Ubuntu
apt package

Bug #1651923
Comment #24

Comment 24 for bug 1651923

Revision history for this message

Julian Andres Klode (juliank) wrote on 2017-01-10:

#24

I just uploaded 1.4~rc3ubuntu1 to zesty. It's building now, and should hit zesty-proposed soon, and hopefully migrate without issues to zesty release repository.

This is the included workaround for now:

commit 12d5863a6ecd358db5645a4c1ca75576ef3c6232
Author: Julian Andres Klode <email address hidden>
Date: Thu Dec 29 14:16:07 2016 +0100

https: Quote path in URL before passing it to curl

    Curl requires URLs to be urlencoded. We are however giving it
    undecoded URLs. This causes it go completely nuts if there is
    a space in the URI, producing requests like:

GET /a file HTTP/1.1

which the servers then interpret as a GET request for "/a" with
HTTP version "file" or some other non-sense.

    This works around the issue by encoding the path component of
    the URL. I'm not sure if we should encode other parts of the URL
    as well, this one seems to do the trick for the actual issue at
    hand.

    A more correct fix is to avoid the dequoting and (re-)quoting
    of URLs when a redirect occurs / a new request is sent. That's
    been on the radar for probably a year or two now, but nobody
    bothered implementing that yet.

LP: #1651923

diff --git a/methods/https.cc b/methods/https.cc
index d60bc6fbc..d71ef0bf0 100644
--- a/methods/https.cc
+++ b/methods/https.cc
@@ -275,6 +275,10 @@ bool HttpsMethod::Fetch(FetchItem *Itm)
if (Server == nullptr || Server->Comp(Itm->Uri) == false)
Server = CreateServerState(Itm->Uri);

+ // The "+" is encoded as a workaround for a amazon S3 bug
+ // see LP bugs #1003633 and #1086997. (taken from http method)
+ Uri.Path = QuoteString(Uri.Path, "+~ ");
+
    FetchResult Res;
    RequestState Req(this, Server.get());
    CURLUserPointer userp(this, &Res, Itm, &Req);

If that works fine for everyone, I can cherry-pick this into xenial and yakkety. The SRU procedure takes a few weeks though - in fact, many of the current changes pending for xenial are waiting since 2 months already.

Trusty also has an issue with the downloads, BTW, but it just hangs completely, so there's probably a different issue there.

I just uploaded 1.4~rc3ubuntu1 to zesty. It's building now, and should hit zesty-proposed soon, and hopefully migrate without issues to zesty release repository.

This is the included workaround for now:

commit 12d5863a6ecd358db5645a4c1ca75576ef3c6232
Author: Julian Andres Klode <jak@debian.org>
Date:   Thu Dec 29 14:16:07 2016 +0100

https: Quote path in URL before passing it to curl

Curl requires URLs to be urlencoded. We are however giving it
    undecoded URLs. This causes it go completely nuts if there is
    a space in the URI, producing requests like:

GET /a file HTTP/1.1

which the servers then interpret as a GET request for "/a" with
    HTTP version "file" or some other non-sense.

LP: #1651923

diff --git a/methods/https.cc b/methods/https.cc
index d60bc6fbc..d71ef0bf0 100644
--- a/methods/https.cc
+++ b/methods/https.cc
@@ -275,6 +275,10 @@ bool HttpsMethod::Fetch(FetchItem *Itm)
    if (Server == nullptr || Server->Comp(Itm->Uri) == false)
       Server = CreateServerState(Itm->Uri);

+   // The "+" is encoded as a workaround for a amazon S3 bug
+   // see LP bugs #1003633 and #1086997. (taken from http method)
+   Uri.Path = QuoteString(Uri.Path, "+~ ");
+
    FetchResult Res;
    RequestState Req(this, Server.get());
    CURLUserPointer userp(this, &Res, Itm, &Req);

Trusty also has an issue with the downloads, BTW, but it just hangs completely, so there's probably a different issue there.

Ubuntuapt package

Comment 24 for bug 1651923

Ubuntu
apt package