Behaviour change when using /HTTPS/// targets: "Configuration error (confusing proxy mode) or prohibited port (see AllowUserPorts)"
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apt-cacher-ng (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Previously, apt-cacher-ng clients were able to use a sources.list entry like this to access https repositories:
deb http://
No additional configuration was required. apt-cacher-ng fetched the remote package using https, cached it, and returned it over http to the client.
However, with apt-cacher-ng 3.7.4-1build1 in jammy, clients now get this error:
Err:1 http://
403 Configuration error (confusing proxy mode) or prohibited port (see AllowUserPorts) [IP: 100.64.0.1 3142]
Looking through the source code, I was able to find the problem:
if (startsWithSz(
...
{
}
That is: apt-cacher-ng now restricts outgoing connections to port 80 only, unless you configure it otherwise (using AllowUserPorts, as the error says). The problem can be fixed by setting
AllowUserPorts: 80 443
in /etc/apt-
This is fine, once you know what the problem is.
My only issue is that this change in behaviour doesn't appear to be documented anywhere, so it appears as if it were a regression.
I checked in:
- apt-get changelog apt-cacher-ng
- /usr/share/
- /usr/share/
I think the resolution would be to mention it in at least one of those places.
Note: I don't know exactly when this change occurred, but apt-cacher-ng 3.1-1build1 in bionic works without setting AllowUserPorts.