Project

General

Profile

Bug #54765

Middleware must use HTTPS for downloads

Added by Warren Block 10 months ago. Updated 10 months ago.

Status:
Closed
Priority:
No priority
Assignee:
William Grzybowski
Category:
Middleware
Target version:
Severity:
Med High
Reason for Closing:
Third Party to Resolve
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

Trying to install a Docker VM with the new GUI shows this:

Failed to download http://download.freenas.org/bhyve-templates/rancheros-bhyve-v1.4.1/rancheros-bhyve-v1.4.1.img.gz (retries=3)

This is due to a new redirect from HTTP to HTTPS on download.freenas.org and possibly due to fetch or whatever is being used to download that image not honoring the redirect:

% ping download.freenas.org
PING download.freenas.org (10.0.0.100): 56 data bytes
64 bytes from 10.0.0.100: icmp_seq=0 ttl=61 time=77.491 ms
^C
%  fetch http://download.freenas.org/bhyve-templates/rancheros-bhyve-v1.4.1/rancheros-bhyve-v1.4.1.img.gz
fetch: http://download.freenas.org/bhyve-templates/rancheros-bhyve-v1.4.1/rancheros-bhyve-v1.4.1.img.gz: No address record

Part of this problem can be addressed by just modifying the source URLs to use HTTPS directly.

% fetch https://download.freenas.org/bhyve-templates/rancheros-bhyve-v1.4.1/rancheros-bhyve-v1.4.1.img.gz
rancheros-bhyve-v1.4.1.img.gz                   0% of   70 MB  538 kBps 01m55s


Related issues

Related to FreeNAS - Bug #25705: Use HTTPS for updatesDone
Related to FreeNAS - Bug #48754: http://download.freenas.org must redirect to https to prevent MITM (ideally not provide HTTP at all!)Closed

History

#1 Updated by Warren Block 10 months ago

  • Related to Bug #25705: Use HTTPS for updates added

#2 Updated by Warren Block 10 months ago

  • Related to Bug #48754: http://download.freenas.org must redirect to https to prevent MITM (ideally not provide HTTP at all!) added

#4 Updated by William Grzybowski 10 months ago

  • Status changed from Unscreened to Not Started
  • Severity changed from New to Med High

#5 Updated by William Grzybowski 10 months ago

Cant reproduce the problem.

http does not redirect to https on my end.

#6 Updated by William Grzybowski 10 months ago

William Grzybowski wrote:

Cant reproduce the problem.

http does not redirect to https on my end.

This seems like a local network issue to me. download.freenas.org resolves to 10.0.0.100 for you.

#7 Updated by Jeremy Quinn 10 months ago

#8 Avatar?id=14398&size=24x24 Updated by Kris Moore 10 months ago

  • Status changed from Not Started to Closed
  • Reason for Closing set to Third Party to Resolve

IT has fixed this issue so that only the root link redirects automatically to https. Direct links will still work over http://. Eventually we'll want to switch those to https but it can be done as apart of a future update when convenient.

#9 Updated by Dru Lavigne 10 months ago

  • Target version changed from Backlog to N/A

Also available in: Atom PDF