Your message dated Mon, 04 Jun 2007 10:32:02 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#404679: fixed in apt-proxy 1.9.36
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: apt-proxy
Version: 1.9.35
Severity: normal
Tags: patch
Hi,
Attached is the diff for my apt-proxy 1.9.35-0.1 NMU.
diff -Nru /tmp/NrgCfDj69G/apt-proxy-1.9.35/apt_proxy/fetchers.py /tmp/pPXWdysC6N/apt-proxy-1.9.35/apt_proxy/fetchers.py
--- /tmp/NrgCfDj69G/apt-proxy-1.9.35/apt_proxy/fetchers.py 2006-08-14 14:44:57.000000000 +0200
+++ /tmp/pPXWdysC6N/apt-proxy-1.9.35/apt_proxy/fetchers.py 2006-12-27 12:33:47.000000000 +0100
@@ -21,7 +21,7 @@
network backends
"""
-import re, os, string, time, glob, signal, stat, base64
+import re, os, string, time, glob, signal, stat, base64, urllib
from twisted.web import static, http
from twisted.internet import protocol, reactor, defer, error, abstract
from twisted.python import failure
@@ -244,6 +244,23 @@
self.connection_closed(self.fetcher)
self.deferred.callback((True, ""))
+def uri_path_to_path(path, check_part):
+ # Split into parts and unescape them.
+ parts = [urllib.unquote(part) for part in path.split('/')]
+ for part in parts:
+ if not check_part(part):
+ return None
+ # Join up the parts.
+ return os.sep.join(parts)
+
+def is_valid_local_path_part(part):
+ # Deny use of parent directory or characters that are invalid in a
+ # path part.
+ return not (part == os.pardir
+ or '\0' in part
+ or os.sep in part
+ or (os.altsep and os.altsep in part))
+
class FileFetcher:
"""
A Fetcher that simply copies files from disk
@@ -268,7 +285,11 @@
self.cache_mtime = mtime
self.request_uri = uri
- self.local_file = self.backendServer.uri[len("file://"):] + '/' + uri
+ path = uri_path_to_path(uri, is_valid_local_path_part)
+ if path is None:
+ self.parent.file_not_found()
+ return
+ self.local_file = self.backendServer.uri[len("file://"):] + '/' + path
if not os.path.exists(self.local_file):
self.parent.file_not_found()
return
@@ -508,6 +529,13 @@
self.connection.transport.loseConnection()
self.isConnected = False
+# RFC 959 says pathnames must be ASCII and not include CR or LF.
+ftp_path_part_re = re.compile(r'[^\r\n\x80-\xFF]+$')
+def is_valid_ftp_path_part(part):
+ # Also deny use of parent directory, assuming Unix path conventions
+ # on the server.
+ return part != '..' and ftp_path_part_re.match(part)
+
class FtpFetcher(protocol.Protocol):
"""
This is the secuence here:
@@ -575,8 +603,12 @@
self.parent = fetcher
self.cache_mtime = mtime
self.request_uri = uri
+ path = uri_path_to_path(uri, is_valid_ftp_path_part)
+ if path is None:
+ self.parent.file_not_found()
+ return
self.remote_file = (self.parent.backendServer.path + '/'
- + uri)
+ + path)
self.ftpFetchMtime()
def ftpFetchMtime(self):
@@ -645,11 +677,11 @@
def ftpListResult(self, msg):
__pychecker__ = 'unusednames=msg'
- if len(filelist.files)== 0:
+ if len(self.filelist.files)== 0:
log.debug("Not found on backend server",'ftp_client')
self.parent.file_not_found()
return
- file = filelist.files[0]
+ file = self.filelist.files[0]
self.parent.server_size(file['size'])
fetcher.ftpFetchFile()
@@ -1101,4 +1133,4 @@
def stop(self):
for q in self.queues.values():
- q.stop()
\ No newline at end of file
+ q.stop()
diff -Nru /tmp/NrgCfDj69G/apt-proxy-1.9.35/debian/changelog /tmp/pPXWdysC6N/apt-proxy-1.9.35/debian/changelog
--- /tmp/NrgCfDj69G/apt-proxy-1.9.35/debian/changelog 2006-08-15 00:01:41.000000000 +0200
+++ /tmp/pPXWdysC6N/apt-proxy-1.9.35/debian/changelog 2006-12-27 12:33:23.000000000 +0100
@@ -1,3 +1,16 @@
+apt-proxy (1.9.35-0.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Use "self.filelist" instead of "filelist" in ftpListResult() (in
+ fetchers.py), as the latter is a non-existant variable, giving 500
+ errors when SIZE failed in an FTP session for some reason.
