#include <sstream>
#include <stdio.h>
#include <ctime>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
#include <apti18n.h>
/*}}}*/
std::cerr << "\t- " << hs->toStr() << std::endl;
}
/*}}}*/
-static void ChangeOwnerAndPermissionOfFile(char const * const requester, char const * const file, char const * const user, char const * const group, mode_t const mode)
-{
- // ensure the file is owned by root and has good permissions
- struct passwd const * const pw = getpwnam(user);
- struct group const * const gr = getgrnam(group);
- if (getuid() == 0) // if we aren't root, we can't chown, so don't try it
- {
- if (pw != NULL && gr != NULL && chown(file, pw->pw_uid, gr->gr_gid) != 0)
- _error->WarningE(requester, "chown to %s:%s of file %s failed", user, group, file);
- }
- if (chmod(file, mode) != 0)
- _error->WarningE(requester, "chmod 0%o of file %s failed", mode, file);
-}
-static std::string GetPartialFileName(std::string const &file)
+static std::string GetPartialFileName(std::string const &file) /*{{{*/
{
std::string DestFile = _config->FindDir("Dir::State::lists") + "partial/";
DestFile += file;
return DestFile;
}
-static std::string GetPartialFileNameFromURI(std::string const &uri)
+ /*}}}*/
+static std::string GetPartialFileNameFromURI(std::string const &uri) /*{{{*/
{
return GetPartialFileName(URItoFileName(uri));
}
+ /*}}}*/
+static std::string GetCompressedFileName(std::string const &URI, std::string const &Name, std::string const &Ext) /*{{{*/
+{
+ if (Ext.empty() || Ext == "uncompressed")
+ return Name;
+
+ // do not reverify cdrom sources as apt-cdrom may rewrite the Packages
+ // file when its doing the indexcopy
+ if (URI.substr(0,6) == "cdrom:")
+ return Name;
+
+ // adjust DestFile if its compressed on disk
+ if (_config->FindB("Acquire::GzipIndexes",false) == true)
+ return Name + '.' + Ext;
+ return Name;
+}
+ /*}}}*/
+static bool AllowInsecureRepositories(indexRecords const * const MetaIndexParser, pkgAcqMetaBase * const TransactionManager, pkgAcquire::Item * const I) /*{{{*/
+{
+ if(MetaIndexParser->IsAlwaysTrusted() || _config->FindB("Acquire::AllowInsecureRepositories") == true)
+ return true;
+
+ _error->Error(_("Use --allow-insecure-repositories to force the update"));
+ TransactionManager->AbortTransaction();
+ I->Status = pkgAcquire::Item::StatError;
+ return false;
+}
+ /*}}}*/
// Acquire::Item::Item - Constructor /*{{{*/
fetch this object */
void pkgAcquire::Item::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
{
- if(ErrorText == "")
+ if(ErrorText.empty())
ErrorText = LookupTag(Message,"Message");
UsedMirror = LookupTag(Message,"UsedMirror");
if (QueueCounter <= 1)
Status = StatIdle;
// check fail reason
- string FailReason = LookupTag(Message, "FailReason");
+ string const FailReason = LookupTag(Message, "FailReason");
if(FailReason == "MaximumSizeExceeded")
- Rename(DestFile, DestFile+".FAILED");
+ RenameOnError(MaximumSizeExceeded);
// report mirror failure back to LP if we actually use a mirror
if(FailReason.size() != 0)
void pkgAcquire::Item::Start(string /*Message*/,unsigned long long Size)
{
Status = StatFetching;
+ ErrorText.clear();
if (FileSize == 0 && Complete == false)
FileSize = Size;
}
step */
bool pkgAcquire::Item::Rename(string From,string To)
{
- if (rename(From.c_str(),To.c_str()) != 0)
- {
- char S[300];
- snprintf(S,sizeof(S),_("rename failed, %s (%s -> %s)."),strerror(errno),
