I think I found it. It looks to be a yum/urlgrabber issue. urlgrabber.py: << # should we be using urllib.splituser and splitpasswd instead? user_password, host = string.split(host, '@', 1) user, password = string.split(user_password, ':', 1) auth_handler.add_password(None, host, user, password) >> See how we're using string.split on user_password? That isn't doing any url unescaping. So when we add the user/password to the auth handler, it contains the escaped text (p%40ssword instead of p@ssword). The funny thing is that Michael has a comment on using splituser/splitpasswd instead, which does do unescaping and is probably the best way to fix this. I remember seeing that comment in some of my recent urlgrabber work and thinking that string.split should work fine, not to worry about it. :/ I'll put something in bugzilla, send up a patch for yum2.0.5 and fix this in the new urlgrabber cvs as well. - Ryan
