]>
Commit | Line | Data |
---|---|---|
b9e9a44b | 1 | //-*- mode: cpp; mode: fold -*- |
d546f98d MV |
2 | // Description /*{{{*/ |
3 | // $Id: http.cc,v 1.59 2004/05/08 19:42:35 mdz Exp $ | |
4 | /* ###################################################################### | |
5 | ||
1e3f4083 | 6 | HTTPS Acquire Method - This is the HTTPS acquire method for APT. |
d546f98d MV |
7 | |
8 | It uses libcurl | |
9 | ||
10 | ##################################################################### */ | |
11 | /*}}}*/ | |
12 | // Include Files /*{{{*/ | |
ea542140 DK |
13 | #include <config.h> |
14 | ||
d546f98d | 15 | #include <apt-pkg/fileutl.h> |
d546f98d MV |
16 | #include <apt-pkg/error.h> |
17 | #include <apt-pkg/hashes.h> | |
592b7800 | 18 | #include <apt-pkg/netrc.h> |
472ff00e | 19 | #include <apt-pkg/configuration.h> |
453b82a3 DK |
20 | #include <apt-pkg/macros.h> |
21 | #include <apt-pkg/strutl.h> | |
c6ee61ea | 22 | #include <apt-pkg/proxy.h> |
d546f98d MV |
23 | |
24 | #include <sys/stat.h> | |
25 | #include <sys/time.h> | |
d546f98d | 26 | #include <unistd.h> |
d546f98d | 27 | #include <stdio.h> |
453b82a3 DK |
28 | #include <ctype.h> |
29 | #include <stdlib.h> | |
d546f98d | 30 | |
30060442 DK |
31 | #include <array> |
32 | #include <iostream> | |
33 | #include <sstream> | |
34 | ||
35 | ||
d546f98d | 36 | #include "https.h" |
453b82a3 | 37 | |
ea542140 | 38 | #include <apti18n.h> |
d546f98d MV |
39 | /*}}}*/ |
40 | using namespace std; | |
41 | ||
27925d82 DK |
42 | struct APT_HIDDEN CURLUserPointer { |
43 | HttpsMethod * const https; | |
44 | HttpsMethod::FetchResult * const Res; | |
dcbb364f DK |
45 | HttpsMethod::FetchItem const * const Itm; |
46 | CURLUserPointer(HttpsMethod * const https, HttpsMethod::FetchResult * const Res, | |
47 | HttpsMethod::FetchItem const * const Itm) : https(https), Res(Res), Itm(Itm) {} | |
27925d82 DK |
48 | }; |
49 | ||
fd46d305 DK |
50 | size_t |
51 | HttpsMethod::parse_header(void *buffer, size_t size, size_t nmemb, void *userp) | |
52 | { | |
53 | size_t len = size * nmemb; | |
258b9e51 | 54 | CURLUserPointer *me = static_cast<CURLUserPointer *>(userp); |
fd46d305 DK |
55 | std::string line((char*) buffer, len); |
56 | for (--len; len > 0; --len) | |
74dedb4a | 57 | if (isspace_ascii(line[len]) == 0) |
fd46d305 DK |
58 | { |
59 | ++len; | |
60 | break; | |
61 | } | |
62 | line.erase(len); | |
63 | ||
64 | if (line.empty() == true) | |
65 | { | |
4bba5a88 | 66 | me->https->Server->JunkSize = 0; |
27925d82 | 67 | if (me->https->Server->Result != 416 && me->https->Server->StartPos != 0) |
fd46d305 | 68 | ; |
dcbb364f | 69 | else if (me->https->Server->Result == 416) |
fd46d305 | 70 | { |
dcbb364f DK |
71 | bool partialHit = false; |
72 | if (me->Itm->ExpectedHashes.usable() == true) | |
73 | { | |
74 | Hashes resultHashes(me->Itm->ExpectedHashes); | |
75 | FileFd file(me->Itm->DestFile, FileFd::ReadOnly); | |
4fc6b757 | 76 | me->https->Server->TotalFileSize = file.FileSize(); |
dcbb364f DK |
77 | me->https->Server->Date = file.ModificationTime(); |
