[Aptitude-devel] Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https

David Kalnischkies david at kalnischkies.de
Thu Feb 13 21:07:37 UTC 2014


On Thu, Feb 13, 2014 at 07:52:38PM +0100, Julien Cristau wrote:
> On Thu, Feb 13, 2014 at 10:27:47 +0100, Raphael Geissert wrote:
> > On 13 February 2014 00:26, Julien Cristau <jcristau at debian.org> wrote:
> > [...]
> > > Seems to be an apt "feature".  After patching it out with
> > >
> > > diff --git a/methods/server.cc b/methods/server.cc
> > > index e12c23c..e07599c 100644
> > > --- a/methods/server.cc
> > > +++ b/methods/server.cc
> > > @@ -294,7 +294,7 @@ ServerMethod::DealWithHeaders(FetchResult &Res)
> > >           NextURI = DeQuoteString(Server->Location);
> > >           URI tmpURI = NextURI;
> > >           // Do not allow a redirection to switch protocol
> > > -         if (tmpURI.Access == "http")
> > > +         if (1 || tmpURI.Access == "http")
> > >              return TRY_AGAIN_OR_REDIRECT;
> > >        }
> > >        /* else pass through for error message */
> > 
> > Yes, that's intentional as you should really not switch between
> > protocols.
> 
> I'm afraid I don't understand where this comes from.  I don't think
> redirecting from http to https is all that unreasonable?

It isn't unreasonable by itself, but less than 1% of popcon users
have the https client installed, so it will usually not work.
(and as Raphael mentioned it was not possible at all until not too
 long, so this check is also a 'lets not change too much in one go')

I am working on it now that the code can switch the protocol (at least
from http to https, but not to other protocols). In this regard: I can't
reproduce the size mismatch error here, for me, it basically works out
of the box (at least while testing with our own aptwebserver).

Anyway: As said, basically nobody has the https method installed, so we
either have to force it on everyone or we need the service to continue
to provide the changelog over http for apts http client.
On the client side we could do a
if (https installed) get changelog via https uri else via http uri
then.
If so we should really get this code into libapt though as currently
apt and aptitude do their own thing in this regard…


Best regards

David Kalnischkies
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/aptitude-devel/attachments/20140213/d314380e/attachment.sig>


More information about the Aptitude-devel mailing list