1 /*---------------------------------------------------------------------\
3 | |__ / \ / / . \ . \ |
8 \---------------------------------------------------------------------*/
9 /** \file zypp/media/MediaCurl.cc
16 #include "zypp/base/Logger.h"
17 #include "zypp/ExternalProgram.h"
18 #include "zypp/base/String.h"
19 #include "zypp/base/Gettext.h"
20 #include "zypp/base/Sysconfig.h"
21 #include "zypp/base/Gettext.h"
23 #include "zypp/media/MediaCurl.h"
24 #include "zypp/media/ProxyInfo.h"
25 #include "zypp/media/MediaUserAuth.h"
26 #include "zypp/media/CredentialManager.h"
27 #include "zypp/media/CurlConfig.h"
28 #include "zypp/thread/Once.h"
29 #include "zypp/Target.h"
30 #include "zypp/ZYppFactory.h"
31 #include "zypp/ZConfig.h"
34 #include <sys/types.h>
36 #include <sys/mount.h>
40 #include <boost/format.hpp>
42 #define DETECT_DIR_INDEX 0
43 #define CONNECT_TIMEOUT 60
44 #define TRANSFER_TIMEOUT_MAX 60 * 60
46 #define EXPLICITLY_NO_PROXY "_none_"
48 #undef CURLVERSION_AT_LEAST
49 #define CURLVERSION_AT_LEAST(M,N,O) LIBCURL_VERSION_NUM >= ((((M)<<8)+(N))<<8)+(O)
52 using namespace zypp::base;
56 zypp::thread::OnceFlag g_InitOnceFlag = PTHREAD_ONCE_INIT;
57 zypp::thread::OnceFlag g_FreeOnceFlag = PTHREAD_ONCE_INIT;
59 extern "C" void _do_free_once()
61 curl_global_cleanup();
64 extern "C" void globalFreeOnce()
66 zypp::thread::callOnce(g_FreeOnceFlag, _do_free_once);
69 extern "C" void _do_init_once()
71 CURLcode ret = curl_global_init( CURL_GLOBAL_ALL );
74 WAR << "curl global init failed" << endl;
78 // register at exit handler ?
79 // this may cause trouble, because we can protect it
80 // against ourself only.
81 // if the app sets an atexit handler as well, it will
82 // cause a double free while the second of them runs.
84 //std::atexit( globalFreeOnce);
87 inline void globalInitOnce()
89 zypp::thread::callOnce(g_InitOnceFlag, _do_init_once);
92 int log_curl(CURL *curl, curl_infotype info,
93 char *ptr, size_t len, void *max_lvl)
99 case CURLINFO_TEXT: lvl = 1; pfx = "*"; break;
100 case CURLINFO_HEADER_IN: lvl = 2; pfx = "<"; break;
101 case CURLINFO_HEADER_OUT: lvl = 2; pfx = ">"; break;
104 if( lvl > 0 && max_lvl != NULL && lvl <= *((long *)max_lvl))
106 std::string msg(ptr, len);
107 std::list<std::string> lines;
108 std::list<std::string>::const_iterator line;
109 zypp::str::split(msg, std::back_inserter(lines), "\r\n");
110 for(line = lines.begin(); line != lines.end(); ++line)
112 DBG << pfx << " " << *line << endl;
120 void *ptr, size_t size, size_t nmemb, void *stream)
122 // INT << "got header: " << string((char *)ptr, ((char*)ptr) + size*nmemb) << endl;
124 char * lstart = (char *)ptr, * lend = (char *)ptr;
126 size_t max = size * nmemb;
127 while (pos + 1 < max)
130 for (lstart = lend; *lend != '\n' && pos < max; ++lend, ++pos);
132 // look for "Location"
133 string line(lstart, lend);
134 if (line.find("Location") != string::npos)
136 DBG << "redirecting to " << line << endl;
140 // continue with the next line
160 ProgressData(CURL *_curl, const long _timeout, const zypp::Url &_url = zypp::Url(),
161 callback::SendReport<DownloadProgressReport> *_report=NULL)
178 callback::SendReport<DownloadProgressReport> *report;
179 // download rate of the last period (cca 1 sec)
181 // bytes downloaded at the start of the last period
183 // seconds from the start of the download
185 // average download rate
187 // last time the progress was reported
189 // bytes downloaded at the moment the progress was last reported
191 // bytes uploaded at the moment the progress was last reported
196 ///////////////////////////////////////////////////////////////////
198 inline void escape( string & str_r,
199 const char char_r, const string & escaped_r ) {
200 for ( string::size_type pos = str_r.find( char_r );
201 pos != string::npos; pos = str_r.find( char_r, pos ) ) {
202 str_r.replace( pos, 1, escaped_r );
206 inline string escapedPath( string path_r ) {
207 escape( path_r, ' ', "%20" );
211 inline string unEscape( string text_r ) {
212 char * tmp = curl_unescape( text_r.c_str(), 0 );
221 * Fills the settings structure using options passed on the url
222 * for example ?timeout=x&proxy=foo
224 void fillSettingsFromUrl( const Url &url, TransferSettings &s )
226 std::string param(url.getQueryParam("timeout"));
229 long num = str::strtonum<long>(param);
230 if( num >= 0 && num <= TRANSFER_TIMEOUT_MAX)
234 if ( ! url.getUsername().empty() )
236 s.setUsername(url.getUsername());
237 if ( url.getPassword().size() )
238 s.setPassword(url.getPassword());
242 // if there is no username, set anonymous auth
243 if ( ( url.getScheme() == "ftp" || url.getScheme() == "tftp" ) && s.username().empty() )
244 s.setAnonymousAuth();
247 if ( url.getScheme() == "https" )
249 s.setVerifyPeerEnabled(false);
250 s.setVerifyHostEnabled(false);
252 std::string verify( url.getQueryParam("ssl_verify"));
253 if( verify.empty() ||
256 s.setVerifyPeerEnabled(true);
257 s.setVerifyHostEnabled(true);
259 else if( verify == "no")
261 s.setVerifyPeerEnabled(false);
262 s.setVerifyHostEnabled(false);
266 std::vector<std::string> flags;
267 std::vector<std::string>::const_iterator flag;
268 str::split( verify, std::back_inserter(flags), ",");
269 for(flag = flags.begin(); flag != flags.end(); ++flag)
272 s.setVerifyHostEnabled(true);
273 else if( *flag == "peer")
274 s.setVerifyPeerEnabled(true);
276 ZYPP_THROW(MediaBadUrlException(url, "Unknown ssl_verify flag"));
281 Pathname ca_path( url.getQueryParam("ssl_capath") );
282 if( ! ca_path.empty())
284 if( !PathInfo(ca_path).isDir() || ! ca_path.absolute())
285 ZYPP_THROW(MediaBadUrlException(url, "Invalid ssl_capath path"));
287 s.setCertificateAuthoritiesPath(ca_path);
290 Pathname client_cert( url.getQueryParam("ssl_clientcert") );
291 if( ! client_cert.empty())
293 if( !PathInfo(client_cert).isFile() || !client_cert.absolute())
294 ZYPP_THROW(MediaBadUrlException(url, "Invalid ssl_clientcert file"));
296 s.setClientCertificatePath(client_cert);
298 Pathname client_key( url.getQueryParam("ssl_clientkey") );
299 if( ! client_key.empty())
301 if( !PathInfo(client_key).isFile() || !client_key.absolute())
302 ZYPP_THROW(MediaBadUrlException(url, "Invalid ssl_clientkey file"));
304 s.setClientKeyPath(client_key);
307 param = url.getQueryParam( "proxy" );
308 if ( ! param.empty() )
310 if ( param == EXPLICITLY_NO_PROXY ) {
311 // Workaround TransferSettings shortcoming: With an
312 // empty proxy string, code will continue to look for
313 // valid proxy settings. So set proxy to some non-empty
314 // string, to indicate it has been explicitly disabled.
