]> git.saurik.com Git - apt.git/commitdiff
projects / apt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d0ef571)
fail on unsupported http/https proxy settings
authorDavid Kalnischkies <david@kalnischkies.de>
Wed, 3 Aug 2016 19:17:26 +0000 (21:17 +0200)
committerDavid Kalnischkies <david@kalnischkies.de>
Wed, 10 Aug 2016 21:19:44 +0000 (23:19 +0200)
Closes: #623443
methods/http.cc patch | blob | blame | history
methods/https.cc patch | blob | blame | history
methods/https.h patch | blob | blame | history
test/integration/test-bug-623443-fail-on-bad-proxies [new file with mode: 0755] patch | blob

diff --git a/methods/http.cc b/methods/http.cc
index 9fcc80103a425114fcdb5c0a12b5ca16b1df42f4..c61ca1c3fc0f0f614c501766b514a1f4926eedbd 100644 (file)
--- a/methods/http.cc
+++ b/methods/http.cc
@@ -347,6 +347,8 @@ bool HttpServerState::Open()
         Port = ServerName.Port;
       Host = ServerName.Host;
    }
         Port = ServerName.Port;
       Host = ServerName.Host;
    }
+   else if (Proxy.Access != "http")
+      return _error->Error("Unsupported proxy configured: %s", URI::SiteOnly(Proxy).c_str());
    else
    {
       if (Proxy.Port != 0)
    else
    {
       if (Proxy.Port != 0)
diff --git a/methods/https.cc b/methods/https.cc
index 50121ec4dd9739324230a376a7e76d91144cae85..7c0c3241df95c8bc1f3b7dfabe346b182fa32af3 100644 (file)
--- a/methods/https.cc
+++ b/methods/https.cc
@@ -162,7 +162,7 @@ APT_PURE Hashes * HttpsServerState::GetHashes()                             /*{{{*/
 }
                                                                        /*}}}*/
 
 }
                                                                        /*}}}*/
 
-void HttpsMethod::SetupProxy()                                         /*{{{*/
+bool HttpsMethod::SetupProxy()                                         /*{{{*/
 {
    URI ServerName = Queue->Uri;
 
 {
    URI ServerName = Queue->Uri;
 
@@ -184,12 +184,12 @@ void HttpsMethod::SetupProxy()                                            /*{{{*/
 
    // User want to use NO proxy, so nothing to setup
    if (UseProxy == "DIRECT")
 
    // User want to use NO proxy, so nothing to setup
    if (UseProxy == "DIRECT")
-      return;
+      return true;
 
    // Parse no_proxy, a comma (,) separated list of domains we don't want to use    
    // a proxy for so we stop right here if it is in the list
    if (getenv("no_proxy") != 0 && CheckDomainList(ServerName.Host,getenv("no_proxy")) == true)
 
    // Parse no_proxy, a comma (,) separated list of domains we don't want to use    
    // a proxy for so we stop right here if it is in the list
    if (getenv("no_proxy") != 0 && CheckDomainList(ServerName.Host,getenv("no_proxy")) == true)
-      return;
+      return true;
 
    if (UseProxy.empty() == true)
    {
 
    if (UseProxy.empty() == true)
    {
@@ -216,8 +216,10 @@ void HttpsMethod::SetupProxy()                                             /*{{{*/
         curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4A);
       else if (Proxy.Access == "socks")
         curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4);
         curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4A);
       else if (Proxy.Access == "socks")
         curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4);
-      else
+      else if (Proxy.Access == "http" || Proxy.Access == "https")
         curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
         curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
+      else
+        return false;
 
       if (Proxy.Port != 1)
         curl_easy_setopt(curl, CURLOPT_PROXYPORT, Proxy.Port);
 
       if (Proxy.Port != 1)
         curl_easy_setopt(curl, CURLOPT_PROXYPORT, Proxy.Port);
@@ -228,6 +230,7 @@ void HttpsMethod::SetupProxy()                                              /*{{{*/
          curl_easy_setopt(curl, CURLOPT_PROXYPASSWORD, Proxy.Password.c_str());
       }
    }
          curl_easy_setopt(curl, CURLOPT_PROXYPASSWORD, Proxy.Password.c_str());
       }
    }
+   return true;
 }                                                                      /*}}}*/
 // HttpsMethod::Fetch - Fetch an item                                  /*{{{*/
 // ---------------------------------------------------------------------
 }                                                                      /*}}}*/
 // HttpsMethod::Fetch - Fetch an item                                  /*{{{*/
 // ---------------------------------------------------------------------
@@ -247,7 +250,8 @@ bool HttpsMethod::Fetch(FetchItem *Itm)
    //       - more debug options? (CURLOPT_DEBUGFUNCTION?)
 
    curl_easy_reset(curl);
    //       - more debug options? (CURLOPT_DEBUGFUNCTION?)
 
    curl_easy_reset(curl);
-   SetupProxy();
+   if (SetupProxy() == false)
+      return _error->Error("Unsupported proxy configured: %s", URI::SiteOnly(Proxy).c_str());
 
    maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc"));
 
 
    maybe_add_auth (Uri, _config->FindFile("Dir::Etc::netrc"));
 
diff --git a/methods/https.h b/methods/https.h
index 2fa714c7b6a86b143a9b069e91bef0d345dcc68b..8592570c63133f7d58f82f76692bd9287c823ef8 100644 (file)
--- a/methods/https.h
+++ b/methods/https.h
@@ -64,7 +64,7 @@ class HttpsMethod : public ServerMethod
    static size_t write_data(void *buffer, size_t size, size_t nmemb, void *userp);
    static int progress_callback(void *clientp, double dltotal, double dlnow,
                                 double ultotal, double ulnow);
    static size_t write_data(void *buffer, size_t size, size_t nmemb, void *userp);
    static int progress_callback(void *clientp, double dltotal, double dlnow,
                                 double ultotal, double ulnow);
-   void SetupProxy();
+   bool SetupProxy();
    CURL *curl;
 
    // Used by ServerMethods unused by https
    CURL *curl;
 
    // Used by ServerMethods unused by https
diff --git a/test/integration/test-bug-623443-fail-on-bad-proxies b/test/integration/test-bug-623443-fail-on-bad-proxies
new file mode 100755 (executable)
index 0000000..04542e0
--- /dev/null
+++ b/test/integration/test-bug-623443-fail-on-bad-proxies
@@ -0,0 +1,33 @@
+#!/bin/sh
+set -e
+
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
+setupenvironment
+configarchitecture 'amd64'
+
+buildsimplenativepackage 'unrelated' 'all' '0.5~squeeze1' 'unstable'
+
+setupaptarchive --no-update
+changetowebserver
+
+testsuccess apt update
+rm -rf rootdir/var/lib/apt/lists
+
+export http_proxy=enrico:password@proxy-cache.localnet:3128
+testfailure apt update
+unset http_proxy
+testsuccess grep 'Unsupported proxy configured' rootdir/tmp/testfailure.output
+
+changetohttpswebserver
+
+testsuccess apt update
+rm -rf rootdir/var/lib/apt/lists
+
+export http_proxy=enrico:password@proxy-cache.localnet:3128
+testfailure apt update
+unset http_proxy
+testsuccess grep 'Unsupported proxy configured' rootdir/tmp/testfailure.output
+
+
+
APT (for Cydia)