]> git.saurik.com Git - apt.git/blame - methods/http.cc
projects / apt.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
add apt-key support for armored GPG key files (*.asc)
[apt.git] / methods / http.cc
CommitLineData
be4401bf
AL		 1// -*- mode: cpp; mode: fold -*-
2// Description /*{{{*/
2cbcabd8 3// $Id: http.cc,v 1.59 2004/05/08 19:42:35 mdz Exp $
be4401bf
AL		 4/* ######################################################################
5
1e3f4083 6 HTTP Acquire Method - This is the HTTP acquire method for APT.
be4401bf
AL		 7
8 It uses HTTP/1.1 and many of the fancy options there-in, such as
e836f356
AL		 9 pipelining, range, if-range and so on.
10
11 It is based on a doubly buffered select loop. A groupe of requests are
be4401bf
AL		 12 fed into a single output buffer that is constantly fed out the
13 socket. This provides ideal pipelining as in many cases all of the
14 requests will fit into a single packet. The input socket is buffered
e836f356 15 the same way and fed into the fd for the file (may be a pipe in future).
be4401bf
AL		 16
17 This double buffering provides fairly substantial transfer rates,
18 compared to wget the http method is about 4% faster. Most importantly,
19 when HTTP is compared with FTP as a protocol the speed difference is
20 huge. In tests over the internet from two sites to llug (via ATM) this
21 program got 230k/s sustained http transfer rates. FTP on the other
22 hand topped out at 170k/s. That combined with the time to setup the
23 FTP connection makes HTTP a vastly superior protocol.
24
25 ##################################################################### */
26 /*}}}*/
27// Include Files /*{{{*/
ea542140
DK		 28#include <config.h>
29
be4401bf 30#include <apt-pkg/fileutl.h>
472ff00e 31#include <apt-pkg/configuration.h>
be4401bf 32#include <apt-pkg/error.h>
63b1700f 33#include <apt-pkg/hashes.h>
592b7800 34#include <apt-pkg/netrc.h>
453b82a3 35#include <apt-pkg/strutl.h>
c6ee61ea 36#include <apt-pkg/proxy.h>
be4401bf 37
453b82a3
DK		 38#include <stddef.h>
39#include <stdlib.h>
40#include <sys/select.h>
41#include <cstring>
be4401bf
AL		 42#include <sys/stat.h>
43#include <sys/time.h>
be4401bf
AL		 44#include <unistd.h>
45#include <stdio.h>
65a1e968 46#include <errno.h>
61db4824 47#include <arpa/inet.h>
42195eb2 48#include <iostream>
b123b0ba 49#include <sstream>
be4401bf 50
59b46c41 51#include "config.h"
0837bd25 52#include "connect.h"
be4401bf 53#include "http.h"
ea542140
DK		 54
55#include <apti18n.h>
be4401bf 56 /*}}}*/
42195eb2 57using namespace std;
be4401bf 58
650faab0
DK		 59unsigned long long CircleBuf::BwReadLimit=0;
60unsigned long long CircleBuf::BwTickReadData=0;
7c6e2dc7
MV		 61struct timeval CircleBuf::BwReadTick={0,0};
62const unsigned int CircleBuf::BW_HZ=10;
d3e8fbb3 63
be4401bf
AL		 64// CircleBuf::CircleBuf - Circular input buffer /*{{{*/
65// ---------------------------------------------------------------------
66/* */
30060442 67CircleBuf::CircleBuf(HttpMethod const * const Owner, unsigned long long Size)
9224ce3d 68 : Size(Size), Hash(NULL), TotalWriten(0)
be4401bf
AL		 69{
70 Buf = new unsigned char[Size];
71 Reset();
7c6e2dc7 72
30060442 73 CircleBuf::BwReadLimit = Owner->ConfigFindI("Dl-Limit", 0) * 1024;
be4401bf
AL		 74}
75 /*}}}*/
76// CircleBuf::Reset - Reset to the default state /*{{{*/
77// ---------------------------------------------------------------------
78/* */
79void CircleBuf::Reset()
80{
81 InP = 0;
82 OutP = 0;
83 StrPos = 0;
dcd5856b 84 TotalWriten = 0;
650faab0 85 MaxGet = (unsigned long long)-1;
be4401bf 86 OutQueue = string();
9224ce3d 87 if (Hash != NULL)
be4401bf 88 {
63b1700f 89 delete Hash;
9224ce3d 90 Hash = NULL;
d3e8fbb3
DK		 91 }
92}
be4401bf
AL		 93 /*}}}*/
94// CircleBuf::Read - Read from a FD into the circular buffer /*{{{*/
95// ---------------------------------------------------------------------
96/* This fills up the buffer with as much data as is in the FD, assuming it
97 is non-blocking.. */
98bool CircleBuf::Read(int Fd)
99{
100 while (1)
101 {
102 // Woops, buffer is full
103 if (InP - OutP == Size)
104 return true;
7c6e2dc7
MV		 105
106 // what's left to read in this tick
9ce3cfc9 107 unsigned long long const BwReadMax = CircleBuf::BwReadLimit/BW_HZ;
7c6e2dc7
MV		 108
109 if(CircleBuf::BwReadLimit) {
110 struct timeval now;
111 gettimeofday(&now,0);
112
650faab0 113 unsigned long long d = (now.tv_sec-CircleBuf::BwReadTick.tv_sec)*1000000 +
7c6e2dc7
MV		 114 now.tv_usec-CircleBuf::BwReadTick.tv_usec;
115 if(d > 1000000/BW_HZ) {
116 CircleBuf::BwReadTick = now;
117 CircleBuf::BwTickReadData = 0;
118 }
119
120 if(CircleBuf::BwTickReadData >= BwReadMax) {
121 usleep(1000000/BW_HZ);
122 return true;
123 }
124 }
125
be4401bf 126 // Write the buffer segment
650faab0 127 ssize_t Res;
7c6e2dc7
MV		 128 if(CircleBuf::BwReadLimit) {
129 Res = read(Fd,Buf + (InP%Size),
130 BwReadMax > LeftRead() ? LeftRead() : BwReadMax);
131 } else
132 Res = read(Fd,Buf + (InP%Size),LeftRead());
be4401bf 133
7c6e2dc7
MV		 134 if(Res > 0 && BwReadLimit > 0)
135 CircleBuf::BwTickReadData += Res;
136
be4401bf
AL		 137 if (Res == 0)
138 return false;
139 if (Res < 0)
140 {
141 if (errno == EAGAIN)