- From.c_str(),To.c_str());
- Status = StatError;
- ErrorText += S;
- return false;
- }
- return true;
+ if (rename(From.c_str(),To.c_str()) == 0)
+ return true;
+
+ std::string S;
+ strprintf(S, _("rename failed, %s (%s -> %s)."), strerror(errno),
+ From.c_str(),To.c_str());
+ Status = StatError;
+ ErrorText += S;
+ return false;
}
/*}}}*/
-
-void pkgAcquire::Item::QueueURI(ItemDesc &Item)
+void pkgAcquire::Item::QueueURI(ItemDesc &Item) /*{{{*/
{
- if (RealFileExists(DestFile))
- {
- std::string SandboxUser = _config->Find("APT::Sandbox::User");
- ChangeOwnerAndPermissionOfFile("GetPartialFileName", DestFile.c_str(),
- SandboxUser.c_str(), "root", 0600);
- }
Owner->Enqueue(Item);
}
-void pkgAcquire::Item::Dequeue()
+ /*}}}*/
+void pkgAcquire::Item::Dequeue() /*{{{*/
{
Owner->Dequeue(this);
}
-
+ /*}}}*/
bool pkgAcquire::Item::RenameOnError(pkgAcquire::Item::RenameOnErrorState const error)/*{{{*/
{
- if(FileExists(DestFile))
+ if (RealFileExists(DestFile))
Rename(DestFile, DestFile + ".FAILED");
switch (error)
Status = StatError;
break;
case NotClearsigned:
- ErrorText = _("Does not start with a cleartext signature");
+ ErrorText = _("Does not start with a cleartext signature");
+ Status = StatError;
+ break;
+ case MaximumSizeExceeded:
+ // the method is expected to report a good error for this
Status = StatError;
break;
}
<< " FailCode: "
<< FailCode << std::endl;
#endif
- const char *Args[40];
- unsigned int i = 0;
string report = _config->Find("Methods::Mirror::ProblemReporting",
"/usr/lib/apt/apt-report-mirror-failure");
if(!FileExists(report))
return;
- Args[i++] = report.c_str();
- Args[i++] = UsedMirror.c_str();
- Args[i++] = DescURI().c_str();
- Args[i++] = FailCode.c_str();
- Args[i++] = NULL;
+
+ std::vector<char const*> Args;
+ Args.push_back(report.c_str());
+ Args.push_back(UsedMirror.c_str());
+ Args.push_back(DescURI().c_str());
+ Args.push_back(FailCode.c_str());
+ Args.push_back(NULL);
+
pid_t pid = ExecFork();
- if(pid < 0)
+ if(pid < 0)
{
_error->Error("ReportMirrorFailure Fork failed");
return;
}
- else if(pid == 0)
+ else if(pid == 0)
{
- execvp(Args[0], (char**)Args);
+ execvp(Args[0], (char**)Args.data());
std::cerr << "Could not exec " << Args[0] << std::endl;
_exit(100);
}
- if(!ExecWait(pid, "report-mirror-failure"))
+ if(!ExecWait(pid, "report-mirror-failure"))
{
_error->Warning("Couldn't report problem to '%s'",
_config->Find("Methods::Mirror::ProblemReporting").c_str());
/*}}}*/
void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig * Cnf)/*{{{*/
{
+ Item::Failed(Message,Cnf);
+ Status = StatDone;
+
if(Debug)
std::clog << "pkgAcqDiffIndex failed: " << Desc.URI << " with " << Message << std::endl
<< "Falling back to normal index file acquire" << std::endl;
new pkgAcqIndex(Owner, TransactionManager, Target, ExpectedHashes, MetaIndexParser);
-
- Item::Failed(Message,Cnf);
- Status = StatDone;
}
/*}}}*/
void pkgAcqDiffIndex::Done(string Message,unsigned long long Size,HashStringList const &Hashes, /*{{{*/
}
}
/*}}}*/
-void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig * /*Cnf*/)/*{{{*/
+void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig * Cnf)/*{{{*/
{
+ Item::Failed(Message,Cnf);
+ Status = StatDone;
+
if(Debug)
std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << " with " << Message << std::endl
<< "Falling back to normal index file acquire" << std::endl;
