[apt.git] / apt-private / private-download.cc

// Include Files							/*{{{*/
#include <config.h>

#include <apt-pkg/acquire.h>
#include <apt-pkg/acquire-item.h>
#include <apt-pkg/configuration.h>
#include <apt-pkg/error.h>
#include <apt-pkg/fileutl.h>
#include <apt-pkg/strutl.h>

#include <apt-private/private-output.h>
#include <apt-private/private-download.h>

#include <fstream>
#include <string>
#include <vector>

#include <unistd.h>
#include <sys/types.h>
#include <pwd.h>
#include <fcntl.h>

#include <apti18n.h>
									/*}}}*/

bool CheckDropPrivsMustBeDisabled(pkgAcquire &Fetcher)			/*{{{*/
{
   // no need/possibility to drop privs
   if(getuid() != 0)
      return true;

   // the user does not want to drop privs
   std::string SandboxUser = _config->Find("APT::Sandbox::User");
   if (SandboxUser.empty())
      return true;

   struct passwd const * const pw = getpwnam(SandboxUser.c_str());
   if (pw == NULL)
      return true;

   if (seteuid(pw->pw_uid) != 0)
      return _error->Errno("seteuid", "seteuid %u failed", pw->pw_uid);

   bool res = true;
   // check if we can write to destfile
   for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin();
	I != Fetcher.ItemsEnd() && res == true; ++I)
   {
      int fd = open((*I)->DestFile.c_str(), O_CREAT | O_RDWR, 0600);
      if (fd < 0)
      {
	 res = false;
	 std::string msg;
	 strprintf(msg, _("Can't drop privileges for downloading as file '%s' couldn't be accessed by user '%s'."),
	       (*I)->DestFile.c_str(), SandboxUser.c_str());
	 c0out << msg << std::endl;
	 _config->Set("APT::Sandbox::User", "");
      }
      close(fd);
   }

   if (seteuid(0) != 0)
      return _error->Errno("seteuid", "seteuid %u failed", 0);

   return res;
}
									/*}}}*/
// CheckAuth - check if each download comes form a trusted source	/*{{{*/
bool CheckAuth(pkgAcquire& Fetcher, bool const PromptUser)
{
   std::string UntrustedList;
   for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I < Fetcher.ItemsEnd(); ++I)
      if (!(*I)->IsTrusted())
          UntrustedList += std::string((*I)->ShortDesc()) + " ";

   if (UntrustedList == "")
      return true;

   return AuthPrompt(UntrustedList, PromptUser);
}

bool AuthPrompt(std::string const &UntrustedList, bool const PromptUser)
{
   ShowList(c2out,_("WARNING: The following packages cannot be authenticated!"),UntrustedList,"");

   if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
   {
      c2out << _("Authentication warning overridden.\n");
      return true;
   }

   if (PromptUser == false)
      return _error->Error(_("Some packages could not be authenticated"));

   if (_config->FindI("quiet",0) < 2
       && _config->FindB("APT::Get::Assume-Yes",false) == false)
   {
      c2out << _("Install these packages without verification?") << std::flush;
      if (!YnPrompt(false))
         return _error->Error(_("Some packages could not be authenticated"));

      return true;
   }
   else if (_config->FindB("APT::Get::Force-Yes",false) == true)
      return true;

   return _error->Error(_("There are problems and -y was used without --force-yes"));
}
									/*}}}*/
bool AcquireRun(pkgAcquire &Fetcher, int const PulseInterval, bool * const Failure, bool * const TransientNetworkFailure)/*{{{*/
{
   pkgAcquire::RunResult res;
   if(PulseInterval > 0)
      res = Fetcher.Run(PulseInterval);
   else
      res = Fetcher.Run();

   if (res == pkgAcquire::Failed)
      return false;

   for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin();
	I != Fetcher.ItemsEnd(); ++I)
   {

      if ((*I)->Status == pkgAcquire::Item::StatDone &&
	    (*I)->Complete == true)
	 continue;

      if (TransientNetworkFailure != NULL && (*I)->Status == pkgAcquire::Item::StatIdle)
      {
	 *TransientNetworkFailure = true;
	 continue;
      }

      ::URI uri((*I)->DescURI());
      uri.User.clear();
      uri.Password.clear();
      std::string descUri = std::string(uri);
      _error->Error(_("Failed to fetch %s  %s\n"), descUri.c_str(),
	    (*I)->ErrorText.c_str());

