Lubuntu/livecd-rootfs
3
0
Fork 0
mirror of https://git.launchpad.net/livecd-rootfs synced 2025-02-23 03:11:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

magic-proxy: return 404 when InRelease file cannot be found "by hash"

Browse Source 
When the magic-proxy script could not find a valid InRelease file for the
configured timestamp, it would fall back to serving the canonical version
of it. This meant that builds would succeed, even though snap-shotting the
repository failed.

This update makes the script return HTTP 404 when an InRelease by-hash
link for a given combination of mirror, suite and timestamp cannot be
found.
This commit is contained in:
Tobias Koch 2019-02-18 18:49:47 +01:00
parent b2db5bf365
commit 3a294f5b50
2 changed files with 46 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
debian/changelog vendored
View File

@ -1,8 +1,19 @@
livecd-rootfs (2.566) UNRELEASED; urgency=medium
[ Julian Andres Klode ]
* Do not mark direct dependencies of ubiquity as auto installed. This caused
cryptsetup to remain auto on the installed system (LP: #1801629)
[ Tobias Koch ]
* When the magic-proxy script could not find a valid InRelease file for the
configured timestamp, it would fall back to serving the canonical version
of it. This meant that builds would succeed, even though snap-shotting the
repository failed.
.
This update makes the script return HTTP 404 when an InRelease by-hash
link for a given combination of mirror, suite and timestamp cannot be
found.
-- Julian Andres Klode <juliank@ubuntu.com> Fri, 22 Feb 2019 10:58:48 +0100
livecd-rootfs (2.565) disco; urgency=medium

64
magic-proxy
View File

@ -771,41 +771,41 @@ class ProxyingHTTPRequestHandler(http.server.BaseHTTPRequestHandler):
index = LPInReleaseIndex(mirror, suite,
cache=self.server.inrelease_cache)
inrelease = index.get_inrelease_for_timestamp(
self.server.snapshot_stamp)
try:
inrelease = index.get_inrelease_for_timestamp(
self.server.snapshot_stamp)
except LPInReleaseIndexError as e:
inrelease = None
if inrelease is None:
self.__send_error(404, "No InRelease file found for given "
"mirror, suite and timestamp.")
return
if inrelease is not None:
if target == "InRelease":
# If target is InRelease, send back contents directly.
data = inrelease.data.encode("utf-8")
if target == "InRelease":
# If target is InRelease, send back contents directly.
data = inrelease.data.encode("utf-8")
self.log_message(
"Inject InRelease '{}'".format(inrelease.hash))
self.send_response(200)
self.send_header("Content-Length", len(data))
self.end_headers()
if verb == "GET":
self.wfile.write(data)
return
else:
# If target hash is listed, then redirect to by-hash URL.
hash_ = inrelease.get_hash_for(target)
if hash_:
self.log_message(
"Inject InRelease '{}'".format(inrelease.hash))
"Inject {} for {}".format(hash_, target))
self.send_response(200)
self.send_header("Content-Length", len(data))
self.end_headers()
target_path = target.rsplit("/", 1)[0]
if verb == "GET":
self.wfile.write(data)
return
else:
# If target hash is listed, then redirect to by-hash URL.
hash_ = inrelease.get_hash_for(target)
if hash_:
self.log_message(
"Inject {} for {}".format(hash_, target))
target_path = target.rsplit("/", 1)[0]
path = "{}/dists/{}/{}/by-hash/SHA256/{}"\
.format(base, suite, target_path, hash_)
path = "{}/dists/{}/{}/by-hash/SHA256/{}"\
.format(base, suite, target_path, hash_)
try:
client = http.client.HTTPConnection(host)
@ -839,6 +839,12 @@ class ProxyingHTTPRequestHandler(http.server.BaseHTTPRequestHandler):
self.end_headers()
shutil.copyfileobj(response, self.wfile)
def __send_error(self, status, message):
"""Return an HTTP error status and a message in the response body."""
self.send_response(status)
self.send_header("Content-Type", "text/plain; charset=utf-8")
self.wfile.write(message.encode("utf-8"))
class MagicHTTPProxy(socketserver.ThreadingMixIn, http.server.HTTPServer):
"""Tiny HTTP server using ProxyingHTTPRequestHandler instances to provide