78 | resultHashes.AddFD(file); | |
79 | HashStringList const hashList = resultHashes.GetHashStringList(); | |
80 | partialHit = (me->Itm->ExpectedHashes == hashList); | |
81 | } | |
4fc6b757 | 82 | else if (me->https->Server->Result == 416 && me->https->Server->TotalFileSize == me->https->File->FileSize()) |
dcbb364f DK |
83 | partialHit = true; |
84 | ||
85 | if (partialHit == true) | |
86 | { | |
87 | me->https->Server->Result = 200; | |
4fc6b757 | 88 | me->https->Server->StartPos = me->https->Server->TotalFileSize; |
dcbb364f DK |
89 | // the actual size is not important for https as curl will deal with it |
90 | // by itself and e.g. doesn't bother us with transport-encoding… | |
91 | me->https->Server->JunkSize = std::numeric_limits<unsigned long long>::max(); | |
92 | } | |
93 | else | |
94 | me->https->Server->StartPos = 0; | |
fd46d305 DK |
95 | } |
96 | else | |
27925d82 DK |
97 | me->https->Server->StartPos = 0; |
98 | ||
27925d82 | 99 | me->Res->LastModified = me->https->Server->Date; |
4fc6b757 | 100 | me->Res->Size = me->https->Server->TotalFileSize; |
27925d82 | 101 | me->Res->ResumePoint = me->https->Server->StartPos; |
fd46d305 | 102 | |
27925d82 | 103 | // we expect valid data, so tell our caller we get the file now |
34faa8f7 DK |
104 | if (me->https->Server->Result >= 200 && me->https->Server->Result < 300) |
105 | { | |
4bba5a88 | 106 | if (me->Res->Size != 0 && me->Res->Size > me->Res->ResumePoint) |
34faa8f7 DK |
107 | me->https->URIStart(*me->Res); |
108 | if (me->https->Server->AddPartialFileToHashes(*(me->https->File)) == false) | |
109 | return 0; | |
110 | } | |
4bba5a88 DK |
111 | else |
112 | me->https->Server->JunkSize = std::numeric_limits<decltype(me->https->Server->JunkSize)>::max(); | |
fd46d305 | 113 | } |
27925d82 | 114 | else if (me->https->Server->HeaderLine(line) == false) |
fd46d305 DK |
115 | return 0; |
116 | ||
117 | return size*nmemb; | |
118 | } | |
119 | ||
d546f98d MV |
120 | size_t |
121 | HttpsMethod::write_data(void *buffer, size_t size, size_t nmemb, void *userp) | |
122 | { | |
258b9e51 | 123 | HttpsMethod *me = static_cast<HttpsMethod *>(userp); |
ed793a19 DK |
124 | size_t buffer_size = size * nmemb; |
125 | // we don't need to count the junk here, just drop anything we get as | |
126 | // we don't always know how long it would be, e.g. in chunked encoding. | |
127 | if (me->Server->JunkSize != 0) | |
128 | return buffer_size; | |
d546f98d | 129 | |
ed793a19 | 130 | if(me->File->Write(buffer, buffer_size) != true) |
d61960d9 | 131 | return 0; |
d546f98d | 132 | |
d61960d9 | 133 | if(me->Queue->MaximumSize > 0) |
ee279506 | 134 | { |
d61960d9 DK |
135 | unsigned long long const TotalWritten = me->File->Tell(); |
136 | if (TotalWritten > me->Queue->MaximumSize) | |
137 | { | |
138 | me->SetFailReason("MaximumSizeExceeded"); | |
139 | _error->Error("Writing more data than expected (%llu > %llu)", | |
140 | TotalWritten, me->Queue->MaximumSize); | |
141 | return 0; | |
142 | } | |
ee279506 | 143 | } |
d546f98d | 144 | |
34faa8f7 DK |