315 s.setProxy(EXPLICITLY_NO_PROXY);
316 s.setProxyEnabled(false);
319 string proxyport( url.getQueryParam( "proxyport" ) );
320 if ( ! proxyport.empty() ) {
321 param += ":" + proxyport;
324 s.setProxyEnabled(true);
328 param = url.getQueryParam( "proxyuser" );
329 if ( ! param.empty() )
331 s.setProxyUsername(param);
332 s.setProxyPassword(url.getQueryParam( "proxypass" ));
335 // HTTP authentication type
336 param = url.getQueryParam("auth");
337 if (!param.empty() && (url.getScheme() == "http" || url.getScheme() == "https"))
341 CurlAuthData::auth_type_str2long(param); // check if we know it
343 catch (MediaException & ex_r)
345 DBG << "Rethrowing as MediaUnauthorizedException.";
346 ZYPP_THROW(MediaUnauthorizedException(url, ex_r.msg(), "", ""));
348 s.setAuthType(param);
352 param = url.getQueryParam("head_requests");
353 if( !param.empty() && param == "no" )
354 s.setHeadRequestsAllowed(false);
358 * Reads the system proxy configuration and fills the settings
359 * structure proxy information
361 void fillSettingsSystemProxy( const Url&url, TransferSettings &s )
363 ProxyInfo proxy_info;
364 if ( proxy_info.useProxyFor( url ) )
366 // We must extract any 'user:pass' from the proxy url
367 // otherwise they won't make it into curl (.curlrc wins).
369 Url u( proxy_info.proxy( url ) );
370 s.setProxy( u.asString( url::ViewOption::WITH_SCHEME + url::ViewOption::WITH_HOST + url::ViewOption::WITH_PORT ) );
371 // don't overwrite explicit auth settings
372 if ( s.proxyUsername().empty() )
374 s.setProxyUsername( u.getUsername( url::E_ENCODED ) );
375 s.setProxyPassword( u.getPassword( url::E_ENCODED ) );
377 s.setProxyEnabled( true );
379 catch (...) {} // no proxy if URL is malformed
383 Pathname MediaCurl::_cookieFile = "/var/lib/YaST2/cookies";
386 * initialized only once, this gets the anonymous id
387 * from the target, which we pass in the http header
389 static const char *const anonymousIdHeader()
391 // we need to add the release and identifier to the
393 // The target could be not initialized, and then this information
395 static const std::string _value(
396 str::trim( str::form(
397 "X-ZYpp-AnonymousId: %s",
398 Target::anonymousUniqueId( Pathname()/*guess root*/ ).c_str() ) )
400 return _value.c_str();
404 * initialized only once, this gets the distribution flavor
405 * from the target, which we pass in the http header
407 static const char *const distributionFlavorHeader()
409 // we need to add the release and identifier to the
411 // The target could be not initialized, and then this information
413 static const std::string _value(
414 str::trim( str::form(
415 "X-ZYpp-DistributionFlavor: %s",
416 Target::distributionFlavor( Pathname()/*guess root*/ ).c_str() ) )
418 return _value.c_str();
422 * initialized only once, this gets the agent string
423 * which also includes the curl version
425 static const char *const agentString()
427 // we need to add the release and identifier to the
429 // The target could be not initialized, and then this information
431 static const std::string _value(
433 "ZYpp %s (curl %s) %s"
435 , curl_version_info(CURLVERSION_NOW)->version
436 , Target::targetDistribution( Pathname()/*guess root*/ ).c_str()
439 return _value.c_str();
442 // we use this define to unbloat code as this C setting option
443 // and catching exception is done frequently.
