when fetching an rpm from a web server, like the default apache, the char '?' (question mark ASCII 0x3F) poses a serious obstacle for rpm. [root@testserver1 rpm-4.2.3]# rpm --version RPM version 4.2.3
similar to Bug 101731, but not the same.
Created attachment 109199 [details] rpmbug143885-1-0.src.rpm
Created attachment 109200 [details] rpmbug143885-1-0.noarch.rpm
[root@testserver redhat]# rpm - ivv 'https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109200&ac tion=view' error: File not found by glob: https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109200&action= view D: found 0 source and 0 binary packages [root@testserver redhat]# curl - I 'https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109200&act ion=view' HTTP/1.1 200 OK Date: Fri, 31 Dec 2004 17:10:59 GMT Server: Apache/2.0.46 (Red Hat) Content-Disposition: inline; filename=rpmbug143885-1-0.noarch.rpm Content-Length: 1543 Content-Type: application/x-redhat-package-manager; name="rpmbug143885-1-0.noarch.rpm"
tried a workaround but ran into bug 143886.
Yep. The primitive url parser in rpm dates back to 2000 or so, and there has been absolutely no need to handle options in http: URL's Adding RFE: to summary ...
Internal RFE bug #147523 entered; will be considered for future releases.
this is a BUG not an RFE http[s] urls are allowed to have ? chars in them. I am currently working on a patch. We cannot use rpm to install updates unless it can fetch them from the webserver. i.e. http://server/update?machine=1234&prod=5678
Created attachment 110821 [details] disable glob for http
We have tested this, it works, but we do not have a formal test suite for RPM. Can someone please review and check this in ASAP. On the next up2date push of rpm, we will loose our changes to rpm (or worse)
Is there a particular reason that you are using a web server rather than RHN or a satellite server?
yes, client corporate requirements.
when using curl to work around this issue, you can encounter bug 145367 of curl in rhel. this needs to checked in asap.
I do not see why the severity has been lowered? If the severity has been lowered as part of a triage effort, I will raise it back to high in the days following if there is no activity.
It has been a year, with a patch...
Disabling a glob ain't exactly viable, handling the '?' as a URI option character is what needs to be done.
The severity has been lowered because you are not the only user, nor is this he only bug. There is nothing in this report that warrants marking severity HIGH imho. But feel free to do whatever you wish.
Fixed in rpm CVS, will be in rpm-4.4.8-0.9 when built. UPSTREAM
Not going to be fixed for RHEL 3 at this point in it's lifecycle, sorry. The curl bug has been fixed quite some time ago so at least it can be worked around reasonably easily.