// pkgAcqIndex::Failed - getting the indexfile failed /*{{{*/
void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
{
+ Item::Failed(Message,Cnf);
+
size_t const nextExt = CompressionExtensions.find(' ');
if (nextExt != std::string::npos)
{
CompressionExtensions = CompressionExtensions.substr(nextExt+1);
Init(RealURI, Desc.Description, Desc.ShortDesc);
+ Status = StatIdle;
return;
}
unlink(EraseFileName.c_str());
}
- Item::Failed(Message,Cnf);
-
/// cancel the entire transaction
TransactionManager->AbortTransaction();
}
{
std::string FinalFile = _config->FindDir("Dir::State::lists");
FinalFile += URItoFileName(RealURI);
- if (_config->FindB("Acquire::GzipIndexes",false) == true)
- FinalFile += '.' + CurrentCompressionExtension;
- return FinalFile;
+ return GetCompressedFileName(RealURI, FinalFile, CurrentCompressionExtension);
}
/*}}}*/
// AcqIndex::ReverifyAfterIMS - Reverify index after an ims-hit /*{{{*/
{
// update destfile to *not* include the compression extension when doing
// a reverify (as its uncompressed on disk already)
- DestFile = GetPartialFileNameFromURI(RealURI);
-
- // adjust DestFile if its compressed on disk
- if (_config->FindB("Acquire::GzipIndexes",false) == true)
- DestFile += '.' + CurrentCompressionExtension;
+ DestFile = GetCompressedFileName(RealURI, GetPartialFileNameFromURI(RealURI), CurrentCompressionExtension);
// copy FinalFile into partial/ so that we check the hash again
string FinalFile = GetFinalFilename();
// on if-modfied-since hit to avoid a stale attack against us
if(StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
{
- // do not reverify cdrom sources as apt-cdrom may rewrite the Packages
- // file when its doing the indexcopy
- if (RealURI.substr(0,6) == "cdrom:")
- return;
-
// The files timestamp matches, reverify by copy into partial/
EraseFileName = "";
ReverifyAfterIMS();
indexRecords *MetaIndexParser)
: pkgAcqIndex(Owner, TransactionManager, Target, ExpectedHashes, MetaIndexParser)
{
- // load the filesize
- indexRecords::checkSum *Record = MetaIndexParser->Lookup(string(Target->MetaKey));
- if(Record)
- FileSize = Record->Size;
}
/*}}}*/
// AcqIndexTrans::Custom600Headers - Insert custom request headers /*{{{*/
// AcqIndexTrans::Failed - Silence failure messages for missing files /*{{{*/
void pkgAcqIndexTrans::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
{
+ Item::Failed(Message,Cnf);
+
size_t const nextExt = CompressionExtensions.find(' ');
if (nextExt != std::string::npos)
{
return;
}
- Item::Failed(Message,Cnf);
-
// FIXME: this is used often (e.g. in pkgAcqIndexTrans) so refactor
if (Cnf->LocalOnly == true ||
StringToBool(LookupTag(Message,"Transient-Failure"),false) == false)
std::clog << " Cancel: " << (*I)->DestFile << std::endl;
// the transaction will abort, so stop anything that is idle
if ((*I)->Status == pkgAcquire::Item::StatIdle)
- (*I)->Status = pkgAcquire::Item::StatDone;
-
- // kill failed files in partial
- if ((*I)->Status == pkgAcquire::Item::StatError)
{
- std::string const PartialFile = GetPartialFileName(flNotDir((*I)->DestFile));
- if(FileExists(PartialFile))
- Rename(PartialFile, PartialFile + ".FAILED");
+ (*I)->Status = pkgAcquire::Item::StatDone;
+ (*I)->Dequeue();
}
}
+ Transaction.clear();
}
/*}}}*/
// AcqMetaBase::TransactionHasError - Check for errors in Transaction /*{{{*/
<< (*I)->DescURI() << std::endl;