444 /** \todo deprecate SET_OPTION and use the typed versions below. */
445 #define SET_OPTION(opt,val) do { \
446 ret = curl_easy_setopt ( _curl, opt, val ); \
448 ZYPP_THROW(MediaCurlSetOptException(_url, _curlError)); \
452 #define SET_OPTION_OFFT(opt,val) SET_OPTION(opt,(curl_off_t)val)
453 #define SET_OPTION_LONG(opt,val) SET_OPTION(opt,(long)val)
454 #define SET_OPTION_VOID(opt,val) SET_OPTION(opt,(void*)val)
456 MediaCurl::MediaCurl( const Url & url_r,
457 const Pathname & attach_point_hint_r )
458 : MediaHandler( url_r, attach_point_hint_r,
459 "/", // urlpath at attachpoint
460 true ), // does_download
464 _curlError[0] = '\0';
467 MIL << "MediaCurl::MediaCurl(" << url_r << ", " << attach_point_hint_r << ")" << endl;
471 if( !attachPoint().empty())
473 PathInfo ainfo(attachPoint());
474 Pathname apath(attachPoint() + "XXXXXX");
475 char *atemp = ::strdup( apath.asString().c_str());
477 if( !ainfo.isDir() || !ainfo.userMayRWX() ||
478 atemp == NULL || (atest=::mkdtemp(atemp)) == NULL)
480 WAR << "attach point " << ainfo.path()
481 << " is not useable for " << url_r.getScheme() << endl;
482 setAttachPoint("", true);
484 else if( atest != NULL)
492 Url MediaCurl::clearQueryString(const Url &url) const
495 curlUrl.setUsername( "" );
496 curlUrl.setPassword( "" );
497 curlUrl.setPathParams( "" );
498 curlUrl.setFragment( "" );
499 curlUrl.delQueryParam("cookies");
500 curlUrl.delQueryParam("proxy");
501 curlUrl.delQueryParam("proxyport");
502 curlUrl.delQueryParam("proxyuser");
503 curlUrl.delQueryParam("proxypass");
504 curlUrl.delQueryParam("ssl_capath");
505 curlUrl.delQueryParam("ssl_verify");
506 curlUrl.delQueryParam("ssl_clientcert");
507 curlUrl.delQueryParam("timeout");
508 curlUrl.delQueryParam("auth");
509 curlUrl.delQueryParam("username");
510 curlUrl.delQueryParam("password");
511 curlUrl.delQueryParam("mediahandler");
512 curlUrl.delQueryParam("credentials");
513 curlUrl.delQueryParam("head_requests");
517 TransferSettings & MediaCurl::settings()
523 void MediaCurl::setCookieFile( const Pathname &fileName )
525 _cookieFile = fileName;
528 ///////////////////////////////////////////////////////////////////
530 void MediaCurl::checkProtocol(const Url &url) const
532 curl_version_info_data *curl_info = NULL;
533 curl_info = curl_version_info(CURLVERSION_NOW);
534 // curl_info does not need any free (is static)
535 if (curl_info->protocols)
537 const char * const *proto;
538 std::string scheme( url.getScheme());
540 for(proto=curl_info->protocols; !found && *proto; ++proto)
542 if( scheme == std::string((const char *)*proto))
547 std::string msg("Unsupported protocol '");
550 ZYPP_THROW(MediaBadUrlException(_url, msg));
555 void MediaCurl::setupEasy()
558 char *ptr = getenv("ZYPP_MEDIA_CURL_DEBUG");
559 _curlDebug = (ptr && *ptr) ? str::strtonum<long>( ptr) : 0L;
562 curl_easy_setopt( _curl, CURLOPT_VERBOSE, 1L);
563 curl_easy_setopt( _curl, CURLOPT_DEBUGFUNCTION, log_curl);
564 curl_easy_setopt( _curl, CURLOPT_DEBUGDATA, &_curlDebug);
568 curl_easy_setopt(_curl, CURLOPT_HEADERFUNCTION, log_redirects_curl);
569 CURLcode ret = curl_easy_setopt( _curl, CURLOPT_ERRORBUFFER, _curlError );
571 ZYPP_THROW(MediaCurlSetOptException(_url, "Error setting error buffer"));
574 SET_OPTION(CURLOPT_FAILONERROR, 1L);
575 SET_OPTION(CURLOPT_NOSIGNAL, 1L);
577 // create non persistant settings
578 // so that we don't add headers twice
579 TransferSettings vol_settings(_settings);
581 // add custom headers for download.opensuse.org (bsc#955801)
582 if ( _url.getHost() == "download.opensuse.org" )
584 vol_settings.addHeader(anonymousIdHeader());
585 vol_settings.addHeader(distributionFlavorHeader());
587 vol_settings.addHeader("Pragma:");
589 _settings.setTimeout(ZConfig::instance().download_transfer_timeout());
590 _settings.setConnectTimeout(CONNECT_TIMEOUT);
592 _settings.setUserAgentString(agentString());
594 // fill some settings from url query parameters
597 fillSettingsFromUrl(_url, _settings);
599 catch ( const MediaException &e )
604 // if the proxy was not set (or explicitly unset) by url, then look...
605 if ( _settings.proxy().empty() )
607 // ...at the system proxy settings
608 fillSettingsSystemProxy(_url, _settings);
614 SET_OPTION(CURLOPT_CONNECTTIMEOUT, _settings.connectTimeout());
615 // If a transfer timeout is set, also set CURLOPT_TIMEOUT to an upper limit
616 // just in case curl does not trigger its progress callback frequently
618 if ( _settings.timeout() )
620 SET_OPTION(CURLOPT_TIMEOUT, 3600L);
623 // follow any Location: header that the server sends as part of
624 // an HTTP header (#113275)
625 SET_OPTION(CURLOPT_FOLLOWLOCATION, 1L);
626 // 3 redirects seem to be too few in some cases (bnc #465532)
627 SET_OPTION(CURLOPT_MAXREDIRS, 6L);
629 if ( _url.getScheme() == "https" )
631 #if CURLVERSION_AT_LEAST(7,19,4)
632 // restrict following of redirections from https to https only
633 SET_OPTION( CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS );
636 if( _settings.verifyPeerEnabled() ||
637 _settings.verifyHostEnabled() )
639 SET_OPTION(CURLOPT_CAPATH, _settings.certificateAuthoritiesPath().c_str());
642 if( ! _settings.clientCertificatePath().empty() )
644 SET_OPTION(CURLOPT_SSLCERT, _settings.clientCertificatePath().c_str());
646 if( ! _settings.clientKeyPath().empty() )
648 SET_OPTION(CURLOPT_SSLKEY, _settings.clientKeyPath().c_str());
651 #ifdef CURLSSLOPT_ALLOW_BEAST
653 ret = curl_easy_setopt( _curl, CURLOPT_SSL_OPTIONS, CURLSSLOPT_ALLOW_BEAST );
656 ZYPP_THROW(MediaCurlSetOptException(_url, _curlError));
659 SET_OPTION(CURLOPT_SSL_VERIFYPEER, _settings.verifyPeerEnabled() ? 1L : 0L);
660 SET_OPTION(CURLOPT_SSL_VERIFYHOST, _settings.verifyHostEnabled() ? 2L : 0L);
661 // bnc#903405 - POODLE: libzypp should only talk TLS
662 SET_OPTION(CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
665 SET_OPTION(CURLOPT_USERAGENT, _settings.userAgentString().c_str() );
667 /*---------------------------------------------------------------*
668 CURLOPT_USERPWD: [user name]:[password]
670 Url::username/password -> CURLOPT_USERPWD
671 If not provided, anonymous FTP identification
672 *---------------------------------------------------------------*/
674 if ( _settings.userPassword().size() )
676 SET_OPTION(CURLOPT_USERPWD, _settings.userPassword().c_str());
677 string use_auth = _settings.authType();
678 if (use_auth.empty())
679 use_auth = "digest,basic"; // our default
680 long auth = CurlAuthData::auth_type_str2long(use_auth);
681 if( auth != CURLAUTH_NONE)
683 DBG << "Enabling HTTP authentication methods: " << use_auth
684 << " (CURLOPT_HTTPAUTH=" << auth << ")" << std::endl;
685 SET_OPTION(CURLOPT_HTTPAUTH, auth);
689 if ( _settings.proxyEnabled() && ! _settings.proxy().empty() )
691 DBG << "Proxy: '" << _settings.proxy() << "'" << endl;
692 SET_OPTION(CURLOPT_PROXY, _settings.proxy().c_str());
693 SET_OPTION(CURLOPT_PROXYAUTH, CURLAUTH_BASIC|CURLAUTH_DIGEST|CURLAUTH_NTLM );
694 /*---------------------------------------------------------------*
695 * CURLOPT_PROXYUSERPWD: [user name]:[password]
697 * Url::option(proxyuser and proxypassword) -> CURLOPT_PROXYUSERPWD
698 * If not provided, $HOME/.curlrc is evaluated
699 *---------------------------------------------------------------*/
701 string proxyuserpwd = _settings.proxyUserPassword();
703 if ( proxyuserpwd.empty() )
706 CurlConfig::parseConfig(curlconf); // parse ~/.curlrc
707 if ( curlconf.proxyuserpwd.empty() )
708 DBG << "Proxy: ~/.curlrc does not contain the proxy-user option" << endl;
711 proxyuserpwd = curlconf.proxyuserpwd;
712 DBG << "Proxy: using proxy-user from ~/.curlrc" << endl;
717 DBG << "Proxy: using provided proxy-user '" << _settings.proxyUsername() << "'" << endl;
720 if ( ! proxyuserpwd.empty() )
722 SET_OPTION(CURLOPT_PROXYUSERPWD, unEscape( proxyuserpwd ).c_str());
725 #if CURLVERSION_AT_LEAST(7,19,4)
726 else if ( _settings.proxy() == EXPLICITLY_NO_PROXY )
728 // Explicitly disabled in URL (see fillSettingsFromUrl()).
