FileZilla.munki recipe failing

[eshirk]

FileZilla.munki is running into CodeSignatureVerifier errors.

[klou]

see #48

[fkick]

Looks like this is still failing per #92

[klou]

It looks like some combination of:

• The FilezillaURLProvider update_url is incorrect
• The FilezillaURLProvider update_url has certificate issues
• something else (descriptive, I know)

In any case, the downloaded FileZilla.tar.bz2 is not a valid tarball, so the Unarchiver can't handle it. So it's not CodeSignatureVerifier-related, at least.

[aysiu]

FileZilla now seems to have a .dmg download at https://filezilla-project.org/download.php?type=client

[aysiu]

I've put in two pull requests to download the .dmg with the proper code signature verification: https://github.com/autopkg/keeleysam-recipes/pull/96 https://github.com/autopkg/keeleysam-recipes/pull/95

[klou]

Yes, but isn't that the "bundled with ads and other things" version?

[aysiu]

Doh! You're right!

[aysiu]

So earlier you said

The FilezillaURLProvider update_url is incorrect

If the one I was using is the ad-bundled one, and the one in the recipe currently is "incorrect," which is the correct URL to use?

[aysiu]

I think I found it: https://filezilla-project.org/download.php?show_all=1

[eshirk]

That’s where I’ve been getting ‘clean’ downloads after the recipe started failing.

On Sep 20, 2018, at 10:30 AM, aysiu notifications@github.com<mailto:notifications@github.com> wrote:

I think I found it: https://filezilla-project.org/download.php?show_all=1

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/autopkg/keeleysam-recipes/issues/93#issuecomment-423226508, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AazySy9wvm2TxfaHKDaxr81E5skmCxVpks5uc7SWgaJpZM4VdLvl.

[aysiu]

In any case, the downloaded FileZilla.tar.bz2 is not a valid tarball, so the Unarchiver can't handle it. So it's not CodeSignatureVerifier-related, at least.

I'm trying to get around this with maybe a user agent string in the headers, but it's still downloading a 9 KB file instead of a 10 MB one.

[klou]

Well, I'm not sure how the FileZillaURLProvider works - but I suspect that it parses the URL used in the FZ built-in UpdateCheck. This may have changed -- probably need to do a wireshark parse to find it. Either way, the current parse returns an invalid response.

[aysiu]

I'm trying a sample recipe without even using FileZillaURLProvider—just trying a regular URLTextSearcher and URLDownloader. I'm also even just trying curl in a terminal without AutoPkg. Can't get the download the work properly.

[klou]

FWIW, the OLD UpdateURL currently referenced in FileZillaURLProvider looks like it has an untrusted certificate. And the current FileZilla (v3.36+) Update Check contacts a different FQDN over SSL, so I couldn't grab a URL off of it.

[aysiu]

Okay. Fixed with this pull request: https://github.com/autopkg/keeleysam-recipes/pull/97

I think the whole URL provider python script may have to go, too. There are nightly builds, but they can't just specified with an additional parameter. And I can't find any beta builds.

[Firefishy]

The download URL now checks for user-agent. The following works:

curl -v -H 'Connection: close' -H 'User-Agent: FileZilla 3.25.1' "https://dl1.cdn.filezilla-project.org/FileZilla_3.37.4_macosx-x86.app.tar.bz2" -O