Skip to content

R-latest.pkg link returning a 403 Forbidden error

10 messages · Jim Hester, Matthias Krawutschke, Simon Urbanek +3 more

Original
Jim Hester
# 
The link https://mac.r-project.org/bin/macosx/R-latest.pkg which
previously served the latest version of R is now returning a 403. Is
this an intentional change, or is it an unintentional? This link is
used by the Travis-CI build scripts for macOS, so if the link is no
longer valid we will need to update the script.

Thanks,

Jim
Simon Urbanek
# 
Thanks, should be fixed now (adding index removed symlink following permission).
Simon
3 days later
Matthias Krawutschke
# 
Dear Simon,

thank you so much. 
If I want to download the latest R-package with this link - i?ve got the cryptic signs in the window, but not the file ?

Best regars?.



Matthias Krawutschke, Dipl. Inf.

Universit?t Potsdam
ZIM - Zentrum f?r Informationstechnologie und Medienmanagement
Team High-Performance-Computing on Cluster - Environment

Campus Am Neuen Palais: Am Neuen Palais 10 | 14469 Potsdam
Tel: +49 331 977-4444, Fax: +49 331 977-1750

Internet: https://www.uni-potsdam.de/de/zim/angebote-loesungen/hpc.html


-----Urspr?ngliche Nachricht-----
Von: R-SIG-Mac <r-sig-mac-bounces at r-project.org> Im Auftrag von Simon Urbanek
Gesendet: Freitag, 14. Februar 2020 19:15
An: Jim Hester <james.hester at rstudio.com>
Cc: r-sig-mac at r-project.org
Betreff: Re: [R-SIG-Mac] R-latest.pkg link returning a 403 Forbidden error

Thanks, should be fixed now (adding index removed symlink following permission).
Simon
_______________________________________________
R-SIG-Mac mailing list
R-SIG-Mac at r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac
2 days later
Patrick Schratz
# 
@Simon

As of today the link still returns a 403 - other R versions work.
Could you have a look? Especially because the Travis CI runner by Jim relies on it, this is somewhat pressing.

Thanks.
On 18. Feb 2020, 07:43 +0100, Matthias Krawutschke <krawutschke at uni-potsdam.de>, wrote:

  
  


  


      

    

    

      
      

        


  

        

      Simon Urbanek
    

    

      
      #
    

  


  

      
Patrick,

it works just fine for me: 

$ curl -s -v -o /dev/null https://mac.r-project.org/bin/macosx/R-latest.pkg 
*   Trying 184.172.231.50...
* TCP_NODELAY set
* Connected to mac.r-project.org (184.172.231.50) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
[...]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=mac.r-project.org
*  start date: Jan 26 18:55:18 2020 GMT
*  expire date: Apr 25 18:55:18 2020 GMT
*  subjectAltName: host "mac.r-project.org" matched cert's "mac.r-project.org"
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*  SSL certificate verify ok.

            

      
      
      
    

        
< HTTP/1.1 200 OK
< Date: Thu, 20 Feb 2020 19:31:51 GMT
< Server: Apache
< Last-Modified: Sun, 15 Dec 2019 14:09:32 GMT
< ETag: "4d4a72f-599bea4d7df00"
< Accept-Ranges: bytes
< Content-Length: 81045295
< 

Please make sure you clear your caches and try directly without proxies.

Cheers,
Simon

            

      
      
      
    

        

      
      
    

            

      
      
      
    

        

      
      
    

  
  


  


      

    

    

      
      

        


  

        

      Bob Rudis
    

    

      
      #
    

  


  

      
Aye. It's working fine from more than a few vantage points I've tested
it from via personal internet endpoints and work systems.

I've setup a daily 0500 ET cron job to do a HEAD of said URL and
output a slice of the {httr} response object as JSON to:
https://rud.is/dl/r-latest.json in the event other folks have issues
and need a validation point from a third party.

