Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 392620 Details for
Bug 442874
net-proxy/http-replicator - local rsync server reports install flash player as wrong size
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
add x-unique-cache-name to http-replicator-4.0.x
http-replicator_4-unique-cache-name.patch (text/plain), 2.69 KB, created by
Matthew Ogilvie
on 2014-12-29 06:46:15 UTC
(
hide
)
Description:
add x-unique-cache-name to http-replicator-4.0.x
Filename:
MIME Type:
Creator:
Matthew Ogilvie
Created:
2014-12-29 06:46:15 UTC
Size:
2.69 KB
patch
obsolete
>commit ed8b785448f74a3be4206ad84dfa445fe656801c >Author: Matthew Ogilvie <mmogilvi_gnto@miniinfo.net> >Date: Sun Dec 28 22:10:30 2014 -0700 > > honor x-unique-cache-name header in flat mode, if present > > This allows things like different versions of the adobe-flash > downloader that are given different names in a flat download > directory (like in gentoo) to work in an http-replicator cache > as well. As long as the fetcher passes the custom name through > the experimental header... > > NOT TESTED: I haven't tested this at all, but from code inspection, > there appears to be at least two pre-existing bugs I didn't try > to fix: > 1. If it is not in "--flat" mode, then there is nothing preventing > a custom client from requesting > "/../../../../../any/file/on/the/filesystem" (standard clients > will simplify ".."s before sending the request) as long as > the UID the process is running as can read it, including > /etc/passwd or similar. There may also be problems with > writing to weird locations, although standard permissions > renders this less likely. This is a SECURITY bug, but > fortunately (a) --flat mode is default on gentooo, (b) > gentoo still defaults to http-replicator-3.0 on stable systems, > which doesn't have this bug, and (c) 4.0 releases are still > marked "alpha"... > 2. HTTP header names are not supposed to be case-sensitive, but > this version does nothing to fold the case... > > See gentoo bug # 442874 > >diff --git a/Cache.py b/Cache.py >index 4eebeed..312b28d 100644 >--- a/Cache.py >+++ b/Cache.py >@@ -18,8 +18,10 @@ class File: > size = -1 > mtime = -1 > >- def __init__( self, path ): >+ def __init__( self, path, uniqueName ): > >+ if Params.FLAT and uniqueName: >+ path = uniqueName > sep = path.find( '?' ) > if sep != -1: > path = path[ :sep ] + path[ sep: ].replace( '/', '%2F' ) >diff --git a/Protocol.py b/Protocol.py >index eaf4d9b..ca5aa5e 100644 >--- a/Protocol.py >+++ b/Protocol.py >@@ -60,7 +60,7 @@ class HttpProtocol( Cache.File ): > > def __init__( self, request ): > >- Cache.File.__init__( self, '%s:%i/%s' % request.url() ) >+ Cache.File.__init__( self, '%s:%i/%s' % request.url(), request.__args.get('X-unique-cache-name') ) > > if Params.STATIC and self.full(): > print 'Static mode; serving file directly from cache' >@@ -215,7 +215,7 @@ class FtpProtocol( Cache.File ): > > def __init__( self, request ): > >- Cache.File.__init__( self, '%s:%i/%s' % request.url() ) >+ Cache.File.__init__( self, '%s:%i/%s' % request.url(), request.__args.get('X-unique-cache-name') ) > > if Params.STATIC and self.full(): > self.__socket = None
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 442874
:
329342
|
392616
|
392618
| 392620 |
393508
|
393512
|
393518
|
394206
|
394208
|
394210
|
428742
|
428792
|
429496
|
429522