Your message dated Wed, 08 May 2013 17:03:09 +0000 with message-id <E1Ua7ll-0005Ur-9b@franck.debian.org> and subject line Bug#705648: fixed in apt 0.9.8 has caused the Debian Bug report #705648, regarding if-modfied-since undhandled case causes apt lists corruption to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 705648: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705648 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: if-modfied-since undhandled case causes apt lists corruption
- From: Ludovico Cavedon <cavedon@debian.org>
- Date: Wed, 17 Apr 2013 18:11:46 -0700
- Message-id: <CAEK95GEcEXUKEgkAhjmVx744ddUVe8VR4=4oBbQifqYceyrdTA@mail.gmail.com>
Package: apt-transport-https Version: 0.8.16~exp12 Tags: patch When using an https repository, apt will use libcurl to download files, setting the If-Modified-Since herder in the http request. If the server replies with a 200 OK but a Last-Modified header with a date that is not newer that the requested If-Modified-Since, libcurl drop the file, reporting an errorcode 200, but the actual downloaded file will be empty. Causing messages like W: Size of file /var/lib/apt/lists/partial/repo.server.com_dists_precise_main_binary-amd64_Packages is not what the server reported 0 25118 See the attached patch that fixes the issue. Apt needs to check the CURLINFO_CONDITION_UNMET to know if libcurl discarded the payload. Also TotalSize will get updated to the actual size of the file as progress_callback will be called with the download size even in the case libcurl decides to discard the payload. This will cause the check for the size to fail. In my patch I just disable the check if the actual size of the file is 0. Probably a better way would be adding a new header is the message from the worker stating that the file was discarded. The cases why the http server would give this kind of response are, e.g. 1) if-modified-since used like a etag header http://trac.nginx.org/nginx/ticket/93 (under this light, it might makes sense to avoid using the CURLOPT_TIMECONDITION feature and handle If-Modified-SInce as an Etag) 2) a bug in apt-cacher-ng which sometimes returns 200 OK with a Last-Modified equal to Last-Modified (about to be reported) This bug is present at least as far back as version 0.8.16~exp12 and still affects the latest in experimental (0.9.7.9~exp3). The attached patch is for 0.9.7.9~exp3. Cheers, LudovicoAttachment: check-time-condition.patch
Description: Binary data
--- End Message ---
--- Begin Message ---
- To: 705648-close@bugs.debian.org
- Subject: Bug#705648: fixed in apt 0.9.8
- From: Michael Vogt <mvo@debian.org>
- Date: Wed, 08 May 2013 17:03:09 +0000
- Message-id: <E1Ua7ll-0005Ur-9b@franck.debian.org>
Source: apt Source-Version: 0.9.8 We believe that the bug you reported is fixed in the latest version of apt, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 705648@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Vogt <mvo@debian.org> (supplier of updated apt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 08 May 2013 18:43:28 +0200 Source: apt Binary: apt libapt-pkg4.12 libapt-inst1.5 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https Architecture: source all amd64 Version: 0.9.8 Distribution: unstable Urgency: low Maintainer: APT Development Team <deity@lists.debian.org> Changed-By: Michael Vogt <mvo@debian.org> Description: apt - commandline package manager apt-doc - documentation for APT apt-transport-https - https download transport for APT apt-utils - package managment related utility programs libapt-inst1.5 - deb package format runtime library libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst libapt-pkg-doc - documentation for APT development libapt-pkg4.12 - package managment runtime library Closes: 154868 322074 620344 651640 699759 704653 704723 705087 705648 Changes: apt (0.9.8) unstable; urgency=low . [ Ludovico Cavedon ] * properly handle if-modfied-since with libcurl/https (closes: #705648) . [ Andreas Beckman ] * apt-pkg/algorithms.cc: - Do not propagate negative scores from rdepends. Propagating the absolute value of a negative score may boost obsolete packages and keep them installed instead of installing their successors. (Closes: #699759) . [ Michael Vogt ] * apt-pkg/sourcelist.cc: - fix segfault when a hostname contains a [, thanks to Tzafrir Cohen (closes: #704653) * debian/control: - replace manpages-it (closes: #704723) . [ David Kalnischkies ] * various simple changes to fix cppcheck warnings * apt-pkg/pkgcachegen.cc: - do not store the MD5Sum for every description language variant as it will be the same for all so it