Rename((*I)->PartialFile, (*I)->DestFile);
- ChangeOwnerAndPermissionOfFile("CommitTransaction", (*I)->DestFile.c_str(), "root", "root", 0644);
-
} else {
if(_config->FindB("Debug::Acquire::Transaction", false) == true)
std::clog << "rm "
// mark that this transaction is finished
(*I)->TransactionManager = 0;
}
+ Transaction.clear();
}
/*}}}*/
// AcqMetaBase::TransactionStageCopy - Stage a file for copying /*{{{*/
/*}}}*/
void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
{
- string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+ Item::Failed(Message,Cnf);
// check if we need to fail at this point
if (AuthPass == true && CheckStopAuthentication(RealURI, Message))
return;
// FIXME: meh, this is not really elegant
- string InReleaseURI = RealURI.replace(RealURI.rfind("Release.gpg"), 12,
+ string const Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+ string const InReleaseURI = RealURI.replace(RealURI.rfind("Release.gpg"), 12,
"InRelease");
- string FinalInRelease = _config->FindDir("Dir::State::lists") + URItoFileName(InReleaseURI);
+ string const FinalInRelease = _config->FindDir("Dir::State::lists") + URItoFileName(InReleaseURI);
if (RealFileExists(Final) || RealFileExists(FinalInRelease))
{
_error->Warning(_("This is normally not allowed, but the option "
"Acquire::AllowDowngradeToInsecureRepositories was "
"given to override it."));
-
+ Status = StatDone;
} else {
_error->Error("%s", downgrade_msg.c_str());
Rename(MetaIndexFile, MetaIndexFile+".FAILED");
TransactionManager->TransactionStageRemoval(this, DestFile);
// only allow going further if the users explicitely wants it
- if(MetaIndexParser->IsAlwaysTrusted() || _config->FindB("Acquire::AllowInsecureRepositories") == true)
+ if(AllowInsecureRepositories(MetaIndexParser, TransactionManager, this) == true)
{
// we parse the indexes here because at this point the user wanted
// a repository that may potentially harm him
MetaIndexParser->Load(MetaIndexFile);
QueueIndexes(true);
- }
- else
- {
- _error->Error("Use --allow-insecure-repositories to force the update");
}
- Item::Failed(Message,Cnf);
-
// FIXME: this is used often (e.g. in pkgAcqIndexTrans) so refactor
if (Cnf->LocalOnly == true ||
StringToBool(LookupTag(Message,"Transient-Failure"),false) == false)
// No Release file was present so fall
// back to queueing Packages files without verification
// only allow going further if the users explicitely wants it
- if(MetaIndexParser->IsAlwaysTrusted() || _config->FindB("Acquire::AllowInsecureRepositories") == true)
+ if(AllowInsecureRepositories(MetaIndexParser, TransactionManager, this) == true)
{
// Done, queue for rename on transaction finished
if (FileExists(DestFile))
// queue without any kind of hashsum support
QueueIndexes(false);
- } else {
- // warn if the repository is unsinged
- _error->Error("Use --allow-insecure-repositories to force the update");
- TransactionManager->AbortTransaction();
- Status = StatError;
- return;
}
}
/*}}}*/
/*}}}*/
// pkgAcqMetaClearSig::Done - We got a file /*{{{*/
// ---------------------------------------------------------------------
-void pkgAcqMetaClearSig::Done(std::string Message,unsigned long long /*Size*/,
- HashStringList const &/*Hashes*/,
+void pkgAcqMetaClearSig::Done(std::string Message,unsigned long long Size,
+ HashStringList const &Hashes,
pkgAcquire::MethodConfig *Cnf)
{
