Bug#832113: apt: "Hash sum mismatch" since apt(1.2.14, 1.3~pre2) behind proxy => mixed-up deb filenames

To: nice sw123 <nicesw123@gmail.com>, 832113@bugs.debian.org
Subject: Bug#832113: apt: "Hash sum mismatch" since apt(1.2.14, 1.3~pre2) behind proxy => mixed-up deb filenames
From: David Kalnischkies <david@kalnischkies.de>
Date: Fri, 22 Jul 2016 15:06:07 +0200
Message-id: <[🔎] 20160722130607.yied6rgmpfdkk43m@crossbow>
Mail-followup-to: David Kalnischkies <david@kalnischkies.de>, nice sw123 <nicesw123@gmail.com>, 832113@bugs.debian.org
Reply-to: David Kalnischkies <david@kalnischkies.de>, 832113@bugs.debian.org
In-reply-to: <[🔎] CADo5kbsQMfo3ts1Qm-jHTU=6A0iGudr4AifibgGTF+kLiwHqgg@mail.gmail.com>
References: <[🔎] CADo5kbsQMfo3ts1Qm-jHTU=6A0iGudr4AifibgGTF+kLiwHqgg@mail.gmail.com>

On Fri, Jul 22, 2016 at 01:59:40PM +0200, nice sw123 wrote:
> Short Description
> ==================
> Im on Debian Stretch (testing), behind a proxy, and since using
> apt:amd64 (1.2.14, 1.3~pre2), I have problems:
> When deb's are aquired (via apt install, or apt upgrade), I get the
> bunch of deb's, but their names are mixed up.
> No joke!
> Obviously if content of deb-file has the wrong filename, a "hash sum
> mismatch" will occur.

Mixed up names is a common problem with pipelining talking to bad
proxies/servers which is why apt can handle this for a while, fixes up
the pipeline as it knows what it expects (via hashes) and disables the
pipeline afterwards.

> I need to mention, that I'm behind a proxy; and already have these settings:
>  Acquire::http::No-Cache=True;
>  Acquire::https::No-Cache=True;

^ Invalid configuration syntax!

Well, not entirely invalid, apt accepts it as """valid""" and produces
interesting results which are harmless as they have no effect and look
a lot like a bug in configuration dumps:
|  "Acquire::http::No-Cache=True";
|  "Acquire::https::No-Cache=True";

>  Acquire::http::Pipeline-Depth 0;
>  Acquire::https::Pipeline-Depth 0;
>  Acquire::http::No-Cache true;

So, here you disable pipelining …

>  Acquire::BroxenProxy    true;

^ This option hasn't existed in the last decade, so remove it now and
remember in the future to not blindly copy stuff from the internet. (and
even in the less than a year it existed it had not the effect you would
have expected – aka: it wouldn't help AT ALL in your case)

Your description gives mixed signals as while you say pipelining is
disabled, if it really were disabled such a mixup can't really happen…

Anyway, I would suggest dropping the entire configuration file from
above and run apt with the following debug options (lots of output):

-o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::http=1

Then we have a chance to know what apt/proxy/server are up to.

Best regards

David Kalnischkies

P.S.: I don't think someone wrote a method based on wget. It would be
possible, but unlikely a good idea as features like pipelining are
actually quite important to have and wget can't do it as it simply not
the usecase of wget to download a thousand files from the same server in
a single call… Also, wget isn't part of the base system and lacks
support for interesting stuff like SRV records – aka deb.debian.org.

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Bug#832113: apt: "Hash sum mismatch" since apt(1.2.14, 1.3~pre2) behind proxy => mixed-up deb filenames
  - From: nice sw123 <nicesw123@gmail.com>

References:
- Bug#832113: apt: "Hash sum mismatch" since apt(1.2.14, 1.3~pre2) behind proxy => mixed-up deb filenames
  - From: nice sw123 <nicesw123@gmail.com>

Prev by Date: Bug#832113: apt: "Hash sum mismatch" since apt(1.2.14, 1.3~pre2) behind proxy => mixed-up deb filenames
Next by Date: Bug#831762: apt data corrupts with MergeList
Previous by thread: Bug#832113: apt: "Hash sum mismatch" since apt(1.2.14, 1.3~pre2) behind proxy => mixed-up deb filenames
Next by thread: Bug#832113: apt: "Hash sum mismatch" since apt(1.2.14, 1.3~pre2) behind proxy => mixed-up deb filenames
Index(es):
- Date
- Thread