lazka
commented
3 years ago I guess somehow related to https://git.archlinux.org/pacman.git/commit/lib/libalpm/dload.c?id=a8bdc2e10ad6c942f3f1dbbbb77c126578a41bd3 ?
Closed jeremyd2019 closed 2 years ago
lazka
commented
3 years ago I guess somehow related to https://git.archlinux.org/pacman.git/commit/lib/libalpm/dload.c?id=a8bdc2e10ad6c942f3f1dbbbb77c126578a41bd3 ?
jeremyd2019
commented
3 years ago That's probably it. But it looks from that long name that it is trying to set content-disposition, which should have had precedence over the "name" of all the query string parameters.
jeremyd2019
commented
3 years ago Nope, I think it's actually https://github.com/msys2/msys2-pacman/commit/f078c2d3bcb72bafda0dce5fe2c9418ca462bb1a:
To build *.sig file url we've been using a simple string concatenation: $requested_url + ".sig". Unfortunately there are cases when it does not work. For example an archlinux.org "Download From Mirror" link looks like this https://www.archlinux.org/packages/core/x86_64/bash/download/ and it gets redirected to some mirror. But if we append ".sig" to the end of the link url and try to download it then archlinux.org returns 404 error.
To overcome this issue we need to follow redirects for the main payload first, find the final url and only then append '.sig' suffix.
lazka
commented
3 years ago jeremyd2019
commented
3 years ago Nice, at least it's not just me for a change :wink:
lazka
commented
3 years ago There is a proposed upstream patch now: https://lists.archlinux.org/pipermail/pacman-dev/2021-June/025222.html
jeremyd2019
commented
3 years ago The most recent version of this patch seems to be https://lists.archlinux.org/pipermail/pacman-dev/2021-June/025252.html
lazka
commented
2 years ago I think sourceforge is also affected by this after https://github.com/msys2/MSYS2-packages/pull/2571
lempamo
commented
2 years ago yep. ran into this when trying to install gtk4. specifically happened with the following dependencies:
mingw-w64-x86_64-chromaprint-1.5.0-1
mingw-w64-x86_64-gst-plugins-bad-1.18.4-7
mingw-w64-x86_64-libbs2b-3.1.0-1
mingw-w64-x86_64-libdca-0.0.7-1
mingw-w64-x86_64-libdvdnav-6.1.0-2
mingw-w64-x86_64-libmpeg2-git-r1108.946bf4b-1
mingw-w64-x86_64-libnice-0.1.18-2
mingw-w64-x86_64-soundtouch-2.2-1
mingw-w64-x86_64-vo-amrwbenc-0.1.3-1
mingw-w64-x86_64-webrtc-audio-processing-0.3.1-1I'm surprised that this hasn't gotten any more attention upstream by now.
jeremyd2019
commented
2 years ago It looks like some movement is happening upstream now. https://lists.archlinux.org/pipermail/pacman-dev/2021-September/025316.html
lazka
commented
2 years ago fixed in 6.0.1
jeremyd2019
commented
2 years ago Cool, I kind of thought a 6.0.1 was imminent because patches had broken loose upstream.
Background: I have been using a GitHub release to host my 32-bit msys2 builds for almost a year. More recently, I used them to host bootstrapping stages for clang, and am still using one to host clangarm64 which I have started signing.
Testing pacman 6.0 which was recently merged (but not yet out of staging) I started getting errors of the form:
I have done more testing, and it seems that this also breaks the now-signed clangarm64 repo if I switch it from
Optionalfor the test:I am guessing that pacman 6 appends
.sigto the URL after redirects are processed now rather than before, which breaks with GitHub's crazy long S3 URLs.