142 return true;
143 return false;
144 }
145
146 if (InP == 0)
147 gettimeofday(&Start,0);
148 InP += Res;
149 }
150}
151 /*}}}*/
152// CircleBuf::Read - Put the string into the buffer /*{{{*/
153// ---------------------------------------------------------------------
154/* This will hold the string in and fill the buffer with it as it empties */
61db4824 155bool CircleBuf::Read(string const &Data)
be4401bf 156{
61db4824 157 OutQueue.append(Data);
be4401bf
AL		 158 FillOut();
159 return true;
160}
161 /*}}}*/
162// CircleBuf::FillOut - Fill the buffer from the output queue /*{{{*/
163// ---------------------------------------------------------------------
164/* */
165void CircleBuf::FillOut()
166{
167 if (OutQueue.empty() == true)
168 return;
169 while (1)
170 {
171 // Woops, buffer is full
172 if (InP - OutP == Size)
173 return;
174
175 // Write the buffer segment
650faab0 176 unsigned long long Sz = LeftRead();
be4401bf
AL		 177 if (OutQueue.length() - StrPos < Sz)
178 Sz = OutQueue.length() - StrPos;
42195eb2 179 memcpy(Buf + (InP%Size),OutQueue.c_str() + StrPos,Sz);
be4401bf
AL		 180
181 // Advance
182 StrPos += Sz;
183 InP += Sz;
184 if (OutQueue.length() == StrPos)
185 {
186 StrPos = 0;
187 OutQueue = "";
188 return;
189 }
190 }
191}
192 /*}}}*/
193// CircleBuf::Write - Write from the buffer into a FD /*{{{*/
194// ---------------------------------------------------------------------
195/* This empties the buffer into the FD. */
196bool CircleBuf::Write(int Fd)
197{
198 while (1)
199 {
200 FillOut();
201
202 // Woops, buffer is empty
203 if (OutP == InP)
204 return true;
205
206 if (OutP == MaxGet)
207 return true;
208
209 // Write the buffer segment
650faab0 210 ssize_t Res;
be4401bf
AL		 211 Res = write(Fd,Buf + (OutP%Size),LeftWrite());
212
213 if (Res == 0)
214 return false;
215 if (Res < 0)
216 {
217 if (errno == EAGAIN)
218 return true;
219
220 return false;
221 }
dcd5856b
MV		 222
223 TotalWriten += Res;
be4401bf 224
9224ce3d 225 if (Hash != NULL)
63b1700f 226 Hash->Add(Buf + (OutP%Size),Res);
be4401bf
AL		 227
228 OutP += Res;
229 }
230}
231 /*}}}*/
232// CircleBuf::WriteTillEl - Write from the buffer to a string /*{{{*/
233// ---------------------------------------------------------------------
234/* This copies till the first empty line */
235bool CircleBuf::WriteTillEl(string &Data,bool Single)
236{
237 // We cheat and assume it is unneeded to have more than one buffer load
650faab0 238 for (unsigned long long I = OutP; I < InP; I++)
be4401bf
AL		 239 {
240 if (Buf[I%Size] != '\n')
241 continue;
2cbcabd8 242 ++I;
be4401bf
AL		 243
244 if (Single == false)
245 {
2cbcabd8
AL		 246 if (I < InP && Buf[I%Size] == '\r')
247 ++I;
927c393f
MV		 248 if (I >= InP || Buf[I%Size] != '\n')
249 continue;
250 ++I;
be4401bf
AL		 251 }
252
be4401bf
AL		 253 Data = "";
254 while (OutP < I)
255 {
650faab0 256 unsigned long long Sz = LeftWrite();
be4401bf
AL		 257 if (Sz == 0)
258 return false;
927c393f 259 if (I - OutP < Sz)
be4401bf
AL		 260 Sz = I - OutP;
261 Data += string((char *)(Buf + (OutP%Size)),Sz);
262 OutP += Sz;
263 }
264 return true;
265 }
266 return false;
267}
268 /*}}}*/
269// CircleBuf::Stats - Print out stats information /*{{{*/
270// ---------------------------------------------------------------------
271/* */
272void CircleBuf::Stats()
273{
274 if (InP == 0)
275 return;
276
277 struct timeval Stop;
278 gettimeofday(&Stop,0);
279/* float Diff = Stop.tv_sec - Start.tv_sec +
280 (float)(Stop.tv_usec - Start.tv_usec)/1000000;
281 clog << "Got " << InP << " in " << Diff << " at " << InP/Diff << endl;*/
282}
283 /*}}}*/
472ff00e
DK		 284CircleBuf::~CircleBuf()
285{
286 delete [] Buf;
287 delete Hash;
288}
be4401bf 289
7330f4df 290// HttpServerState::HttpServerState - Constructor /*{{{*/
30060442 291HttpServerState::HttpServerState(URI Srv,HttpMethod *Owner) : ServerState(Srv, Owner), In(Owner, 64*1024), Out(Owner, 4*1024)
be4401bf 292{
30060442 293 TimeOut = Owner->ConfigFindI("Timeout", TimeOut);
be4401bf
AL		 294 Reset();
295}
296 /*}}}*/
7330f4df 297// HttpServerState::Open - Open a connection to the server /*{{{*/
be4401bf
AL		 298// ---------------------------------------------------------------------
299/* This opens a connection to the server. */
61db4824
DK		 300static bool TalkToSocksProxy(int const ServerFd, std::string const &Proxy,
301 char const * const type, bool const ReadWrite, uint8_t * const ToFrom,
302 unsigned int const Size, unsigned int const Timeout)
303{
304 if (WaitFd(ServerFd, ReadWrite, Timeout) == false)
305 return _error->Error("Waiting for the SOCKS proxy %s to %s timed out", URI::SiteOnly(Proxy).c_str(), type);
306 if (ReadWrite == false)
307 {
308 if (FileFd::Read(ServerFd, ToFrom, Size) == false)
309 return _error->Error("Reading the %s from SOCKS proxy %s failed", type, URI::SiteOnly(Proxy).c_str());
310 }
311 else
312 {
313 if (FileFd::Write(ServerFd, ToFrom, Size) == false)
314 return _error->Error("Writing the %s to SOCKS proxy %s failed", type, URI::SiteOnly(Proxy).c_str());
315 }
316 return true;
317}
7330f4df 318bool HttpServerState::Open()
be4401bf 319{
92e889c8
AL		 320 // Use the already open connection if possible.
