bryson/pacman
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

only use effective url for urls containing .db or .pkg

Browse source 
Github and other sites redirect their downloads to a cdn. So the
download http://foo.org/myrepo.db may redirect to something like
https://cdn.foo.org/83749327439.

This then causes pacman to try and download the sig as
https://cdn.foo.org/83749327439.sig which is incorrect. In this case
pacman should append .sig to the original url.

However urls like https://archlinux.org/packages/community/x86_64/0ad/download/
Redirect to the mirror, so .sig has to appended after the redirects and
not before.

So we decide if we should append .sig on the original or effective url
based on if the effective url (minus the query part) has .db or .pkg in it.

Fixes FS#71148

---

v2: move variable decleration to start of block
v3: use dbext instead of db
This commit is contained in:
morganamilo 2021-06-14 11:40:24 +01:00 committed by Allan McRae
parent c0026caab0
commit 2ec6de96a6
1 changed files with 24 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
lib/libalpm/dload.c
View file

@ -613,12 +613,33 @@ static int curl_check_finished_download(CURLM *curlm, CURLMsg *msg,
/* Let's check if client requested downloading accompanion *.sig file */ /* Let's check if client requested downloading accompanion *.sig file */
if(!payload->signature && payload->download_signature && curlerr == CURLE_OK && payload->respcode < 400) { if(!payload->signature && payload->download_signature && curlerr == CURLE_OK && payload->respcode < 400) {
struct dload_payload *sig = NULL; struct dload_payload *sig = NULL;
char *url = payload->fileurl;
char *_effective_filename;
const char *effective_filename;
char *query;
const char *dbext = alpm_option_get_dbext(handle);
const char* realname = payload->destfile_name ? payload->destfile_name : payload->tempfile_name; const char* realname = payload->destfile_name ? payload->destfile_name : payload->tempfile_name;
int len = strlen(effective_url) + 5; int len;
STRDUP(_effective_filename, effective_url, GOTO_ERR(handle, ALPM_ERR_MEMORY, cleanup));
effective_filename = get_filename(_effective_filename);
query = strrchr(effective_filename, '?');
if(query) {
query[0] = '\0';
}
/* Only use the effective url for sig downloads if the effective_url contains .dbext or .pkg */
if(strstr(effective_filename, dbext) || strstr(effective_filename, ".pkg")) {
url = effective_url;
}
free(_effective_filename);
len = strlen(url) + 5;
CALLOC(sig, 1, sizeof(*sig), GOTO_ERR(handle, ALPM_ERR_MEMORY, cleanup)); CALLOC(sig, 1, sizeof(*sig), GOTO_ERR(handle, ALPM_ERR_MEMORY, cleanup));
MALLOC(sig->fileurl, len, FREE(sig); GOTO_ERR(handle, ALPM_ERR_MEMORY, cleanup)); MALLOC(sig->fileurl, len, FREE(sig); GOTO_ERR(handle, ALPM_ERR_MEMORY, cleanup));
snprintf(sig->fileurl, len, "%s.sig", effective_url); snprintf(sig->fileurl, len, "%s.sig", url);
if(payload->trust_remote_name) { if(payload->trust_remote_name) {
/* In this case server might provide a new name for the main payload. /* In this case server might provide a new name for the main payload.