T-Gander/ProxmoxVEDHelperScripts
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity

Detect apt SSL errors and use http mirrors

Browse Source 
Add explicit detection of SSL/certificate errors when running apt-get update and treat those mirrors as failed (logs a short SSL error snippet and returns failure). Change mirror URL rewrites to use http:// instead of https:// when substituting mirror hosts, and remove ftp.in.debian.org from the AP mirror lists. Changes applied to misc/build.func (try_mirrors) and misc/install.func (pkg_update/_try_apt_mirror) to improve mirror fallback behavior and error reporting.
This commit is contained in:
CanbiZ (MickLesk)
2026-03-26 15:12:43 +01:00
parent cd1c412822
commit f8ca562da6
2 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
misc/build.func
View File

@@ -4607,7 +4607,7 @@ EOF'
APT_BASE="sudo curl mc gnupg2 jq"
EU_MIRRORS="ftp.de.debian.org ftp.fr.debian.org ftp.nl.debian.org ftp.uk.debian.org ftp.ch.debian.org ftp.se.debian.org ftp.it.debian.org ftp.fau.de ftp.halifax.rwth-aachen.de debian.mirror.lrz.de mirror.init7.net debian.ethz.ch mirrors.dotsrc.org debian.mirrors.ovh.net"
US_MIRRORS="ftp.us.debian.org ftp.ca.debian.org debian.csail.mit.edu mirrors.ocf.berkeley.edu mirrors.wikimedia.org debian.osuosl.org mirror.cogentco.com"
AP_MIRRORS="ftp.au.debian.org ftp.jp.debian.org ftp.tw.debian.org ftp.kr.debian.org ftp.in.debian.org ftp.hk.debian.org ftp.sg.debian.org mirror.aarnet.edu.au mirror.nitc.ac.in"
AP_MIRRORS="ftp.au.debian.org ftp.jp.debian.org ftp.tw.debian.org ftp.kr.debian.org ftp.hk.debian.org ftp.sg.debian.org mirror.aarnet.edu.au mirror.nitc.ac.in"
TZ=$(cat /etc/timezone 2>/dev/null || echo "UTC")
case "$TZ" in
@@ -4621,7 +4621,7 @@ EOF'
try_mirrors() {
for src in /etc/apt/sources.list.d/debian.sources /etc/apt/sources.list; do
[ -f "$src" ] && sed -i "s|URIs: http[s]*://[^/]*/|URIs: https://${1}/|g; s|deb http[s]*://[^/]*/|deb https://${1}/|g" "$src"
[ -f "$src" ] && sed -i "s|URIs: http[s]*://[^/]*/|URIs: http://${1}/|g; s|deb http[s]*://[^/]*/|deb http://${1}/|g" "$src"
done
rm -rf /var/lib/apt/lists/*
APT_OUT=$(apt-get update 2>&1)
@@ -4630,6 +4630,10 @@ EOF'
echo " [fail] $1 (hash mismatch)"
echo "$APT_OUT" | grep -i "hash" | head -3 | sed "s/^/ /"
return 1
elif echo "$APT_OUT" | grep -qi "SSL\|certificate"; then
echo " [fail] $1 (SSL error)"
echo "$APT_OUT" | grep -i "SSL\|certificate" | head -3 | sed "s/^/ /"
return 1
elif [ $APT_RC -ne 0 ]; then
echo " [fail] $1 (apt-get update error)"
echo "$APT_OUT" | grep "^E:" | head -3 | sed "s/^/ /"

8
misc/install.func
View File

@@ -204,7 +204,7 @@ pkg_update() {
msg_warn "apt-get update failed, trying alternate mirrors..."
local eu_mirrors="ftp.de.debian.org ftp.fr.debian.org ftp.nl.debian.org ftp.uk.debian.org ftp.ch.debian.org ftp.se.debian.org ftp.it.debian.org ftp.fau.de ftp.halifax.rwth-aachen.de debian.mirror.lrz.de mirror.init7.net debian.ethz.ch mirrors.dotsrc.org debian.mirrors.ovh.net"
local us_mirrors="ftp.us.debian.org ftp.ca.debian.org debian.csail.mit.edu mirrors.ocf.berkeley.edu mirrors.wikimedia.org debian.osuosl.org mirror.cogentco.com"
local ap_mirrors="ftp.au.debian.org ftp.jp.debian.org ftp.tw.debian.org ftp.kr.debian.org ftp.in.debian.org ftp.hk.debian.org ftp.sg.debian.org mirror.aarnet.edu.au mirror.nitc.ac.in"
local ap_mirrors="ftp.au.debian.org ftp.jp.debian.org ftp.tw.debian.org ftp.kr.debian.org ftp.hk.debian.org ftp.sg.debian.org mirror.aarnet.edu.au mirror.nitc.ac.in"
local tz regional others
tz=$(cat /etc/timezone 2>/dev/null || echo "UTC")
@@ -232,7 +232,7 @@ pkg_update() {
_try_apt_mirror() {
local m=$1
for src in /etc/apt/sources.list.d/debian.sources /etc/apt/sources.list; do
[[ -f "$src" ]] && sed -i "s|URIs: http[s]*://[^/]*/|URIs: https://${m}/|g; s|deb http[s]*://[^/]*/|deb https://${m}/|g" "$src"
[[ -f "$src" ]] && sed -i "s|URIs: http[s]*://[^/]*/|URIs: http://${m}/|g; s|deb http[s]*://[^/]*/|deb http://${m}/|g" "$src"
done
rm -rf /var/lib/apt/lists/*
local out
@@ -241,6 +241,10 @@ pkg_update() {
msg_warn "Mirror failed: ${m} (hash mismatch)"
echo "$out" | grep -i "hash" | head -3 | sed 's/^/ /'
return 1
elif echo "$out" | grep -qi "SSL\|certificate"; then
msg_warn "Mirror failed: ${m} (SSL error)"
echo "$out" | grep -i "SSL\|certificate" | head -3 | sed 's/^/ /'
return 1
elif echo "$out" | grep -q "^E:"; then
msg_warn "Mirror failed: ${m} (apt-get update error)"
echo "$out" | grep "^E:" | head -3 | sed 's/^/ /'