Bug#57794: [patch]: scp method for apt
Package: apt
Version: 0.3.19
Severity: wishlist
I wanted an scp method for apt too, and after doing it I did a bug search.
Okay, so you've decided not to use this, fine with me, but I'll send it your way
anyway, whatever you want to do with it is fine by me.
This is more useful to me than a https method because we don't have an httpd
running on every machine, but all our machines do run sshd.
One odd thing is that I need to put two colons in the line in sources.list
after the hostname:
deb scp://davidw@ogun.gordian.com::/prj/xtools/ stable gordian
apt strips out one of the colons before passing the uri to the scp method.
I copied from the gzip method, and tried to do this right. The apt maintainers
will more easily be able to tell if I did something odd. (example:
SingleInstance in the flags to pckAcqMethod? I'm not sure what that means) In
any case, this has been working for me.
diff -uNr apt-0.3.19/methods/makefile apt-0.3.19.davidw/methods/makefile
--- apt-0.3.19/methods/makefile Thu Dec 9 23:21:52 1999
+++ apt-0.3.19.davidw/methods/makefile Tue Dec 12 12:58:11 2000
@@ -27,6 +27,13 @@
SOURCE = gzip.cc
include $(PROGRAM_H)
+# The scp method
+PROGRAM=scp
+SLIBS = -lapt-pkg
+LIB_MAKES = apt-pkg/makefile
+SOURCE = scp.cc
+include $(PROGRAM_H)
+
# The cdrom method
PROGRAM=cdrom
SLIBS = -lapt-pkg
diff -uNr apt-0.3.19/methods/scp.cc apt-0.3.19.davidw/methods/scp.cc
--- apt-0.3.19/methods/scp.cc Wed Dec 31 16:00:00 1969
+++ apt-0.3.19.davidw/methods/scp.cc Tue Dec 12 14:37:24 2000
@@ -0,0 +1,92 @@
+// -*- mode: cpp; mode: fold -*-
+// Description /*{{{*/
+// $Id$
+/* ######################################################################
+
+ scp method - Take a file URI in and securely copy it into the target
+ file.
+
+ ##################################################################### */
+ /*}}}*/
+// Include Files /*{{{*/
+#include <apt-pkg/fileutl.h>
+#include <apt-pkg/error.h>
+#include <apt-pkg/acquire-method.h>
+#include <apt-pkg/strutl.h>
+
+#include <sys/stat.h>
+#include <unistd.h>
+#include <utime.h>
+#include <stdio.h>
+ /*}}}*/
+
+class ScpMethod : public pkgAcqMethod
+{
+ virtual bool Fetch(FetchItem *Itm);
+
+ public:
+
+ /* FIXME: SingleInstance, SendConfig do I need them ? */
+
+ ScpMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {};
+};
+
+// ScpMethod::Fetch - Get the passed URI /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+bool ScpMethod::Fetch(FetchItem *Itm)
+{
+ URI Get = Itm->Uri;
+ string Path = Get.Host + Get.Path; // To account for relative paths
+
+ FetchResult Res;
+ Res.Filename = Itm->DestFile;
+ URIStart(Res);
+
+ // Fork scp
+ int Process = fork();
+ if (Process < 0)
+ return _error->Errno("fork","Couldn't fork scp");
+
+ // The child
+ if (Process == 0)
+ {
+ SetCloseExec(STDIN_FILENO,false);
+ SetCloseExec(STDOUT_FILENO,false);
+ char source[128];
+ snprintf(source, sizeof(source), "%s",Path.c_str());
+
+ const char *Args[4];
+ Args[0] = _config->Find("Dir::bin::scp","scp").c_str();
+ Args[1] = source;
+ Args[2] = Itm->DestFile.c_str();
+ Args[3] = 0;
+ execvp(Args[0],(char **)Args);
+ exit(100);
+ }
+
+ // Wait for scp to finish
+ if (ExecWait(Process,_config->Find("Dir::bin::scp","scp").c_str(),false) == false)
+ {
+ return false;
+ }
+
+ struct stat Buf;
+ if (stat(Itm->DestFile.c_str(),&Buf) != 0)
+ return _error->Errno("stat","Failed to stat");
+
+ Res.LastModified = Buf.st_mtime;
+ Res.Size = Buf.st_size;
+
+
+ URIDone(Res);
+
+ return true;
+}
+ /*}}}*/
+
+int main()
+{
+ ScpMethod Mth;
+ return Mth.Run();
+}
diff -uNr apt-0.3.19/doc/method.sgml apt-0.3.19.davidw/doc/method.sgml
--- apt-0.3.19/doc/method.sgml Sun Oct 17 17:37:36 1999
+++ apt-0.3.19.davidw/doc/method.sgml Tue Dec 12 16:10:48 2000
@@ -323,6 +323,7 @@
<item>file - For local files
<item>gzip - (internal) For decompression
<item>http - For HTTP servers
+<item>scp - Uses secure copy (uses ssh internally)
</enumlist>
<p>
@@ -346,7 +347,7 @@
server. The file method simply generates failures or success responses with
the filename field set to the proper location. The cdrom method acts the same
except that it checks that the mount point has a valid cdrom in it. It does
-this by (effectively) computing a md5 hash of 'ls -l' on the mountpoint.
+this by (effectively) computing a md5 hash of 'ls -l' on the mountpoint. The scp method uses scp to transfer the files.
</sect>
<!-- }}} -->
diff -uNr apt-0.3.19/doc/sources.list.5.yo apt-0.3.19.davidw/doc/sources.list.5.yo
--- apt-0.3.19/doc/sources.list.5.yo Fri May 12 21:08:44 2000
+++ apt-0.3.19.davidw/doc/sources.list.5.yo Tue Dec 12 16:25:35 2000
@@ -62,7 +62,7 @@
verb(deb http://http.us.debian.org/debian dists/stable-updates)
manpagesection(URI specification)
-The currently recognized URI types are cdrom, file, http, and ftp.
+The currently recognized URI types are cdrom, file, http, scp and ftp.
startdit()
dit(bf(file))
@@ -97,6 +97,9 @@
copied into the cache directory instead of used directly at their location.
This is usefull for people using a zip disk to copy files around with APT.
+dit(bf(scp))
+This scheme uses bf(scp) as the underlying transport mechanism. bf(scp) itself uses bf(ssh) for data transfer and authentication. This scheme provides secure transfer of sensitive data over an untrusted network. This scheme may ask for passwords or passphrases if necessary. See the bf(scp(1)) and bf(ssh(1)) manual pages for more infomation.
+
enddit()
manpagesection(EXAMPLES)
@@ -134,6 +137,12 @@
forth for other supported architectures. [Note this example only illistrates
how to use the substitation variable non-us is no longer structured like this]
quote("deb http://ftp.de.debian.org/debian-non-US unstable/binary-$(ARCH)/")
+
+Uses scp to access the archive paranoid.org, under the packages directory, and
+uses only the stable/sensitive area. Authentication is attempted as the user
+'trusted'.
+
+quote("deb scp://trusted@paranoid.org::/packages/ stable sensitive")
manpageseealso()
apt-cache (8),
Reply to: