[Bug 226780] Re: apt-key net-update does not obey APT::Acquire::http::Proxy

[Adam Stokes]

** Description changed:

- Binary package hint: apt
+ [Impact] 
+ IWBNI apt-key obeyed apt's network preferences like the rest of the apt-* tools do. The fix is to append a timeout option to wget which is invoked in apt-key during key retrieval.
  
- IWBNI apt-key obeyed apt's network preferences like the rest of the
- apt-* tools do.
+ [Test Case]
+ # iptables -A OUTPUT -p tcp --dport 80 -j DROP
+ # wget -q -N http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg
+ [endless hang] ^C
+ 
+ # iptables -F
+ # iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+ # wget --timeout=90 -q -N http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg
+ [returns in 90 seconds]
+ #
+ # iptables -F
+ # wget --timeout=90 -q -N http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg
+ [returns instantly]
+ #
+ #
+ # iptables -A OUTPUT -p tcp --dport 80 -j DROP
+ # route del default
+ # wget --timeout=90 -q -N http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg
+ [returns instantly]
+ 
+ [Regression Potential]
+ Potential for regression is minimal as this would allow apt-key to successfully timeout if the keyserver is unreachable and allow for continued operation required by other services (i.e. cron executed instances)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/226780

Title:
  apt-key net-update does not obey APT::Acquire::http::Proxy

Status in “apt” package in Ubuntu:
  Triaged
Status in “apt” source package in Lucid:
  Triaged
Status in “apt” source package in Natty:
  New
Status in “apt” source package in Oneiric:
  New
Status in “apt” source package in Precise:
  Triaged

Bug description:
  [Impact] 
  IWBNI apt-key obeyed apt's network preferences like the rest of the apt-* tools do. The fix is to append a timeout option to wget which is invoked in apt-key during key retrieval.

  [Test Case]
  # iptables -A OUTPUT -p tcp --dport 80 -j DROP
  # wget -q -N http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg
  [endless hang] ^C

  # iptables -F
  # iptables -A OUTPUT -p tcp --dport 80 -j REJECT
  # wget --timeout=90 -q -N http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg
  [returns in 90 seconds]
  #
  # iptables -F
  # wget --timeout=90 -q -N http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg
  [returns instantly]
  #
  #
  # iptables -A OUTPUT -p tcp --dport 80 -j DROP
  # route del default
  # wget --timeout=90 -q -N http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg
  [returns instantly]

  [Regression Potential]
  Potential for regression is minimal as this would allow apt-key to successfully timeout if the keyserver is unreachable and allow for continued operation required by other services (i.e. cron executed instances)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/226780/+subscriptions