      if (Failure != NULL)
	 *Failure = true;
   }

   return true;
}
									/*}}}*/
Commit	Line	Data
866893a6 DK	1	// Include Files /{{{/
	2	#include <config.h>
	3
	4	#include <apt-pkg/acquire.h>
	5	#include <apt-pkg/acquire-item.h>
	6	#include <apt-pkg/configuration.h>
	7	#include <apt-pkg/error.h>
460601d5	8	#include <apt-pkg/fileutl.h>
866893a6 DK	9	#include <apt-pkg/strutl.h>
866893a6 DK	10
453b82a3 DK	11	#include <apt-private/private-output.h>
453b82a3 DK	12	#include <apt-private/private-download.h>
866893a6 DK	13
	14	#include <fstream>
	15	#include <string>
	16	#include <vector>
	17
460601d5 DK	18	#include <unistd.h>
	19	#include <sys/types.h>
	20	#include <pwd.h>
	21	#include <fcntl.h>
	22
866893a6 DK	23	#include <apti18n.h>
	24	/}}}/
	25
460601d5 DK	26	bool CheckDropPrivsMustBeDisabled(pkgAcquire &Fetcher) /{{{/
	27	{
	28	// no need/possibility to drop privs
	29	if(getuid() != 0)
	30	return true;
	31
	32	// the user does not want to drop privs
	33	std::string SandboxUser = _config->Find("APT::Sandbox::User");
	34	if (SandboxUser.empty())
	35	return true;
	36
	37	struct passwd const * const pw = getpwnam(SandboxUser.c_str());
	38	if (pw == NULL)
	39	return true;
	40
	41	if (seteuid(pw->pw_uid) != 0)
	42	return _error->Errno("seteuid", "seteuid %u failed", pw->pw_uid);
	43
	44	bool res = true;
	45	// check if we can write to destfile
	46	for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin();
	47	I != Fetcher.ItemsEnd() && res == true; ++I)
	48	{
	49	int fd = open((*I)->DestFile.c_str(), O_CREAT \| O_RDWR, 0600);
	50	if (fd < 0)
	51	{
	52	res = false;
	53	std::string msg;
	54	strprintf(msg, _("Can't drop privileges for downloading as file '%s' couldn't be accessed by user '%s'."),
	55	(*I)->DestFile.c_str(), SandboxUser.c_str());
	56	c0out << msg << std::endl;
	57	_config->Set("APT::Sandbox::User", "");
	58	}
	59	close(fd);
	60	}
	61
	62	if (seteuid(0) != 0)
	63	return _error->Errno("seteuid", "seteuid %u failed", 0);
	64
	65	return res;
	66	}
	67	/}}}/
866893a6 DK	68	// CheckAuth - check if each download comes form a trusted source /{{{/
	69	bool CheckAuth(pkgAcquire& Fetcher, bool const PromptUser)
	70	{
	71	std::string UntrustedList;
	72	for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I < Fetcher.ItemsEnd(); ++I)
	73	if (!(*I)->IsTrusted())
	74	UntrustedList += std::string((*I)->ShortDesc()) + " ";
	75
	76	if (UntrustedList == "")
	77	return true;
	78
a3f1d60c MV	79	return AuthPrompt(UntrustedList, PromptUser);
	80	}
	81
460601d5	82	bool AuthPrompt(std::string const &UntrustedList, bool const PromptUser)
a3f1d60c	83	{
866893a6 DK	84	ShowList(c2out,_("WARNING: The following packages cannot be authenticated!"),UntrustedList,"");
	85
	86	if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
	87	{
	88	c2out << _("Authentication warning overridden.\n");
	89	return true;
	90	}
	91
	92	if (PromptUser == false)
	93	return _error->Error(_("Some packages could not be authenticated"));
	94
	95	if (_config->FindI("quiet",0) < 2
	96	&& _config->FindB("APT::Get::Assume-Yes",false) == false)
	97	{
	98	c2out << _("Install these packages without verification?") << std::flush;
	99	if (!YnPrompt(false))
	100	return _error->Error(_("Some packages could not be authenticated"));
	101
	102	return true;
	103	}
	104	else if (_config->FindB("APT::Get::Force-Yes",false) == true)
	105	return true;
	106
	107	return _error->Error(_("There are problems and -y was used without --force-yes"));
	108	}
	109	/}}}/
	110	bool AcquireRun(pkgAcquire &Fetcher, int const PulseInterval, bool * const Failure, bool * const TransientNetworkFailure)/{{{/
	111	{
	112	pkgAcquire::RunResult res;
	113	if(PulseInterval > 0)
	114	res = Fetcher.Run(PulseInterval);
	115	else
	116	res = Fetcher.Run();
	117
	118	if (res == pkgAcquire::Failed)
	119	return false;
	120
	121	for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin();
	122	I != Fetcher.ItemsEnd(); ++I)
	123	{
	124
	125	if ((*I)->Status == pkgAcquire::Item::StatDone &&
	126	(*I)->Complete == true)
	127	continue;
	128
	129	if (TransientNetworkFailure != NULL && (*I)->Status == pkgAcquire::Item::StatIdle)
	130	{
	131	*TransientNetworkFailure = true;
	132	continue;
	133	}
	134
	135	::URI uri((*I)->DescURI());
	136	uri.User.clear();
	137	uri.Password.clear();
	138	std::string descUri = std::string(uri);
	139	_error->Error(_("Failed to fetch %s %s\n"), descUri.c_str(),
	140	(*I)->ErrorText.c_str());
	141
	142	if (Failure != NULL)
	143	*Failure = true;
	144	}
	145
	146	return true;
	147	}
148	/}}}/