Am 12.03.2010 um 08:30 schrieb Roger Oberholtzer:
On Wed, 2010-03-10 at 14:18 +0100, Peter Pöml wrote:
Hi,
So IMO what we see is a violation of RFC2616 by the Ironport appliance. Might be worthwhile to open a bug with its manufacturer.
I got the IT guys to let me out without going through the proxy. And magically all worked. That does not mean the IronPort is the source of the problem. Do we know that aria2c does the right thing when range requests are disabled? The reason the IronPort disables range requests is that when they are on it cannot check the downloads for malware. It needs the whole thing to do so.
As mentioned before, disabling byte ranges is fine, however then the proxy must also remove the header line that claims that byte ranges are supported. This is a very simple header manipulation that the manufacturer of the appliance just overlooked. Maybe your IT guys could even work around by configuring the removal of the header manually -- if that's possible. I'd suggest asking them whether they can completely suppress that header line by filtering it.
When the range issue is sorted, another issue could be that arias2c would have to wait for the proxy to download the whole item and check it before aria2c sees the first byte. For large/slow items, I guess that could be an issue. Or not.
That would be a principal issue with any intercepting intermediary that scans for malware.
But I will start by seeing about the range request issue. Anyone have any ideas on how I can tell that aria2c is even trying to detect if range requests are allowed?
I should note that I don't claim that fixing the problem in IronPort will necessarily make aria2c work in your situation. There could of course also be a problem with aria2c, in addition to the evident problem in IronPort. I tried to download a file http://opensuse.mirrors.proxad.net/opensuse/, which happens to have byte ranges disabled. Just pick a file from there and run aria2c with the URL. aria2c reports some warnings on the way, but downloads correctly in the end (I verified with a cryptographic hash). I interrupt the download, I can't restart it later - which makes sense in a way, because without byte range support there is no way to complete a download other than starting from the beginning. So I'd say, aria2c does the best it can and works correctly here (despite some warnings that it expresses). Peter-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org