similar.",
[25] = "FTP couldn't STOR file. The server denied the STOR operation, used for FTP uploading.",
[26] = "Read error. Various reading problems.",
[27] = "Out of memory. A memory allocation request failed.",
[28] = "Operation timeout. The specified time-out period was reached according to the conditions.",
[30] = "FTP PORT failed. The PORT command failed. Not all FTP servers support the PORT command, try doing a transfer using PASV instead!",
[31] = "FTP couldn't use REST. The REST command failed. This command is used for resumed FTP transfers.",
[33] = "HTTP range error. The range \"command\" didn't work.",
[34] = "HTTP post error. Internal post-request generation error.",
[35] = "SSL connect error. The SSL handshaking failed.",
[36] = "FTP bad download resume. Couldn't continue an earlier aborted download.",
[37] = "FILE couldn't read file. Failed to open the file. Permissions?",
[38] = "LDAP cannot bind. LDAP bind operation failed.",
[39] = "LDAP search failed.",
[41] = "Function not found. A required LDAP function was not found.",
[42] = "Aborted by callback. An application told curl to abort the operation.",
[43] = "Internal error. A function was called with a bad parameter.",
[45] = "Interface error. A specified outgoing interface could not be used.",
[47] = "Too many redirects. When following redirects, curl hit the maximum amount.",
[48] = "Unknown option specified to libcurl. This indicates that you passed a weird option to curl that was passed on to libcurl and rejected. Read up in the manual!",
[49] = "Malformed telnet option.",
[51] = "The peer's SSL certificate or SSH MD5 fingerprint was not OK.",
[52] = "The server didn't reply anything, which here is considered an error.",
[53] = "SSL crypto engine not found.",
[54] = "Cannot set SSL crypto engine as default.",
[55] = "Failed sending network data.",
[56] = "Failure in receiving network data.",
[58] = "Problem with the local certificate.",
[59] = "Couldn't use specified SSL cipher.",
[60] = "Peer certificate cannot be authenticated with known CA certificates.",
[61] = "Unrecognized transfer encoding.",
[62] = "Invalid LDAP URL.",
[63] = "Maximum file size exceeded.",
[64] = "Requested FTP SSL level failed.",
[65] = "Sending the data requires a rewind that failed.",
[66] = "Failed to initialise SSL Engine.",
[67] = "The user name, password, or similar was not accepted and curl failed to log in.",
[68] = "File not found on TFTP server.",
[69] = "Permission problem on TFTP server.",
[70] = "Out of disk space on TFTP server.",
[71] = "Illegal TFTP operation.",
[72] = "Unknown TFTP transfer ID.",
[73] = "File already exists (TFTP).",
[74] = "No such user (TFTP).",
[75] = "Character conversion failed.",
[76] = "Character conversion functions required.",
[77] = "Problem with reading the SSL CA cert (path? access rights?).",
[78] = "The resource referenced in the URL does not exist.",
[79] = "An unspecified error occurred during the SSH session.",
[80] = "Failed to shut down the SSL connection.",
[81] = "Socket is not ready for send/recv wait till it's ready and try again. This return code is only returned from curl_easy_recv and curl_easy_send.",
[82] = "Could not load CRL file, missing or wrong format (added in 7.19.0).",
[83] = "Issuer check failed (added in 7.19.0).",
[84] = "The FTP PRET command failed",
[85] = "RTSP: mismatch of CSeq numbers",
[86] = "RTSP: mismatch of Session Identifiers",
[87] = "unable to parse FTP file list",
[88] = "FTP chunk callback reported error",
[89] = "No connection available, the session will be queued",
[90] = "SSL public key does not matched pinned public key",
[91] = "Status returned failure when asked with CURLOPT_SSL_VERIFYSTATUS.",
[92] = "Stream error in the HTTP/2 framing layer.",
[93] = "An API function was called from inside a callback.",
[94] = "An authentication function returned an error.",
[95] = "A problem was detected in the HTTP/3 layer. This is somewhat generic and can be one out of several problems, see the error buffer for details.",
}
local socket = require 'socket'
local ftp = require 'socket.ftp'
local http = require 'socket.http'
local url = require 'socket.url'
local ip = ""
local cor = nil
local Updating = false
local downloadLock = "flock -n results/curl-"
local arw = ' &nbsp; <font color="magenta"><b>-></b></font> &nbsp; '
local repoExists = function (r)
r = r:match("([%a-]*)")
if nil == r then return false end
for k, v in pairs(notExist) do
if v == r then return false end
end
return true
end
local IP = {}
gatherIPs = function (host)
if nil == IP[host] then
local IPs
3 years ago
-- Takes about 30 seconds to look up the lot.
