Your message dated Fri, 15 Jan 2016 19:18:47 +0000 with message-id <E1aK9tX-0003K0-VC@franck.debian.org> and subject line Bug#810796: fixed in apt 1.2 has caused the Debian Bug report #810796, regarding HTTP pipelining is broken and causes download failures to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 810796: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810796 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: HTTP pipelining is broken and causes download failures
- From: Robie Basak <robie.basak@ubuntu.com>
- Date: Tue, 12 Jan 2016 11:57:49 +0000
- Message-id: <[🔎] 20160112115749.GL7166@mal.justgohome.co.uk>
Package: apt Version: 1.10 User: ubuntu-devel@lists.ubuntu.com Usertags: origin-ubuntu xenial apt enables pipelining by default. But it does not check to see if the server supports HTTP/1.1, so where the server doesn't apt is breaking the HTTP protocol by attempting to use pipelining. This causes download failures. Workaround: "Acquire::http::Pipeline-Depth 0;" makes it work. It might be an idea to drop the pipelining default until this is fixed. In my case, I have http://ftp.debian.org/debian in my sources.list, but go through a squid 2.7.STABLE7 proxy as the machine running apt doesn't have direct access to the Internet. This is done explicitly using a Acquire::HTTP::Proxy setting (so not using transparent interception). I'm getting "Hash Sum mismatch" errors on some downloaded debs. Right now I get this failure if I have a sid chroot created by "mk-sbuild" (from ubuntu-dev-tools) and attempt to "apt-get build-dep mysql-5.6" through my proxy. I'm not sure how reproducible this might be for others, but I can reproduce it reliably right now. Unfortunately behaviour might also change as sid changes. I captured apt's traffic to my proxy. and in the failure case I see it requesting pipelined files immediately, which I think is wrong of apt, followed by HTTP/1.0 "Connection: close" responses from the proxy (which is why I think it is wrong of apt, since it should only request pipelining with HTTP/1.1 servers). In most cases the server returns the first file only and then apt (perhaps in response to the Connection: close?) closes the connection gracefully. Then apt makes other pipelined requests for the files it did not successfully retrieve because they were not the first in its invalid pipelined requests. In some cases I see the server hasn't finished sending the first file before I see an RST. In this case apt doesn't get the whole file, doesn't retry it and this leads to a Hash Sum mismatch. Speculation: the server always tries to send an RST after processing the first request if it sees further incoming data at this time, since that is in violation of HTTP/1.0. apt closes the connection gracefully after it sees either an HTTP/1.0 response or a "Connection: close" (not sure which, or maybe both). So this is a race. If the RST arrives and is processed first, then apt gets partial data and fails. But the race only exists because apt invalidly attempts to pipeline when it shouldn't. Thanks, RobieAttachment: signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
- To: 810796-close@bugs.debian.org
- Subject: Bug#810796: fixed in apt 1.2
- From: Julian Andres Klode <jak@debian.org>
- Date: Fri, 15 Jan 2016 19:18:47 +0000
- Message-id: <E1aK9tX-0003K0-VC@franck.debian.org>
Source: apt Source-Version: 1.2 We believe that the bug you reported is fixed in the latest version of apt, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 810796@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Julian Andres Klode <jak@debian.org> (supplier of updated apt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 15 Jan 2016 19:52:19 +0100 Source: apt Binary: apt libapt-pkg5.0 libapt-inst2.0 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https Architecture: source Version: 1.2 Distribution: unstable Urgency: medium Maintainer: APT Development Team <deity@lists.debian.org> Changed-By: Julian Andres Klode <jak@debian.org> Description: apt - commandline package manager apt-doc - documentation for APT apt-transport-https - https download transport for APT apt-utils - package management related utility programs libapt-inst2.0 - deb package format runtime library libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst libapt-pkg-doc - documentation for APT development libapt-pkg5.0 - package management runtime library Closes: 734922 810046 810509 810622 810796 Changes: apt (1.2) unstable; urgency=medium . [ Julian Andres Klode ] * Do not break apt-file (<< 3.0~exp1~), 2.X works fine * Version the build-depends on liblz4-dev to >= 0.0~r126 * search: Handle packages without description (Closes: #810622) * Only enable pipelining if server is HTTP/1.1 (Closes: #810796) . [ Mattia Rizzolo ] * Sort the list of sources to be built and linked (Closes: #810509) . [ Michael Vogt ] * Do not show multiple identical apt-cache showsrc entries (Closes: #734922) . [ David Kalnischkies ] * evaluate sourceslist-list-format entity in vendors sources.list. Thanks to Niels Thykier for reporting on IRC * update symbols file * fix M-A:foreign provides creation for unknown archs * revert file-hash based action-merging in acquire (Closes: 810046) * return correct position in APT::StringView::(r)find . [ Zhou Mo ] * po: update simplified chinese programs translation Checksums-Sha1: 66b20a6b69fa612a4e8cdd33168cf7009d6f480f 2331 apt_1.2.dsc 491c976997a267bb94178ffba50c6063054941ab 2014968 apt_1.2.tar.xz Checksums-Sha256: cb9c95772ae1d0e62a0eeea427c49dc3826b443bf5e52ee789befb2a570dd37a 2331 apt_1.2.dsc 8e330c9ceee328075d527108997fc0395dc10603d30eedc0d322783058674ed0 2014968 apt_1.2.tar.xz Files: 4b617d2e1cb2eb0d666cbfa11879ac96 2331 admin important apt_1.2.dsc 9104ce061470a43addf30ab976181adc 2014968 admin important apt_1.2.tar.xz -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJWmUBpAAoJENc8OeVlgLOGxjsQAJCePOHpUKcH94yxoKfHKeLt dQ3Jn4FrSjNPquW3Mu+O5eWM6eVFxCA8eY+4ZxsNMcupxBlvjDg+86gMBgqlOMFd EyqTw4XndzfC4gV6QBpBqxdW0kecSi3G2Xc64vjtmMYY+OmWgyxP7wblMcSxDHRS U+vgxfFHG6padgLr2nj3XpG+2HDqULxFa9C4rC8oXx1bmBmByfKWv4ztF5uymjAe JT99kbkXLqkOEkvOsi3/+nA7uwCmUJjtiEKus97/t4scvz3/SvhiKf7DLDGMoKqE dru5F8SQDFqOxNZ8Kv9DaWhqlGWq4O6IVTa2ip9TqKCSzmjKeRRrIEjJw+z9Y3w5 laENnuRXOLvi0mtWAnVxTHdwhGVP37fsYGhBdCKzq53XfrWkWsI5FYhbkvlKxBxI kmSqM+pFEJas5LSJZ3aFeQJJub4A3T6tBJTAbklp+ZEAI5uCr2HjWcEheZMa9Jzq IgsQuZ1czj/Ki6jsS2TJqn7U/xl+/sGPgy2LsEeU20gUasnq5nxL7tyln9ptYDqB UmSJXXxcPOPIZWEl+hbuO7TF1LueMUSw//Z0Pg6BzoqeJnOAcr/PV+y2ZCe/DGji 5fY5mmMV8g78YTCDYPwgf8HTJpNYb6BiJwLvUaHmEt1Up+q8bQWH7eRRljTyf65M i9Fr4dBEygFLFW/BLx2D =xrCH -----END PGP SIGNATURE-----
--- End Message ---