1855708 – OpenSCAP doesn't take advantage of gzip compression when downloading remote content.

Bug 1855708 - OpenSCAP doesn't take advantage of gzip compression when downloading remote content.

Summary: OpenSCAP doesn't take advantage of gzip compression when downloading remote c...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	openscap
Sub Component:
Version:	8.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	8.0
Assignee:	Jan Černý
QA Contact:	Matus Marhefka
Docs Contact:	Jan Fiala
URL:
Whiteboard:
Depends On:
Blocks:	1870147
TreeView+	depends on / blocked

Reported:	2020-07-10 09:33 UTC by Matěj Týč
Modified:	2020-12-14 15:45 UTC (History)
CC List:	3 users (show)
Fixed In Version:	openscap-1.3.3-3.el8
Doc Type:	Enhancement
Doc Text:	.OpenSCAP compresses remote content With this update, OpenSCAP uses `gzip` compression for transferring remote content. The most common type of remote content is text-based CVE feeds, which increase in size over time and typically have to be downloaded for every scan. The `gzip` compression reduces the bandwidth to 10% of bandwidth needed for uncompressed content. As a result, this reduces bandwidth requirements across the entire chain between the scanned system and the server that hosts the remote content.
Clone Of:
Clones:	1870147 (view as bug list)
Environment:
Last Closed:	2020-11-04 02:29:43 UTC
Type:	Bug
Target Upstream Version:
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2020:4623	0	None	None	None	2020-11-04 02:29:57 UTC

Description Matěj Týč 2020-07-10 09:33:54 UTC

Description of problem:

Typically, remote content consists of large feeds in the XML format that can generally compress very well. As every scan that involves a rule that references remote content results in the content being downloaded, it creates a huge traffic load.

Version-Release number of selected component (if applicable):
oscap (at least) up to 1.3.4

How reproducible:
100%

Steps to Reproduce:
1.
2.
3.

Actual results:
OpenSCAP doesn't advertise that it supports compression by means of the accept-encoding header.

Expected results:
OpenSCAP takes advantage of the underlying libcurl engine, and accepts gzip or deflate encoding.

Additional info:

Comment 1 Matěj Týč 2020-07-10 09:36:17 UTC

https://github.com/OpenSCAP/openscap/pull/1557

Comment 2 Matus Marhefka 2020-07-16 12:08:51 UTC

Another PR which should make it easier to test this feature: https://github.com/OpenSCAP/openscap/pull/1561

Comment 12 errata-xmlrpc 2020-11-04 02:29:43 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (openscap bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4623

Note You need to log in before you can comment on or make changes to this bug.