321 if (ServerFd != -1)
322 return true;
323
be4401bf 324 Close();
492f957a
AL		 325 In.Reset();
326 Out.Reset();
e836f356
AL		 327 Persistent = true;
328
492f957a 329 // Determine the proxy setting
c6ee61ea 330 AutoDetectProxy(ServerName);
30060442 331 string SpecificProxy = Owner->ConfigFind("Proxy::" + ServerName.Host, "");
788a8f42 332 if (!SpecificProxy.empty())
492f957a 333 {
788a8f42
EL		 334 if (SpecificProxy == "DIRECT")
335 Proxy = "";
336 else
337 Proxy = SpecificProxy;
352c2768 338 }
492f957a 339 else
788a8f42 340 {
30060442 341 string DefProxy = Owner->ConfigFind("Proxy", "");
788a8f42
EL		 342 if (!DefProxy.empty())
343 {
344 Proxy = DefProxy;
345 }
346 else
347 {
348 char* result = getenv("http_proxy");
349 Proxy = result ? result : "";
350 }
351 }
352c2768 352
f8081133 353 // Parse no_proxy, a , separated list of domains
9e2a06ff
AL		 354 if (getenv("no_proxy") != 0)
355 {
f8081133
AL		 356 if (CheckDomainList(ServerName.Host,getenv("no_proxy")) == true)
357 Proxy = "";
358 }
61db4824 359
0568d325
DK		 360 if (Proxy.empty() == false)
361 Owner->AddProxyAuth(Proxy, ServerName);
362
61db4824 363 if (Proxy.Access == "socks5h")
be4401bf 364 {
61db4824
DK		 365 if (Connect(Proxy.Host, Proxy.Port, "socks", 1080, ServerFd, TimeOut, Owner) == false)
366 return false;
367
368 /* We implement a very basic SOCKS5 client here complying mostly to RFC1928 expect
369 * for not offering GSSAPI auth which is a must (we only do no or user/pass auth).
370 * We also expect the SOCKS5 server to do hostname lookup (aka socks5h) */
371 std::string const ProxyInfo = URI::SiteOnly(Proxy);
372 Owner->Status(_("Connecting to %s (%s)"),"SOCKS5h proxy",ProxyInfo.c_str());
373 auto const Timeout = Owner->ConfigFindI("TimeOut", 120);
374 #define APT_WriteOrFail(TYPE, DATA, LENGTH) if (TalkToSocksProxy(ServerFd, ProxyInfo, TYPE, true, DATA, LENGTH, Timeout) == false) return false
375 #define APT_ReadOrFail(TYPE, DATA, LENGTH) if (TalkToSocksProxy(ServerFd, ProxyInfo, TYPE, false, DATA, LENGTH, Timeout) == false) return false
376 if (ServerName.Host.length() > 255)
377 return _error->Error("Can't use SOCKS5h as hostname %s is too long!", ServerName.Host.c_str());
378 if (Proxy.User.length() > 255 || Proxy.Password.length() > 255)
379 return _error->Error("Can't use user&pass auth as they are too long (%lu and %lu) for the SOCKS5!", Proxy.User.length(), Proxy.Password.length());
380 if (Proxy.User.empty())
381 {
382 uint8_t greeting[] = { 0x05, 0x01, 0x00 };
383 APT_WriteOrFail("greet-1", greeting, sizeof(greeting));
384 }
385 else
386 {
387 uint8_t greeting[] = { 0x05, 0x02, 0x00, 0x02 };
388 APT_WriteOrFail("greet-2", greeting, sizeof(greeting));
389 }
390 uint8_t greeting[2];
391 APT_ReadOrFail("greet back", greeting, sizeof(greeting));
392 if (greeting[0] != 0x05)
393 return _error->Error("SOCKS proxy %s greets back with wrong version: %d", ProxyInfo.c_str(), greeting[0]);
394 if (greeting[1] == 0x00)
395 ; // no auth has no method-dependent sub-negotiations
396 else if (greeting[1] == 0x02)
397 {
398 if (Proxy.User.empty())
399 return _error->Error("SOCKS proxy %s negotiated user&pass auth, but we had not offered it!", ProxyInfo.c_str());
400 // user&pass auth sub-negotiations are defined by RFC1929
401 std::vector<uint8_t> auth = {{ 0x01, static_cast<uint8_t>(Proxy.User.length()) }};
402 std::copy(Proxy.User.begin(), Proxy.User.end(), std::back_inserter(auth));
403 auth.push_back(static_cast<uint8_t>(Proxy.Password.length()));
404 std::copy(Proxy.Password.begin(), Proxy.Password.end(), std::back_inserter(auth));
405 APT_WriteOrFail("user&pass auth", auth.data(), auth.size());
406 uint8_t authstatus[2];
407 APT_ReadOrFail("auth report", authstatus, sizeof(authstatus));
408 if (authstatus[0] != 0x01)
409 return _error->Error("SOCKS proxy %s auth status response with wrong version: %d", ProxyInfo.c_str(), authstatus[0]);