-- I tested using dig's -f option, it didn't seem much faster.
-- The sort -r assumes that deb.devuan.org is the first alphabetically.
local dig = APT.readCmd('dig +keepopen +noall +nottlid +answer ' .. host .. ' A ' .. host .. ' AAAA ' .. host .. ' CNAME ' .. host .. ' SRV | sort -r | uniq')
for i,IPs in ipairs(dig) do
for k, t, v in IPs:gmatch("([%w_%-%.]*)%.%s*IN%s*(%a*)%s*(.*)") do
if "." == v:sub(-1, -1) then v = v:sub(1, -2) end
if nil == IP[k] then IP[k] = {} end
IP[k][v] = t
D(" DNS record " .. host .. " == " .. k .. " type " .. t .. " -> " .. v)
if t == "CNAME" then
gatherIPs(v)
IP[k][v] = IP[v]
elseif v == "SRV" then
print("SVR record found, now what do we do?")
end
end
end
end
-- If this is the DNS-RR domain name, gather the IPs for the mirrors that mirror_list.txt says should be in it.
if host == APT.options.roundRobin.value then
for k, m in pairs(APT.mirrors) do
if ("yes" == m.DNSRR) or ("maybe" == m.DNSRR) then
gatherIPs(m.FQDN)
IP[host][m.FQDN] = IP[m.FQDN]
-- Strip them out so we don't test them twice.
if (nil ~= IP[m.FQDN]) and (nil ~= IP[host][APT.options.roundRobinCname.value]) then
for l, n in pairs(IP[m.FQDN]) do
if type(n) == 'table' then
for h, p in pairs(n) do
for j, o in pairs(IP[host][APT.options.roundRobinCname.value]) do
if h == j then IP[host][m.FQDN][l][h] = nil end
end
o = 0
for j in pairs(IP[host][m.FQDN][l]) do o = o + 1 end
if 0 == o then IP[host][m.FQDN][l] = nil end
end
else
for j, o in pairs(IP[host][APT.options.roundRobinCname.value]) do
if l == j then IP[host][m.FQDN][l] = nil end
end
end
o = 0
for j in pairs(IP[host][m.FQDN]) do o = o + 1 end
if 0 == o then IP[host][m.FQDN] = nil end
end
end
end
end
end
return IP[host]
end
-- Returns FTP directory listing
local nlst = function (u)
local t = {}
local p = url.parse(u)
p.command = "nlst"
p.sink = ltn12.sink.table(t)
local r, e = ftp.get(p)
return r and table.concat(t), e
end
local timeouts = 0;
local totalTimeouts = 0
local spcd = ' &nbsp; '
checkHEAD = function (host, URL, r, retry, sanity)
if nil == r then r = 0 end
if nil == retry then retry = 0 end
if true == sanity then sanity = 'URLSanity' else sanity = '' end
local check = "HEAD testing file"
local PU = url.parse(URL, defaultURL)
local pu = url.parse(PU.scheme .. "://" .. host, defaultURL)
local fname = host .. "_" .. PU.host .. "_" .. PU.path:gsub("/", "_") .. ".log.txt"
local hdr = ""
local IP = ""
if pu.host ~= PU.host then
if "http" == PU.scheme then
hdr = '-H "Host: ' .. host .. '"'
end
IP = '--connect-to "' .. pu.host .. '::' .. PU.host .. ':"'
fname = host .. "_" .. pu.host .. '_' .. PU.host .. "_" .. PU.path:gsub("/", "_") .. ".txt"
end
os.execute('rm -f results/HEADERS_' .. fname .. ' 2>/dev/null; rm -f results/STATUS_' .. fname .. ' 2>/dev/null; touch results/STATUS_' .. fname)
if not APT.testing(PU.scheme, host) and APT.redir then I(spcd .. string.upper(PU.scheme) .. " not supported, not tested. &nbsp; " .. URL, host); return end
if 0 < r then
check = "Redirecting to"
end
if 0 < retry then
os.execute("sleep " .. math.random(1, 3))
check = "Retry " .. retry .. " " .. check
end
if 2 <= timeouts then
E(spcd .. spcd .. "too many timeouts! " .. check .. " " .. host .. arw .. URL, PU.scheme, "", host)
return
end
if APT.options.timeouts.value <= (totalTimeouts) then
E(spcd .. spcd .. "Way too many timeouts!", PU.scheme, "", host)
return
end
if 20 <= r then
E(spcd .. spcd .. "too many redirects! " .. check .. " " .. host .. arw .. URL, PU.scheme, "", host)
return
end
if APT.options.retries.value <= retry then
E(spcd .. spcd .. "too many retries! " .. check .. " " .. host .. arw .. URL, PU.scheme, "", host)
return
end
if "https" == PU.scheme and APT.options.roundRobin.value == host then
I(spcd .. "Not testing " .. APT.lnk(URL) .. " mirrors wont have the correct HTTPS certificate for the round robin.", host)
return
else
I(spcd .. check .. " " .. APT.lnk(URL), host)
end
--[[ Using curl command line -
-I - HEAD
--connect-to domain:port:IP:port - connect to IP, but use SNI from URL.