+ (Closes: #402481)
+ * Make the FTP fetcher unescape file names before fetching, which makes
+ ~ in file names work again with FTP; patch from Ben Hutchings.
+ (Closes: #393483, #386344)
+
+ -- Steinar H. Gunderson <[EMAIL PROTECTED]> Wed, 27 Dec 2006 12:20:45 +0100
+
apt-proxy (1.9.35) unstable; urgency=low
* http_proxy option:
diff -Nru /tmp/NrgCfDj69G/apt-proxy-1.9.35/doc/po/apt-proxy.pot /tmp/pPXWdysC6N/apt-proxy-1.9.35/doc/po/apt-proxy.pot
--- /tmp/NrgCfDj69G/apt-proxy-1.9.35/doc/po/apt-proxy.pot 2006-08-14 14:48:00.000000000 +0200
+++ /tmp/pPXWdysC6N/apt-proxy-1.9.35/doc/po/apt-proxy.pot 2006-12-27 12:26:20.000000000 +0100
@@ -6,7 +6,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
-"POT-Creation-Date: 2006-08-14 12:59+0100\n"
+"POT-Creation-Date: 2006-12-27 12:26+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <[EMAIL PROTECTED]>\n"
"Language-Team: LANGUAGE <[EMAIL PROTECTED]>\n"
@@ -699,7 +699,7 @@
# type: TH
#: doc/apt-proxy-import.8:2
#, no-wrap
-msgid "August 2006"
+msgid "December 2006"
msgstr ""
# type: TH
@@ -708,12 +708,6 @@
msgid "Debian GNU/Linux"
msgstr ""
-# type: TH
-#: doc/apt-proxy-import.8:2 doc/apt-proxy-v1tov2.8:1
-#, no-wrap
-msgid " "
-msgstr ""
-
# type: Plain text
#: doc/apt-proxy-import.8:5
msgid "apt-proxy-import - Import packages into the apt-proxy cache."
diff -Nru /tmp/NrgCfDj69G/apt-proxy-1.9.35/doc/po/fr.po /tmp/pPXWdysC6N/apt-proxy-1.9.35/doc/po/fr.po
--- /tmp/NrgCfDj69G/apt-proxy-1.9.35/doc/po/fr.po 2006-08-14 14:48:00.000000000 +0200
+++ /tmp/pPXWdysC6N/apt-proxy-1.9.35/doc/po/fr.po 2006-12-27 12:26:20.000000000 +0100
@@ -8,7 +8,7 @@
msgstr ""
"Project-Id-Version: apt-proxy 1.3.6.1\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2006-08-14 12:59+0100\n"
+"POT-Creation-Date: 2006-12-27 12:26+0100\n"
"PO-Revision-Date: 2005-10-18 19:14+0200\n"
"Last-Translator: Sylvain Archenault <[EMAIL PROTECTED]>\n"
"Language-Team: French <French <[EMAIL PROTECTED]>>\n"
@@ -799,9 +799,9 @@
# type: TH
#: doc/apt-proxy-import.8:2
-#, no-wrap
-msgid "August 2006"
-msgstr ""
+#, fuzzy, no-wrap
+msgid "December 2006"
+msgstr "novembre 2002"
# type: TH
#: doc/apt-proxy-import.8:2 doc/apt-proxy-v1tov2.8:1
@@ -809,12 +809,6 @@
msgid "Debian GNU/Linux"
msgstr "Debian GNU/Linux"
-# type: TH
-#: doc/apt-proxy-import.8:2 doc/apt-proxy-v1tov2.8:1
-#, fuzzy, no-wrap
-msgid " "
-msgstr " "
-
# type: Plain text
#: doc/apt-proxy-import.8:5
msgid "apt-proxy-import - Import packages into the apt-proxy cache."