+ Item::Done(Message, Size, Hashes, Cnf);
+
// if we expect a ClearTextSignature (InRelase), ensure that
// this is what we get and if not fail to queue a
// Release/Release.gpg, see #346386
// No Release file was present, or verification failed, so fall
// back to queueing Packages files without verification
// only allow going further if the users explicitely wants it
- if(MetaIndexParser->IsAlwaysTrusted() || _config->FindB("Acquire::AllowInsecureRepositories") == true)
+ if(AllowInsecureRepositories(MetaIndexParser, TransactionManager, this) == true)
{
Status = StatDone;
TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
}
QueueIndexes(false);
- } else {
- // warn if the repository is unsigned
- _error->Error("Use --allow-insecure-repositories to force the update");
- TransactionManager->AbortTransaction();
- Status = StatError;
}
}
}
if ((unsigned long long)Buf.st_size > Version->Size)
unlink(DestFile.c_str());
else
- {
PartialSize = Buf.st_size;
- std::string SandboxUser = _config->Find("APT::Sandbox::User");
- ChangeOwnerAndPermissionOfFile("pkgAcqArchive::QueueNext",DestFile.c_str(), SandboxUser.c_str(), "root", 0600);
- }
}
// Disables download of archives - useful if no real installation follows,
string FinalFile = _config->FindDir("Dir::Cache::Archives");
FinalFile += flNotDir(StoreFilename);
Rename(DestFile,FinalFile);
- ChangeOwnerAndPermissionOfFile("pkgAcqArchive::Done", FinalFile.c_str(), "root", "root", 0644);
StoreFilename = DestFile = FinalFile;
Complete = true;
}
/* Here we try other sources */
void pkgAcqArchive::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
{
- ErrorText = LookupTag(Message,"Message");
-
+ Item::Failed(Message,Cnf);
+
/* We don't really want to retry on failed media swaps, this prevents
that. An interesting observation is that permanent failures are not
recorded. */
// Vf = Version.FileList();
while (Vf.end() == false) ++Vf;
StoreFilename = string();
- Item::Failed(Message,Cnf);
return;
}
-
+
+ Status = StatIdle;
if (QueueNext() == false)
{
// This is the retry counter
if (QueueNext() == true)
return;
}
-
+
StoreFilename = string();
- Item::Failed(Message,Cnf);
+ Status = StatError;
}
}
/*}}}*/
if ((Size > 0) && (unsigned long long)Buf.st_size > Size)
unlink(DestFile.c_str());
else
- {
PartialSize = Buf.st_size;
- std::string SandboxUser = _config->Find("APT::Sandbox::User");
- ChangeOwnerAndPermissionOfFile("pkgAcqFile", DestFile.c_str(), SandboxUser.c_str(), "root", 0600);
- }
}
QueueURI(Desc);
// Symlink the file
if (symlink(FileName.c_str(),DestFile.c_str()) != 0)
{
- ErrorText = "Link to " + DestFile + " failure ";
+ _error->PushToStack();
+ _error->Errno("pkgAcqFile::Done", "Symlinking file %s failed", DestFile.c_str());
+ std::stringstream msg;
+ _error->DumpErrors(msg);
+ _error->RevertToStack();
+ ErrorText = msg.str();
Status = StatError;
Complete = false;
}
/* Here we try other sources */
void pkgAcqFile::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
{
- ErrorText = LookupTag(Message,"Message");
-
+ Item::Failed(Message,Cnf);
+
// This is the retry counter
if (Retries != 0 &&
Cnf->LocalOnly == false &&
StringToBool(LookupTag(Message,"Transient-Failure"),false) == true)
{
- Retries--;
+ --Retries;
QueueURI(Desc);
+ Status = StatIdle;
return;
}
-
- Item::Failed(Message,Cnf);
+
}
/*}}}*/
// AcqIndex::Custom600Headers - Insert custom request headers /*{{{*/