410 if (authstatus[1] != 0x00)
411 return _error->Error("SOCKS proxy %s reported authorization failure: username or password incorrect? (%d)", ProxyInfo.c_str(), authstatus[1]);
412 }
413 else
414 return _error->Error("SOCKS proxy %s greets back having not found a common authorization method: %d", ProxyInfo.c_str(), greeting[1]);
415 union { uint16_t * i; uint8_t * b; } portu;
416 uint16_t port = htons(static_cast<uint16_t>(ServerName.Port == 0 ? 80 : ServerName.Port));
417 portu.i = &port;
418 std::vector<uint8_t> request = {{ 0x05, 0x01, 0x00, 0x03, static_cast<uint8_t>(ServerName.Host.length()) }};
419 std::copy(ServerName.Host.begin(), ServerName.Host.end(), std::back_inserter(request));
420 request.push_back(portu.b[0]);
421 request.push_back(portu.b[1]);
422 APT_WriteOrFail("request", request.data(), request.size());
423 uint8_t response[4];
424 APT_ReadOrFail("first part of response", response, sizeof(response));
425 if (response[0] != 0x05)
426 return _error->Error("SOCKS proxy %s response with wrong version: %d", ProxyInfo.c_str(), response[0]);
427 if (response[2] != 0x00)
428 return _error->Error("SOCKS proxy %s has unexpected non-zero reserved field value: %d", ProxyInfo.c_str(), response[2]);
429 std::string bindaddr;
430 if (response[3] == 0x01) // IPv4 address
431 {
432 uint8_t ip4port[6];
433 APT_ReadOrFail("IPv4+Port of response", ip4port, sizeof(ip4port));
434 portu.b[0] = ip4port[4];
435 portu.b[1] = ip4port[5];
436 port = ntohs(*portu.i);
437 strprintf(bindaddr, "%d.%d.%d.%d:%d", ip4port[0], ip4port[1], ip4port[2], ip4port[3], port);
438 }
439 else if (response[3] == 0x03) // hostname
440 {
441 uint8_t namelength;
442 APT_ReadOrFail("hostname length of response", &namelength, 1);
443 uint8_t hostname[namelength + 2];
444 APT_ReadOrFail("hostname of response", hostname, sizeof(hostname));
445 portu.b[0] = hostname[namelength];
446 portu.b[1] = hostname[namelength + 1];
447 port = ntohs(*portu.i);
448 hostname[namelength] = '\0';
449 strprintf(bindaddr, "%s:%d", hostname, port);
450 }
451 else if (response[3] == 0x04) // IPv6 address
452 {
453 uint8_t ip6port[18];
454 APT_ReadOrFail("IPv6+port of response", ip6port, sizeof(ip6port));
455 portu.b[0] = ip6port[16];
456 portu.b[1] = ip6port[17];
457 port = ntohs(*portu.i);
458 strprintf(bindaddr, "[%02X%02X:%02X%02X:%02X%02X:%02X%02X:%02X%02X:%02X%02X:%02X%02X:%02X%02X]:%d",
459 ip6port[0], ip6port[1], ip6port[2], ip6port[3], ip6port[4], ip6port[5], ip6port[6], ip6port[7],
460 ip6port[8], ip6port[9], ip6port[10], ip6port[11], ip6port[12], ip6port[13], ip6port[14], ip6port[15],
461 port);
462 }
463 else
464 return _error->Error("SOCKS proxy %s destination address is of unknown type: %d",
465 ProxyInfo.c_str(), response[3]);
466 if (response[1] != 0x00)
467 {
e40a4a3e
DK		 468 char const * errstr = nullptr;
469 auto errcode = response[1];
470 // Tor error reporting can be a bit arcane, lets try to detect & fix it up
471 if (bindaddr == "0.0.0.0:0")
61db4824 472 {
e40a4a3e
DK		 473 auto const lastdot = ServerName.Host.rfind('.');
474 if (lastdot == std::string::npos || ServerName.Host.substr(lastdot) != ".onion")
475 ;
476 else if (errcode == 0x01)
477 {
478 auto const prevdot = ServerName.Host.rfind('.', lastdot - 1);
479 if (lastdot == 16 && prevdot == std::string::npos)
480 ; // valid .onion address
481 else if (prevdot != std::string::npos && (lastdot - prevdot) == 17)
482 ; // valid .onion address with subdomain(s)
483 else
484 {
485 errstr = "Invalid hostname: onion service name must be 16 characters long";
486 Owner->SetFailReason("SOCKS");
487 }
488 }
489 // in all likelihood the service is either down or the address has
490 // a typo and so "Host unreachable" is the better understood error
491 // compared to the technically correct "TLL expired".
