fix off-by-one error in HttpMethod::​AutoDetectProxy()

[apt.git] / methods / http.cc

diff --git a/methods/http.cc b/methods/http.cc
index c62ca71d38e51a0569d244ec39b983e6b6cc4965..ec5b1ff52ff2bd01fd699af754be2194d243bae8 100644 (file)
--- a/methods/http.cc
+++ b/methods/http.cc
@@ -61,7 +61,7 @@ using namespace std;
 string HttpMethod::FailFile;
 int HttpMethod::FailFd = -1;
 time_t HttpMethod::FailTime = 0;
-unsigned long PipelineDepth = 10;
+unsigned long PipelineDepth = 0;
 unsigned long TimeOut = 120;
 bool AllowRedirect = false;
 bool Debug = false;
@@ -602,7 +602,7 @@ bool ServerState::HeaderLine(string Line)
         return true;
 
       Size = strtoull(Val.c_str(), NULL, 10);
-      if (Size == ULLONG_MAX)
+      if (Size >= std::numeric_limits<unsigned long long>::max())
         return _error->Errno("HeaderLine", _("The HTTP server sent an invalid Content-Length header"));
       return true;
    }
@@ -667,7 +667,12 @@ void HttpMethod::SendReq(FetchItem *Itm,CircleBuf &Out)
 
    // The HTTP server expects a hostname with a trailing :port
    char Buf[1000];
-   string ProperHost = Uri.Host;
+   string ProperHost;
+
+   if (Uri.Host.find(':') != string::npos)
+      ProperHost = '[' + Uri.Host + ']';
+   else
+      ProperHost = Uri.Host;
    if (Uri.Port != 0)
    {
       sprintf(Buf,":%u",Uri.Port);
@@ -685,8 +690,12 @@ void HttpMethod::SendReq(FetchItem *Itm,CircleBuf &Out)
       pass it on, HTTP/1.1 says the connection should default to keep alive
       and we expect the proxy to do this */
    if (Proxy.empty() == true || Proxy.Host.empty())
+   {
+      // see LP bugs #1003633 and #1086997. The "+" is encoded as a workaround
+      // for a amazon S3 bug
       sprintf(Buf,"GET %s HTTP/1.1\r\nHost: %s\r\nConnection: keep-alive\r\n",
-             QuoteString(Uri.Path,"~").c_str(),ProperHost.c_str());
+             QuoteString(Uri.Path,"+~ ").c_str(),ProperHost.c_str());
+   }
    else
    {
       /* Generate a cache control header if necessary. We place a max
@@ -758,7 +767,7 @@ void HttpMethod::SendReq(FetchItem *Itm,CircleBuf &Out)
           Base64Encode(Uri.User + ":" + Uri.Password) + "\r\n";
    }
    Req += "User-Agent: " + _config->Find("Acquire::http::User-Agent",
-               "Debian APT-HTTP/1.3 ("PACKAGE_VERSION")") + "\r\n\r\n";
+               "Debian APT-HTTP/1.3 (" PACKAGE_VERSION ")") + "\r\n\r\n";
    
    if (Debug == true)
       cerr << Req << endl;
@@ -971,12 +980,7 @@ HttpMethod::DealWithHeaders(FetchResult &Res,ServerState *Srv)
       {
         URI Uri = Queue->Uri;
         if (Uri.Host.empty() == false)
-        {
-           if (Uri.Port != 0)
-              strprintf(NextURI, "http://%s:%u", Uri.Host.c_str(), Uri.Port);
-           else
-              NextURI = "http://" + Uri.Host;
-        }
+            NextURI = URI::SiteOnly(Uri);
         else
            NextURI.clear();
         NextURI.append(DeQuoteString(Srv->Location));
@@ -985,7 +989,10 @@ HttpMethod::DealWithHeaders(FetchResult &Res,ServerState *Srv)
       else
       {
          NextURI = DeQuoteString(Srv->Location);
-         return TRY_AGAIN_OR_REDIRECT;
+         URI tmpURI = NextURI;
+         // Do not allow a redirection to switch protocol
+         if (tmpURI.Access == "http")
+            return TRY_AGAIN_OR_REDIRECT;
       }
       /* else pass through for error message */
    }
@@ -1394,7 +1401,7 @@ bool HttpMethod::AutoDetectProxy()
    char buf[512];
    int InFd = Pipes[0];
    close(Pipes[1]);
-   int res = read(InFd, buf, sizeof(buf));
+   int res = read(InFd, buf, sizeof(buf)-1);
    ExecWait(Process, "ProxyAutoDetect", true);
 
    if (res < 0)