From 85bf7df2ae1a99c490bee6132834255313108608 Mon Sep 17 00:00:00 2001 From: onefang Date: Mon, 23 Dec 2019 13:03:31 +1000 Subject: Rearrange sanity checks, and do unsupported checks anyway. --- apt-panopticon.lua | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/apt-panopticon.lua b/apt-panopticon.lua index 4861fa0..f258906 100755 --- a/apt-panopticon.lua +++ b/apt-panopticon.lua @@ -244,8 +244,6 @@ checkHEAD = function (host, URL, r, retry, sanity) return end D(PU.scheme .. " :// " .. check .. " " .. host .. " -> " .. URL) - if not APT.testing(PU.scheme, host) then D("Not testing " .. PU.scheme .. " " .. host .. " -> " .. URL); return end - -- TODO - Perhaps we should try it anyway, and mark it as a warning if it DOES work? if "https" == PU.scheme and APT.options.roundRobin.value == host then D("Not testing " .. PU.scheme .. " " .. host .. " -> " .. URL .. " mirrors shouldn't have the correct cert."); return end --[[ Using curl command line - @@ -279,11 +277,6 @@ checkHEAD = function (host, URL, r, retry, sanity) if "0" ~= status then local msg = curlStatus[0 + status] if nil == msg then msg = "UNKNOWN CURL STATUS CODE!" end - if sanity then - E(" The curl command return an error code of " .. status .. " - " .. msg, PU.scheme, "URLSanity", host) - else - E(" The curl command return an error code of " .. status .. " - " .. msg, PU.scheme, "", host) - end if ("28" == status) or ("7" == status) then if sanity then T(" TIMEOUT " .. timeouts + 1 .. ", retry " .. retry + 1, PU.scheme, "URLSanity", host) @@ -291,6 +284,12 @@ checkHEAD = function (host, URL, r, retry, sanity) T(" TIMEOUT " .. timeouts + 1 .. ", retry " .. retry + 1, PU.scheme, "", host) end timeouts = timeouts + 1 + else + if sanity then + E(" The curl command return an error code of " .. status .. " - " .. msg, PU.scheme, "URLSanity", host) + else + E(" The curl command return an error code of " .. status .. " - " .. msg, PU.scheme, "", host) + end end checkHEAD(host, URL, r, retry + 1, sanity) return @@ -303,7 +302,13 @@ checkHEAD = function (host, URL, r, retry, sanity) for line in rfile:lines("*l") do if "#" == line:sub(1, 1) then code = line:sub(2, 4) - if ("https" == PU.scheme) and ("0" ~= line:sub(6, 6)) then E(" The certificate is invalid.", PU.scheme, "https", host) end + if ("https" == PU.scheme) and ("0" ~= line:sub(6, 6)) then + if sanity then + E(" The certificate is invalid.", PU.scheme, "URLSanity", host) + else + E(" The certificate is invalid.", PU.scheme, "https", host) + end + end elseif "http" == line:sub(1, 4):lower() then -- -2 coz the headers file gets a \r at the end. cstr = line:sub(14, -2) @@ -320,13 +325,13 @@ checkHEAD = function (host, URL, r, retry, sanity) E(" " .. code .. " " .. cstr .. ". " .. check .. " " .. host .. " -> " .. URL, PU.scheme, "", host) end else + if not APT.testing(PU.scheme, host) then W("Not supported, but works " .. PU.scheme .. " " .. host .. " -> " .. URL, PU.scheme, "", host) end I(" " .. code .. " " .. cstr .. ". " .. check .. " " .. host .. " -> " .. URL) -- timeouts = timeouts - 1 -- Backoff the timeouts count if we managed to get through. if nil ~= location then pu = url.parse(location, defaultURL) if ('http' == location:sub(1, 4)) and (pu.scheme ~= PU.scheme) then -- Sometimes a location sans scheme is returned, this is not a protocol change. if APT.testing("Protocol") then W(" protocol changed during redirect! " .. check .. " " .. host .. " -> " .. URL .. " -> " .. location, PU.scheme, "Protocol", host) end - if (pu.host == host) and pu.path == PU.path then D("Not testing protocol change " .. URL .. " -> " .. location); return end end if location == URL then -- cgit v1.1