search

juledwar / soufi

Source finder CLI and API
Apache License 2.0
0 stars 0 forks source link

CentOS repo auto-discovery throws an HTTP 403 exception #29

Closed 0xDEC0DE closed 2 years ago

0xDEC0DE commented 2 years ago

Steps to reproduce

soufi centos audit 2.8.5-4.el7

Expected result

https://vault.centos.org/centos//7.9.2009/os/Source/SPackages/audit-2.8.5-4.el7.src.rpm

Actual behavior

soufi.exceptions.DownloadError: Forbidden

Errata

This is due to a misconfiguration on vault.centos.org, their redirect of the path /centos goes to https://vault1.origin.centos.org/centos/, which requires authorization for some reason. Fetching the path /centos/ works as expected. But soufi should really go to the correct location on the first try without relying on HTTP 301