-header "" - add extra headers.
-L - DO follow redirects.
--max-redirs n - set maximum redirects, default is 50, -1 = unlimited.
-4 or -6 - Only use IPv4 or IPv6
--retry n - maximum retries, default is 0, no retries.
-o file - write to file instead of stdout.
--path-as-is - https://curl.haxx.se/libcurl/c/CURLOPT_PATH_AS_IS.html might be useful for URLSanity.
-s silent - don't output progress or error messages.
--connect-timeout n - timeout in seconds.
Should return with error code 28 on a timeout?
-D file - write the received headers to a file. This includes the status code and string.
]]
local status = APT.exe(
'curl -I --retry 0 -s --path-as-is --connect-timeout ' .. APT.options.timeout.value .. ' --max-redirs 0 ' .. APT.IPv46 .. ' ' ..
IP .. ' ' .. '-o /dev/null -D results/"HEADERS_' .. fname .. '" ' ..
hdr .. ' -w "#%{http_code} %{ssl_verify_result} %{url_effective}\\n" ' .. PU.scheme .. '://' .. host .. PU.path .. ' >>results/"STATUS_' .. fname .. '"'
):Nice():log():Do().status
if 0 < r then
APT.tested(PU.scheme, 'Redirects', host)
else
APT.tested(PU.scheme, '', host)
end
local code = "???"
local cstr = ""
local location = nil
local tmot = 1
while not APT.checkFile('results/STATUS_' .. fname) do
D(spcd .. spcd .. 'Waiting for results/STATUS_' .. fname .. ' file.')
os.execute('sleep ' .. tmot)
tmot = tmot * 2
if 8 < tmot then
T(spcd .. spcd .. "TIMEOUT " .. timeouts + 1 .. ", retry " .. retry + 1 .. ' ' .. APT.lnk(URL), PU.scheme, sanity, host)
timeouts = timeouts + 1
checkHEAD(host, URL, r, retry + 1, '' ~= sanity)
os.execute('cat results/"HEADERS_' .. fname .. '" >>results/"STATUS_' .. fname .. '" 2>/dev/null; rm -f results/"HEADERS_' .. fname .. '" 2>/dev/null')
return
end
end
os.execute('cat results/"HEADERS_' .. fname .. '" >>results/"STATUS_' .. fname .. '" 2>/dev/null; rm -f results/"HEADERS_' .. fname .. '" 2>/dev/null')
if 0 ~= status then
local msg = curlStatus[status]
if nil == msg then msg = "UNKNOWN CURL STATUS CODE!" end
if (28 == status) or (7 == status) then
T(spcd .. spcd .. "TIMEOUT " .. timeouts + 1 .. ", retry " .. retry + 1 .. ' ' .. APT.lnk(URL), PU.scheme, sanity, host)
timeouts = timeouts + 1
else
E(spcd .. spcd .. "The curl command return an error code of " .. status .. " - " .. msg .. ' for '.. APT.lnk(URL), PU.scheme, sanity, host)
end
if 60 == status then return end -- Certificate is invalid, don't bother retrying.
