[Bug 1561215] [NEW] Upgrade to 16.04 blocked by firewall due to HTTP violation

Xavier Aragon 1561215 at bugs.launchpad.net
Wed Mar 23 21:28:09 UTC 2016 

Public bug reported:

Upgrading from 15.10 to 16.04 may fail e.g. in corporate environments
where firewall or IDS/IPS equipment enforce strict HTTP protocol usage.
The failure occurs right in the beginning of the upgrade, as the
upgrader fails to retrieve the release announcement that would be shown
to the user. The problem is the URI in the HTTP request, which contains
the version string '16.04 LTS' without proper encoding. Spaces should be
encoded as '%20' in an URI, but method
_get_release_notes_uri_query_string() in MetaRelease.py of package
python3-update-manager seems to add the version string dist.version as a
query parameter to the URI without any encoding:

       # get the version to upgrade to
        q += "ver=%s" % dist.version

I think it would be necessary to use something like
urllib.parse.quote(dist.version) instead.

Below is the problematic HTTP request. It is dropped by the firewalls in
the corporation where I work. At home the upgrade works without problem.

HEAD /ubuntu//dists/xenial/main/dist-upgrader-all/current/DevelReleaseAnnouncement.html?lang=en_US&os=ubuntu&ver=16.04 LTS HTTP/1.1
Accept-Encoding: identity
User-Agent: Python-urllib/3.4
Connection: close
Host: archive.ubuntu.com


Release and package info:

Description:    Ubuntu 15.10
Release:        15.10

python3-update-manager:
  Installed: 1:15.10.3
  Candidate: 1:15.10.3
  Version table:
 *** 1:15.10.3 0
        500 http://se.archive.ubuntu.com/ubuntu/ wily/main amd64 Packages
        100 /var/lib/dpkg/status

** Affects: ubuntu-release-upgrader (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-release-upgrader in
Ubuntu.
https://bugs.launchpad.net/bugs/1561215

Title:
  Upgrade to 16.04 blocked by firewall due to HTTP violation

Status in ubuntu-release-upgrader package in Ubuntu:
  New

Bug description:
  Upgrading from 15.10 to 16.04 may fail e.g. in corporate environments
  where firewall or IDS/IPS equipment enforce strict HTTP protocol
  usage. The failure occurs right in the beginning of the upgrade, as
  the upgrader fails to retrieve the release announcement that would be
  shown to the user. The problem is the URI in the HTTP request, which
  contains the version string '16.04 LTS' without proper encoding.
  Spaces should be encoded as '%20' in an URI, but method
  _get_release_notes_uri_query_string() in MetaRelease.py of package
  python3-update-manager seems to add the version string dist.version as
  a query parameter to the URI without any encoding:

         # get the version to upgrade to
          q += "ver=%s" % dist.version

  I think it would be necessary to use something like
  urllib.parse.quote(dist.version) instead.

  Below is the problematic HTTP request. It is dropped by the firewalls
  in the corporation where I work. At home the upgrade works without
  problem.

  HEAD /ubuntu//dists/xenial/main/dist-upgrader-all/current/DevelReleaseAnnouncement.html?lang=en_US&os=ubuntu&ver=16.04 LTS HTTP/1.1
  Accept-Encoding: identity
  User-Agent: Python-urllib/3.4
  Connection: close
  Host: archive.ubuntu.com

  
  Release and package info:

  Description:    Ubuntu 15.10
  Release:        15.10

  python3-update-manager:
    Installed: 1:15.10.3
    Candidate: 1:15.10.3
    Version table:
   *** 1:15.10.3 0
          500 http://se.archive.ubuntu.com/ubuntu/ wily/main amd64 Packages
          100 /var/lib/dpkg/status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1561215/+subscriptions

More information about the foundations-bugs mailing list