729 // This should also prevent libcurl from looking into the environment.
730 DBG << "Proxy: explicitly NOPROXY" << endl;
731 SET_OPTION(CURLOPT_NOPROXY, "*");
736 DBG << "Proxy: not explicitly set" << endl;
737 DBG << "Proxy: libcurl may look into the environment" << endl;
741 if ( _settings.minDownloadSpeed() != 0 )
743 SET_OPTION(CURLOPT_LOW_SPEED_LIMIT, _settings.minDownloadSpeed());
744 // default to 10 seconds at low speed
745 SET_OPTION(CURLOPT_LOW_SPEED_TIME, 60L);
748 #if CURLVERSION_AT_LEAST(7,15,5)
749 if ( _settings.maxDownloadSpeed() != 0 )
750 SET_OPTION_OFFT(CURLOPT_MAX_RECV_SPEED_LARGE, _settings.maxDownloadSpeed());
753 /*---------------------------------------------------------------*
754 *---------------------------------------------------------------*/
756 _currentCookieFile = _cookieFile.asString();
757 if ( str::strToBool( _url.getQueryParam( "cookies" ), true ) )
758 SET_OPTION(CURLOPT_COOKIEFILE, _currentCookieFile.c_str() );
760 MIL << "No cookies requested" << endl;
761 SET_OPTION(CURLOPT_COOKIEJAR, _currentCookieFile.c_str() );
762 SET_OPTION(CURLOPT_PROGRESSFUNCTION, &progressCallback );
763 SET_OPTION(CURLOPT_NOPROGRESS, 0L);
765 #if CURLVERSION_AT_LEAST(7,18,0)
767 SET_OPTION(CURLOPT_PROXY_TRANSFER_MODE, 1L );
769 // append settings custom headers to curl
770 for ( TransferSettings::Headers::const_iterator it = vol_settings.headersBegin();
771 it != vol_settings.headersEnd();
774 // MIL << "HEADER " << *it << std::endl;
776 _customHeaders = curl_slist_append(_customHeaders, it->c_str());
777 if ( !_customHeaders )
778 ZYPP_THROW(MediaCurlInitException(_url));
781 SET_OPTION(CURLOPT_HTTPHEADER, _customHeaders);
784 ///////////////////////////////////////////////////////////////////
787 void MediaCurl::attachTo (bool next)
790 ZYPP_THROW(MediaNotSupportedException(_url));
792 if ( !_url.isValid() )
793 ZYPP_THROW(MediaBadUrlException(_url));
796 if( !isUseableAttachPoint(attachPoint()))
798 std::string mountpoint = createAttachPoint().asString();
800 if( mountpoint.empty())
801 ZYPP_THROW( MediaBadAttachPointException(url()));
803 setAttachPoint( mountpoint, true);
806 disconnectFrom(); // clean _curl if needed
807 _curl = curl_easy_init();
809 ZYPP_THROW(MediaCurlInitException(_url));
815 catch (Exception & ex)
821 // FIXME: need a derived class to propelly compare url's
822 MediaSourceRef media( new MediaSource(_url.getScheme(), _url.asString()));
823 setMediaSource(media);
827 MediaCurl::checkAttachPoint(const Pathname &apoint) const
829 return MediaHandler::checkAttachPoint( apoint, true, true);
832 ///////////////////////////////////////////////////////////////////
834 void MediaCurl::disconnectFrom()
836 if ( _customHeaders )
838 curl_slist_free_all(_customHeaders);
844 curl_easy_cleanup( _curl );
849 ///////////////////////////////////////////////////////////////////
851 void MediaCurl::releaseFrom( const std::string & ejectDev )
856 Url MediaCurl::getFileUrl( const Pathname & filename_r ) const
858 // Simply extend the URLs pathname. An 'absolute' URL path
859 // is achieved by encoding the leading '/' in an URL path:
860 // URL: ftp://user@server -> ~user
861 // URL: ftp://user@server/ -> ~user
862 // URL: ftp://user@server// -> ~user
863 // URL: ftp://user@server/%2F -> /
864 // ^- this '/' is just a separator
866 newurl.setPathName( ( Pathname("./"+_url.getPathName()) / filename_r ).asString().substr(1) );
870 ///////////////////////////////////////////////////////////////////
872 void MediaCurl::getFile( const Pathname & filename ) const
874 // Use absolute file name to prevent access of files outside of the
875 // hierarchy below the attach point.