checkHEAD(host, URL, r, retry + 1, '' ~= sanity)
return
end
local rfile, e = io.open("results/STATUS_" .. fname, "r")
if nil == rfile then W("opening results/STATUS_" .. fname .. " file - " .. e) else
for line in rfile:lines("*l") do
if "#" == line:sub(1, 1) then
code = line:sub(2, 4)
if ("https" == PU.scheme) and ("0" ~= line:sub(6, 6)) then
os.execute('cp results/STATUS_' .. fname .. ' results/STATUS_' .. fname .. '_SAVED')
if '' ~= sanity then
E(spcd .. spcd .. "The certificate is invalid.", PU.scheme, sanity, host)
else
E(spcd .. spcd .. "The certificate is invalid.", PU.scheme, "https", host)
end
end
elseif "http" == line:sub(1, 4):lower() then
-- -2 coz the headers file gets a \r at the end.
cstr = line:sub(14, -2)
elseif "location" == line:sub(1, 8):lower() then
location = line:sub(11, -2)
end
end
if '???' == code then
W(spcd .. spcd .. 'Could not find response code. ' .. APT.lnk(URL), PU.scheme, sanity, host)
end
end
os.execute('cat results/STATUS_' .. fname .. ' >> results/curl_HEAD_' .. fname .. '; rm -f results/STATUS_' .. fname .. ' 2>/dev/null')
if ("4" == tostring(code):sub(1, 1)) or ("5" == tostring(code):sub(1, 1)) then
E(spcd .. spcd .. code .. " " .. cstr .. ". " .. check .. " " .. APT.lnk(URL), PU.scheme, sanity, host)
else
if not APT.testing(PU.scheme, host) then
I(spcd .. spcd .. "Not supported, but works " .. PU.scheme .. " " .. APT.lnk(URL), PU.scheme, "", host)
end
I(spcd .. spcd .. code .. " " .. cstr .. ". " .. check .. " " .. APT.lnk(URL), host)
-- timeouts = timeouts - 1 -- Backoff the timeouts count if we managed to get through.
if nil ~= location then
pu = url.parse(location, defaultURL)
if (pu.host == APT.options.roundRobin.value) and (nil ~= PU.path:find('merged/pool/DEVUAN/')) then
E('DEVUAN packages must not be redirected to ' .. APT.options.roundRobin.value .. ' - ' .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, 'Redirects', host)
end
if APT.testing("Protocol") then
if ('http' == location:sub(1, 4)) and (pu.scheme ~= PU.scheme) then -- Sometimes a location sans scheme is returned, this is not a protocol change.
if APT.options.roundRobin.value == host then -- Coz HTTPS shouldn't happen via the round robin.
E(spcd .. spcd .. "Protocol changed during redirect! " .. check .. " " .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, "Protocol", host)
end
W(spcd .. spcd .. "Protocol changed during redirect! " .. check .. " " .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, "Protocol", host)
else
end
APT.tested(PU.scheme, 'Protocol', host)
end
if location == URL then
E(spcd .. spcd .. "Redirect loop! " .. check .. " " .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, "", host)
elseif nil == pu.host then
I(spcd .. spcd .. "Relative redirect. " .. check .. " " .. APT.lnk(URL) .. arw .. APT.lnk(location), host)
if 1 <= APT.options.bandwidth.value then checkHEAD(host, PU.scheme .. "://" .. PU.host .. location, r + 1, retry, '' ~= sanity) end
elseif (PU.host == pu.host) or (host == pu.host) then
if PU.host ~= host then
local t = pu.host
pu.host = PU.host
location = url.build(pu)
pu.host = t
end
I(spcd .. spcd .. "Redirect to same host. " .. check .. " " .. APT.lnk(URL) .. arw .. APT.lnk(location), host)
if 1 <= APT.options.bandwidth.value then checkHEAD(host, location, r + 1, retry, '' ~= sanity) end
else
I(spcd .. spcd .. "Redirect to different host. " .. check .. " " .. APT.lnk(URL) .. arw .. APT.lnk(location), host)
if 1 <= APT.options.bandwidth.value then
--[[ The hard part here is that we end up throwing ALL of the test files at the redirected location.
Not good for deb.debian.org, which we should only be throwing .debs at.
What we do is loop through the DNS entries, and only test the specific protocol & file being tested here.
