diff options
Diffstat (limited to 'apt-panopticon.lua')
| -rwxr-xr-x | apt-panopticon.lua | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/apt-panopticon.lua b/apt-panopticon.lua index f166819..d8ee95b 100755 --- a/apt-panopticon.lua +++ b/apt-panopticon.lua | |||
| @@ -290,6 +290,11 @@ checkHEAD = function (host, URL, r, retry, sanity) | |||
| 290 | IP .. ' ' .. '-o /dev/null -D results/"HEADERS_' .. fname .. '" ' .. | 290 | IP .. ' ' .. '-o /dev/null -D results/"HEADERS_' .. fname .. '" ' .. |
| 291 | hdr .. ' -w "#%{http_code} %{ssl_verify_result} %{url_effective}\\n" ' .. PU.scheme .. '://' .. host .. PU.path .. ' >>results/"STATUS_' .. fname .. '"' | 291 | hdr .. ' -w "#%{http_code} %{ssl_verify_result} %{url_effective}\\n" ' .. PU.scheme .. '://' .. host .. PU.path .. ' >>results/"STATUS_' .. fname .. '"' |
| 292 | ):Nice():log():Do().status | 292 | ):Nice():log():Do().status |
| 293 | if 0 < r then | ||
| 294 | APT.tested(PU.scheme, 'Redirects', host) | ||
| 295 | else | ||
| 296 | APT.tested(PU.scheme, '', host) | ||
| 297 | end | ||
| 293 | local code = "???" | 298 | local code = "???" |
| 294 | local cstr = "" | 299 | local cstr = "" |
| 295 | local location = nil | 300 | local location = nil |
| @@ -359,14 +364,15 @@ checkHEAD = function (host, URL, r, retry, sanity) | |||
| 359 | if (pu.host == APT.options.roundRobin.value) and (nil ~= PU.path:find('merged/pool/DEVUAN/')) then | 364 | if (pu.host == APT.options.roundRobin.value) and (nil ~= PU.path:find('merged/pool/DEVUAN/')) then |
| 360 | E('DEVUAN packages must not be redirected to ' .. APT.options.roundRobin.value .. ' - ' .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, 'Redirects', host) | 365 | E('DEVUAN packages must not be redirected to ' .. APT.options.roundRobin.value .. ' - ' .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, 'Redirects', host) |
| 361 | end | 366 | end |
| 362 | if ('http' == location:sub(1, 4)) and (pu.scheme ~= PU.scheme) then -- Sometimes a location sans scheme is returned, this is not a protocol change. | 367 | if APT.testing("Protocol") then |
| 363 | if APT.testing("Protocol") then | 368 | if ('http' == location:sub(1, 4)) and (pu.scheme ~= PU.scheme) then -- Sometimes a location sans scheme is returned, this is not a protocol change. |
| 364 | if APT.options.roundRobin.value == host then -- Coz HTTPS shouldn't happen via the round robin. | 369 | if APT.options.roundRobin.value == host then -- Coz HTTPS shouldn't happen via the round robin. |
| 365 | E(spcd .. spcd .. "Protocol changed during redirect! " .. check .. " " .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, "Protocol", host) | 370 | E(spcd .. spcd .. "Protocol changed during redirect! " .. check .. " " .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, "Protocol", host) |
| 366 | end | 371 | end |
| 367 | W(spcd .. spcd .. "Protocol changed during redirect! " .. check .. " " .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, "Protocol", host) | 372 | W(spcd .. spcd .. "Protocol changed during redirect! " .. check .. " " .. APT.lnk(URL) .. arw .. APT.lnk(location), PU.scheme, "Protocol", host) |
| 368 | else | 373 | else |
| 369 | end | 374 | end |
| 375 | APT.tested(PU.scheme, 'Protocol', host) | ||
| 370 | end | 376 | end |
| 371 | 377 | ||
| 372 | if location == URL then | 378 | if location == URL then |
| @@ -402,6 +408,7 @@ checkHEAD = function (host, URL, r, retry, sanity) | |||
| 402 | I(spcd .. spcd .. "Now checking redirected host " .. u .. ' for ' .. APT.lnk(URL) .. arw .. APT.lnk(location), host) | 408 | I(spcd .. spcd .. "Now checking redirected host " .. u .. ' for ' .. APT.lnk(URL) .. arw .. APT.lnk(location), host) |
| 403 | APT.exe(downloadLock .. "REDIR-" .. check .. ".log.txt" .. " ./apt-panopticon.lua " .. extraArgs .. ' ' .. pu.host .. "/" .. path .. " " .. file):Nice():log():fork() | 409 | APT.exe(downloadLock .. "REDIR-" .. check .. ".log.txt" .. " ./apt-panopticon.lua " .. extraArgs .. ' ' .. pu.host .. "/" .. path .. " " .. file):Nice():log():fork() |
| 404 | D(spcd .. 'logging to ' .. APT.logName(pu.host, nil, file)[2]) | 410 | D(spcd .. 'logging to ' .. APT.logName(pu.host, nil, file)[2]) |
| 411 | APT.tested(PU.scheme, 'Redirects', host) | ||
| 405 | end | 412 | end |
| 406 | end | 413 | end |
| 407 | elseif nil ~= PU.path:find('merged/pool/DEBIAN-SECURITY/') then | 414 | elseif nil ~= PU.path:find('merged/pool/DEBIAN-SECURITY/') then |
| @@ -417,6 +424,7 @@ local checkTimeouts = function(host, scheme, URL) | |||
| 417 | URL = URL:gsub("/", "///") | 424 | URL = URL:gsub("/", "///") |
| 418 | URL = URL:gsub("///", "/", 1) | 425 | URL = URL:gsub("///", "/", 1) |
| 419 | checkHEAD(host, scheme .. "://" .. URL, 0, 0, true) | 426 | checkHEAD(host, scheme .. "://" .. URL, 0, 0, true) |
| 427 | APT.tested(scheme, 'URLSanity', host) | ||
| 420 | end | 428 | end |
| 421 | if nil ~= cor then | 429 | if nil ~= cor then |
| 422 | D('*>* About to resume coroutine after checkHEAD(' .. host .. ' , ' .. scheme .. ' :// ' .. URL .. ')') | 430 | D('*>* About to resume coroutine after checkHEAD(' .. host .. ' , ' .. scheme .. ' :// ' .. URL .. ')') |
| @@ -700,11 +708,13 @@ local parseDebs = function(host) | |||
| 700 | if sha ~= fsha:sub(2, -2) then E('Package SHA256 sum mismatch - results/' .. host .. "/merged/" .. p, 'http', 'Integrity', host) end | 708 | if sha ~= fsha:sub(2, -2) then E('Package SHA256 sum mismatch - results/' .. host .. "/merged/" .. p, 'http', 'Integrity', host) end |
| 701 | -- TODO - maybe check the PGP key, though packages are mostly not signed. | 709 | -- TODO - maybe check the PGP key, though packages are mostly not signed. |
| 702 | end | 710 | end |
| 711 | APT.tested('http', 'Integrity', host) | ||
| 703 | end | 712 | end |
| 704 | if APT.testing("Updated") then | 713 | if APT.testing("Updated") then |
| 705 | if sz ~= fsz:sub(2, -2) then | 714 | if sz ~= fsz:sub(2, -2) then |
| 706 | E('Package size mismatch for ' .. host .. "/merged/" .. p, 'http', 'Updated', host) | 715 | E('Package size mismatch for ' .. host .. "/merged/" .. p, 'http', 'Updated', host) |
| 707 | end | 716 | end |
| 717 | APT.tested('http', 'Updated', host) | ||
| 708 | end | 718 | end |
| 709 | os.execute('rm -f results/' .. host .. "/merged/" .. p) | 719 | os.execute('rm -f results/' .. host .. "/merged/" .. p) |
| 710 | else | 720 | else |
| @@ -839,6 +849,7 @@ local parseRelease = function(host) | |||
| 839 | " results/" .. host .. "/merged/dists/" .. n .. '/' .. o:sub(1, -5)):Nice():noErr():log():Do().status | 849 | " results/" .. host .. "/merged/dists/" .. n .. '/' .. o:sub(1, -5)):Nice():noErr():log():Do().status |
| 840 | if 0 ~= status then E("GPG check failed for " .. host .. "/merged/dists/" .. n .. '/' .. o, "http", "Integrity", host) end | 850 | if 0 ~= status then E("GPG check failed for " .. host .. "/merged/dists/" .. n .. '/' .. o, "http", "Integrity", host) end |
| 841 | -- TODO - should check the PGP sig of InRelease as well. | 851 | -- TODO - should check the PGP sig of InRelease as well. |
| 852 | APT.tested('http', 'Integrity', host) | ||
| 842 | end | 853 | end |
| 843 | os.execute('rm results/' .. host .. '/merged/dists/' .. n .. '/' .. o) | 854 | os.execute('rm results/' .. host .. '/merged/dists/' .. n .. '/' .. o) |
| 844 | end | 855 | end |
| @@ -885,6 +896,7 @@ local parseRelease = function(host) | |||
| 885 | else | 896 | else |
| 886 | updated = true | 897 | updated = true |
| 887 | end | 898 | end |
| 899 | APT.tested('http', 'Updated', host) | ||
| 888 | end | 900 | end |
| 889 | end | 901 | end |
| 890 | 902 | ||