876 getFileCopy(filename, localPath(filename).absolutename());
879 ///////////////////////////////////////////////////////////////////
881 void MediaCurl::getFileCopy( const Pathname & filename , const Pathname & target) const
883 callback::SendReport<DownloadProgressReport> report;
885 Url fileurl(getFileUrl(filename));
893 doGetFileCopy(filename, target, report);
896 // retry with proper authentication data
897 catch (MediaUnauthorizedException & ex_r)
899 if(authenticate(ex_r.hint(), !retry))
903 report->finish(fileurl, zypp::media::DownloadProgressReport::ACCESS_DENIED, ex_r.asUserHistory());
907 // unexpected exception
908 catch (MediaException & excpt_r)
910 // FIXME: error number fix
911 report->finish(fileurl, zypp::media::DownloadProgressReport::ERROR, excpt_r.asUserHistory());
912 ZYPP_RETHROW(excpt_r);
917 report->finish(fileurl, zypp::media::DownloadProgressReport::NO_ERROR, "");
920 ///////////////////////////////////////////////////////////////////
922 bool MediaCurl::getDoesFileExist( const Pathname & filename ) const
930 return doGetDoesFileExist( filename );
932 // authentication problem, retry with proper authentication data
933 catch (MediaUnauthorizedException & ex_r)
935 if(authenticate(ex_r.hint(), !retry))
940 // unexpected exception
941 catch (MediaException & excpt_r)
943 ZYPP_RETHROW(excpt_r);
951 ///////////////////////////////////////////////////////////////////
953 void MediaCurl::evaluateCurlCode( const Pathname &filename,
955 bool timeout_reached ) const
960 if (filename.empty())
963 url = getFileUrl(filename);
969 case CURLE_UNSUPPORTED_PROTOCOL:
970 case CURLE_URL_MALFORMAT:
971 case CURLE_URL_MALFORMAT_USER:
974 case CURLE_LOGIN_DENIED:
976 MediaUnauthorizedException(url, "Login failed.", _curlError, ""));
978 case CURLE_HTTP_RETURNED_ERROR:
980 long httpReturnCode = 0;
981 CURLcode infoRet = curl_easy_getinfo( _curl,
982 CURLINFO_RESPONSE_CODE,
984 if ( infoRet == CURLE_OK )
986 string msg = "HTTP response: " + str::numstring( httpReturnCode );
987 switch ( httpReturnCode )
991 string auth_hint = getAuthHint();
993 DBG << msg << " Login failed (URL: " << url.asString() << ")" << std::endl;
994 DBG << "MediaUnauthorizedException auth hint: '" << auth_hint << "'" << std::endl;
996 ZYPP_THROW(MediaUnauthorizedException(
997 url, "Login failed.", _curlError, auth_hint
1001 case 503: // service temporarily unavailable (bnc #462545)
1002 ZYPP_THROW(MediaTemporaryProblemException(url));
1003 case 504: // gateway timeout
1004 ZYPP_THROW(MediaTimeoutException(url));
1008 if (url.asString().find("novell.com") != string::npos)
1009 msg403 = _("Visit the Novell Customer Center to check whether your registration is valid and has not expired.");
1010 ZYPP_THROW(MediaForbiddenException(url, msg403));
1013 ZYPP_THROW(MediaFileNotFoundException(_url, filename));
1016 DBG << msg << " (URL: " << url.asString() << ")" << std::endl;
1017 ZYPP_THROW(MediaCurlException(url, msg, _curlError));
1021 string msg = "Unable to retrieve HTTP response:";
1022 DBG << msg << " (URL: " << url.asString() << ")" << std::endl;
1023 ZYPP_THROW(MediaCurlException(url, msg, _curlError));
1027 case CURLE_FTP_COULDNT_RETR_FILE:
1028 #if CURLVERSION_AT_LEAST(7,16,0)
1029 case CURLE_REMOTE_FILE_NOT_FOUND:
1031 case CURLE_FTP_ACCESS_DENIED:
1032 case CURLE_TFTP_NOTFOUND:
1033 err = "File not found";
1034 ZYPP_THROW(MediaFileNotFoundException(_url, filename));
1036 case CURLE_BAD_PASSWORD_ENTERED:
1037 case CURLE_FTP_USER_PASSWORD_INCORRECT:
1038 err = "Login failed";
1040 case CURLE_COULDNT_RESOLVE_PROXY:
1041 case CURLE_COULDNT_RESOLVE_HOST:
1042 case CURLE_COULDNT_CONNECT:
1043 case CURLE_FTP_CANT_GET_HOST:
1044 err = "Connection failed";
1046 case CURLE_WRITE_ERROR:
1047 err = "Write error";
1049 case CURLE_PARTIAL_FILE:
1050 case CURLE_OPERATION_TIMEDOUT:
1051 timeout_reached = true; // fall though to TimeoutException
1053 case CURLE_ABORTED_BY_CALLBACK:
1054 if( timeout_reached )
1056 err = "Timeout reached";
1057 ZYPP_THROW(MediaTimeoutException(url));
1064 case CURLE_SSL_PEER_CERTIFICATE:
1066 err = "Unrecognized error";
1070 // uhm, no 0 code but unknown curl exception
1071 ZYPP_THROW(MediaCurlException(url, err, _curlError));
1073 catch (const MediaException & excpt_r)
1075 ZYPP_RETHROW(excpt_r);
1080 // actually the code is 0, nothing happened
1084 ///////////////////////////////////////////////////////////////////
1086 bool MediaCurl::doGetDoesFileExist( const Pathname & filename ) const
1088 DBG << filename.asString() << endl;
1091 ZYPP_THROW(MediaBadUrlException(_url));
1093 if(_url.getHost().empty())
1094 ZYPP_THROW(MediaBadUrlEmptyHostException(_url));
1096 Url url(getFileUrl(filename));
1098 DBG << "URL: " << url.asString() << endl;
1099 // Use URL without options and without username and passwd
1100 // (some proxies dislike them in the URL).
1101 // Curl seems to need the just scheme, hostname and a path;
1102 // the rest was already passed as curl options (in attachTo).
1103 Url curlUrl( clearQueryString(url) );
1106 // See also Bug #154197 and ftp url definition in RFC 1738:
1107 // The url "ftp://user@host/foo/bar/file" contains a path,
1108 // that is relative to the user's home.
1109 // The url "ftp://user@host//foo/bar/file" (or also with
1110 // encoded slash as %2f) "ftp://user@host/%2ffoo/bar/file"
1111 // contains an absolute path.
1113 string urlBuffer( curlUrl.asString());
1114 CURLcode ret = curl_easy_setopt( _curl, CURLOPT_URL,
1115 urlBuffer.c_str() );
1117 ZYPP_THROW(MediaCurlSetOptException(url, _curlError));
1120 // instead of returning no data with NOBODY, we return
1121 // little data, that works with broken servers, and
1122 // works for ftp as well, because retrieving only headers
1123 // ftp will return always OK code ?
