Bug #969
amahi-download fails if an HTTPS link is provided
100%
Description
The amahi-download script (installed in /usr/bin/amahi-download) doesn't check for a https link when it is checking for a link in the filename field. If one is passed, the script errors out with a message similar to the following:
/usr/bin/amahi-download:107:in `download_and_check_sha1': http://dl.amahi.org/https://dl.dropbox.com/u/1226885/amahi/amahi-netboot-ubuntu.tar.bz2, 'eb2cb90ee6aac50df1c3983ee47763a7785e2988' vs. '0374C65D52705130A1D93B114FD06CF7C7B9640F' (SHA1VerificationFailed)
from /usr/bin/amahi-download:122:in `main'
from /usr/bin/amahi-download:129
While the script is throwing a SHA1VerificationFailed error, the actual problem is quite obvious: the script is attempting to download the URL with "http://dl.amahi.org/" tacked onto the front, which, naturally, returns a page that doesn't match the SHA1 hash it's looking for.
The following is the affected line:
url = File.join(DEFAULT_URL, filename) unless filename =~ /^(http:|ftp:)/
My proposed solution:
url = File.join(DEFAULT_URL, filename) unless filename =~ /^(http:|https:|ftp:)/
History
#1 Updated by Anonymous almost 10 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
Applied in changeset commit:b6360740a2ec3c75ed59205bc5c942cbe6312d33.
#2 Updated by cpg almost 10 years ago
- Assignee set to cpg
Assigned to cpg, after closing, but credit goes to steven for doing the work to research the issue!
#3 Updated by steven almost 10 years ago
- Subject changed from amahi-download doesn't check for https links and fails if one is provided to amahi-download fails if an HTTPS link is provided
- Status changed from Closed to Assigned
OK, now the script is no longer adding "http://dl.amahi.org/" to the URL, but it's still failing the SHA1 comparison:
root@hda:/tmp# amahi-download https://dl.dropbox.com/u/1226885/amahi/amahi-netboot-ubuntu.tar.bz2 0374c65d52705130a1d93b114fd06cf7c7b9640f
/usr/bin/amahi-download:107:in `download_and_check_sha1': https://dl.dropbox.com/u/1226885/amahi/amahi-netboot-ubuntu.tar.bz2, '177b8c0127de9f4a91623fce81a3686f687163c2' vs. '0374c65d52705130a1d93b114fd06cf7c7b9640f' (SHA1VerificationFailed)
from /usr/bin/amahi-download:122:in `main'
from /usr/bin/amahi-download:129
The same file downloaded over a regular HTTP connection works as expected:
root@hda:/tmp# amahi-download http://dl.dropbox.com/u/1226885/amahi/amahi-netboot-ubuntu.tar.bz2 0374c65d52705130a1d93b114fd06cf7c7b9640f NOTE: file /tmp/amahi-download-cache/0374c65d52705130a1d93b114fd06cf7c7b9640f written in cache
#4 Updated by steven almost 10 years ago
- % Done changed from 100 to 20
#5 Updated by cpg almost 10 years ago
when using https, we get status 400 from the standard ruby library. the
irb>
require 'uri'
require 'net/http'
url="https://dl.dropbox.com/u/1226885/amahi/amahi-netboot-ubuntu.tar.bz2"
> u = URI.parse(url)
=> #<URI::HTTPS:0x103bb0ef0 URL:https://dl.dropbox.com/u/1226885/amahi/amahi-netboot-ubuntu.tar.bz2>
> req = Net::HTTP::Get.new(u.path)
=> #<Net::HTTP::Get GET>
> response = Net::HTTP.start(u.host, u.port) { |http| http.request(req) }
=> #<Net::HTTPBadRequest 400 Bad Request readbody=true>
> u.port
=> 443
the port is 443, but maybe it somehow needs to be told that it's ssl?
i get the sneaking suspicion ssl cert checking is not supported. this checker method is set to false in the library at http://www.ruby-doc.org/stdlib-1.8.7/ under net/http
def use_ssl? false # redefined in net/https end
though i see a reference in the docs about net/https and requiring it works, however, i do not see Net::HTTPS.
#6 Updated by bigfoot65 almost 10 years ago
This is also an issue with the app download field. See http://bugs.amahi.org/issues/457.
#7 Updated by steven almost 10 years ago
This is actually the same issue (the app installer runs this script to download the file in that field; therefore, fixing the script will fix that issue). I've marked the other bug as closed with a link to this bug.
I'm sorry I can't be much help here - Ruby is a foreign language to me. I'm more of a PHP guy. ;)
#8 Updated by Anonymous almost 10 years ago
- Status changed from Assigned to Closed
- % Done changed from 20 to 100
Applied in changeset commit:2f38a5ef3b6e38b723f454d1efa1f45fe7c10d0d.
Also available in: Atom