]]
local u = pu.host .. "/" .. pu.path
local file = pu.path:match(".*/([%w%.%+%-_]*)$") -- Get the filename.
local path = pu.path:sub(2, -1 -(#file))
local check = u:gsub("/", "_")
local extraArgs = sendArgs .. ' -o -r '
if 'https' == pu.scheme then extraArgs = extraArgs .. ' --tests=-http' end
if 'http' == pu.scheme then extraArgs = extraArgs .. ' --tests=-https' end
local pth = path:match('^(.*/pool/).*$')
if nil ~= pth then table.insert(APT.results[PU.scheme].redirects, pu.host .. "/" .. pth) else E(spcd .. spcd .. 'Odd redirect path ' .. path) end
I(spcd .. spcd .. "Now checking redirected host " .. u .. ' &nbsp; for &nbsp; ' .. APT.lnk(URL) .. arw .. APT.lnk(location), host)
APT.exe(downloadLock .. "REDIR-" .. check .. ".log.txt" .. " ./apt-panopticon.lua " .. extraArgs .. ' ' .. pu.host .. "/" .. path .. " " .. file):Nice():log():fork()
D(spcd .. 'logging to ' .. APT.logName(pu.host, nil, file)[2])
APT.tested(PU.scheme, 'Redirects', host)
end
end
elseif nil ~= PU.path:find('merged/pool/DEBIAN-SECURITY/') then
W('DEBIAN-SECURITY packages must be redirected to a Debian mirror - ' .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, 'Redirects', host)
end
end
end
local checkTimeouts = function(host, scheme, URL)
totalTimeouts = totalTimeouts + timeouts; timeouts = 0
checkHEAD(host, scheme .. "://" .. URL)
if (1 <= APT.options.bandwidth.value) and APT.testing("URLSanity") then
URL = URL:gsub("/", "///")
URL = URL:gsub("///", "/", 1)
checkHEAD(host, scheme .. "://" .. URL, 0, 0, true)
APT.tested(scheme, 'URLSanity', host)
end
if nil ~= cor then
D('*&gt;* About to resume coroutine after checkHEAD(' .. host .. ' , ' .. scheme .. ' :// ' .. URL .. ')')
local ok, message = coroutine.resume(cor)
if not ok then cor = nil; print(message) end
end
if APT.options.timeouts.value <= (totalTimeouts) then
E("Way too many timeouts!", scheme, "URLSanity", host)
return true
end
return false
end
local checkFiles = function (host, ip, path, file)
timeouts = 0
if nil == path then path = "" end
if nil ~= file then
if "redir" == ip then ip = host end
if checkTimeouts(host, "http", ip .. path .. "/" .. file) then return end
if checkTimeouts(host, "https", ip .. path .. "/" .. file) then return end
else
I(" HEAD testing files for " .. host .. arw .. ip .. " " .. path, host)
if 1 <= APT.options.bandwidth.value then
-- Do these first, coz they are likely to fork off a different server.
for i, s in pairs(referenceDebs) do
if checkTimeouts(host, "http", ip .. path .. "/" .. s) then return end
if checkTimeouts(host, "https", ip .. path .. "/" .. s) then return end
end
end
for i, s in pairs(APT.releases) do
for j, k in pairs(releaseFiles) do
if repoExists(s .. k) then
if checkTimeouts(host, "http", ip .. path .. "/merged/dists/" .. s .. '/' .. k) then return end
if 1 <= APT.options.bandwidth.value then
if checkTimeouts(host, "https", ip .. path .. "/merged/dists/" .. s .. '/' .. k) then return end
else
break
end
end
if 2 >= APT.options.bandwidth.value then break end
end
if 2 >= APT.options.bandwidth.value then break end
end
if 1 <= APT.options.bandwidth.value then
for i, s in pairs(referenceDevs) do
if checkTimeouts(host, "http", ip .. path .. "/" .. s) then return end
if checkTimeouts(host, "https", ip .. path .. "/" .. s) then return end
end
end
end
end
checkHost = function (orig, host, path, ip, file)
if nil == host then host = orig end
if nil == path then path = "" end
if nil == file then file = "" end
local ph = url.parse("http://" .. host)
if (nil ~= ip) and ("redir" ~= ip) then
local po = url.parse("http://" .. orig)
if "" ~= file then
D("checking redirected file " .. po.host .. " " .. file)
checkFiles(po.host, ip, path, file)
else
checkFiles(po.host, ip, path)
end
else
if orig == host then
I("Testing mirror " .. orig .. "" .. file)
APT.exe("./apt-panopticon.lua " .. sendArgs .. " -o " .. orig .. path .. " " .. file):Nice():log():fork()
D('logging to ' .. APT.logName(ph.host, nil, file)[2])
else D("checkHost " .. orig .. arw .. host) end
end
end
local addDownload = function(host, URL, f, r, k)
local file = k:match(".*/([%w%.%+%-_]*)$") -- Get the filename.
if APT.checkFile("results/" .. host .. "/merged/dists/" .. r .. '/' .. k) then
-- Curls "check timestamp and overwrite file" stuff sucks.
-- -R means the destination file gets the timestamp of the remote file.
-- Can only do ONE timestamp check per command.
-- This doesn't work either. All downloads get all these headers. Pffft
-- local status, ts = APT.execute('TZ="GMT" ls -l --time-style="+%a, %d %b %Y %T %Z" results/' .. host .. "/merged/dists/" .. r .. '/' .. k .. ' | cut -d " " -f 6-11')
-- f:write('header "If-Modified-Since: ' .. ts:sub(2, -2) .. '"\n')
-- Curl will DELETE the existing file if the timestamp fails to download a new one, unless we change directory first,
-- which wont work with multiple files in multiple directories. WTF?
3 years ago
--TODO - change tactic, do a HEAD if-modified test first before adding the file to the list to download.
os.execute(" mv results/" .. host .. "/merged/dists/" .. r .. '/' .. k ..
" results/" .. host .. "/merged/dists/" .. r .. '/' .. k .. ".old")
end
D('Downloading http://' .. host .. URL .. '/merged/dists/' .. r .. '/' .. k)
f:write('url "' .. 'http://' .. host .. URL .. '/merged/dists/' .. r .. '/' .. k .. '"\n')
f:write('output "results/' .. host .. '/merged/dists/' .. r .. '/' .. k .. '"\n')
end
local postDownload = function(host, r, k)
local file = k:match(".*/([%w%.%+%-_]*)$") -- Get the filename.
if nil == file then file = k end
os.execute("if [ -f results/" .. host .. "/merged/dists/" .. r .. '/' .. k .. ".old ]" ..
" && [ ! -f results/" .. host .. "/merged/dists/" .. r .. '/' .. k .. " ]; then cp -a" ..
" results/" .. host .. "/merged/dists/" .. r .. '/' .. k .. ".old" ..
" results/" .. host .. "/merged/dists/" .. r .. '/' .. k .. "; fi")
if APT.checkFile('results/' .. host .. '/merged/dists/' .. r .. '/' .. k) then
if ".gz" == k:sub(-3, -1) then APT.exe("gzip -dfk results/" .. host .. "/merged/dists/" .. r .. '/' .. k):Nice():noErr():Do() end
if ".xz" == k:sub(-3, -1) then APT.exe("xz -dfk results/" .. host .. "/merged/dists/" .. r .. '/' .. k):Nice():noErr():Do() end
end
end
local download = "curl" ..
" --connect-timeout " .. APT.options.timeout.value ..
" --create-dirs -f -L" ..
" --fail-early" ..
" --max-time " .. APT.options.maxtime.value ..
APT.IPv46 .. ' ' ..
" --retry " .. APT.options.retries.value ..
" -R -v -z 'results/stamp.old' --stderr results/"
local downloads = function(host, URL, meta, release, list)
if nil == URL then URL = "" end
local files = 'curl-' .. meta .. '-' .. host .. '.files.txt'
local lock = meta .. "-" .. host .. ".log.txt"
local log = "curl-" .. meta .. "-" .. host .. ".log.txt"
local cm = downloadLock .. lock .. " " .. download .. log .. " -K results/" .. files
if APT.testing("IPv4") and (not APT.testing("IPv6")) then cm = cm .. ' -4' end
if (not APT.testing("IPv4")) and APT.testing("IPv6") then cm = cm .. ' -6' end
f, e = io.open("results/curl-" .. meta .. '-' .. host .. ".files.txt", "a+")
if nil == f then C("opening curl downloads list file - " .. e); return end
if nil ~= list then
if "" ~= list then
if nil ~= release then
for l in list:gmatch("\n*([^\n]+)\n*") do
addDownload(host, URL, f, release, "/" .. l)
end
else
I('Downloading ' .. APT.lnk('http://' .. host .. URL .. '/merged/' .. list))
f:write('url "' .. 'http://' .. host .. URL .. '/merged/' .. list .. '"\n')
f:write('output "results/' .. host .. '/merged/' .. list .. '"\n')
end
f:close()
return
end
else
for i, s in pairs(APT.releases) do
for j, k in pairs(releaseFiles) do
if repoExists(s .. k) then
addDownload(host, URL, f, s, k)
end
end
end
end
f:close()
APT.exe(cm):Nice():log():fork()