1124 // See http://curl.haxx.se/docs/knownbugs.html #58
1125 if ( (_url.getScheme() == "http" || _url.getScheme() == "https") &&
1126 _settings.headRequestsAllowed() )
1127 ret = curl_easy_setopt( _curl, CURLOPT_NOBODY, 1L );
1129 ret = curl_easy_setopt( _curl, CURLOPT_RANGE, "0-1" );
1132 curl_easy_setopt( _curl, CURLOPT_NOBODY, 0L);
1133 curl_easy_setopt( _curl, CURLOPT_RANGE, NULL );
1134 /* yes, this is why we never got to get NOBODY working before,
1135 because setting it changes this option too, and we also
1137 See: http://curl.haxx.se/mail/archive-2005-07/0073.html
1139 curl_easy_setopt( _curl, CURLOPT_HTTPGET, 1L );
1140 ZYPP_THROW(MediaCurlSetOptException(url, _curlError));
1143 FILE *file = ::fopen( "/dev/null", "w" );
1145 ERR << "fopen failed for /dev/null" << endl;
1146 curl_easy_setopt( _curl, CURLOPT_NOBODY, 0L);
1147 curl_easy_setopt( _curl, CURLOPT_RANGE, NULL );
1148 /* yes, this is why we never got to get NOBODY working before,
1149 because setting it changes this option too, and we also
1151 See: http://curl.haxx.se/mail/archive-2005-07/0073.html
1153 curl_easy_setopt( _curl, CURLOPT_HTTPGET, 1L );
1155 ZYPP_THROW(MediaCurlSetOptException(url, _curlError));
1157 ZYPP_THROW(MediaWriteException("/dev/null"));
1160 ret = curl_easy_setopt( _curl, CURLOPT_WRITEDATA, file );
1163 std::string err( _curlError);
1164 curl_easy_setopt( _curl, CURLOPT_RANGE, NULL );
1165 curl_easy_setopt( _curl, CURLOPT_NOBODY, 0L);
1166 /* yes, this is why we never got to get NOBODY working before,
1167 because setting it changes this option too, and we also
1169 See: http://curl.haxx.se/mail/archive-2005-07/0073.html
1171 curl_easy_setopt( _curl, CURLOPT_HTTPGET, 1L );
1173 ZYPP_THROW(MediaCurlSetOptException(url, _curlError));
1175 ZYPP_THROW(MediaCurlSetOptException(url, err));
1178 CURLcode ok = curl_easy_perform( _curl );
1179 MIL << "perform code: " << ok << " [ " << curl_easy_strerror(ok) << " ]" << endl;
1181 // reset curl settings
1182 if ( _url.getScheme() == "http" || _url.getScheme() == "https" )
1184 curl_easy_setopt( _curl, CURLOPT_NOBODY, 0L);
1186 ZYPP_THROW(MediaCurlSetOptException(url, _curlError));
1189 /* yes, this is why we never got to get NOBODY working before,
1190 because setting it changes this option too, and we also
1192 See: http://curl.haxx.se/mail/archive-2005-07/0073.html
1194 curl_easy_setopt( _curl, CURLOPT_HTTPGET, 1L);
1196 ZYPP_THROW(MediaCurlSetOptException(url, _curlError));
1202 // for FTP we set different options
1203 curl_easy_setopt( _curl, CURLOPT_RANGE, NULL);
1205 ZYPP_THROW(MediaCurlSetOptException(url, _curlError));
1209 // if the code is not zero, close the file
1213 // as we are not having user interaction, the user can't cancel
1214 // the file existence checking, a callback or timeout return code
1215 // will be always a timeout.
1217 evaluateCurlCode( filename, ok, true /* timeout */);
1219 catch ( const MediaFileNotFoundException &e ) {
1220 // if the file did not exist then we can return false
1223 catch ( const MediaException &e ) {
1224 // some error, we are not sure about file existence, rethrw
1228 return ( ok == CURLE_OK );
1231 ///////////////////////////////////////////////////////////////////
1234 #if DETECT_DIR_INDEX
1235 bool MediaCurl::detectDirIndex() const
1237 if(_url.getScheme() != "http" && _url.getScheme() != "https")
1240 // try to check the effective url and set the not_a_file flag
1241 // if the url path ends with a "/", what usually means, that
1242 // we've received a directory index (index.html content).
1244 // Note: This may be dangerous and break file retrieving in
1245 // case of some server redirections ... ?
1247 bool not_a_file = false;
1249 CURLcode ret = curl_easy_getinfo( _curl,
1250 CURLINFO_EFFECTIVE_URL,
1252 if ( ret == CURLE_OK && ptr != NULL)
1257 std::string path( eurl.getPathName());
1258 if( !path.empty() && path != "/" && *path.rbegin() == '/')
1260 DBG << "Effective url ("
1262 << ") seems to provide the index of a directory"
1274 ///////////////////////////////////////////////////////////////////
1276 void MediaCurl::doGetFileCopy( const Pathname & filename , const Pathname & target, callback::SendReport<DownloadProgressReport> & report, RequestOptions options ) const
1278 Pathname dest = target.absolutename();
1279 if( assert_dir( dest.dirname() ) )
1281 DBG << "assert_dir " << dest.dirname() << " failed" << endl;
1282 Url url(getFileUrl(filename));
1283 ZYPP_THROW( MediaSystemException(url, "System error on " + dest.dirname().asString()) );
1285 string destNew = target.asString() + ".new.zypp.XXXXXX";
1286 char *buf = ::strdup( destNew.c_str());
1289 ERR << "out of memory for temp file name" << endl;
1290 Url url(getFileUrl(filename));
1291 ZYPP_THROW(MediaSystemException(url, "out of memory for temp file name"));
1294 int tmp_fd = ::mkostemp( buf, O_CLOEXEC );
1298 ERR << "mkstemp failed for file '" << destNew << "'" << endl;
1299 ZYPP_THROW(MediaWriteException(destNew));
1304 FILE *file = ::fdopen( tmp_fd, "we" );
1307 filesystem::unlink( destNew );
1308 ERR << "fopen failed for file '" << destNew << "'" << endl;
1309 ZYPP_THROW(MediaWriteException(destNew));
1312 DBG << "dest: " << dest << endl;
1313 DBG << "temp: " << destNew << endl;
1315 // set IFMODSINCE time condition (no download if not modified)
1316 if( PathInfo(target).isExist() && !(options & OPTION_NO_IFMODSINCE) )
1318 curl_easy_setopt(_curl, CURLOPT_TIMECONDITION, CURL_TIMECOND_IFMODSINCE);
1319 curl_easy_setopt(_curl, CURLOPT_TIMEVALUE, (long)PathInfo(target).mtime());
1323 curl_easy_setopt(_curl, CURLOPT_TIMECONDITION, CURL_TIMECOND_NONE);
1324 curl_easy_setopt(_curl, CURLOPT_TIMEVALUE, 0L);