492 else if (errcode == 0x06)
493 errcode = 0x04;
61db4824 494 }
e40a4a3e
DK		 495 if (errstr == nullptr)
496 {
497 switch (errcode)
498 {
499 case 0x01: errstr = "general SOCKS server failure"; Owner->SetFailReason("SOCKS"); break;
500 case 0x02: errstr = "connection not allowed by ruleset"; Owner->SetFailReason("SOCKS"); break;
501 case 0x03: errstr = "Network unreachable"; Owner->SetFailReason("ConnectionTimedOut"); break;
502 case 0x04: errstr = "Host unreachable"; Owner->SetFailReason("ConnectionTimedOut"); break;
503 case 0x05: errstr = "Connection refused"; Owner->SetFailReason("ConnectionRefused"); break;
504 case 0x06: errstr = "TTL expired"; Owner->SetFailReason("Timeout"); break;
505 case 0x07: errstr = "Command not supported"; Owner->SetFailReason("SOCKS"); break;
506 case 0x08: errstr = "Address type not supported"; Owner->SetFailReason("SOCKS"); break;
507 default: errstr = "Unknown error"; Owner->SetFailReason("SOCKS"); break;
508 }
509 }
510 return _error->Error("SOCKS proxy %s could not connect to %s (%s) due to: %s (%d)",
511 ProxyInfo.c_str(), ServerName.Host.c_str(), bindaddr.c_str(), errstr, response[1]);
61db4824
DK		 512 }
513 else if (Owner->DebugEnabled())
e40a4a3e
DK		 514 ioprintf(std::clog, "http: SOCKS proxy %s connection established to %s (%s)\n",
515 ProxyInfo.c_str(), ServerName.Host.c_str(), bindaddr.c_str());
61db4824
DK		 516
517 if (WaitFd(ServerFd, true, Timeout) == false)
e40a4a3e
DK		 518 return _error->Error("SOCKS proxy %s reported connection to %s (%s), but timed out",
519 ProxyInfo.c_str(), ServerName.Host.c_str(), bindaddr.c_str());
61db4824
DK		 520 #undef APT_ReadOrFail
521 #undef APT_WriteOrFail
be4401bf
AL		 522 }
523 else
524 {
61db4824
DK		 525 // Determine what host and port to use based on the proxy settings
526 int Port = 0;
527 string Host;
528 if (Proxy.empty() == true || Proxy.Host.empty() == true)
529 {
530 if (ServerName.Port != 0)
531 Port = ServerName.Port;
532 Host = ServerName.Host;
533 }
534 else if (Proxy.Access != "http")
535 return _error->Error("Unsupported proxy configured: %s", URI::SiteOnly(Proxy).c_str());
536 else
537 {
538 if (Proxy.Port != 0)
539 Port = Proxy.Port;
540 Host = Proxy.Host;
541 }
542 return Connect(Host,Port,"http",80,ServerFd,TimeOut,Owner);
be4401bf 543 }
be4401bf
AL		 544 return true;
545}
546 /*}}}*/
7330f4df 547// HttpServerState::Close - Close a connection to the server /*{{{*/
be4401bf
AL		 548// ---------------------------------------------------------------------
549/* */
7330f4df 550bool HttpServerState::Close()
be4401bf
AL		 551{
552 close(ServerFd);
553 ServerFd = -1;
be4401bf
AL		 554 return true;
555}
556 /*}}}*/
7330f4df
DK		 557// HttpServerState::RunData - Transfer the data from the socket /*{{{*/
558bool HttpServerState::RunData(FileFd * const File)
be4401bf
AL		 559{
560 State = Data;
561
562 // Chunked transfer encoding is fun..
563 if (Encoding == Chunked)
564 {
565 while (1)
566 {
567 // Grab the block size
568 bool Last = true;
569 string Data;
570 In.Limit(-1);
571 do
572 {
573 if (In.WriteTillEl(Data,true) == true)
574 break;
575 }
7330f4df 576 while ((Last = Go(false, File)) == true);
be4401bf
AL		 577
578 if (Last == false)
579 return false;
580
581 // See if we are done
650faab0 582 unsigned long long Len = strtoull(Data.c_str(),0,16);
be4401bf
AL		 583 if (Len == 0)
584 {
585 In.Limit(-1);
586
587 // We have to remove the entity trailer
588 Last = true;
589 do
590 {
591 if (In.WriteTillEl(Data,true) == true && Data.length() <= 2)
592 break;
593 }
7330f4df 594 while ((Last = Go(false, File)) == true);
be4401bf
AL		 595 if (Last == false)
596 return false;
e1b96638 597 return !_error->PendingError();
be4401bf
AL		 598 }
599
600 // Transfer the block
601 In.Limit(Len);
7330f4df 602 while (Go(true, File) == true)
be4401bf
AL		 603 if (In.IsLimit() == true)
604 break;
605
606 // Error
607 if (In.IsLimit() == false)
608 return false;
609
610 // The server sends an extra new line before the next block specifier..
611 In.Limit(-1);
612 Last = true;
613 do
614 {
615 if (In.WriteTillEl(Data,true) == true)
616 break;
617 }
7330f4df 618 while ((Last = Go(false, File)) == true);
be4401bf
AL		 619 if (Last == false)
620 return false;
92e889c8 621 }
be4401bf
AL		 622 }
623 else
624 {
625 /* Closes encoding is used when the server did not specify a size, the
626 loss of the connection means we are done */
99968cf7 627 if (JunkSize != 0)
ed793a19 628 In.Limit(JunkSize);
99968cf7 629 else if (DownloadSize != 0)
ceafe8a6 630 In.Limit(DownloadSize);
99968cf7
DK		 631 else if (Persistent == false)
632 In.Limit(-1);
be4401bf
AL		 633
634 // Just transfer the whole block.