145 | if (me->Server->GetHashes()->Add((unsigned char const * const)buffer, buffer_size) == false) |
146 | return 0; | |
147 | ||
ed793a19 | 148 | return buffer_size; |
d546f98d MV |
149 | } |
150 | ||
fd46d305 | 151 | // HttpsServerState::HttpsServerState - Constructor /*{{{*/ |
34faa8f7 | 152 | HttpsServerState::HttpsServerState(URI Srv,HttpsMethod * Owner) : ServerState(Srv, Owner), Hash(NULL) |
fd46d305 | 153 | { |
30060442 | 154 | TimeOut = Owner->ConfigFindI("Timeout", TimeOut); |
fd46d305 DK |
155 | Reset(); |
156 | } | |
157 | /*}}}*/ | |
34faa8f7 DK |
158 | bool HttpsServerState::InitHashes(HashStringList const &ExpectedHashes) /*{{{*/ |
159 | { | |
160 | delete Hash; | |
161 | Hash = new Hashes(ExpectedHashes); | |
162 | return true; | |
163 | } | |
164 | /*}}}*/ | |
165 | APT_PURE Hashes * HttpsServerState::GetHashes() /*{{{*/ | |
166 | { | |
167 | return Hash; | |
168 | } | |
169 | /*}}}*/ | |
fd46d305 | 170 | |
ece81b75 | 171 | bool HttpsMethod::SetupProxy() /*{{{*/ |
d546f98d MV |
172 | { |
173 | URI ServerName = Queue->Uri; | |
174 | ||
c6ee61ea MV |
175 | // Determine the proxy setting |
176 | AutoDetectProxy(ServerName); | |
177 | ||
5b63d2a9 MV |
178 | // Curl should never read proxy settings from the environment, as |
179 | // we determine which proxy to use. Do this for consistency among | |
180 | // methods and prevent an environment variable overriding a | |
181 | // no-proxy ("DIRECT") setting in apt.conf. | |
182 | curl_easy_setopt(curl, CURLOPT_PROXY, ""); | |
183 | ||
4407a02f | 184 | // Determine the proxy setting - try https first, fallback to http and use env at last |
30060442 | 185 | string UseProxy = ConfigFind("Proxy::" + ServerName.Host, ""); |
4407a02f | 186 | if (UseProxy.empty() == true) |
30060442 DK |
187 | UseProxy = ConfigFind("Proxy", ""); |
188 | // User wants to use NO proxy, so nothing to setup | |
4407a02f | 189 | if (UseProxy == "DIRECT") |
ece81b75 | 190 | return true; |
4407a02f | 191 | |
30060442 | 192 | // Parse no_proxy, a comma (,) separated list of domains we don't want to use |
8707edd9 PC |
193 | // a proxy for so we stop right here if it is in the list |
194 | if (getenv("no_proxy") != 0 && CheckDomainList(ServerName.Host,getenv("no_proxy")) == true) | |
ece81b75 | 195 | return true; |
8707edd9 PC |
196 | |
197 | if (UseProxy.empty() == true) | |
d546f98d | 198 | { |
30060442 DK |
199 | const char* result = nullptr; |
200 | if (std::find(methodNames.begin(), methodNames.end(), "https") != methodNames.end()) | |
201 | result = getenv("https_proxy"); | |
5b63d2a9 MV |
202 | // FIXME: Fall back to http_proxy is to remain compatible with |
203 | // existing setups and behaviour of apt.conf. This should be | |
204 | // deprecated in the future (including apt.conf). Most other | |
205 | // programs do not fall back to http proxy settings and neither | |
206 | // should Apt. | |
30060442 DK |
207 | if (result == nullptr && std::find(methodNames.begin(), methodNames.end(), "http") != methodNames.end()) |
208 | result = getenv("http_proxy"); | |
209 | UseProxy = result == nullptr ? "" : result; | |
