Package: apt-cacher
Version: 0.8.6
Severity: wishlist
Tags: patch
Hello,
the patch attached below makes sure that only some semi-local mirrors can be
used by the allowed users. It requires an entry into the example config file
like this one:
allowed_locations=ftp.uni-kl.de,ftp.nerim.net,debian.tu-bs.de
--- /usr/share/apt-cacher/apt-cacher.pl 2005-03-08 00:01:30.000000000 +0100
+++ apt-cacher.pl 2005-04-18 13:36:00.000000000 +0200
@@ -364,6 +364,18 @@
my $is_open = 0; # Is the file currently open by us?
my $is_incomplete = 0; # Is the file contents complete?
+if(defined($config{allowed_locations})) {
+ goto badguy if ("$host$uri" =~ /\.\./);
+ for(split(/,/,$config{allowed_locations})) {
+ goto location_allowed if ("$host$uri" =~ /^$_/);
+ }
+ badguy:
+ debug_message("Sorry, not allowed to access this location. Ask your system
administrator.");
+ write_to_server("Status: 403 Forbidden. Not allowed to access this
location.\n\n");
+ exit(4);
+}
+location_allowed:
+
if ($filename =~ /(\.deb|\.rpm|\.dsc|\.tar\.gz|\.diff\.gz|\.udeb)$/) {
# We must be fetching a .deb or a .rpm, so let's cache it.
# Place the file in the cache with just its basename
@@ -854,7 +866,7 @@
my $time = localtime;
my $client_ip = $ENV{REMOTE_ADDR};
- open(ERRORFILE,">>$config{errorfile}") or die;
+ open(ERRORFILE,">>$config{errorfile}") or die "Could not open
$config{errorfile}";
print ERRORFILE "$time|$client_ip|debug: $message\n";
close ERRORFILE;
}
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.11.7
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Versions of packages apt-cacher depends on:
ii apache2-mpm-prefork [apache2] 2.0.54-2 traditional model for Apache2
hi perl 5.8.4-8 Larry Wall's Practical Extraction
ii wget 1.9.1-10 retrieves files from the web
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
