Opened 4 years ago

Closed 4 years ago

#5302 closed defect (fixed)

HTTPS support for osm replication updates

Reported by: rameshj1977@… Owned by: Tom Hughes
Priority: minor Milestone:
Component: admin Version:
Keywords: Cc:

Description

https://planet.openstreetmap.org/replication/day/000/000/

Since the OSM updates diff support only http, I cannot update the OSM database in my production environment due to security issue. It is vulnerable to MITM(Man-In-The-Middle) attack. When I tried https url, it redirects to http url.

Is there any specific reason for not having https support ?

It would be great, if OSM gives support https. And also OSM may add md5check sum details in the xx_state.txt files.

I am ready to take this task and contribute. Can you guide me, where to start ?

Change History (4)

comment:1 Changed 4 years ago by Tom Hughes

Component: datasourcesadmin
Owner: changed from mikel_maron@… to Tom Hughes
Priority: majorminor
Type: taskdefect

comment:2 Changed 4 years ago by Tom Hughes

I suspect this is just a bug in the redirector script that handles redirection of downloads of the full planet to one of the mirror sites. In this case there is no mirror site so it shouldn't redirect.

comment:3 Changed 4 years ago by Tom Hughes

Actually it looks like I just set it up to redirect all https to http for some reason...

comment:4 Changed 4 years ago by Tom Hughes

Resolution: fixed
Status: newclosed

Fixed in 5f2de35/chef. Adding md5s to the state files would have to be done in osmosis - see http://wiki.openstreetmap.org/wiki/Osmosis for more information.

Note: See TracTickets for help on using tickets.