emacs-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debbugs-tracker] bug#18524: closed (Guix unable to download from github

From: GNU bug Tracking System
Subject: [debbugs-tracker] bug#18524: closed (Guix unable to download from github due to TLS fatal alert)
Date: Sun, 02 Nov 2014 22:13:01 +0000 
Your message dated Sun, 02 Nov 2014 23:12:41 +0100
with message-id <address@hidden>
and subject line Re: bug#18524: Guix unable to download from github due to TLS 
fatal alert
has caused the debbugs.gnu.org bug report #18524,
regarding Guix unable to download from github due to TLS fatal alert
to be marked as done.

(If you believe you have received this mail in error, please contact
address@hidden)


-- 
18524: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=18524
GNU Bug Tracking System
Contact address@hidden with problems
--- Begin Message --- Subject: Re: Guix unable to download from github due to TLS fatal alert Date: Wed, 13 Aug 2014 23:56:30 +0200 User-agent: Gnus/5.130011 (Ma Gnus v0.11) Emacs/24.3 (gnu/linux) 
Mark H Weaver <address@hidden> skribis:

> Here's what happens:
>
> $ guix download https://github.com/downloads/magit/magit/magit-1.2.0.tar.gz
> starting download of `guix-file.cszPnB' from 
> `https://github.com/downloads/magit/magit/magit-1.2.0.tar.gz'...
> following redirection to 
> `https://cloud.github.com/downloads/magit/magit/magit-1.2.0.tar.gz'...
> ERROR: Throw to key `gnutls-error' with args `(#<gnutls-error-enum A TLS 
> fatal alert has been received.> handshake)'.
> failed to download "guix-file.cszPnB" from 
> "https://github.com/downloads/magit/magit/magit-1.2.0.tar.gz";
> guix download: error: 
> https://github.com/downloads/magit/magit/magit-1.2.0.tar.gz: download failed

I see that as well.  However, other github.com URLs works:

--8<---------------cut here---------------start------------->8---
$ guix download https://github.com/flavio/qjson/archive/0.8.1.tar.gz
starting download of `guix-file.tL8gal' from 
`https://github.com/flavio/qjson/archive/0.8.1.tar.gz'...
following redirection to 
`https://codeload.github.com/flavio/qjson/tar.gz/0.8.1'...
https://codeload.github.com/.../0.8.1   100.0% of 71.6 KiB
/gnu/store/fqfm3zm9pzwgic9sz2x8hk8ykm9yhkqw-0.8.1.tar.gz
163fspi0xc705irv79qw861fmh68pjyla9vx3kqiq6xrdhb9834j

$ guix download https://github.com/maebert/jrnl/archive/1.8.4.tar.gz
starting download of `guix-file.oK809e' from 
`https://github.com/maebert/jrnl/archive/1.8.4.tar.gz'...
following redirection to 
`https://codeload.github.com/maebert/jrnl/tar.gz/1.8.4'...
https://codeload.github.com/.../1.8.4   100.0% of 162.4 KiB
/gnu/store/cb39bf5ljrglj72bxarcsws241qhw5a8-1.8.4.tar.gz
019ky09sj5i7frmca0imv4jm46mn3f4lzah2wmiwxh22cisj7ksn
--8<---------------cut here---------------end--------------->8---

With debugging enabled in build/download.scm, the relevant part is:

--8<---------------cut here---------------start------------->8---
gnutls: [699|3] HSK[0x104e530]: CLIENT HELLO was queued [249 bytes]
gnutls: [699|7] HWRITE: enqueued [CLIENT HELLO] 249. Total 249 bytes.
gnutls: [699|7] HWRITE FLUSH: 249 bytes in buffer.
gnutls: [699|4] REC[0x104e530]: Preparing Packet Handshake(22) with length: 249 
and min pad: 0
gnutls: [699|9] ENC[0x104e530]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls: [699|7] WRITE: enqueued 254 bytes for 0xe. Total 254 bytes.
gnutls: [699|4] REC[0x104e530]: Sent Packet[1] Handshake(22) in epoch 0 and 
length: 254
gnutls: [699|7] HWRITE: wrote 1 bytes, 0 bytes left.
gnutls: [699|7] WRITE FLUSH: 254 bytes in buffer.
gnutls: [699|7] WRITE: wrote 254 bytes, 0 bytes left.
gnutls: [699|2] ASSERT: gnutls_buffers.c:1075
gnutls: [699|7] READ: Got 5 bytes from 0xe
gnutls: [699|7] READ: read 5 bytes from 0xe
gnutls: [699|7] RB: Have 0 bytes into buffer. Adding 5 bytes.
gnutls: [699|7] RB: Requested 5 bytes
gnutls: [699|4] REC[0x104e530]: SSL 3.3 Alert packet received. Epoch 0, length: 
2
gnutls: [699|4] REC[0x104e530]: Expected Packet Handshake(22)
gnutls: [699|4] REC[0x104e530]: Received Packet Alert(21) with length: 2
gnutls: [699|7] READ: Got 2 bytes from 0xe
gnutls: [699|7] READ: read 2 bytes from 0xe
gnutls: [699|7] RB: Have 5 bytes into buffer. Adding 2 bytes.
gnutls: [699|7] RB: Requested 7 bytes
gnutls: [699|4] REC[0x104e530]: Decrypted Packet[0] Alert(21) with length: 2
gnutls: [699|4] REC[0x104e530]: Alert[2|40] - Handshake failed - was received
--8<---------------cut here---------------end--------------->8---

Wget can be made to fail similarly:

--8<---------------cut here---------------start------------->8---
$ wget --secure-protocol=SSLv3 -O /dev/null 
https://github.com/downloads/magit/magit/magit-1.2.0.tar.gz
--2014-08-13 23:48:53--  
https://github.com/downloads/magit/magit/magit-1.2.0.tar.gz
Resolving github.com... 192.30.252.128
Connecting to github.com|192.30.252.128|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://cloud.github.com/downloads/magit/magit/magit-1.2.0.tar.gz 
[following]
--2014-08-13 23:48:54--  
https://cloud.github.com/downloads/magit/magit/magit-1.2.0.tar.gz
Resolving cloud.github.com... 54.230.44.78, 54.230.44.145, 54.230.44.189, ...
Connecting to cloud.github.com|54.230.44.78|:443... connected.
GnuTLS: A TLS fatal alert has been received.
GnuTLS: received alert [40]: Handshake failed
Unable to establish SSL connection.
--8<---------------cut here---------------end--------------->8---

But its default --secure-protocol=auto just works, although its gnutls.c
just seems to use the default priorities like we do.

Further investigation needed...

Ludo’.

--- End Message ---
--- Begin Message --- Subject: Re: bug#18524: Guix unable to download from github due to TLS fatal alert Date: Sun, 02 Nov 2014 23:12:41 +0100 User-agent: Gnus/5.130011 (Ma Gnus v0.11) Emacs/24.3 (gnu/linux) 
Was fixed with the GnuTLS upgrade in
3de9a5936c09038d5eeb1fab6966f34f8ea30574.

Ludo’.

--- End Message ---
reply via email to
[Prev in Thread] Current Thread [Next in Thread]