zypper https urls: Protocol "http" not supported or disabled in libcurl

Hi,

The story which leads to the question: I am packaging the tool mkosi which creates an OS image, using zypper.

So I hope this the correct place to ask for help on zypper/curl.

mkosi uses /var/tmp/mkosi-3new2jrs/root/ as root for the new image, then it adds some repos with zypper. So in this example the command looks like:

zypper --root /var/tmp/mkosi-3new2jrs/root addrepo -ck https://download.opensuse.org/update/tumbleweed/ Updates

However this fails:

Adding repository 'Updates' -------------------------------------------------------------------------------------------------------------------------------\]
Download (curl) error for 'https://download.opensuse.org/update/tumbleweed/repodata/repomd.xml':
Error code:  Bad URL
Error message: Protocol "http" not supported or disabled in libcurl

Abort, retry, ignore? [a/r/i/...? shows all options] (a): 

Somehow this does not support HTTPS, it works with the HTTP protocol. However, not using the --root flag works fine. So zypper itself seems to support it.

To reproduce, you can install the package mkosi in TW and replace http://download.opensuse.org with https://download.opensuse.org in /usr/bin/mkosi (The shipped version uses HTTP instead of the preferred HTTPS).

Do you have any idea what prevents zypper/curl from supporting HTTPS? /var/tmp/mkosi-3new2jrs/root/ there is no /etc/, only /var/{cache,lib,log,run}

It’s a server “problem” I think. The error message is just misleading…

See https://forums.opensuse.org/showthread.php/527052-Cached-files-in-home-cache-kioexec-krun-_-How-to-avoid?p=2838330#post2838330

To repeat the relevant part here:

$ curl https://download.opensuse.org/repositories/KDE:Extra/openSUSE_Leap_42.3/KDE:Extra.repo
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://download.opensuse.org/repositories/KDE:/Extra/
openSUSE_Leap_42.3/KDE:Extra.repo">here</a>.</p>
<hr>
<address>Apache/2.2.34 (Linux/SUSE) Server at download.opensuse.org Port 443</address>
</body></html>

In the zypper scripts I’ve written,
I’ve likely avoided this by simply invoking “su” or “sudo” instead.
In fact this practice more or less motivates me to properly modularize my code into indivdual sub-scripts, each running with a specific security context, making it more unwieldy to write spaghetti code (which would be easier to do if all I had to do was invoke a --root flag in a command).

IMO/HTH,
TSU

Thanks for your help!

What’s puzzling me is that other URLs work:

> sudo zypper ar -c https://download.opensuse.org/tumbleweed/repo/oss/ openSUSE-Tumbleweed-Oss-HTTPS
Adding repository 'openSUSE-Tumbleweed-Oss-HTTPS' ......................................................................................................[done]
Repository 'openSUSE-Tumbleweed-Oss-HTTPS' successfully added

URI         : https://download.opensuse.org/tumbleweed/repo/oss/
Enabled     : Yes                                               
GPG Check   : Yes                                               
Autorefresh : No                                                
Priority    : 99 (default priority)                             

Repository priorities in effect:                                                                                              (See 'zypper lr -P' for details)
      99 (default priority) :  7 repositories
     100 (lowered priority) :  1 repository  
     101 (lowered priority) :  1 repository  

As opposed to:


> sudo zypper addrepo -ck https://download.opensuse.org/update/tumbleweed/ Updates-Test
Adding repository 'Updates-Test' --------------------------------------------------------------------------------------------------------------------------\]
Download (curl) error for 'https://download.opensuse.org/update/tumbleweed/repodata/repomd.xml':
Error code:  Bad URL
Error message: Protocol "http" not supported or disabled in libcurl

Abort, retry, ignore? [a/r/i/...? shows all options] (a): a
Abort, retry, ignore? [a/r/i/...? shows all options] (a):                 
Adding repository 'Updates-Test' .......................................................................................................................[done]
Unknown problem when adding repository:
Unknown error reading from 'https://download.opensuse.org/update/tumbleweed/'
Repository priorities in effect:                                                                                              (See 'zypper lr -P' for details)
      99 (default priority) :  7 repositories
     100 (lowered priority) :  1 repository  
     101 (lowered priority) :  1 repository  

Did you try to actually read the discussion @wolfi323 mentioned?

I only read the mentioned posts, but reading the post after it does explain the problem. Thanks!