d546f98d | 210 | } |
4407a02f | 211 | |
d546f98d | 212 | // Determine what host and port to use based on the proxy settings |
d415fc79 | 213 | if (UseProxy.empty() == false) |
d546f98d | 214 | { |
4407a02f | 215 | Proxy = UseProxy; |
0568d325 DK |
216 | AddProxyAuth(Proxy, ServerName); |
217 | ||
d415fc79 DK |
218 | if (Proxy.Access == "socks5h") |
219 | curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5_HOSTNAME); | |
220 | else if (Proxy.Access == "socks5") | |
221 | curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); | |
222 | else if (Proxy.Access == "socks4a") | |
223 | curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4A); | |
224 | else if (Proxy.Access == "socks") | |
225 | curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4); | |
ece81b75 | 226 | else if (Proxy.Access == "http" || Proxy.Access == "https") |
d415fc79 | 227 | curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); |
ece81b75 DK |
228 | else |
229 | return false; | |
d415fc79 | 230 | |
4407a02f | 231 | if (Proxy.Port != 1) |
d546f98d MV |
232 | curl_easy_setopt(curl, CURLOPT_PROXYPORT, Proxy.Port); |
233 | curl_easy_setopt(curl, CURLOPT_PROXY, Proxy.Host.c_str()); | |
5b63d2a9 MV |
234 | if (Proxy.User.empty() == false || Proxy.Password.empty() == false) |
235 | { | |
236 | curl_easy_setopt(curl, CURLOPT_PROXYUSERNAME, Proxy.User.c_str()); | |
237 | curl_easy_setopt(curl, CURLOPT_PROXYPASSWORD, Proxy.Password.c_str()); | |
238 | } | |
d546f98d | 239 | } |
ece81b75 | 240 | return true; |
b9e9a44b | 241 | } /*}}}*/ |
d546f98d MV |
242 | // HttpsMethod::Fetch - Fetch an item /*{{{*/ |
243 | // --------------------------------------------------------------------- | |
244 | /* This adds an item to the pipeline. We keep the pipeline at a fixed | |
245 | depth. */ | |
246 | bool HttpsMethod::Fetch(FetchItem *Itm) | |
247 | { | |
d546f98d | 248 | struct stat SBuf; |
d61960d9 | 249 | struct curl_slist *headers=NULL; |
714ee06c | 250 | char curl_errorstr[CURL_ERROR_SIZE]; |
c769cd6f | 251 | URI Uri = Itm->Uri; |
30060442 DK |
252 | setPostfixForMethodNames(Uri.Host.c_str()); |
253 | AllowRedirect = ConfigFindB("AllowRedirect", true); | |
254 | Debug = DebugEnabled(); | |
d546f98d MV |
255 | |
256 | // TODO: | |
d546f98d MV |
257 | // - http::Pipeline-Depth |
258 | // - error checking/reporting | |
259 | // - more debug options? (CURLOPT_DEBUGFUNCTION?) | |
30060442 DK |
260 | { |
261 | auto const plus = Binary.find('+'); | |
262 | if (plus != std::string::npos) | |
263 | Uri.Access = Binary.substr(plus + 1); | |
264 | } | |
d546f98d | 265 | |
5820530d | 266 | curl_easy_reset(curl); |
ece81b75 DK |
267 | if (SetupProxy() == false) |
268 | return _error->Error("Unsupported proxy configured: %s", URI::SiteOnly(Proxy).c_str()); | |
d546f98d | 269 | |
1de1f703 | 270 | maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc")); |
592b7800 | 271 | |
27925d82 | 272 | FetchResult Res; |
dcbb364f | 273 | CURLUserPointer userp(this, &Res, Itm); |
d546f98d | 274 | // callbacks |
