diff options
author | Georgi Georgiev <310867+chutzimir@users.noreply.github.com> | 2022-07-07 10:22:30 +0300 |
---|---|---|
committer | Georgi Georgiev <310867+chutzimir@users.noreply.github.com> | 2022-07-09 06:10:13 +0300 |
commit | 0a7160213af172284c4090ed29f4aec45d77e428 (patch) | |
tree | 5984ae1d8729b8ae9bdafb1a0c4c0c749d601a97 | |
parent | 4a2ccd480fe414e331a5c79e439428866e86c1c3 (diff) |
Support "insecure" repositories
If a repository does not have a Release file it is insecure as its
integrity cannot be validated with a GPG signature. In that situation
apt would fall back to downloading the well-known index files, so we try
to mimic this behavior.
-rwxr-xr-x | apt-mirror | 75 |
1 files changed, 65 insertions, 10 deletions
@@ -124,6 +124,7 @@ my %config_variables = ( my @config_binaries = (); my @config_sources = (); +my @release_urls; my @index_urls; my @childrens = (); my %skipclean = (); @@ -459,7 +460,6 @@ foreach (@config_sources) { # https://wiki.debian.org/DebianRepository/Format#Flat_Repository_Format $url = $uri . "/" . $distribution . "/"; - add_url_to_download( $url . "Sources" ); } add_url_to_download( $url . "InRelease" ); @@ -480,7 +480,6 @@ foreach (@config_binaries) { # https://wiki.debian.org/DebianRepository/Format#Flat_Repository_Format $url = $uri . "/" . $distribution . "/"; - add_url_to_download( $url . "Packages" ); } add_url_to_download( $url . "InRelease" ); @@ -490,8 +489,8 @@ foreach (@config_binaries) } chdir get_variable("skel_path") or die("apt-mirror: can't chdir to skel"); -@index_urls = sort keys %urls_to_download; -download_urls( "index", @index_urls ); +@release_urls = sort keys %urls_to_download; +download_urls( "release", @release_urls ); ###################################################################################### ## Download all relevant metadata @@ -541,7 +540,7 @@ sub find_metadata_in_release unless ( $stream ) { warn( "Failed to find InRelease or Release in " . get_variable("skel_path") . "/" . sanitise_uri($dist_uri) ); - return; + return 0; } @@ -673,6 +672,7 @@ sub find_metadata_in_release add_url_to_download( $dist_uri . $filename, $size ); } } + return 1; } print "Processing metadata files from releases ["; @@ -680,18 +680,73 @@ foreach (@config_binaries) { my ( $arch, $uri, $distribution, @components ) = @{$_}; print "M"; - find_metadata_in_release( $arch, $uri, $distribution, @components); + unless (find_metadata_in_release( $arch, $uri, $distribution, @components)) + { + # Insecure repo with no release file - try to get the well known indices + foreach my $file_extension (".gz", ".xz", ".bz2", "") + { + if (@components) + { + # Debian repo + foreach my $component (@components) + { + foreach my $path ( + "/dists/${distribution}/${component}/binary-${arch}/Packages", + "/dists/${distribution}/${component}/binary-all/Packages", + "/dists/${distribution}/${component}/Contents-${arch}", + "/dists/${distribution}/${component}/Contents-all", + "/dists/${distribution}/Contents-${arch}", + "/dists/${distribution}/Contents-all", + ) + { + add_url_to_download( "${uri}/${path}${file_extension}" ); + } + } + } else { + # Flat repo + foreach my $path ( + "${distribution}/Packages", + "${distribution}/Contents-${arch}", + "${distribution}/Contents-all", + ) + { + add_url_to_download( "${uri}/${path}${file_extension}" ); + } + } + } + } } + foreach (@config_sources) { my ( $uri, $distribution, @components ) = @{$_}; print "M"; - find_metadata_in_release( "source", $uri, $distribution, @components); + unless (find_metadata_in_release( "source", $uri, $distribution, @components)) + { + # Insecure repo with no release file - try to get the well known indices + foreach my $file_extension (".gz", ".xz", ".bz2", "") + { + if (@components) + { + # Debian repo + foreach my $path ( + "${distribution}/source/Sources", + "${distribution}/Contents-source", + ) + { + add_url_to_download( "${uri}/${path}${file_extension}" ); + } + } else { + # Flat repo + add_url_to_download( "${uri}/${distribution}/Sources${file_extension}" ); + } + } + } } print "]\n\n"; -push( @index_urls, sort keys %urls_to_download ); -download_urls( "metadata", sort keys %urls_to_download ); +@index_urls = sort keys %urls_to_download; +download_urls( "index", @index_urls ); ###################################################################################### ## Main download preparations @@ -911,7 +966,7 @@ sub copy_file utime( $atime, $mtime, $to ) or die("apt-mirror: can't utime $to"); } -foreach (@index_urls) +foreach (@release_urls, @index_urls) { die("apt-mirror: invalid url in index_urls") unless s[^(\w+)://][]; copy_file( get_variable("skel_path") . "/" . sanitise_uri("$_"), get_variable("mirror_path") . "/" . sanitise_uri("$_") ); |