Do more with HTTP -> HTTPS redirects, and other HTTPS issues. 🔼

There's already a minor warning, but I think I can do more.


This mirror has some issues due to it automatically redirecting

HTTP to

  1.  I spent most of the day trying to sort this out, not

sure

exactly where the problem was.  Likely it shouldn't be doing

that, since

not everyone has apt-transport-https installed.  If you don't

have that

installed and you use this mirror, things will probably break.

It

should work fine if you actually use HTTPS with

apt-transport-https.

I'd give this one a WARNING instead of an ERROR, but it's

debatable

that maybe this should be flagged as an ERROR.  

apt-transport-https comes by default on buster/beowulf, so I'd

expect this to be more common over time (also given the history of

apt issues that have proven that there is some value in HTTPS for

these things as well).  

This is the one that was causing the loop during testing.  The mirror

would redirect HTTP to HTTPS, LuaSocket would silently convert HTTPS

requests to HTTP, then the mirror would redirect the HTTP to HTTPS, and

around we go again.  Now I'm using LuaSec for HTTPS, that loop doesn't

happen.

Redirection to HTTPS is only a problem if the used hostname is

deb.devuan.org, otherwise the user is free to pick a different

mirror that does plain HTTP.  

OK, so this would be ERROR if we are checking deb.devuan.org, but a

WARNING otherwise.  I already have other WARNINGS, they are things that

would be nice if they didn't happen, but not show stoppers.  So if the

HTTP only using user is having problems, they check the mirror status

web page, see the "WARNING: redirects HTTP to HTTPS", and knows to

switch mirrors.


reported=2019-09-10 05:50:11

reporter=onefang

priority=low

category=Feature

severity=minor

resolution=fixed


2019-12-26 03:21:57 onefang: "OK, so this would be ERROR if we are checking deb.devuan.org," I think is fixed, no one is making that mistake that I can detect at the moment.