Progeny apt enhancements: SSL, redirect, cookies, auth

To: deity@lists.debian.org
Subject: Progeny apt enhancements: SSL, redirect, cookies, auth
From: Jeff Licquia <jlicquia@progeny.com>
Date: 29 Jul 2002 14:16:04 -0500
Message-id: <[🔎] 1027970164.7454.118.camel@laptop2.internal.licquia.org>

[Please CC; lists.debian.org appears to be slow in processing my
subscription request.]

Progeny is interested in doing some things with apt archives that aren't
really possible with apt in its present state.  Specifically, we're
looking into integrating our repositories with a Web authentication
system we're using (pubcookie) that does its magic with redirects and
cookies.

This requires a few things of the http method in apt:

 - SSL support
 - Cookie support
 - Redirect support
 - Authentication support

We've looked at the apt-https work, and it looks to be mostly right up
our alley.  However, we're only interested in encrypting the
authentication request; the rest can happen unencrypted, using redirects
to accomplish this.  For this reason, we've hacked apt-https slightly to
integrate the SSL support into the http method, and made https a symlink
to http (similar to how bzip/gzip and rsh/ssh work).  It builds, but is
untested at this point.  We can send on a patch if you're interested;
this would be against CVS as of Thursday or so.

The other three extensions we're planning to write.  Cookie and redirect
support don't seem terribly difficult.  Authentication, I understand, is
already supported by embedding the username and password into the
sources.list URL; we think, however, that there will be a need for
interactive authentication.  Our current thinking on implementing this
involves using optional callbacks for registering interactive auth
support, making the apt frontend responsible for supporting and
implementing the callbacks.  This way, current clients would still work
as they do now, and future clients could be enhanced to support this if
there were a need.  We'd also like the auth extension to be applicable
to other apt methods besides http.

If these are welcome modifications to the current apt and apt-https
work, then we'd like to see them integrated in.  So, I'm interested in
your feedback.  How would you prefer to see these implemented?  Which
parts do you object to, and why?


-- 
To UNSUBSCRIBE, email to deity-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Progeny apt enhancements: SSL, redirect, cookies, auth
  - From: Eric Gillespie <epg@progeny.com>
- Re: Progeny apt enhancements: SSL, redirect, cookies, auth
  - From: Jason Gunthorpe <jgg@debian.org>

Prev by Date: Bug#154602: apt: Asks for cdrom even if the correct cdrom already is in the tray
Next by Date: Re: Progeny apt enhancements: SSL, redirect, cookies, auth
Previous by thread: Bug#154602: apt: Asks for cdrom even if the correct cdrom already is in the tray
Next by thread: Re: Progeny apt enhancements: SSL, redirect, cookies, auth
Index(es):
- Date
- Thread