]> git.saurik.com Git - apt.git/blame - apt-private/private-download.cc
forbid insecure repositories by default expect in apt-get
[apt.git] / apt-private / private-download.cc
CommitLineData
866893a6
DK
1// Include Files /*{{{*/
2#include <config.h>
3
4#include <apt-pkg/acquire.h>
5#include <apt-pkg/acquire-item.h>
9055d5e6
DK
6#include <apt-pkg/cacheset.h>
7#include <apt-pkg/cmndline.h>
8#include <apt-pkg/clean.h>
866893a6
DK
9#include <apt-pkg/configuration.h>
10#include <apt-pkg/error.h>
460601d5 11#include <apt-pkg/fileutl.h>
866893a6
DK
12#include <apt-pkg/strutl.h>
13
9055d5e6 14#include <apt-private/private-cachefile.h>
453b82a3 15#include <apt-private/private-download.h>
9055d5e6
DK
16#include <apt-private/private-output.h>
17#include <apt-private/private-utils.h>
2b0660b5 18#include <apt-private/acqprogress.h>
866893a6
DK
19
20#include <fstream>
21#include <string>
22#include <vector>
23
460601d5
DK
24#include <unistd.h>
25#include <sys/types.h>
26#include <pwd.h>
27#include <fcntl.h>
9c81f8de
DK
28#include <sys/vfs.h>
29#include <sys/statvfs.h>
30c8107e 30#include <sys/stat.h>
9c81f8de 31#include <errno.h>
460601d5 32
866893a6
DK
33#include <apti18n.h>
34 /*}}}*/
35
36// CheckAuth - check if each download comes form a trusted source /*{{{*/
37bool CheckAuth(pkgAcquire& Fetcher, bool const PromptUser)
38{
9112f777 39 std::vector<std::string> UntrustedList;
866893a6
DK
40 for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I < Fetcher.ItemsEnd(); ++I)
41 if (!(*I)->IsTrusted())
9112f777 42 UntrustedList.push_back((*I)->ShortDesc());
866893a6 43
9112f777 44 if (UntrustedList.empty())
866893a6
DK
45 return true;
46
a3f1d60c
MV
47 return AuthPrompt(UntrustedList, PromptUser);
48}
2b0660b5
DK
49 /*}}}*/
50bool AuthPrompt(std::vector<std::string> const &UntrustedList, bool const PromptUser)/*{{{*/
a3f1d60c 51{
9112f777
DK
52 ShowList(c2out,_("WARNING: The following packages cannot be authenticated!"), UntrustedList,
53 [](std::string const&) { return true; },
54 [](std::string const&str) { return str; },
55 [](std::string const&) { return ""; });
866893a6
DK
56
57 if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
58 {
59 c2out << _("Authentication warning overridden.\n");
60 return true;
61 }
62
63 if (PromptUser == false)
64 return _error->Error(_("Some packages could not be authenticated"));
65
66 if (_config->FindI("quiet",0) < 2
67 && _config->FindB("APT::Get::Assume-Yes",false) == false)
68 {
fd789740 69 if (!YnPrompt(_("Install these packages without verification?"), false))
866893a6
DK
70 return _error->Error(_("Some packages could not be authenticated"));
71
72 return true;
73 }
b381a482
JAK
74 else if (_config->FindB("APT::Get::Force-Yes",false) == true) {
75 _error->Warning(_("--force-yes is deprecated, use one of the options starting with --allow instead."));
866893a6 76 return true;
b381a482 77 }
866893a6 78
b381a482 79 return _error->Error(_("There were unauthenticated packages and -y was used without --allow-unauthenticated"));
866893a6
DK
80}
81 /*}}}*/
82bool AcquireRun(pkgAcquire &Fetcher, int const PulseInterval, bool * const Failure, bool * const TransientNetworkFailure)/*{{{*/
83{
84 pkgAcquire::RunResult res;
85 if(PulseInterval > 0)
86 res = Fetcher.Run(PulseInterval);
87 else
88 res = Fetcher.Run();
89
90 if (res == pkgAcquire::Failed)
91 return false;
92
93 for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin();
94 I != Fetcher.ItemsEnd(); ++I)
95 {
96
97 if ((*I)->Status == pkgAcquire::Item::StatDone &&
98 (*I)->Complete == true)
99 continue;
100
101 if (TransientNetworkFailure != NULL && (*I)->Status == pkgAcquire::Item::StatIdle)
102 {
103 *TransientNetworkFailure = true;
104 continue;
105 }
106
107 ::URI uri((*I)->DescURI());
108 uri.User.clear();
109 uri.Password.clear();
110 std::string descUri = std::string(uri);
3f760434 111 _error->Error(_("Failed to fetch %s %s"), descUri.c_str(),
866893a6
DK
112 (*I)->ErrorText.c_str());
113
114 if (Failure != NULL)
115 *Failure = true;
116 }
117
118 return true;
119}
120 /*}}}*/
9c81f8de
DK