1328 doGetFileCopyFile(filename, dest, file, report, options);
1330 catch (Exception &e)
1333 filesystem::unlink( destNew );
1334 curl_easy_setopt(_curl, CURLOPT_TIMECONDITION, CURL_TIMECOND_NONE);
1335 curl_easy_setopt(_curl, CURLOPT_TIMEVALUE, 0L);
1339 long httpReturnCode = 0;
1340 CURLcode infoRet = curl_easy_getinfo(_curl,
1341 CURLINFO_RESPONSE_CODE,
1343 bool modified = true;
1344 if (infoRet == CURLE_OK)
1346 DBG << "HTTP response: " + str::numstring(httpReturnCode);
1347 if ( httpReturnCode == 304
1348 || ( httpReturnCode == 213 && (_url.getScheme() == "ftp" || _url.getScheme() == "tftp") ) ) // not modified
1350 DBG << " Not modified.";
1357 WAR << "Could not get the reponse code." << endl;
1360 if (modified || infoRet != CURLE_OK)
1363 if ( ::fchmod( ::fileno(file), filesystem::applyUmaskTo( 0644 ) ) )
1365 ERR << "Failed to chmod file " << destNew << endl;
1367 if (::fclose( file ))
1369 ERR << "Fclose failed for file '" << destNew << "'" << endl;
1370 ZYPP_THROW(MediaWriteException(destNew));
1372 // move the temp file into dest
1373 if ( rename( destNew, dest ) != 0 ) {
1374 ERR << "Rename failed" << endl;
1375 ZYPP_THROW(MediaWriteException(dest));
1380 // close and remove the temp file
1382 filesystem::unlink( destNew );
1385 DBG << "done: " << PathInfo(dest) << endl;
1388 ///////////////////////////////////////////////////////////////////
1390 void MediaCurl::doGetFileCopyFile( const Pathname & filename , const Pathname & dest, FILE *file, callback::SendReport<DownloadProgressReport> & report, RequestOptions options ) const
1392 DBG << filename.asString() << endl;
1395 ZYPP_THROW(MediaBadUrlException(_url));
1397 if(_url.getHost().empty())
1398 ZYPP_THROW(MediaBadUrlEmptyHostException(_url));
1400 Url url(getFileUrl(filename));
1402 DBG << "URL: " << url.asString() << endl;
1403 // Use URL without options and without username and passwd
1404 // (some proxies dislike them in the URL).
1405 // Curl seems to need the just scheme, hostname and a path;
1406 // the rest was already passed as curl options (in attachTo).
1407 Url curlUrl( clearQueryString(url) );
1410 // See also Bug #154197 and ftp url definition in RFC 1738:
1411 // The url "ftp://user@host/foo/bar/file" contains a path,
1412 // that is relative to the user's home.
1413 // The url "ftp://user@host//foo/bar/file" (or also with
1414 // encoded slash as %2f) "ftp://user@host/%2ffoo/bar/file"
1415 // contains an absolute path.
1417 string urlBuffer( curlUrl.asString());
1418 CURLcode ret = curl_easy_setopt( _curl, CURLOPT_URL,
1419 urlBuffer.c_str() );
1421 ZYPP_THROW(MediaCurlSetOptException(url, _curlError));
1424 ret = curl_easy_setopt( _curl, CURLOPT_WRITEDATA, file );
1426 ZYPP_THROW(MediaCurlSetOptException(url, _curlError));
1429 // Set callback and perform.
1430 ProgressData progressData(_curl, _settings.timeout(), url, &report);
1431 if (!(options & OPTION_NO_REPORT_START))
1432 report->start(url, dest);
1433 if ( curl_easy_setopt( _curl, CURLOPT_PROGRESSDATA, &progressData ) != 0 ) {
1434 WAR << "Can't set CURLOPT_PROGRESSDATA: " << _curlError << endl;;
1437 ret = curl_easy_perform( _curl );
1438 #if CURLVERSION_AT_LEAST(7,19,4)
1439 // bnc#692260: If the client sends a request with an If-Modified-Since header
1440 // with a future date for the server, the server may respond 200 sending a
1442 // curl-7.19.4 introduces CURLINFO_CONDITION_UNMET to check this condition.
1443 if ( ftell(file) == 0 && ret == 0 )
1445 long httpReturnCode = 33;
1446 if ( curl_easy_getinfo( _curl, CURLINFO_RESPONSE_CODE, &httpReturnCode ) == CURLE_OK && httpReturnCode == 200 )
1448 long conditionUnmet = 33;
1449 if ( curl_easy_getinfo( _curl, CURLINFO_CONDITION_UNMET, &conditionUnmet ) == CURLE_OK && conditionUnmet )
1451 WAR << "TIMECONDITION unmet - retry without." << endl;
1452 curl_easy_setopt(_curl, CURLOPT_TIMECONDITION, CURL_TIMECOND_NONE);
1453 curl_easy_setopt(_curl, CURLOPT_TIMEVALUE, 0L);
1454 ret = curl_easy_perform( _curl );
1460 if ( curl_easy_setopt( _curl, CURLOPT_PROGRESSDATA, NULL ) != 0 ) {
1461 WAR << "Can't unset CURLOPT_PROGRESSDATA: " << _curlError << endl;;
1466 ERR << "curl error: " << ret << ": " << _curlError
1467 << ", temp file size " << ftell(file)
1468 << " bytes." << endl;
1470 // the timeout is determined by the progress data object
1471 // which holds whether the timeout was reached or not,
1472 // otherwise it would be a user cancel
1474 evaluateCurlCode( filename, ret, progressData.reached);
1476 catch ( const MediaException &e ) {
1477 // some error, we are not sure about file existence, rethrw
1482 #if DETECT_DIR_INDEX
1483 if (!ret && detectDirIndex())
1485 ZYPP_THROW(MediaNotAFileException(_url, filename));
1487 #endif // DETECT_DIR_INDEX
1490 ///////////////////////////////////////////////////////////////////
1492 void MediaCurl::getDir( const Pathname & dirname, bool recurse_r ) const
1494 filesystem::DirContent content;
1495 getDirInfo( content, dirname, /*dots*/false );
1497 for ( filesystem::DirContent::const_iterator it = content.begin(); it != content.end(); ++it ) {
1498 Pathname filename = dirname + it->name;
1501 switch ( it->type ) {
1502 case filesystem::FT_NOT_AVAIL: // old directory.yast contains no typeinfo at all
1503 case filesystem::FT_FILE:
1504 getFile( filename );
1506 case filesystem::FT_DIR: // newer directory.yast contain at least directory info
1508 getDir( filename, recurse_r );
1510 res = assert_dir( localPath( filename ) );
1512 WAR << "Ignore error (" << res << ") on creating local directory '" << localPath( filename ) << "'" << endl;
1517 // don't provide devices, sockets, etc.