01fc8930 | 275 | curl_easy_setopt(curl, CURLOPT_URL, static_cast<string>(Uri).c_str()); |
fd46d305 | 276 | curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, parse_header); |
27925d82 | 277 | curl_easy_setopt(curl, CURLOPT_WRITEHEADER, &userp); |
d546f98d MV |
278 | curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_data); |
279 | curl_easy_setopt(curl, CURLOPT_WRITEDATA, this); | |
dc95fee1 | 280 | // options |
27925d82 | 281 | curl_easy_setopt(curl, CURLOPT_NOPROGRESS, true); |
5820530d | 282 | curl_easy_setopt(curl, CURLOPT_FILETIME, true); |
4bba5a88 | 283 | curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 0); |
46e39c8e | 284 | |
30060442 DK |
285 | if (std::find(methodNames.begin(), methodNames.end(), "https") != methodNames.end()) |
286 | { | |
287 | curl_easy_setopt(curl, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS); | |
288 | curl_easy_setopt(curl, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS); | |
289 | ||
290 | // File containing the list of trusted CA. | |
291 | std::string const cainfo = ConfigFind("CaInfo", ""); | |
292 | if(cainfo.empty() == false) | |
293 | curl_easy_setopt(curl, CURLOPT_CAINFO, cainfo.c_str()); | |
294 | // Check server certificate against previous CA list ... | |
295 | curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, ConfigFindB("Verify-Peer", true) ? 1 : 0); | |
296 | // ... and hostname against cert CN or subjectAltName | |
297 | curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, ConfigFindB("Verify-Host", true) ? 2 : 0); | |
298 | // Also enforce issuer of server certificate using its cert | |
299 | std::string const issuercert = ConfigFind("IssuerCert", ""); | |
300 | if(issuercert.empty() == false) | |
301 | curl_easy_setopt(curl, CURLOPT_ISSUERCERT, issuercert.c_str()); | |
302 | // For client authentication, certificate file ... | |
303 | std::string const pem = ConfigFind("SslCert", ""); | |
304 | if(pem.empty() == false) | |
305 | curl_easy_setopt(curl, CURLOPT_SSLCERT, pem.c_str()); | |
306 | // ... and associated key. | |
307 | std::string const key = ConfigFind("SslKey", ""); | |
308 | if(key.empty() == false) | |
309 | curl_easy_setopt(curl, CURLOPT_SSLKEY, key.c_str()); | |
310 | // Allow forcing SSL version to SSLv3 or TLSv1 | |
311 | long final_version = CURL_SSLVERSION_DEFAULT; | |
312 | std::string const sslversion = ConfigFind("SslForceVersion", ""); | |
313 | if(sslversion == "TLSv1") | |
314 | final_version = CURL_SSLVERSION_TLSv1; | |
315 | else if(sslversion == "TLSv1.0") | |
316 | final_version = CURL_SSLVERSION_TLSv1_0; | |
317 | else if(sslversion == "TLSv1.1") | |
318 | final_version = CURL_SSLVERSION_TLSv1_1; | |
319 | else if(sslversion == "TLSv1.2") | |
320 | final_version = CURL_SSLVERSION_TLSv1_2; | |
321 | else if(sslversion == "SSLv3") | |
322 | final_version = CURL_SSLVERSION_SSLv3; | |
323 | curl_easy_setopt(curl, CURLOPT_SSLVERSION, final_version); | |
324 | // CRL file | |
325 | std::string const crlfile = ConfigFind("CrlFile", ""); | |
326 | if(crlfile.empty() == false) | |
