[apt-proxy-devel] r643 - in branches/etch: . apt_proxy debian doc/po
Chris Halls
halls at alioth.debian.org
Wed Jan 24 13:54:07 CET 2007
Author: halls
Date: Wed Jan 24 13:54:07 2007
New Revision: 643
Added:
branches/etch/
- copied from r642, tags/1.9.35/
Modified:
branches/etch/apt_proxy/fetchers.py
branches/etch/debian/changelog
branches/etch/doc/po/apt-proxy.pot
branches/etch/doc/po/fr.po
Log:
Import NMU:
apt-proxy (1.9.35-0.1) unstable; urgency=high
* Non-maintainer upload.
* Use "self.filelist" instead of "filelist" in ftpListResult() (in
fetchers.py), as the latter is a non-existant variable, giving 500
errors when SIZE failed in an FTP session for some reason.
(Closes: #402481)
* Make the FTP fetcher unescape file names before fetching, which makes
~ in file names work again with FTP; patch from Ben Hutchings.
(Closes: #393483, #386344)
-- Steinar H. Gunderson <sesse at debian.org> Wed, 27 Dec 2006 12:20:45 +0100
Modified: branches/etch/apt_proxy/fetchers.py
==============================================================================
--- tags/1.9.35/apt_proxy/fetchers.py (original)
+++ branches/etch/apt_proxy/fetchers.py Wed Jan 24 13:54:07 2007
@@ -21,7 +21,7 @@
network backends
"""
-import re, os, string, time, glob, signal, stat, base64
+import re, os, string, time, glob, signal, stat, base64, urllib
from twisted.web import static, http
from twisted.internet import protocol, reactor, defer, error, abstract
from twisted.python import failure
@@ -244,6 +244,23 @@
self.connection_closed(self.fetcher)
self.deferred.callback((True, ""))
+def uri_path_to_path(path, check_part):
+ # Split into parts and unescape them.
+ parts = [urllib.unquote(part) for part in path.split('/')]
+ for part in parts:
+ if not check_part(part):
+ return None
+ # Join up the parts.
+ return os.sep.join(parts)
+
+def is_valid_local_path_part(part):
+ # Deny use of parent directory or characters that are invalid in a
+ # path part.
+ return not (part == os.pardir
+ or '\0' in part
+ or os.sep in part
+ or (os.altsep and os.altsep in part))
+
class FileFetcher:
"""
A Fetcher that simply copies files from disk
@@ -268,7 +285,11 @@
self.cache_mtime = mtime
self.request_uri = uri
- self.local_file = self.backendServer.uri[len("file://"):] + '/' + uri
+ path = uri_path_to_path(uri, is_valid_local_path_part)
+ if path is None:
+ self.parent.file_not_found()
+ return
+ self.local_file = self.backendServer.uri[len("file://"):] + '/' + path
if not os.path.exists(self.local_file):
self.parent.file_not_found()
return
@@ -508,6 +529,13 @@
self.connection.transport.loseConnection()
self.isConnected = False
+# RFC 959 says pathnames must be ASCII and not include CR or LF.
+ftp_path_part_re = re.compile(r'[^\r\n\x80-\xFF]+$')
+def is_valid_ftp_path_part(part):
+ # Also deny use of parent directory, assuming Unix path conventions
+ # on the server.
+ return part != '..' and ftp_path_part_re.match(part)
+
class FtpFetcher(protocol.Protocol):
"""
This is the secuence here:
@@ -575,8 +603,12 @@
self.parent = fetcher
self.cache_mtime = mtime
self.request_uri = uri
+ path = uri_path_to_path(uri, is_valid_ftp_path_part)
+ if path is None:
+ self.parent.file_not_found()
+ return
self.remote_file = (self.parent.backendServer.path + '/'
- + uri)
+ + path)
self.ftpFetchMtime()
def ftpFetchMtime(self):
@@ -645,11 +677,11 @@
def ftpListResult(self, msg):
__pychecker__ = 'unusednames=msg'
- if len(filelist.files)== 0:
+ if len(self.filelist.files)== 0:
log.debug("Not found on backend server",'ftp_client')
self.parent.file_not_found()
return
- file = filelist.files[0]
+ file = self.filelist.files[0]
self.parent.server_size(file['size'])
fetcher.ftpFetchFile()
@@ -1101,4 +1133,4 @@
def stop(self):
for q in self.queues.values():
- q.stop()
\ No newline at end of file
+ q.stop()
Modified: branches/etch/debian/changelog
==============================================================================
--- tags/1.9.35/debian/changelog (original)
+++ branches/etch/debian/changelog Wed Jan 24 13:54:07 2007
@@ -1,3 +1,16 @@
+apt-proxy (1.9.35-0.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Use "self.filelist" instead of "filelist" in ftpListResult() (in
+ fetchers.py), as the latter is a non-existant variable, giving 500
+ errors when SIZE failed in an FTP session for some reason.
