Re: Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https

To: Julien Cristau <jcristau@debian.org>
Cc: Raphael Geissert <geissert@debian.org>, 738785@bugs.debian.org, apt@packages.debian.org
Subject: Re: Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https
From: David Kalnischkies <david@kalnischkies.de>
Date: Thu, 13 Feb 2014 22:07:37 +0100
Message-id: <[🔎] 20140213210737.GA5490@crossbow>
In-reply-to: <[🔎] 20140213185238.GC17725@betterave.cristau.org>
References: <201402122330.41267.geissert@debian.org> <[🔎] 20140212232612.GA22795@betterave.cristau.org> <[🔎] CAA7hUgEhcHtJ6R4+qgw-CHck+LDtL-Z1_hiVLuOVP31JNwfo2A@mail.gmail.com> <[🔎] 20140213185238.GC17725@betterave.cristau.org>

On Thu, Feb 13, 2014 at 07:52:38PM +0100, Julien Cristau wrote:
> On Thu, Feb 13, 2014 at 10:27:47 +0100, Raphael Geissert wrote:
> > On 13 February 2014 00:26, Julien Cristau <jcristau@debian.org> wrote:
> > [...]
> > > Seems to be an apt "feature".  After patching it out with
> > >
> > > diff --git a/methods/server.cc b/methods/server.cc
> > > index e12c23c..e07599c 100644
> > > --- a/methods/server.cc
> > > +++ b/methods/server.cc
> > > @@ -294,7 +294,7 @@ ServerMethod::DealWithHeaders(FetchResult &Res)
> > >           NextURI = DeQuoteString(Server->Location);
> > >           URI tmpURI = NextURI;
> > >           // Do not allow a redirection to switch protocol
> > > -         if (tmpURI.Access == "http")
> > > +         if (1 || tmpURI.Access == "http")
> > >              return TRY_AGAIN_OR_REDIRECT;
> > >        }
> > >        /* else pass through for error message */
> > 
> > Yes, that's intentional as you should really not switch between
> > protocols.
> 
> I'm afraid I don't understand where this comes from.  I don't think
> redirecting from http to https is all that unreasonable?

It isn't unreasonable by itself, but less than 1% of popcon users
have the https client installed, so it will usually not work.
(and as Raphael mentioned it was not possible at all until not too
 long, so this check is also a 'lets not change too much in one go')

I am working on it now that the code can switch the protocol (at least
from http to https, but not to other protocols). In this regard: I can't
reproduce the size mismatch error here, for me, it basically works out
of the box (at least while testing with our own aptwebserver).

Anyway: As said, basically nobody has the https method installed, so we
either have to force it on everyone or we need the service to continue
to provide the changelog over http for apts http client.
On the client side we could do a
if (https installed) get changelog via https uri else via http uri
then.
If so we should really get this code into libapt though as currently
apt and aptitude do their own thing in this regard…

Best regards

David Kalnischkies

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https
  - From: Raphael Geissert <geissert@debian.org>
- Re: [Aptitude-devel] Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https
  - From: "Manuel A. Fernandez Montecelo" <manuel.montezelo@gmail.com>

References:
- Re: Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https
  - From: Julien Cristau <jcristau@debian.org>
- Re: Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https
  - From: Raphael Geissert <geissert@debian.org>
- Re: Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https
  - From: Julien Cristau <jcristau@debian.org>

Prev by Date: Bug#738909: [apt] Package System Broken, libc6 etc
Next by Date: Re: Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https
Previous by thread: Re: Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https
Next by thread: Re: Bug#738785: aptitude: (remote) changelogs is broken after packages.d.o move to https
Index(es):
- Date
- Thread