I've also got a local (not internet-facing) script that monitors the
mirror status (separate from what CRAN does as it's just looking for
last-modified date of src/contrib/PACKAGES,
bin/windows/contrib/3.6/PACKAGES, and
bin/macosx/el-capitan/contrib/3.6/PACKAGES on all HTTPS CRAN mirrors).
It's not internet-facing since I use it to check my own internal CRAN
mirror but I can also make a public JSON endpoint for it as well if
that wld be helpful for folks.

-Bob

On Thu, Feb 20, 2020 at 2:36 PM Simon Urbanek

        
<simon.urbanek at r-project.org> wrote:

            

      
      
      
    

        

      
      
    

            

      
      
      
    

        

      
      
    

            

      
      
      
    

        

      
      
    

  
  


  


      

    

    

      
      

        


  

        

      Patrick Schratz
    

    

      
      #
    

  


  

      
Simon, sorry I was wrong with the version.
In fact, I am getting a 403 with the R-3.6 branch.?Other branches work fine.

curl -Osv http://mac.r-project.org/el-capitan/R-3.6-branch/R-3.6-branch-el-capitan-sa-x86_64.tar.gz ? I
* Trying 184.172.231.50...
* TCP_NODELAY set
* Connected to mac.r-project.org (184.172.231.50) port 80 (#0)

            

      
      
      
    

        
< HTTP/1.1 403 Forbidden
< Date: Fri, 21 Feb 2020 14:08:51 GMT
< Server: Apache
< Content-Length: 266
< Content-Type: text/html; charset=iso-8859-1
<
{ [266 bytes data]
* Connection #0 to host mac.r-project.org left intact
* Closing connection 0

Can anyone reproduce this or is this really on my side? If you, any hints on resolving this?

        
On 20. Feb 2020, 20:36 +0100, Simon Urbanek <simon.urbanek at r-project.org>, wrote:

            

      
      
      
    

        

      
      
    

            

      
      
      
    

        

      
      
    

            

      
      
      
    

        

  
  


  


      

    

    

      
      

        


  

        

      Peter Dalgaard
    

    

      
      #
    

  


  

      
Same here. Signed version is fine, though.

http://mac.r-project.org/el-capitan/R-3.6-branch/R-3.6-branch-el-capitan-signed.pkg

-pd

            

      
      
      
    

        

      
      
    

            

      
      
      
    

        

      
      
    

            

      
      
      
    

        

      
      
    

        

  
    

      
      
    

  


  


      

    

    

      
      

        


  

        

      Bob Rudis
    

    

      
      #
    

  


  

      
Hey Simon (et al),

I setup a 2x daily link checker job for mac.r-project.org. It outputs tabular results to https://rud.is/mac-r-project-links/ (timestamp at top is when the job ran). One table is for HTTP HEAD results and the other is for HTTPS HEAD results since the server doesn't auto-upgrade HTTP to HTTPS which could mean different status codes depending the underlying config.

It's also configured to send me a pushover notification for anything but 200 return status code an I'll post here or privately when you give me the go-ahead to do that (since it cld take a bit to fix the below :-).

Right now, the following links have non-200 status codes:

- 404 http://mac.r-project.org/mavericks/R-3.4-branch/R-3.4-branch-mavericks-signed.pkg
- 404 http://mac.r-project.org/RSwitch-1.1.dmg
- 404 http://mac.r-project.org/RSwitch-1.2.tar.gz
- 404 http://mac.r-project.org/RSwitch-1.1.tar.gz
- 403 http://mac.r-project.org/el-capitan/R-3.6-branch/R-3.6-branch-el-capitan-sa-x86_64.tar.gz

Lemme know if I can do any more monitoring/alerting for the site.

-boB

            

      
      
      
    

        

      
      
    

            

      
      
      
    

        

      
      
    

            

      
      
      
    

        

      
      
    

  
  


  


      

    

    
4 days later

    

      
      

        


  

        

      Bob Rudis
    

    

      
      #
    

  


  

      
Just a list FYI I'm keeping the status site up (https://rud.is/mac-r-project-links/) but since the current, remaining broken links aren't getting fixed I'm disabling Pushover notifications to me so I won't be able to proactively notify here if more links go bad.