@@ -1086,6 +1080,11 @@
msgstr "Manuel Estrada Sainz E<lt>[EMAIL PROTECTED]<gt>"
# type: TH
+#, fuzzy
+#~ msgid " "
+#~ msgstr " "
+
+# type: TH
#~ msgid "October 2005"
#~ msgstr "Octobre 2005"
--- End Message ---
--- Begin Message ---
Source: apt-proxy
Source-Version: 1.9.36
We believe that the bug you reported is fixed in the latest version of
apt-proxy, which is due to be installed in the Debian FTP archive:
apt-proxy_1.9.36.dsc
to pool/main/a/apt-proxy/apt-proxy_1.9.36.dsc
apt-proxy_1.9.36.tar.gz
to pool/main/a/apt-proxy/apt-proxy_1.9.36.tar.gz
apt-proxy_1.9.36_all.deb
to pool/main/a/apt-proxy/apt-proxy_1.9.36_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Chris Halls <[EMAIL PROTECTED]> (supplier of updated apt-proxy package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 04 Jun 2007 11:06:08 +0100
Source: apt-proxy
Binary: apt-proxy
Architecture: source all
Version: 1.9.36
Distribution: unstable
Urgency: low
Maintainer: Chris Halls <[EMAIL PROTECTED]>
Changed-By: Chris Halls <[EMAIL PROTECTED]>
Description:
apt-proxy - Debian archive proxy and partial mirror builder
Closes: 182855 266000 274679 303357 319005 322242 330492 348985 366262 382078
386546 387243 393483 397399 397403 398217 404679
Changes:
apt-proxy (1.9.36) unstable; urgency=low
.
[ Chris Halls ]
* Merge NMUs by Steinar H. Gunderson, Thomas Huriaux and Steve Langasek.
Thanks guys! (Closes: #404679)
* Close a longstanding bug where clients would hang when receiving
files from the cache. The problem was caused by reusing the same
file handle for several requests at once.
(Closes: #274679, #382078, #322242, #397399, #397403, #398217)
* Change the meaning of min_refresh_delay parameter, so the
delay is measured from the modification time of the file on the
backend instead of the time a client last requested this file.
Now apt-proxy will always query backends when a file is too
old (Closes: #266000)
* Set process name to apt-proxy
* Properly deal with escaped characters, including ~ in URLs on FTP
backends. Unescape URLs and check for invalid characters when parsing
a request. A big thanks to Ben Hutchings for the patch
(Closes: #393483, #366262)
* Fix [EMAIL PROTECTED] given in backend server URLs and add a test case.
Thanks Jason Thomas for the patch (Closes: #348985)
* Fix exception when sending ftp password to backend (Closes: #387243)
* Remove extra '/' in HTTP GET requests (Closes: #330492)
* Uncompress Packages.gz and Packages.bz2 on the fly, and
update databases from these files (Closes: #319005, #303357)
* Add unit tests for valid URLs containing /../ (Closes: #182855)
* Remove obsolete GZipFetcher from fetchers.py
.
[ Mark Sheppard ]
* Generate an error if a client attempts to retrieve
http://server:9999/ (Closes: #386546)
* When returning an error, generate an HTML page containing the error
Files:
a94c54a184f0e6d1ab2b9816df99b63a 726 admin extra apt-proxy_1.9.36.dsc
a8b6cea540a9b0888dae5d2adad811ef 107319 admin extra apt-proxy_1.9.36.tar.gz
db6c19bf0482c2a7cef6f9e562876b98 83942 admin extra apt-proxy_1.9.36_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGY+TKexmdExmX588RAti9AJ4xvPtmRRjc4PatmoSrr9DepsWTLwCffpqK
GpPMR+LAX33FZoHHqOsZF44=
=gVmq
-----END PGP SIGNATURE-----
--- End Message ---