can be shared to save cache space - handle language tags for descriptions are unique strings to be shared - factor version string creation out of NewDepends, so we can easily reuse version strings e.g. for implicit multi-arch dependencies - equal comparisions are used mostly in same-source relations, so use this to try to reuse some version strings - sort group and package names in the hashtable on insert - share version strings between same versions (of different architectures) to save some space and allow quick comparisions later on * apt-pkg/pkgcache.cc: - assume sorted hashtable entries for groups/packages * apt-pkg/cacheiterators.h: - provide DepIterator::IsSatisfied as a nicer shorthand for DepCheck * apt-pkg/deb/debversion.cc: - add a string-equal shortcut for equal version comparisions . [ Marc Deslauriers ] * make apt-ftparchive generate missing deb-src hashes (LP: #1078697) . [ Yaroslav Halchenko ] * Fix English spelling error in a message ('A error'). Unfuzzy translations. Closes: #705087 . [ Programs translations ] * French translation completed (Christian Perrier) . [ Manpages translations ] * French translation completed (Christian Perrier) . [ Daniel Hartwig ] * apt-pkg/contrib/strutl.cc: - include port in shortened URIs (e.g. with apt-cache policy, progress display) thanks to James McCoy (Closes: #154868, #322074) - percent-encode username and password when writing URIs * methods/http.cc: - properly escape IP-literals (e.g. IPv6 address) when building Host headers and URIs (Closes: #620344) * methods/https.cc: - use https_proxy environment variable if present, falling back to http_proxy otherwise - use authentication credentials from proxy URI (Closes: #651640, LP: #1087512) - environment variables do not override an explicit no proxy directive ("DIRECT") in apt.conf - disregard all_proxy environment variable, like other methods Checksums-Sha1: 116360c77f1f8c54891b327d39acf363a41261bc 1682 apt_0.9.8.dsc 5b76a6358b11ab485dbef2bc16ba5328cdea7948 3500796 apt_0.9.8.tar.gz 89461f552f12ee6f0274855736a8a588bc47948a 290444 apt-doc_0.9.8_all.deb 3cb37e9e8382c3abb1525b9e3e891f15475b17c6 964930 libapt-pkg-doc_0.9.8_all.deb 4883ad8769334cec21be7b811ee4825860cd7ed7 896220 libapt-pkg4.12_0.9.8_amd64.deb 7f5f6ab632bb27d7ca22051c95588136c49ff9bd 168314 libapt-inst1.5_0.9.8_amd64.deb 43bc95f409d0e949506b759b78c638b746ad7d5e 1313098 apt_0.9.8_amd64.deb 0796669c1b3a13e0d78397e2351b35e2bcd6f146 189842 libapt-pkg-dev_0.9.8_amd64.deb 9d7dabe9ea311a2b7ae69d0cb63c5860e33755e8 389146 apt-utils_0.9.8_amd64.deb f1a5ca9a3a3e69786789da741549a24408a885a1 110600 apt-transport-https_0.9.8_amd64.deb Checksums-Sha256: e27e8507f97cc1a3e8f2cfd9a3a488fec1af4559a87c19b27eb950275c4db475 1682 apt_0.9.8.dsc 91937aff743892892949e54d0329496ddbfb6181d126406a05f6762cdbbab594 3500796 apt_0.9.8.tar.gz 1b266da0a5ddcd9015e4475507399371fee4b4b282a18f2c6ba004d4a5ce0af3 290444 apt-doc_0.9.8_all.deb 0864bba06d93ae00b65f469ed8a25b5d0562a50477515a1af0d640e7e562d521 964930 libapt-pkg-doc_0.9.8_all.deb adedd7b43c0eb542b7137071ecaf8a27c363618d483a6a9364ba73c5fa05baca 896220 libapt-pkg4.12_0.9.8_amd64.deb 899892c2bf8daac6da30da3be265c15a5e3959d94ec3be3a8352f047238d8562 168314 libapt-inst1.5_0.9.8_amd64.deb dbccf49f58e0d9de654566dd913a25db2bc5989cb356ed98be6450f7c0b9fcec 1313098 apt_0.9.8_amd64.deb a8e67828dd4426ea11943970e63908e5c435a9aac126ef8f4c076364e9933b44 189842 libapt-pkg-dev_0.9.8_amd64.deb fe2c2b0eb57e8cf0721f5c1075e01a81833a668331206628787ca12439b334af 389146 apt-utils_0.9.8_amd64.deb 9dc84186723b66b7b335b3e149fefe61b1c5b7c8e759633c09a262b784965fd3 110600 apt-transport-https_0.9.8_amd64.deb Files: ca35aee225910dec2e3cb19df376cd71 1682 admin important apt_0.9.8.dsc 90aa29992d8b8a43885c6a28ccf507d4 3500796 admin important apt_0.9.8.tar.gz bc44fced1b97e5ef24d807fcf777646a 290444 doc optional apt-doc_0.9.8_all.deb 71b09b35661f93f5c8e9f87e71fb10fd 964930 doc optional libapt-pkg-doc_0.9.8_all.deb 6a813bfe8a601fa320b936b0ee716efc 896220 libs important libapt-pkg4.12_0.9.8_amd64.deb e79d8e6799a69d8a9939629780109c3c 168314 libs important libapt-inst1.5_0.9.8_amd64.deb b627de5b3fe06182475120d008ad3773 1313098 admin important apt_0.9.8_amd64.deb 829606dd9ec7e0cdad7080232eabfc9d 189842 libdevel optional libapt-pkg-dev_0.9.8_amd64.deb 623d0730b1d36443a3341e79371ab67b 389146 admin important apt-utils_0.9.8_amd64.deb 09d97f139dba326bc8ba0412b3a0648b 110600 admin optional apt-transport-https_0.9.8_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlGKgy4ACgkQliSD4VZixzSsWwCeILYp85ky0KJWPqr+W67M7uXq Hw0An2jzGjzbOQtOkiQA7+OGa5wQoIWC =tem2 -----END PGP SIGNATURE-----
--- End Message ---