327 | curl_easy_setopt(curl, CURLOPT_CRLFILE, crlfile.c_str()); | |
328 | } | |
329 | else | |
330 | { | |
331 | curl_easy_setopt(curl, CURLOPT_PROTOCOLS, CURLPROTO_HTTP); | |
332 | curl_easy_setopt(curl, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP); | |
333 | } | |
d546f98d | 334 | // cache-control |
30060442 | 335 | if(ConfigFindB("No-Cache", false) == false) |
d546f98d MV |
336 | { |
337 | // cache enabled | |
30060442 | 338 | if (ConfigFindB("No-Store", false) == true) |
d546f98d | 339 | headers = curl_slist_append(headers,"Cache-Control: no-store"); |
30060442 DK |
340 | std::string ss; |
341 | strprintf(ss, "Cache-Control: max-age=%u", ConfigFindI("Max-Age", 0)); | |
342 | headers = curl_slist_append(headers, ss.c_str()); | |
d546f98d MV |
343 | } else { |
344 | // cache disabled by user | |
345 | headers = curl_slist_append(headers, "Cache-Control: no-cache"); | |
346 | headers = curl_slist_append(headers, "Pragma: no-cache"); | |
347 | } | |
348 | curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); | |
d546f98d | 349 | // speed limit |
30060442 | 350 | int const dlLimit = ConfigFindI("Dl-Limit", 0) * 1024; |
d546f98d MV |
351 | if (dlLimit > 0) |
352 | curl_easy_setopt(curl, CURLOPT_MAX_RECV_SPEED_LARGE, dlLimit); | |
353 | ||
354 | // set header | |
30060442 | 355 | curl_easy_setopt(curl, CURLOPT_USERAGENT, ConfigFind("User-Agent", "Debian APT-CURL/1.0 (" PACKAGE_VERSION ")").c_str()); |
d546f98d | 356 | |
cc615257 | 357 | // set timeout |
30060442 | 358 | int const timeout = ConfigFindI("Timeout", 120); |
cc615257 | 359 | curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, timeout); |
43cf55db | 360 | //set really low lowspeed timeout (see #497983) |
5085e660 | 361 | curl_easy_setopt(curl, CURLOPT_LOW_SPEED_LIMIT, DL_MIN_SPEED); |
43cf55db | 362 | curl_easy_setopt(curl, CURLOPT_LOW_SPEED_TIME, timeout); |
cc615257 | 363 | |
d546f98d | 364 | // debug |
905fba60 | 365 | if (Debug == true) |
d546f98d MV |
366 | curl_easy_setopt(curl, CURLOPT_VERBOSE, true); |
367 | ||
714ee06c | 368 | // error handling |
cc418115 | 369 | curl_errorstr[0] = '\0'; |
714ee06c MV |
370 | curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, curl_errorstr); |
371 | ||
6f4501f9 | 372 | // If we ask for uncompressed files servers might respond with content- |
1e3f4083 | 373 | // negotiation which lets us end up with compressed files we do not support, |
6f4501f9 DK |
374 | // see 657029, 657560 and co, so if we have no extension on the request |
375 | // ask for text only. As a sidenote: If there is nothing to negotate servers | |
376 | // seem to be nice and ignore it. | |
30060442 | 377 | if (ConfigFindB("SendAccept", true)) |
6f4501f9 DK |
378 | { |
379 | size_t const filepos = Itm->Uri.find_last_of('/'); | |
380 | string const file = Itm->Uri.substr(filepos + 1); | |
381 | if (flExtension(file) == file) | |
382 | headers = curl_slist_append(headers, "Accept: text/*"); | |
383 | } | |
384 | ||
d6039f9e | 385 | // if we have the file send an if-range query with a range header |
4c499611 MV |
