]> git.saurik.com Git - apt.git/commitdiff
projects / apt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1dcd7d2)
https: Quote path in URL before passing it to curl
authorJulian Andres Klode <jak@debian.org>
Thu, 29 Dec 2016 13:16:07 +0000 (14:16 +0100)
committerJulian Andres Klode <jak@debian.org>
Tue, 17 Jan 2017 00:59:15 +0000 (01:59 +0100)
Curl requires URLs to be urlencoded. We are however giving it
undecoded URLs. This causes it go completely nuts if there is
a space in the URI, producing requests like:

    GET /a file HTTP/1.1

which the servers then interpret as a GET request for "/a" with
HTTP version "file" or some other non-sense.

This works around the issue by encoding the path component of
the URL. I'm not sure if we should encode other parts of the URL
as well, this one seems to do the trick for the actual issue at
hand.

A more correct fix is to avoid the dequoting and (re-)quoting
of URLs when a redirect occurs / a new request is sent. That's
been on the radar for probably a year or two now, but nobody
bothered implementing that yet.

LP: #1651923

methods/https.cc patch | blob | blame | history
test/integration/test-ubuntu-bug-1651923-requote-https-uri [new file with mode: 0755] patch | blob

diff --git a/methods/https.cc b/methods/https.cc
index d60bc6fbc65c659eeb727aa604234ab44a900b75..d71ef0bf03c44d7a29f883205d363fcf62afee13 100644 (file)
--- a/methods/https.cc
+++ b/methods/https.cc
@@ -275,6 +275,10 @@ bool HttpsMethod::Fetch(FetchItem *Itm)
    if (Server == nullptr || Server->Comp(Itm->Uri) == false)
       Server = CreateServerState(Itm->Uri);
 
    if (Server == nullptr || Server->Comp(Itm->Uri) == false)
       Server = CreateServerState(Itm->Uri);
 
+   // The "+" is encoded as a workaround for a amazon S3 bug
+   // see LP bugs #1003633 and #1086997. (taken from http method)
+   Uri.Path = QuoteString(Uri.Path, "+~ ");
+
    FetchResult Res;
    RequestState Req(this, Server.get());
    CURLUserPointer userp(this, &Res, Itm, &Req);
    FetchResult Res;
    RequestState Req(this, Server.get());
    CURLUserPointer userp(this, &Res, Itm, &Req);
diff --git a/test/integration/test-ubuntu-bug-1651923-requote-https-uri b/test/integration/test-ubuntu-bug-1651923-requote-https-uri
new file mode 100755 (executable)
index 0000000..bedd972
--- /dev/null
+++ b/test/integration/test-ubuntu-bug-1651923-requote-https-uri
@@ -0,0 +1,19 @@
+#!/bin/sh
+set -e
+
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
+
+setupenvironment
+configarchitecture "i386"
+
+mkdir "aptarchive/target with space"
+echo 'alright' > "aptarchive/target with space/working"
+changetohttpswebserver
+webserverconfig 'aptwebserver::redirect::replace::/targetwithoutspace/' '/target%20with%20space/'
+webserverconfig 'aptwebserver::redirect::replace::/targetwithoutspace2/' '/target with space/'
+
+testsuccess apthelper download-file -o debug::acquire::http=1 "http://localhost:${APTHTTPPORT}/targetwithoutspace/working" httpfile1
+testsuccess apthelper download-file -o debug::acquire::http=1 "http://localhost:${APTHTTPPORT}/targetwithoutspace2/working" httpfile2
+testsuccess apthelper download-file -o debug::acquire::https=1 "https://localhost:${APTHTTPSPORT}/targetwithoutspace/working" httpsfile1
+testsuccess apthelper download-file -o debug::acquire::https=1 "https://localhost:${APTHTTPSPORT}/targetwithoutspace2/working" httpsfile2
APT (for Cydia)