121bool CheckFreeSpaceBeforeDownload(std::string const &Dir, unsigned long long FetchBytes)/*{{{*/
122{
123 uint32_t const RAMFS_MAGIC = 0x858458f6;
124 /* Check for enough free space, but only if we are actually going to
125 download */
126 if (_config->FindB("APT::Get::Print-URIs", false) == true ||
127 _config->FindB("APT::Get::Download", true) == false)
128 return true;
129
130 struct statvfs Buf;
131 if (statvfs(Dir.c_str(),&Buf) != 0) {
132 if (errno == EOVERFLOW)
133 return _error->WarningE("statvfs",_("Couldn't determine free space in %s"),
134 Dir.c_str());
135 else
136 return _error->Errno("statvfs",_("Couldn't determine free space in %s"),
137 Dir.c_str());
138 }
139 else
140 {
141 unsigned long long const FreeBlocks = _config->Find("APT::Sandbox::User").empty() ? Buf.f_bfree : Buf.f_bavail;
142 if (FreeBlocks < (FetchBytes / Buf.f_bsize))
143 {
144 struct statfs Stat;
145 if (statfs(Dir.c_str(),&Stat) != 0
146#if HAVE_STRUCT_STATFS_F_TYPE
147 || Stat.f_type != RAMFS_MAGIC
148#endif
149 )
150 return _error->Error(_("You don't have enough free space in %s."),
151 Dir.c_str());
152 }
153 }
154 return true;
155}
156 /*}}}*/
2b0660b5
DK
157
158aptAcquireWithTextStatus::aptAcquireWithTextStatus() : pkgAcquire::pkgAcquire(),
159 Stat(std::cout, ScreenWidth, _config->FindI("quiet",0))
160{
161 SetLog(&Stat);
162}
9055d5e6
DK
163
164// DoDownload - download a binary /*{{{*/
165bool DoDownload(CommandLine &CmdL)
166{
167 CacheFile Cache;
168 if (Cache.ReadOnlyOpen() == false)
169 return false;
170
171 APT::CacheSetHelper helper;
172 APT::VersionSet verset = APT::VersionSet::FromCommandLine(Cache,
173 CmdL.FileList + 1, APT::CacheSetHelper::CANDIDATE, helper);
174
175 if (verset.empty() == true)
176 return false;
177
178 pkgRecords Recs(Cache);
179 pkgSourceList *SrcList = Cache.GetSourceList();
180
181 // reuse the usual acquire methods for deb files, but don't drop them into
182 // the usual directories - keep everything in the current directory
183 aptAcquireWithTextStatus Fetcher;
184 std::vector<std::string> storefile(verset.size());
185 std::string const cwd = SafeGetCWD();
186 _config->Set("Dir::Cache::Archives", cwd);
187 int i = 0;
188 for (APT::VersionSet::const_iterator Ver = verset.begin();
189 Ver != verset.end(); ++Ver, ++i)
190 {
191 pkgAcquire::Item *I = new pkgAcqArchive(&Fetcher, SrcList, &Recs, *Ver, storefile[i]);
192 if (storefile[i].empty())
193 continue;
194 std::string const filename = cwd + flNotDir(storefile[i]);
195 storefile[i].assign(filename);
196 I->DestFile.assign(filename);
197 }
198
199 // Just print out the uris and exit if the --print-uris flag was used
200 if (_config->FindB("APT::Get::Print-URIs") == true)
201 {
202 pkgAcquire::UriIterator I = Fetcher.UriBegin();
203 for (; I != Fetcher.UriEnd(); ++I)
204 std::cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' <<
205 I->Owner->FileSize << ' ' << I->Owner->HashSum() << std::endl;
206 return true;
207 }
208
209 if (_error->PendingError() == true || CheckAuth(Fetcher, false) == false)
210 return false;
211
212 bool Failed = false;
213 if (AcquireRun(Fetcher, 0, &Failed, NULL) == false)
214 return false;
215
216 // copy files in local sources to the current directory
217 for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I != Fetcher.ItemsEnd(); ++I)
218 {
219 std::string const filename = cwd + flNotDir((*I)->DestFile);
220 if ((*I)->Local == true &&
221 filename != (*I)->DestFile &&
222 (*I)->Status == pkgAcquire::Item::StatDone)
223 {
224 std::ifstream src((*I)->DestFile.c_str(), std::ios::binary);
225 std::ofstream dst(filename.c_str(), std::ios::binary);
226 dst << src.rdbuf();
30c8107e 227 chmod(filename.c_str(), 0644);
9055d5e6
DK
228 }
229 }
230 return Failed == false;
231}
232 /*}}}*/
233// DoChangelog - Get changelog from the command line /*{{{*/
234bool DoChangelog(CommandLine &CmdL)
235{
236 CacheFile Cache;
237 if (Cache.ReadOnlyOpen() == false)
238 return false;
239
240 APT::CacheSetHelper helper;
241 APT::VersionList verset = APT::VersionList::FromCommandLine(Cache,
242 CmdL.FileList + 1, APT::CacheSetHelper::CANDIDATE, helper);
