[Bug 1561215] Re: Upgrade to 16.04 blocked by firewall due to HTTP violation
Xavier Aragon
1561215 at bugs.launchpad.net
Thu Mar 31 12:45:25 UTC 2016
This problem only seems to affect Kubuntu upgrades, where the graphical
frontend 'DistUpgradeViewKDE' is used.
If the text mode upgrade is used (e.g. 'do-release-upgrade -d') the
release notes are not shown at all. Also if the GTK graphical frontend
is used (e.g. 'do-release-upgrade -d --frontend=DistUpgradeViewGtk3')
there is no problem, the release notes are correctly downloaded and
shown. But with the KDE frontend ('do-release-upgrade -d
--frontend=DistUpgradeViewKDE' or 'kubuntu-devel-release-upgrade'), the
HTTP request is made with an illegal URI containing a space. In presence
of a strict firewall that request may be dropped, and the upgrade
doesn't proceed.
The reason why the GTK frontend works is that the invalid URI is passed
to WebKit, which "fixes" the URI, i.e. encodes the space in the URI as
%20 before sending the HTTP request to the server. With the KDE
frontend, however, the URI is passed to python's
urllib.request.urlopen() function, which doesn't "fix" the URI, i.e. the
HTTP request is made with the illegal URI containing a space (coming
from the version string '16.04 LTS', i.e. this problem only affects
upgrades to LTS releases).
I believe this is a bug in MetaRelease.py which produces the
'dist.releaseNotesHtmlUri' but doesn't encode it properly for use as an
URI.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-release-upgrader in
Ubuntu.
https://bugs.launchpad.net/bugs/1561215
Title:
Upgrade to 16.04 blocked by firewall due to HTTP violation
Status in ubuntu-release-upgrader package in Ubuntu:
New
Bug description:
Upgrading from 15.10 to 16.04 may fail e.g. in corporate environments
where firewall or IDS/IPS equipment enforce strict HTTP protocol
usage. The failure occurs right in the beginning of the upgrade, as
the upgrader fails to retrieve the release announcement that would be
shown to the user. The problem is the URI in the HTTP request, which
contains the version string '16.04 LTS' without proper encoding.
Spaces should be encoded as '%20' in an URI, but method
_get_release_notes_uri_query_string() in MetaRelease.py of package
python3-update-manager seems to add the version string dist.version as
a query parameter to the URI without any encoding:
# get the version to upgrade to
q += "ver=%s" % dist.version
I think it would be necessary to use something like
urllib.parse.quote(dist.version) instead.
Below is the problematic HTTP request. It is dropped by the firewalls
in the corporation where I work. At home the upgrade works without
problem.
HEAD /ubuntu//dists/xenial/main/dist-upgrader-all/current/DevelReleaseAnnouncement.html?lang=en_US&os=ubuntu&ver=16.04 LTS HTTP/1.1
Accept-Encoding: identity
User-Agent: Python-urllib/3.4
Connection: close
Host: archive.ubuntu.com
Release and package info:
Description: Ubuntu 15.10
Release: 15.10
python3-update-manager:
Installed: 1:15.10.3
Candidate: 1:15.10.3
Version table:
*** 1:15.10.3 0
500 http://se.archive.ubuntu.com/ubuntu/ wily/main amd64 Packages
100 /var/lib/dpkg/status
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1561215/+subscriptions
More information about the foundations-bugs
mailing list