386 | if (stat(Itm->DestFile.c_str(),&SBuf) >= 0 && SBuf.st_size > 0) |
387 | { | |
062074cb DK |
388 | std::string Buf; |
389 | strprintf(Buf, "Range: bytes=%lli-", (long long) SBuf.st_size); | |
390 | headers = curl_slist_append(headers, Buf.c_str()); | |
0b45b6e5 | 391 | strprintf(Buf, "If-Range: %s", TimeRFC1123(SBuf.st_mtime, false).c_str()); |
062074cb | 392 | headers = curl_slist_append(headers, Buf.c_str()); |
8654fae9 | 393 | } |
d6039f9e MV |
394 | else if(Itm->LastModified > 0) |
395 | { | |
396 | curl_easy_setopt(curl, CURLOPT_TIMECONDITION, CURL_TIMECOND_IFMODSINCE); | |
397 | curl_easy_setopt(curl, CURLOPT_TIMEVALUE, Itm->LastModified); | |
4c499611 | 398 | } |
d546f98d MV |
399 | |
400 | // go for it - if the file exists, append on it | |
401 | File = new FileFd(Itm->DestFile, FileFd::WriteAny); | |
ebdb6f18 DK |
402 | if (Server == nullptr || Server->Comp(Itm->Uri) == false) |
403 | Server = CreateServerState(Itm->Uri); | |
404 | else | |
405 | Server->Reset(false); | |
34faa8f7 DK |
406 | if (Server->InitHashes(Itm->ExpectedHashes) == false) |
407 | return false; | |
85050e76 | 408 | |
d546f98d MV |
409 | // keep apt updated |
410 | Res.Filename = Itm->DestFile; | |
411 | ||
412 | // get it! | |
413 | CURLcode success = curl_easy_perform(curl); | |
d546f98d | 414 | |
1dea08eb MV |
415 | // If the server returns 200 OK but the If-Modified-Since condition is not |
416 | // met, CURLINFO_CONDITION_UNMET will be set to 1 | |
417 | long curl_condition_unmet = 0; | |
418 | curl_easy_getinfo(curl, CURLINFO_CONDITION_UNMET, &curl_condition_unmet); | |
4bba5a88 DK |
419 | if (curl_condition_unmet == 1) |
420 | Server->Result = 304; | |
1dea08eb | 421 | |
db1f1469 | 422 | File->Close(); |
85050e76 | 423 | curl_slist_free_all(headers); |
db1f1469 | 424 | |
d546f98d | 425 | // cleanup |
bce8e59b | 426 | if (success != CURLE_OK) |
4c499611 | 427 | { |
bce8e59b DK |
428 | #pragma GCC diagnostic push |
429 | #pragma GCC diagnostic ignored "-Wswitch" | |
430 | switch (success) | |
431 | { | |
432 | case CURLE_COULDNT_RESOLVE_PROXY: | |
433 | case CURLE_COULDNT_RESOLVE_HOST: | |
434 | SetFailReason("ResolveFailure"); | |
435 | break; | |
436 | case CURLE_COULDNT_CONNECT: | |
437 | SetFailReason("ConnectionRefused"); | |
438 | break; | |
439 | case CURLE_OPERATION_TIMEDOUT: | |
440 | SetFailReason("Timeout"); | |
441 | break; | |
442 | } | |
443 | #pragma GCC diagnostic pop | |
b50dfa6b DK |
444 | // only take curls technical errors if we haven't our own |
445 | // (e.g. for the maximum size limit we have and curls can be confusing) | |
446 | if (_error->PendingError() == false) | |
447 | _error->Error("%s", curl_errorstr); | |
448 | else | |
449 | _error->Warning("curl: %s", curl_errorstr); | |
450 | return false; | |
85050e76 DK |
451 | } |
452 | ||
4bba5a88 | 453 | switch (DealWithHeaders(Res)) |
85050e76 | 454 | { |
4bba5a88 DK |
455 | case ServerMethod::IMS_HIT: |
456 | URIDone(Res); | |
457 | break; | |
d546f98d | 458 | |
4bba5a88 DK |
459 | case ServerMethod::ERROR_WITH_CONTENT_PAGE: |
460 | // unlink, no need keep 401/404 page content in partial/ | |