635 do
636 {
637 if (In.IsLimit() == false)
638 continue;
639
640 In.Limit(-1);
e1b96638 641 return !_error->PendingError();
be4401bf 642 }
7330f4df 643 while (Go(true, File) == true);
be4401bf
AL		 644 }
645
7330f4df 646 return Owner->Flush() && !_error->PendingError();
be4401bf
AL		 647}
648 /*}}}*/
57401c48
DK		 649bool HttpServerState::RunDataToDevNull() /*{{{*/
650{
11c96d76
DK		 651 // no need to clean up if we discard the connection anyhow
652 if (Persistent == false)
653 return true;
57401c48
DK		 654 FileFd DevNull("/dev/null", FileFd::WriteOnly);
655 return RunData(&DevNull);
656}
657 /*}}}*/
7330f4df 658bool HttpServerState::ReadHeaderLines(std::string &Data) /*{{{*/
be4401bf 659{
7330f4df
DK		 660 return In.WriteTillEl(Data);
661}
662 /*}}}*/
663bool HttpServerState::LoadNextResponse(bool const ToFile, FileFd * const File)/*{{{*/
664{
665 return Go(ToFile, File);
666}
667 /*}}}*/
668bool HttpServerState::WriteResponse(const std::string &Data) /*{{{*/
669{
670 return Out.Read(Data);
671}
672 /*}}}*/
a02db58f 673APT_PURE bool HttpServerState::IsOpen() /*{{{*/
7330f4df
DK		 674{
675 return (ServerFd != -1);
676}
677 /*}}}*/
34faa8f7 678bool HttpServerState::InitHashes(HashStringList const &ExpectedHashes) /*{{{*/
7330f4df
DK		 679{
680 delete In.Hash;
9224ce3d 681 In.Hash = new Hashes(ExpectedHashes);
34faa8f7 682 return true;
7330f4df
DK		 683}
684 /*}}}*/
ebdb6f18
DK		 685void HttpServerState::Reset(bool const Everything) /*{{{*/
686{
687 ServerState::Reset(Everything);
688 if (Everything)
689 ServerFd = -1;
690}
691 /*}}}*/
34faa8f7 692
a02db58f 693APT_PURE Hashes * HttpServerState::GetHashes() /*{{{*/
7330f4df
DK		 694{
695 return In.Hash;
696}
697 /*}}}*/
698// HttpServerState::Die - The server has closed the connection. /*{{{*/
44605518 699bool HttpServerState::Die(FileFd * const File)
7330f4df
DK		 700{
701 unsigned int LErrno = errno;
be4401bf 702
7330f4df
DK		 703 // Dump the buffer to the file
704 if (State == ServerState::Data)
be4401bf 705 {
44605518
DK		 706 if (File == nullptr)
707 return true;
7330f4df
DK		 708 // on GNU/kFreeBSD, apt dies on /dev/null because non-blocking
709 // can't be set
44605518
DK		 710 if (File->Name() != "/dev/null")
711 SetNonBlock(File->Fd(),false);
7330f4df 712 while (In.WriteSpace() == true)
be4401bf 713 {
44605518 714 if (In.Write(File->Fd()) == false)
7330f4df 715 return _error->Errno("write",_("Error writing to the file"));
e836f356 716
7330f4df
DK		 717 // Done
718 if (In.IsLimit() == true)
719 return true;
e836f356 720 }
7330f4df 721 }
b2e465d6 722
7330f4df
DK		 723 // See if this is because the server finished the data stream
724 if (In.IsLimit() == false && State != HttpServerState::Header &&
117038ba 725 Persistent == true)
be4401bf 726 {
7330f4df
DK		 727 Close();
728 if (LErrno == 0)
729 return _error->Error(_("Error reading from server. Remote end closed connection"));
730 errno = LErrno;
731 return _error->Errno("read",_("Error reading from server"));
be4401bf 732 }
7330f4df 733 else
92e889c8 734 {
7330f4df
DK		 735 In.Limit(-1);
736
737 // Nothing left in the buffer
738 if (In.WriteSpace() == false)
739 return false;
740
741 // We may have got multiple responses back in one packet..
