** Description changed: If there is a repository that needs authentication with a long password - (>64 chars) this is not handled well in apt. It will simply cut it off - and the authentication will fail with a error from the server instead of - indicating that the password is too long. + or username (>64 chars) this is not handled well in apt. It will simply + cut it off and the authentication will fail with a error from the server + instead of indicating that the password is too long. The maximum size of the user/password needs to be increased and a proper error message on overflow needs to be given. To test this we need a repository with a long username/password. + + = Test Case = + We'll use a pretend repository without any packages at murraytwins.com + 1) Add the following line to /etc/apt/sources.list: + deb http://murraytwins.com/repository precise multiverse + 2) Add the following line (yes, it's all one line) to /etc/apt/auth.conf (likely a new file) + machine murraytwins.com/repository/ login mrzx4l98d4tp89jab6giohdrjqysbyjs4npz2ccq25kvjmf5h8u4cmidcko7s4tfr6ur1teuv4ju1af-bp8wz2-hwbqs6tox1bv6csee9psn5309v7488f3dugifm692db2xfq8n1fsz7l87835tr0q36m2p3ftwpoqoy6 password password + 3) Run apt-get update + 4) Observe a 401 for murraytwins.com: + W: Failed to fetch http://murraytwins.com/repository/dists/precise/multiverse/binary-amd64/Packages 401 Authorization Required + + With the version of the package from -proposed you'll receive a 404 + instead of a 401.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1065429 Title: Long passwords for authenticated repositories not handled well To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1065429/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