D('logging to <a href="' .. log .. '">' .. log .. '</a>, with <a href="' .. files .. '">these files</a>')
end
local validateURL = function(m)
if " " == m.BaseURL:sub(-1, -1) then
W("space at end of BaseURL in mirror_list.txt! " .. m.BaseURL, "", "", m.FQDN)
m.BaseURL = m.BaseURL:sub(1, -2)
end
if "/" == m.BaseURL:sub(-1, -1) then
W("slash at end of BaseURL in mirror_list.txt! " .. m.BaseURL, "", "", m.FQDN)
m.BaseURL = m.BaseURL:sub(1, -2)
end
local p = url.parse("http://" .. m.BaseURL)
if nil == p.path then p.path = '' end
if nil ~= p.port then p.authority = authority .. ':' .. p.port end
if nil == m.FQDN then W("Something wrong in FQDN from mirror_list.txt! nil", "", "", p.authority) else
if m.FQDN ~= p.authority then W("Something wrong in FDQN from mirror_list.txt! " .. m.FDQN, "", "", p.authority) end
end
if nil == m.BaseURL then W("Something wrong in BaseURL from mirror_list.txt! nil", "", "", p.authority) else
if m.BaseURL ~= (p.authority .. p.path) then W("Something wrong in BaseURL from mirror_list.txt! " .. m.BaseURL, "", "", p.authority) end
end
if (nil ~= p.query) or (nil ~= p.fragment) or (nil ~= p.params) then W("Something wrong in BaseURL from mirror_list.txt, should be nothing after the path! " .. m.BaseURL, "", "", p.authority) end
if (nil ~= p.user) or (nil ~= p.userinfo) or (nil ~= p.password) then W("Something wrong in BaseURL from mirror_list.txt, should be no credentials! " .. m.BaseURL, "", "", p.authority) end
m.FQDN = p.authority
m.BaseURL = p.authority .. p.path
return m
end
local getMirrors = function ()
local mirrors = {}
local host = ""
local m = {}
local active = true
local URL = 'http://' .. APT.options.referenceSite.value .. '/mirror_list.txt'
3 years ago
I('Downloading and parsing http://' .. APT.options.referenceSite.value .. '/mirror_list.txt')
local p, c, h = http.request(URL)
if nil == p then E(c .. " fetching " .. URL) else
for l in p:gmatch("\n*([^\n]+)\n*") do
local t, d = l:match("(%a*):%s*(.*)")
d = string.lower(d)
if "FQDN" == t then
if "" ~= host then
mirrors[host] = validateURL(m)
m = {}
active = true
end
host = d
m[t] = d
elseif "Protocols" == t then
local prot = {}
for w in d:gmatch("(%w+)") do
if APT.search(APT.protocols, w:lower()) then prot[w] = true end
end
m[t] = prot
elseif "Active" == t and nil == d:sub(1, 3):find("yes", 1, true) then
W("Mirror " .. host .. " is not active - " .. d, "", "", host)
active = false
m[t] = d
-- TODO - Should do some more input validation on everything.
elseif "Rate" == t then
local time, unit = d:match('(%d+) *(%a+)')
time = tonumber(time)
unit = unit:sub(1, 1)
m[t] = time .. ' ' .. unit
if 'm' == unit then
time = time * 60
elseif 'h' == unit then
time = time * 60 * 60
else
C('Unknown Rate for mirror ' .. host)
end
m['Updated'] = time
else
m[t] = d
end
end
if "" ~= host --[[and active]] then
mirrors[host] = validateURL(m)
end
end
if APT.testing("DNSRR") then
mirrors[APT.options.roundRobin.value] = { ["Protocols"] = { ["http"] = true; }; ['Updated'] = 300; ['DNSRR'] = false;
["FQDN"] = APT.options.roundRobin.value; ["Active"] = 'yes'; ["BaseURL"] = APT.options.roundRobin.value; }
end
local file, e = io.open("results/mirrors.lua", "w+")
if nil == file then C("opening mirrors file - " .. e) else
file:write(APT.dumpTable(mirrors, "mirrors") .. "\nreturn mirrors\n")
file:close()
end
if 42 < #mirrors then print(#mirrors .. ' is too many mirrors!') ; os.exit(false) end
return mirrors
end
local postParse = function(host, list)
if APT.options.referenceSite.value == host then