742 Close();
92e889c8
AL		 743 return true;
744 }
331e8396 745
7330f4df
DK		 746 return false;
747}
748 /*}}}*/
749// HttpServerState::Flush - Dump the buffer into the file /*{{{*/
750// ---------------------------------------------------------------------
751/* This takes the current input buffer from the Server FD and writes it
752 into the file */
753bool HttpServerState::Flush(FileFd * const File)
754{
755 if (File != NULL)
756 {
757 // on GNU/kFreeBSD, apt dies on /dev/null because non-blocking
758 // can't be set
759 if (File->Name() != "/dev/null")
760 SetNonBlock(File->Fd(),false);
761 if (In.WriteSpace() == false)
762 return true;
763
764 while (In.WriteSpace() == true)
331e8396 765 {
7330f4df
DK		 766 if (In.Write(File->Fd()) == false)
767 return _error->Errno("write",_("Error writing to file"));
768 if (In.IsLimit() == true)
769 return true;
331e8396 770 }
7330f4df 771
117038ba 772 if (In.IsLimit() == true || Persistent == false)
7330f4df 773 return true;
be4401bf 774 }
7330f4df
DK		 775 return false;
776}
777 /*}}}*/
778// HttpServerState::Go - Run a single loop /*{{{*/
779// ---------------------------------------------------------------------
780/* This runs the select loop over the server FDs, Output file FDs and
781 stdin. */
782bool HttpServerState::Go(bool ToFile, FileFd * const File)
783{
784 // Server has closed the connection
785 if (ServerFd == -1 && (In.WriteSpace() == false ||
786 ToFile == false))
787 return false;
788
789 fd_set rfds,wfds;
790 FD_ZERO(&rfds);
791 FD_ZERO(&wfds);
792
793 /* Add the server. We only send more requests if the connection will
794 be persisting */
795 if (Out.WriteSpace() == true && ServerFd != -1
796 && Persistent == true)
797 FD_SET(ServerFd,&wfds);
798 if (In.ReadSpace() == true && ServerFd != -1)
799 FD_SET(ServerFd,&rfds);
be4401bf 800
7330f4df
DK		 801 // Add the file
802 int FileFD = -1;
803 if (File != NULL)
804 FileFD = File->Fd();
805
806 if (In.WriteSpace() == true && ToFile == true && FileFD != -1)
807 FD_SET(FileFD,&wfds);
808
809 // Add stdin
30060442 810 if (Owner->ConfigFindB("DependOnSTDIN", true) == true)
7330f4df
DK		 811 FD_SET(STDIN_FILENO,&rfds);
812
813 // Figure out the max fd
814 int MaxFd = FileFD;
815 if (MaxFd < ServerFd)
816 MaxFd = ServerFd;
817
818 // Select
819 struct timeval tv;
820 tv.tv_sec = TimeOut;
821 tv.tv_usec = 0;
822 int Res = 0;
823 if ((Res = select(MaxFd+1,&rfds,&wfds,0,&tv)) < 0)
be4401bf 824 {
7330f4df
DK		 825 if (errno == EINTR)
826 return true;
827 return _error->Errno("select",_("Select failed"));
be4401bf 828 }
7330f4df
DK		 829
830 if (Res == 0)
e836f356 831 {
7330f4df 832 _error->Error(_("Connection timed out"));
44605518 833 return Die(File);
e836f356
AL		 834 }
835
7330f4df
DK		 836 // Handle server IO
837 if (ServerFd != -1 && FD_ISSET(ServerFd,&rfds))
be4401bf 838 {
7330f4df
DK		 839 errno = 0;
840 if (In.Read(ServerFd) == false)
44605518 841 return Die(File);
7330f4df
DK		 842 }
843
844 if (ServerFd != -1 && FD_ISSET(ServerFd,&wfds))
845 {
846 errno = 0;
847 if (Out.Write(ServerFd) == false)
44605518 848 return Die(File);
be4401bf
AL		 849 }
850
7330f4df
DK		 851 // Send data to the file
852 if (FileFD != -1 && FD_ISSET(FileFD,&wfds))
15d7e515 853 {
7330f4df
DK		 854 if (In.Write(FileFD) == false)
855 return _error->Errno("write",_("Error writing to output file"));
15d7e515
MV		 856 }
857
c48eea97 858 if (MaximumSize > 0 && File && File->Tell() > MaximumSize)
a2d40703 859 {
ee279506 860 Owner->SetFailReason("MaximumSizeExceeded");
dcd5856b 861 return _error->Error("Writing more data than expected (%llu > %llu)",
c48eea97 862 File->Tell(), MaximumSize);
a2d40703 863 }
dcd5856b 864
7330f4df
DK		 865 // Handle commands from APT
866 if (FD_ISSET(STDIN_FILENO,&rfds))
867 {
868 if (Owner->Run(true) != -1)
869 exit(100);
870 }
871
be4401bf
AL		 872 return true;
873}
874 /*}}}*/
875
876// HttpMethod::SendReq - Send the HTTP request /*{{{*/
877// ---------------------------------------------------------------------
878/* This places the http request in the outbound buffer */
7330f4df 879void HttpMethod::SendReq(FetchItem *Itm)
be4401bf
AL		 880{
881 URI Uri = Itm->Uri;
30060442
DK		 882 {
883 auto const plus = Binary.find('+');
884 if (plus != std::string::npos)
885 Uri.Access = Binary.substr(plus + 1);
886 }
c1a22377 887
be4401bf 888 // The HTTP server expects a hostname with a trailing :port
b123b0ba 889 std::stringstream Req;
5b63d2a9
MV		 890 string ProperHost;
891
892 if (Uri.Host.find(':') != string::npos)
893 ProperHost = '[' + Uri.Host + ']';
894 else
895 ProperHost = Uri.Host;
f2380a78
DK		 896
897 /* RFC 2616 ยง5.1.2 requires absolute URIs for requests to proxies,
898 but while its a must for all servers to accept absolute URIs,
899 it is assumed clients will sent an absolute path for non-proxies */
900 std::string requesturi;
61db4824 901 if (Server->Proxy.Access != "http" || Server->Proxy.empty() == true || Server->Proxy.Host.empty())
f2380a78
DK		 902 requesturi = Uri.Path;
903 else
30060442 904 requesturi = Uri;
f2380a78
DK		 905
906 // The "+" is encoded as a workaround for a amazon S3 bug
907 // see LP bugs #1003633 and #1086997.
908 requesturi = QuoteString(requesturi, "+~ ");
909
2b9c9b7f
RG		 910 /* Build the request. No keep-alive is included as it is the default
911 in 1.1, can cause problems with proxies, and we are an HTTP/1.1
912 client anyway.