461 | RemoveFile(Binary.c_str(), File->Name()); | |
462 | case ServerMethod::ERROR_UNRECOVERABLE: | |
463 | case ServerMethod::ERROR_NOT_FROM_SERVER: | |
464 | return false; | |
85050e76 | 465 | |
4bba5a88 DK |
466 | case ServerMethod::TRY_AGAIN_OR_REDIRECT: |
467 | Redirect(NextURI); | |
468 | break; | |
5820530d | 469 | |
4bba5a88 DK |
470 | case ServerMethod::FILE_IS_OPEN: |
471 | struct stat resultStat; | |
472 | if (unlikely(stat(File->Name().c_str(), &resultStat) != 0)) | |
473 | { | |
474 | _error->Errno("stat", "Unable to access file %s", File->Name().c_str()); | |
475 | return false; | |
476 | } | |
477 | Res.Size = resultStat.st_size; | |
27925d82 | 478 | |
4bba5a88 DK |
479 | // Timestamp |
480 | curl_easy_getinfo(curl, CURLINFO_FILETIME, &Res.LastModified); | |
481 | if (Res.LastModified != -1) | |
482 | { | |
483 | struct timeval times[2]; | |
484 | times[0].tv_sec = Res.LastModified; | |
485 | times[1].tv_sec = Res.LastModified; | |
486 | times[0].tv_usec = times[1].tv_usec = 0; | |
487 | utimes(File->Name().c_str(), times); | |
488 | } | |
489 | else | |
490 | Res.LastModified = resultStat.st_mtime; | |
d546f98d | 491 | |
4bba5a88 DK |
492 | // take hashes |
493 | Res.TakeHashes(*(Server->GetHashes())); | |
85050e76 | 494 | |
4bba5a88 DK |
495 | // keep apt updated |
496 | URIDone(Res); | |
497 | break; | |
498 | } | |
d546f98d | 499 | |
d546f98d | 500 | delete File; |
d546f98d | 501 | return true; |
d3e8fbb3 | 502 | } |
905fba60 | 503 | /*}}}*/ |
30060442 | 504 | std::unique_ptr<ServerState> HttpsMethod::CreateServerState(URI const &uri)/*{{{*/ |
905fba60 | 505 | { |
30060442 | 506 | return std::unique_ptr<ServerState>(new HttpsServerState(uri, this)); |
905fba60 DK |
507 | } |
508 | /*}}}*/ | |
30060442 | 509 | HttpsMethod::HttpsMethod(std::string &&pProg) : ServerMethod(std::move(pProg),"1.2",Pipeline | SendConfig)/*{{{*/ |
905fba60 | 510 | { |
30060442 DK |
511 | auto addName = std::inserter(methodNames, methodNames.begin()); |
512 | addName = "http"; | |
513 | auto const plus = Binary.find('+'); | |
514 | if (plus != std::string::npos) | |
515 | { | |
516 | addName = Binary.substr(plus + 1); | |
517 | auto base = Binary.substr(0, plus); | |
518 | if (base != "https") | |
519 | addName = base; | |
520 | } | |
521 | if (std::find(methodNames.begin(), methodNames.end(), "https") != methodNames.end()) | |
522 | curl_global_init(CURL_GLOBAL_SSL); | |
523 | else | |
524 | curl_global_init(CURL_GLOBAL_NOTHING); | |
525 | curl = curl_easy_init(); | |
905fba60 DK |
526 | } |
527 | /*}}}*/ | |
30060442 | 528 | HttpsMethod::~HttpsMethod() /*{{{*/ |
d546f98d | 529 | { |
30060442 | 530 | curl_easy_cleanup(curl); |
d546f98d | 531 | } |
30060442 DK |
532 | /*}}}*/ |
533 | int main(int, const char *argv[]) /*{{{*/ | |
534 | { | |
535 | std::string Binary = flNotDir(argv[0]); | |
536 | if (Binary.find('+') == std::string::npos && Binary != "https") | |
537 | Binary.append("+https"); | |
538 | return HttpsMethod(std::move(Binary)).Run(); | |
539 | } | |
540 | /*}}}*/ |