Package: apt-cacher
Version: 0.9.1
Severity: normal
When a client uses a debian server that is not configured in the
allowed_locations config directive, then with debug=0 one has no
chance to diagnose the reason for the 403. And even with debug=1, all
you find in the logfile is:
Wed May 18 09:36:45 2005|127.0.0.1|debug: Sorry, not allowed to access this
location. Ask your system administrator.
I'd suggest making this a bit friendlier to the system administrator
who will be reading this. Something like
Host ftp.de.debian.org is not configured in the allowed_locations
directive, access denied.
It would not hurt anybody to both write this into the debuglog *and*
send it out to the client.
Possible patch appended.
Thanks,
--
andreas
--- /usr/share/apt-cacher/apt-cacher.pl~ 2005-05-18 10:01:01.000000000
+0200
+++ /usr/share/apt-cacher/apt-cacher.pl 2005-05-18 10:07:20.000000000 +0200
@@ -391,13 +391,18 @@
my $is_incomplete = 0; # Is the file contents complete?
if(defined($config{allowed_locations})) {
- goto badguy if ("$host$uri" =~ /\.\./);
- for(split(/,/,$config{allowed_locations})) {
- goto location_allowed if ("$host$uri" =~ /^$_/);
+ my $mess;
+ if ("$host$uri" =~ /\.\./){
+ $mess = "'..' contained in URL";
+ } else {
+ for(split(/,/,$config{allowed_locations})) {
+ goto location_allowed if ("$host$uri" =~ /^$_/);
+ }
+ $mess = "Host '$host' is not configured in the allowed_locations
directive";
}
badguy:
- debug_message("Sorry, not allowed to access this location. Ask your system
administrator.");
- write_to_server("Status: 403 Forbidden. Not allowed to access this
location.\n\n");
+ debug_message("$mess; access denied");
+ write_to_server("Status: 403 Forbidden.\n\n$mess.\n\n");
exit(4);
}
location_allowed:
__END_OF_PATCH__
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11.7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages apt-cacher depends on:
ii apache [httpd-cgi] 1.3.33-6 versatile, high-performance HTTP s
ii apache-perl [httpd-cgi] 1.3.33-6 versatile, high-performance HTTP s
ii curl 7.13.2-2 Get a file from an HTTP, HTTPS, FT
ii perl 5.8.4-8 Larry Wall's Practical Extraction
-- no debconf information
--
Dr. Andreas J Koenig . Development CELLULAR GmbH
Schmiedehof 15 . 10965 Berlin . Germany
Alsterufer 1 . 20354 Hamburg . Germany
Phone +49.30.89 06 86 33 . Fax +49.30.89 06 86 55
Email [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