913 C.f. https://tools.ietf.org/wg/httpbis/trac/ticket/158 */
b123b0ba
DK		 914 Req << "GET " << requesturi << " HTTP/1.1\r\n";
915 if (Uri.Port != 0)
b58e2c7c 916 Req << "Host: " << ProperHost << ":" << std::to_string(Uri.Port) << "\r\n";
b123b0ba
DK		 917 else
918 Req << "Host: " << ProperHost << "\r\n";
f2380a78 919
c9cd3b70 920 // generate a cache control header (if needed)
30060442 921 if (ConfigFindB("No-Cache",false) == true)
b123b0ba
DK		 922 Req << "Cache-Control: no-cache\r\n"
923 << "Pragma: no-cache\r\n";
924 else if (Itm->IndexFile == true)
30060442
DK		 925 Req << "Cache-Control: max-age=" << std::to_string(ConfigFindI("Max-Age", 0)) << "\r\n";
926 else if (ConfigFindB("No-Store", false) == true)
b123b0ba 927 Req << "Cache-Control: no-store\r\n";
106e6740 928
6f4501f9 929 // If we ask for uncompressed files servers might respond with content-
1e3f4083 930 // negotiation which lets us end up with compressed files we do not support,
6f4501f9
DK		 931 // see 657029, 657560 and co, so if we have no extension on the request
932 // ask for text only. As a sidenote: If there is nothing to negotate servers
933 // seem to be nice and ignore it.
30060442 934 if (ConfigFindB("SendAccept", true) == true)
6f4501f9
DK		 935 {
936 size_t const filepos = Itm->Uri.find_last_of('/');
937 string const file = Itm->Uri.substr(filepos + 1);
938 if (flExtension(file) == file)
b123b0ba 939 Req << "Accept: text/*\r\n";
6f4501f9
DK		 940 }
941
b123b0ba 942 // Check for a partial file and send if-queries accordingly
be4401bf 943 struct stat SBuf;
d94b1d80 944 if (Server->RangesAllowed && stat(Itm->DestFile.c_str(),&SBuf) >= 0 && SBuf.st_size > 0)
7303e11f 945 Req << "Range: bytes=" << std::to_string(SBuf.st_size) << "-\r\n"
0b45b6e5 946 << "If-Range: " << TimeRFC1123(SBuf.st_mtime, false) << "\r\n";
b123b0ba 947 else if (Itm->LastModified != 0)
0b45b6e5 948 Req << "If-Modified-Since: " << TimeRFC1123(Itm->LastModified, false).c_str() << "\r\n";
be4401bf 949
61db4824
DK		 950 if (Server->Proxy.Access == "http" &&
951 (Server->Proxy.User.empty() == false || Server->Proxy.Password.empty() == false))
b123b0ba
DK		 952 Req << "Proxy-Authorization: Basic "
953 << Base64Encode(Server->Proxy.User + ":" + Server->Proxy.Password) << "\r\n";
be4401bf 954
1de1f703 955 maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc"));
b2e465d6 956 if (Uri.User.empty() == false || Uri.Password.empty() == false)
b123b0ba
DK		 957 Req << "Authorization: Basic "
958 << Base64Encode(Uri.User + ":" + Uri.Password) << "\r\n";
959
30060442 960 Req << "User-Agent: " << ConfigFind("User-Agent",
b123b0ba
DK		 961 "Debian APT-HTTP/1.3 (" PACKAGE_VERSION ")") << "\r\n";
962
963 Req << "\r\n";
964
c98b1307 965 if (Debug == true)
7b734b09 966 cerr << Req.str() << endl;
c1a22377 967
b123b0ba 968 Server->WriteResponse(Req.str());
be4401bf
AL		 969}
970 /*}}}*/
830a1b8c 971std::unique_ptr<ServerState> HttpMethod::CreateServerState(URI const &uri)/*{{{*/
7330f4df 972{
830a1b8c 973 return std::unique_ptr<ServerState>(new HttpServerState(uri, this));
7330f4df
DK		 974}
975 /*}}}*/
fd46d305
DK		 976void HttpMethod::RotateDNS() /*{{{*/
977{
978 ::RotateDNS();
979}
980 /*}}}*/
4bba5a88
DK		 981ServerMethod::DealWithHeadersResult HttpMethod::DealWithHeaders(FetchResult &Res)/*{{{*/
982{
983 auto ret = ServerMethod::DealWithHeaders(Res);
984 if (ret != ServerMethod::FILE_IS_OPEN)
985 return ret;
986
987 // Open the file
988 delete File;
989 File = new FileFd(Queue->DestFile,FileFd::WriteAny);
990 if (_error->PendingError() == true)
991 return ERROR_NOT_FROM_SERVER;
992
993 FailFile = Queue->DestFile;
994 FailFile.c_str(); // Make sure we don't do a malloc in the signal handler
995 FailFd = File->Fd();
996 FailTime = Server->Date;
997
998 if (Server->InitHashes(Queue->ExpectedHashes) == false || Server->AddPartialFileToHashes(*File) == false)
999 {
1000 _error->Errno("read",_("Problem hashing file"));
1001 return ERROR_NOT_FROM_SERVER;
1002 }
1003 if (Server->StartPos > 0)
1004 Res.ResumePoint = Server->StartPos;
1005
1006 SetNonBlock(File->Fd(),true);
1007 return FILE_IS_OPEN;
1008}
1009 /*}}}*/
30060442
DK		 1010HttpMethod::HttpMethod(std::string &&pProg) : ServerMethod(pProg.c_str(), "1.2", Pipeline | SendConfig)/*{{{*/
1011{
1012 auto addName = std::inserter(methodNames, methodNames.begin());
1013 if (Binary != "http")
1014 addName = "http";
1015 auto const plus = Binary.find('+');
1016 if (plus != std::string::npos)
1017 addName = Binary.substr(0, plus);
1018 File = 0;
1019 Server = 0;
1020}
1021 /*}}}*/
APT (for Cydia)