Bug 40148 – /etc/apt/sources.list.d/20_ucs-online-component.list uses HTTP instead of HTTPS

Bug 40148 - /etc/apt/sources.list.d/20_ucs-online-component.list uses HTTP instead of HTTPS


Summary:	/etc/apt/sources.list.d/20_ucs-online-component.list uses HTTP instead of HTTPS

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Update - univention-updater
Version:	UCS 4.1
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.1-0-errata
Assigned To:	Philipp Hahn
QA Contact:	Daniel Tröder

URL:
Keywords:

Depends on:
Blocks:	41166
	Show dependency tree / graph

Reported:	2015-12-01 13:50 CET by Janek Walkenhorst
Modified:	2016-04-27 16:29 CEST (History)
CC List:	2 users (show)

See Also:
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Janek Walkenhorst

2015-12-01 13:50:13 CET

# ucr search --brief repository/online
[…]
repository/online/component/4.0-1-errata/description: Errata updates for UCS 4.0-1
repository/online/component/4.0-1-errata/localmirror: true
repository/online/component/4.0-1-errata/version: 4.0
repository/online/component/4.0-1-errata: false
repository/online/component/4.0-2-errata/description: Errata updates for UCS 4.0-2
repository/online/component/4.0-2-errata/localmirror: true
repository/online/component/4.0-2-errata/version: 4.0
repository/online/component/4.0-2-errata: false
repository/online/component/4.0-3-errata/description: Errata updates for UCS 4.0-3
repository/online/component/4.0-3-errata/localmirror: true
repository/online/component/4.0-3-errata/version: 4.0
repository/online/component/4.0-3-errata: false
repository/online/component/4.0-4-errata/description: Errata updates for UCS 4.0-4
repository/online/component/4.0-4-errata/version: 4.0
repository/online/component/4.0-4-errata: enabled
repository/online/component/4.1-0-errata/description: Errata updates for UCS 4.1-0
repository/online/component/4.1-0-errata/version: 4.1
repository/online/component/4.1-0-errata: enabled
repository/online/httpmethod: <empty>
repository/online/port: 80
repository/online/prefix: <empty>
repository/online/server: https://updates.software-univention.de/
repository/online/sources: <empty>
repository/online/timeout: <empty>
repository/online/unmaintained: no
repository/online/verify: <empty>
repository/online: yes

# tail -n5 /etc/apt/sources.list.d/*online*
==> /etc/apt/sources.list.d/15_ucs-online-version.list <==
deb https://updates.software-univention.de/4.0/maintained/ 4.0-4/all/
deb https://updates.software-univention.de/4.0/maintained/ 4.0-4/amd64/
deb https://updates.software-univention.de/4.1/maintained/ 4.1-0/all/
deb https://updates.software-univention.de/4.1/maintained/ 4.1-0/amd64/


==> /etc/apt/sources.list.d/20_ucs-online-component.list <==
deb http://updates.software-univention.de/4.1/maintained/component/ 4.1-0-errata/all/
deb http://updates.software-univention.de/4.1/maintained/component/ 4.1-0-errata/amd64/
deb http://updates.software-univention.de/4.0/maintained/component/ 4.0-4-errata/all/
deb http://updates.software-univention.de/4.0/maintained/component/ 4.0-4-errata/amd64/

Comment 1 Philipp Hahn

2015-12-11 16:47:46 CET

>>> from univention.updater.tools import UniventionUpdater
>>> u = UniventionUpdater()
>>> u.server
UCSHttpServer(UcsRepoUrl({}, '', 'https://updates.software-univention.de/'), timeout=600.0)
>>> c = '4.1-0-errata'
>>> u._get_component_server(c)
UCSHttpServer(UcsRepoUrl({}, '', 'http://updates.software-univention.de/'), timeout=600.0)
>>> u._get_component_baseurl(c, False)
UcsRepoUrl({}, '', 'http://updates.software-univention.de/')
>>> u.repourl
UcsRepoUrl({}, '', 'https://updates.software-univention.de/')
>>> from univention.updater.repo_url import UcsRepoUrl
>>> UcsRepoUrl(u.configRegistry, 'repository/online/component/'+c, u.repourl)
UcsRepoUrl({}, '', 'http://updates.software-univention.de/')

r66283 | Bug #40148 up: Fail on doctest failures
r66282 | Bug #40148 up: Fix https:// inheritance for components

Package: univention-updater
Version: 11.0.7-7.1437.201512111644
Branch: ucs_4.1-0
Scope: errata4.1-0

r66284 | Bug #40148 up: Fix https:// inheritance for components YAML
 univention-updater.yaml

Comment 2 Daniel Tröder

2016-01-20 08:01:13 CET

OK: code
OK: advisory
OK: manual test:

# ucr search repository/online
[..]
repository/online/port: 80
repository/online/server: updates-test.software-univention.de

# grep -c '^deb' /etc/apt/sources.list.d/*online*
/etc/apt/sources.list.d/15_ucs-online-version.list:24
/etc/apt/sources.list.d/20_ucs-online-component.list:4

# grep -c 'http://updates-test.software-univention.de' /etc/apt/sources.list.d/*online* 
/etc/apt/sources.list.d/15_ucs-online-version.list:24
/etc/apt/sources.list.d/20_ucs-online-component.list:4
# grep -c 'https://updates-test.software-univention.de' /etc/apt/sources.list.d/*online* 
/etc/apt/sources.list.d/15_ucs-online-version.list:0
/etc/apt/sources.list.d/20_ucs-online-component.list:0

# ucr set repository/online/server=https://updates.software-univention.de/
Setting repository/online/server
File: /etc/apt/sources.list.d/20_ucs-online-component.list
File: /etc/apt/mirror.list
File: /etc/apt/sources.list.d/15_ucs-online-version.list

# grep -c 'http://updates-test.software-univention.de' /etc/apt/sources.list.d/*online* 
/etc/apt/sources.list.d/15_ucs-online-version.list:0
/etc/apt/sources.list.d/20_ucs-online-component.list:0
# grep -c 'https://updates-test.software-univention.de' /etc/apt/sources.list.d/*online* 
/etc/apt/sources.list.d/15_ucs-online-version.list:24
/etc/apt/sources.list.d/20_ucs-online-component.list:4

Comment 3 Janek Walkenhorst

2016-01-20 13:24:41 CET

<http://errata.software-univention.de/ucs/4.1/58.html>