+ (Closes: #402481)
+ * Make the FTP fetcher unescape file names before fetching, which makes
+ ~ in file names work again with FTP; patch from Ben Hutchings.
+ (Closes: #393483, #386344)
+
+ -- Steinar H. Gunderson <sesse at debian.org> Wed, 27 Dec 2006 12:20:45 +0100
+
apt-proxy (1.9.35) unstable; urgency=low
* http_proxy option:
Modified: branches/etch/doc/po/apt-proxy.pot
==============================================================================
--- tags/1.9.35/doc/po/apt-proxy.pot (original)
+++ branches/etch/doc/po/apt-proxy.pot Wed Jan 24 13:54:07 2007
@@ -6,7 +6,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
-"POT-Creation-Date: 2006-08-14 12:59+0100\n"
+"POT-Creation-Date: 2006-12-27 12:26+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL at ADDRESS>\n"
"Language-Team: LANGUAGE <LL at li.org>\n"
@@ -699,7 +699,7 @@
# type: TH
#: doc/apt-proxy-import.8:2
#, no-wrap
-msgid "August 2006"
+msgid "December 2006"
msgstr ""
# type: TH
@@ -708,12 +708,6 @@
msgid "Debian GNU/Linux"
msgstr ""
-# type: TH
-#: doc/apt-proxy-import.8:2 doc/apt-proxy-v1tov2.8:1
-#, no-wrap
-msgid " "
-msgstr ""
-
# type: Plain text
#: doc/apt-proxy-import.8:5
msgid "apt-proxy-import - Import packages into the apt-proxy cache."
Modified: branches/etch/doc/po/fr.po
==============================================================================
--- tags/1.9.35/doc/po/fr.po (original)
+++ branches/etch/doc/po/fr.po Wed Jan 24 13:54:07 2007
@@ -8,7 +8,7 @@
msgstr ""
"Project-Id-Version: apt-proxy 1.3.6.1\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2006-08-14 12:59+0100\n"
+"POT-Creation-Date: 2006-12-27 12:26+0100\n"
"PO-Revision-Date: 2005-10-18 19:14+0200\n"
"Last-Translator: Sylvain Archenault <sylvain.archenault at laposte.net>\n"
"Language-Team: French <French <debian-l10n-french at lists.debian.org>>\n"
@@ -799,9 +799,9 @@
# type: TH
#: doc/apt-proxy-import.8:2
-#, no-wrap
-msgid "August 2006"
-msgstr ""
+#, fuzzy, no-wrap
+msgid "December 2006"
+msgstr "novembre 2002"
# type: TH
#: doc/apt-proxy-import.8:2 doc/apt-proxy-v1tov2.8:1
@@ -809,12 +809,6 @@
msgid "Debian GNU/Linux"
msgstr "Debian GNU/Linux"
-# type: TH
-#: doc/apt-proxy-import.8:2 doc/apt-proxy-v1tov2.8:1
-#, fuzzy, no-wrap
-msgid " "
-msgstr " "
-
# type: Plain text
#: doc/apt-proxy-import.8:5
msgid "apt-proxy-import - Import packages into the apt-proxy cache."
@@ -1086,6 +1080,11 @@
msgstr "Manuel Estrada Sainz E<lt>ranty at debian.orgE<gt>"
# type: TH
+#, fuzzy
+#~ msgid " "
+#~ msgstr " "
+
+# type: TH
#~ msgid "October 2005"
#~ msgstr "Octobre 2005"
More information about the apt-proxy-devel
mailing list