Opened 4 years ago
Closed 4 years ago
#5302 closed defect (fixed)
HTTPS support for osm replication updates
| Reported by: | Owned by: | Tom Hughes | |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | admin | Version: | |
| Keywords: | Cc: |
Description
https://planet.openstreetmap.org/replication/day/000/000/
Since the OSM updates diff support only http, I cannot update the OSM database in my production environment due to security issue. It is vulnerable to MITM(Man-In-The-Middle) attack. When I tried https url, it redirects to http url.
Is there any specific reason for not having https support ?
It would be great, if OSM gives support https. And also OSM may add md5check sum details in the xx_state.txt files.
I am ready to take this task and contribute. Can you guide me, where to start ?
Change History (4)
comment:1 Changed 4 years ago by
| Component: | datasources → admin |
|---|---|
| Owner: | changed from mikel_maron@… to Tom Hughes |
| Priority: | major → minor |
| Type: | task → defect |
comment:2 Changed 4 years ago by
comment:3 Changed 4 years ago by
Actually it looks like I just set it up to redirect all https to http for some reason...
comment:4 Changed 4 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Fixed in 5f2de35/chef. Adding md5s to the state files would have to be done in osmosis - see http://wiki.openstreetmap.org/wiki/Osmosis for more information.
I suspect this is just a bug in the redirector script that handles redirection of downloads of the full planet to one of the mirror sites. In this case there is no mirror site so it shouldn't redirect.