1523 ///////////////////////////////////////////////////////////////////
1525 void MediaCurl::getDirInfo( std::list<std::string> & retlist,
1526 const Pathname & dirname, bool dots ) const
1528 getDirectoryYast( retlist, dirname, dots );
1531 ///////////////////////////////////////////////////////////////////
1533 void MediaCurl::getDirInfo( filesystem::DirContent & retlist,
1534 const Pathname & dirname, bool dots ) const
1536 getDirectoryYast( retlist, dirname, dots );
1539 ///////////////////////////////////////////////////////////////////
1541 int MediaCurl::progressCallback( void *clientp,
1542 double dltotal, double dlnow,
1543 double ultotal, double ulnow)
1545 ProgressData *pdata = reinterpret_cast<ProgressData *>(clientp);
1548 // work around curl bug that gives us old data
1549 long httpReturnCode = 0;
1550 if (curl_easy_getinfo(pdata->curl, CURLINFO_RESPONSE_CODE, &httpReturnCode) != CURLE_OK || httpReturnCode == 0)
1553 time_t now = time(NULL);
1556 // reset time of last change in case initial time()
1557 // failed or the time was adjusted (goes backward)
1558 if( pdata->ltime <= 0 || pdata->ltime > now)
1563 // start time counting as soon as first data arrives
1564 // (skip the connection / redirection time at begin)
1566 if (dlnow > 0 || ulnow > 0)
1568 dif = (now - pdata->ltime);
1569 dif = dif > 0 ? dif : 0;
1574 // update the drate_avg and drate_period only after a second has passed
1575 // (this callback is called much more often than a second)
1576 // otherwise the values would be far from accurate when measuring
1577 // the time in seconds
1578 //! \todo more accurate download rate computationn, e.g. compute average value from last 5 seconds, or work with milliseconds instead of seconds
1580 if ( pdata->secs > 1 && (dif > 0 || dlnow == dltotal ))
1581 pdata->drate_avg = (dlnow / pdata->secs);
1585 pdata->drate_period = ((dlnow - pdata->dload_period) / dif);
1586 pdata->dload_period = dlnow;
1590 // send progress report first, abort transfer if requested
1593 if (!(*(pdata->report))->progress(int( dltotal ? dlnow * 100 / dltotal : 0 ),
1596 pdata->drate_period))
1598 return 1; // abort transfer
1602 // check if we there is a timeout set
1603 if( pdata->timeout > 0)
1607 bool progress = false;
1609 // update download data if changed, mark progress
1610 if( dlnow != pdata->dload)
1613 pdata->dload = dlnow;
1616 // update upload data if changed, mark progress
1617 if( ulnow != pdata->uload)
1620 pdata->uload = ulnow;
1624 if( !progress && (now >= (pdata->ltime + pdata->timeout)))
1626 pdata->reached = true;
1627 return 1; // aborts transfer
1635 CURL *MediaCurl::progressCallback_getcurl( void *clientp )
1637 ProgressData *pdata = reinterpret_cast<ProgressData *>(clientp);
1638 return pdata ? pdata->curl : 0;
1641 ///////////////////////////////////////////////////////////////////
1643 string MediaCurl::getAuthHint() const
1645 long auth_info = CURLAUTH_NONE;
1648 curl_easy_getinfo(_curl, CURLINFO_HTTPAUTH_AVAIL, &auth_info);
1650 if(infoRet == CURLE_OK)
1652 return CurlAuthData::auth_type_long2str(auth_info);
1658 ///////////////////////////////////////////////////////////////////
1660 bool MediaCurl::authenticate(const string & availAuthTypes, bool firstTry) const
1662 //! \todo need a way to pass different CredManagerOptions here
1663 Target_Ptr target = zypp::getZYpp()->getTarget();
1664 CredentialManager cm(CredManagerOptions(target ? target->root() : ""));
1665 CurlAuthData_Ptr credentials;
1667 // get stored credentials
1668 AuthData_Ptr cmcred = cm.getCred(_url);
1670 if (cmcred && firstTry)
1672 credentials.reset(new CurlAuthData(*cmcred));
1673 DBG << "got stored credentials:" << endl << *credentials << endl;
1675 // if not found, ask user
1679 CurlAuthData_Ptr curlcred;
1680 curlcred.reset(new CurlAuthData());
1681 callback::SendReport<AuthenticationReport> auth_report;
1683 // preset the username if present in current url
1684 if (!_url.getUsername().empty() && firstTry)
1685 curlcred->setUsername(_url.getUsername());
1686 // if CM has found some credentials, preset the username from there
1688 curlcred->setUsername(cmcred->username());
1690 // indicate we have no good credentials from CM
1693 string prompt_msg = boost::str(boost::format(
1694 //!\todo add comma to the message for the next release
1695 _("Authentication required for '%s'")) % _url.asString());
1697 // set available authentication types from the exception
1698 // might be needed in prompt
1699 curlcred->setAuthType(availAuthTypes);
1702 if (auth_report->prompt(_url, prompt_msg, *curlcred))
1704 DBG << "callback answer: retry" << endl
1705 << "CurlAuthData: " << *curlcred << endl;
1707 if (curlcred->valid())
1709 credentials = curlcred;
1710 // if (credentials->username() != _url.getUsername())
1711 // _url.setUsername(credentials->username());
1713 * \todo find a way to save the url with changed username
1714 * back to repoinfo or dont store urls with username
1715 * (and either forbid more repos with the same url and different
1716 * user, or return a set of credentials from CM and try them one
1723 DBG << "callback answer: cancel" << endl;
1727 // set username and password
1730 // HACK, why is this const?
1731 const_cast<MediaCurl*>(this)->_settings.setUsername(credentials->username());
1732 const_cast<MediaCurl*>(this)->_settings.setPassword(credentials->password());
1734 // set username and password
1735 CURLcode ret = curl_easy_setopt(_curl, CURLOPT_USERPWD, _settings.userPassword().c_str());
1736 if ( ret != 0 ) ZYPP_THROW(MediaCurlSetOptException(_url, _curlError));
1738 // set available authentication types from the exception
1739 if (credentials->authType() == CURLAUTH_NONE)
1740 credentials->setAuthType(availAuthTypes);
1742 // set auth type (seems this must be set _after_ setting the userpwd)
1743 if (credentials->authType() != CURLAUTH_NONE)
1745 // FIXME: only overwrite if not empty?
1746 const_cast<MediaCurl*>(this)->_settings.setAuthType(credentials->authTypeAsString());
1747 ret = curl_easy_setopt(_curl, CURLOPT_HTTPAUTH, credentials->authType());
1748 if ( ret != 0 ) ZYPP_THROW(MediaCurlSetOptException(_url, _curlError));
1753 credentials->setUrl(_url);
1754 cm.addCred(*credentials);
1765 } // namespace media