243 if (verset.empty() == true)
244 return false;
245
246 bool const downOnly = _config->FindB("APT::Get::Download-Only", false);
247 bool const printOnly = _config->FindB("APT::Get::Print-URIs", false);
b5aba909
DK
248 if (printOnly)
249 _config->CndSet("Acquire::Changelogs::AlwaysOnline", true);
9055d5e6
DK
250
251 aptAcquireWithTextStatus Fetcher;
252 for (APT::VersionList::const_iterator Ver = verset.begin();
253 Ver != verset.end();
254 ++Ver)
255 {
256 if (printOnly)
257 new pkgAcqChangelog(&Fetcher, Ver, "/dev/null");
258 else if (downOnly)
259 new pkgAcqChangelog(&Fetcher, Ver, ".");
260 else
261 new pkgAcqChangelog(&Fetcher, Ver);
262 }
263
264 if (printOnly == false)
265 {
266 bool Failed = false;
267 if (AcquireRun(Fetcher, 0, &Failed, NULL) == false || Failed == true)
268 return false;
269 }
270
271 if (downOnly == false || printOnly == true)
272 {
273 bool Failed = false;
274 for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I != Fetcher.ItemsEnd(); ++I)
275 {
276 if (printOnly)
277 {
278 if ((*I)->ErrorText.empty() == false)
279 {
280 Failed = true;
281 _error->Error("%s", (*I)->ErrorText.c_str());
282 }
283 else
284 std::cout << '\'' << (*I)->DescURI() << "' " << flNotDir((*I)->DestFile) << std::endl;
285 }
286 else
287 DisplayFileInPager((*I)->DestFile);
288 }
289 return Failed == false;
290 }
291
292 return true;
293}
294 /*}}}*/
295
296// DoClean - Remove download archives /*{{{*/
297bool DoClean(CommandLine &)
298{
299 std::string const archivedir = _config->FindDir("Dir::Cache::archives");
300 std::string const listsdir = _config->FindDir("Dir::state::lists");
301
302 if (_config->FindB("APT::Get::Simulate") == true)
303 {
304 std::string const pkgcache = _config->FindFile("Dir::cache::pkgcache");
305 std::string const srcpkgcache = _config->FindFile("Dir::cache::srcpkgcache");
306 std::cout << "Del " << archivedir << "* " << archivedir << "partial/*"<< std::endl
307 << "Del " << listsdir << "partial/*" << std::endl
308 << "Del " << pkgcache << " " << srcpkgcache << std::endl;
309 return true;
310 }
311
312 pkgAcquire Fetcher;
8d968cc2
DK
313 if (archivedir.empty() == false && FileExists(archivedir) == true &&
314 Fetcher.GetLock(archivedir) == true)
dffc17ba 315 {
dffc17ba
DK
316 Fetcher.Clean(archivedir);
317 Fetcher.Clean(archivedir + "partial/");
318 }
9055d5e6 319
8d968cc2
DK
320 if (listsdir.empty() == false && FileExists(listsdir) == true &&
321 Fetcher.GetLock(listsdir) == true)
dffc17ba 322 {
dffc17ba
DK
323 Fetcher.Clean(listsdir + "partial/");
324 }
9055d5e6
DK
325
326 pkgCacheFile::RemoveCaches();
327
328 return true;
329}
330 /*}}}*/
331// DoAutoClean - Smartly remove downloaded archives /*{{{*/
332// ---------------------------------------------------------------------
333/* This is similar to clean but it only purges things that cannot be
334 downloaded, that is old versions of cached packages. */
335 class LogCleaner : public pkgArchiveCleaner
336{
337 protected:
338 virtual void Erase(const char *File, std::string Pkg, std::string Ver,struct stat &St) APT_OVERRIDE
339 {
340 c1out << "Del " << Pkg << " " << Ver << " [" << SizeToStr(St.st_size) << "B]" << std::endl;
341
342 if (_config->FindB("APT::Get::Simulate") == false)
ce1f3a2c 343 RemoveFile("Cleaner::Erase", File);
9055d5e6
DK
344 };
345};
346bool DoAutoClean(CommandLine &)
347{
dffc17ba
DK
348 std::string const archivedir = _config->FindDir("Dir::Cache::Archives");
349 if (FileExists(archivedir) == false)
350 return true;
351
9055d5e6
DK
352 // Lock the archive directory
353 FileFd Lock;
354 if (_config->FindB("Debug::NoLocking",false) == false)
355 {
dffc17ba 356 int lock_fd = GetLock(flCombine(archivedir, "lock"));
9055d5e6
DK
357 if (lock_fd < 0)
358 return _error->Error(_("Unable to lock the download directory"));
359 Lock.Fd(lock_fd);
360 }
361
362 CacheFile Cache;
363 if (Cache.Open() == false)
364 return false;
365
366 LogCleaner Cleaner;
367
dffc17ba
DK
368 return Cleaner.Go(archivedir, *Cache) &&
369 Cleaner.Go(flCombine(archivedir, "partial/"), *Cache);
9055d5e6
DK
370}
371 /*}}}*/