Download raw body.
sysupgrade/ftp: use a 'needle' to poke through caching layers
Dear all,
If a HTTP caching layer is in use (either a proxy, or if you're fetching
via a CDN), ideally - the TTL for SHA256.sig is low (we all wants the
latest snapshots) and the TTL on the *.tgz files higher (if nothing
changed, serve up cached objects).
The below changeset could be a step towards making the best of any
potential caching layers and also getting fresh sets as soon as they
appear at the origin, while providing increased chances of consistency
between *.tgz files and the SHA256.sig. In other words, you don't want
to end up with a new SHA256.sig and old *.tgz files.
The trick is to append the SHA256 hash of the SHA256.sig file as query
string when fetching the set files. This 'needle' should prompt the
caching layer to do an origin fetch. New SHA256.sig file == new URLs for
the set files == new cache fill.
I also added a new -Q option to ftp(1) to visually hide the query string
so that things continue to look the same as they did before.
Thoughts?
Kind regards,
Job
Index: usr.sbin/sysupgrade/sysupgrade.sh
===================================================================
RCS file: /cvs/src/usr.sbin/sysupgrade/sysupgrade.sh,v
diff -u -p -r1.49 sysupgrade.sh
--- usr.sbin/sysupgrade/sysupgrade.sh 12 Oct 2023 12:31:15 -0000 1.49
+++ usr.sbin/sysupgrade/sysupgrade.sh 2 May 2024 13:30:20 -0000
@@ -149,6 +149,12 @@ esac
[[ -f ${SIGNIFY_KEY} ]] || err "cannot find ${SIGNIFY_KEY}"
unpriv -f SHA256 signify -Ve -p "${SIGNIFY_KEY}" -x SHA256.sig -m SHA256
+if [[ $MIRROR == @(http|https)://* ]] && $SNAP; then
+ _NEEDLE="?$(cksum -q -a sha256 SHA256.sig)"
+else
+ _NEEDLE=""
+fi
+
rm SHA256.sig
if cmp -s /var/db/installed.SHA256 SHA256 && ! $FORCE; then
@@ -174,7 +180,7 @@ done
[[ -n ${OLD_FILES} ]] && rm ${OLD_FILES}
for f in ${DL}; do
- unpriv -f $f ftp -N sysupgrade -Vmo ${f} ${URL}${f}
+ unpriv -f $f ftp -N sysupgrade -QVmo ${f} ${URL}${f}${_NEEDLE}
done
if [[ -n ${DL} ]]; then
Index: usr.bin/ftp/ftp.1
===================================================================
RCS file: /cvs/src/usr.bin/ftp/ftp.1,v
diff -u -p -r1.124 ftp.1
--- usr.bin/ftp/ftp.1 15 Sep 2022 12:47:10 -0000 1.124
+++ usr.bin/ftp/ftp.1 2 May 2024 13:30:20 -0000
@@ -38,7 +38,7 @@
.Nd Internet file transfer program
.Sh SYNOPSIS
.Nm ftp
-.Op Fl 46AadEegiMmnptVv
+.Op Fl 46AadEegiMmnpQtVv
.Op Fl D Ar title
.Op Fl k Ar seconds
.Op Fl P Ar port
@@ -228,6 +228,10 @@ This option has been deprecated as
.Nm
now tries to use passive mode by default, falling back to active mode
if the server does not support passive connections.
+.It Fl Q
+Cause
+.Nm
+to not display any HTTP query strings in the progress bar.
.It Fl r Ar seconds
Retry to connect if failed, pausing for number of
.Ar seconds .
Index: usr.bin/ftp/ftp_var.h
===================================================================
RCS file: /cvs/src/usr.bin/ftp/ftp_var.h,v
diff -u -p -r1.46 ftp_var.h
--- usr.bin/ftp/ftp_var.h 2 Feb 2021 12:58:42 -0000 1.46
+++ usr.bin/ftp/ftp_var.h 2 May 2024 13:30:20 -0000
@@ -148,6 +148,7 @@ extern unsigned int retry_connect; /* re
extern int ttywidth; /* width of tty */
extern int epsv4; /* use EPSV/EPRT on IPv4 connections */
extern int epsv4bad; /* EPSV doesn't work on the current server */
+extern int clipqs; /* clip query string when showing progress */
#ifndef SMALL
extern int editing; /* command line editing enabled */
Index: usr.bin/ftp/main.c
===================================================================
RCS file: /cvs/src/usr.bin/ftp/main.c,v
diff -u -p -r1.146 main.c
--- usr.bin/ftp/main.c 23 Dec 2023 23:03:00 -0000 1.146
+++ usr.bin/ftp/main.c 2 May 2024 13:30:20 -0000
@@ -108,6 +108,7 @@ int ntflag;
int mapflag;
int preserve;
int progress;
+int clipqs;
int code;
int crflag;
char pasv[BUFSIZ];
@@ -354,6 +355,7 @@ main(volatile int argc, char *argv[])
mark = HASHBYTES;
epsv4 = 1;
epsv4bad = 0;
+ clipqs = 0;
/* Set default operation mode based on FTPMODE environment variable */
if ((cp = getenv("FTPMODE")) != NULL && *cp != '\0') {
@@ -420,7 +422,7 @@ main(volatile int argc, char *argv[])
httpuseragent = NULL;
while ((ch = getopt(argc, argv,
- "46AaCc:dD:EeN:gik:Mmno:pP:r:S:s:TtU:uvVw:")) != -1) {
+ "46AaCc:dD:EeN:gik:Mmno:pP:Qr:S:s:TtU:uvVw:")) != -1) {
switch (ch) {
case '4':
family = PF_INET;
@@ -514,7 +516,9 @@ main(volatile int argc, char *argv[])
case 'P':
ftpport = optarg;
break;
-
+ case 'Q':
+ clipqs = 1;
+ break;
case 'r':
retry_connect = strtonum(optarg, 0, INT_MAX, &errstr);
if (errstr != NULL) {
@@ -1064,7 +1068,7 @@ usage(void)
{
fprintf(stderr, "usage: "
#ifndef SMALL
- "ftp [-46AadEegiMmnptVv] [-D title] [-k seconds] [-P port] "
+ "ftp [-46AadEegiMmnpQtVv] [-D title] [-k seconds] [-P port] "
"[-r seconds]\n"
" [-s sourceaddr] [host [port]]\n"
" ftp [-C] [-N name] [-o output] [-s sourceaddr]\n"
Index: usr.bin/ftp/util.c
===================================================================
RCS file: /cvs/src/usr.bin/ftp/util.c,v
diff -u -p -r1.98 util.c
--- usr.bin/ftp/util.c 8 Mar 2023 04:43:11 -0000 1.98
+++ usr.bin/ftp/util.c 2 May 2024 13:30:20 -0000
@@ -786,6 +786,8 @@ progressmeter(int flag, const char *file
free(title);
title = strdup(filename);
}
+ if (clipqs)
+ title[strcspn(title, "?")] = '\0';
free(filenamebuf);
}
sysupgrade/ftp: use a 'needle' to poke through caching layers