From unknown Wed Jun 25 03:56:53 2025 X-Loop: help-debbugs@gnu.org Subject: bug#18524: Guix unable to download from github due to TLS fatal alert Resent-From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Original-Sender: "Debbugs-submit" Resent-CC: help-debbugs@gnu.org Resent-Date: Mon, 22 Sep 2014 12:10:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 18524 X-GNU-PR-Package: debbugs.gnu.org X-GNU-PR-Keywords: To: Mark H Weaver Cc: guix-devel@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.141138776720922 (code B ref -1); Mon, 22 Sep 2014 12:10:02 +0000 Received: (at submit) by debbugs.gnu.org; 22 Sep 2014 12:09:27 +0000 Received: from localhost ([127.0.0.1]:48173 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XW2Qo-0005RN-Ta for submit@debbugs.gnu.org; Mon, 22 Sep 2014 08:09:27 -0400 Received: from eggs.gnu.org ([208.118.235.92]:53155) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XW2Qn-0005RD-3H for submit@debbugs.gnu.org; Mon, 22 Sep 2014 08:09:25 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XW2QY-00076E-F3 for submit@debbugs.gnu.org; Mon, 22 Sep 2014 08:09:24 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.2 required=5.0 tests=BAYES_50,RP_MATCHES_RCVD, TVD_RCVD_SPACE_BRACKET,UNPARSEABLE_RELAY autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([208.118.235.17]:60100) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XW2QY-00070n-CJ for submit@debbugs.gnu.org; Mon, 22 Sep 2014 08:09:10 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51588) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XW2Fn-0004Fc-N7 for bug-guix@gnu.org; Mon, 22 Sep 2014 07:58:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XW2Fh-0003py-BP for bug-guix@gnu.org; Mon, 22 Sep 2014 07:58:03 -0400 Received: from hera.aquilenet.fr ([2a01:474::1]:53274) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XW2Fh-0003pR-0o for bug-guix@gnu.org; Mon, 22 Sep 2014 07:57:57 -0400 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 502C13A84 for ; Mon, 22 Sep 2014 13:48:50 +0200 (CEST) Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uEs6lX8-pxhh for ; Mon, 22 Sep 2014 13:48:50 +0200 (CEST) Received: from pluto (reverse-83.fdn.fr [80.67.176.83]) by hera.aquilenet.fr (Postfix) with ESMTPSA id CF3232F4E for ; Mon, 22 Sep 2014 13:48:49 +0200 (CEST) Resent-To: bug-guix@gnu.org Resent-From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Resent-Date: Mon, 22 Sep 2014 13:48:50 +0200 Resent-Message-ID: <87sijjri3h.fsf@gnu.org> Received: from solo.fdn.fr ([unix socket]) by solo (Cyrus v2.4.16-Debian-2.4.16-4+deb7u2) with LMTPA; Wed, 13 Aug 2014 23:56:54 +0200 X-Sieve: CMU Sieve 2.4 Received: by solo.fdn.fr (Postfix) id C74CBD07CC; Wed, 13 Aug 2014 23:56:54 +0200 (CEST) Received: from fencepost.gnu.org (fencepost.gnu.org [IPv6:2001:4830:134:3::e]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by solo.fdn.fr (Postfix) with ESMTPS id 84F7DD07C7 for ; Wed, 13 Aug 2014 23:56:54 +0200 (CEST) Received: from eggs.gnu.org ([2001:4830:134:3::10]:33253) by fencepost.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1XHgXN-0005We-Bq for ludo@gnu.org; Wed, 13 Aug 2014 17:56:53 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XHgXF-0000as-Sc for ludo@gnu.org; Wed, 13 Aug 2014 17:56:53 -0400 Received: from lists.gnu.org ([2001:4830:134:3::11]:37341) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XHgXF-0000an-QI for ludo@gnu.org; Wed, 13 Aug 2014 17:56:45 -0400 Received: from localhost ([::1]:50463 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XHgXF-00026c-My for ludo@gnu.org; Wed, 13 Aug 2014 17:56:45 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37182) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XHgX8-00021J-8q for guix-devel@gnu.org; Wed, 13 Aug 2014 17:56:43 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XHgX3-0000WM-Fi for guix-devel@gnu.org; Wed, 13 Aug 2014 17:56:38 -0400 Received: from hera.aquilenet.fr ([2a01:474::1]:33194) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XHgX3-0000WA-0n for guix-devel@gnu.org; Wed, 13 Aug 2014 17:56:33 -0400 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 971B33769; Wed, 13 Aug 2014 23:56:31 +0200 (CEST) Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qI8DoEh-KLdC; Wed, 13 Aug 2014 23:56:31 +0200 (CEST) Received: from pluto (reverse-83.fdn.fr [80.67.176.83]) by hera.aquilenet.fr (Postfix) with ESMTPSA id 1898BAA2; Wed, 13 Aug 2014 23:56:30 +0200 (CEST) From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) References: <87y4utm4ju.fsf@netris.org> <8738d0tdir.fsf@yeeloong.lan> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 26 Thermidor an 222 de la =?UTF-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0xEA52ECF4 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 83C4 F8E5 10A3 3B4C 5BEA D15D 77DD 95E2 EA52 ECF4 X-OS: x86_64-unknown-linux-gnu Date: Wed, 13 Aug 2014 23:56:30 +0200 In-Reply-To: <8738d0tdir.fsf@yeeloong.lan> (Mark H. Weaver's message of "Wed, 13 Aug 2014 15:06:52 -0400") Message-ID: <87y4us12b5.fsf@gnu.org> User-Agent: Gnus/5.130011 (Ma Gnus v0.11) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 208.118.235.17 X-Spam-Score: -6.0 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -6.0 (------) Mark H Weaver skribis: > Here's what happens: > > $ guix download https://github.com/downloads/magit/magit/magit-1.2.0.tar.= gz > starting download of `guix-file.cszPnB' from `https://github.com/download= s/magit/magit/magit-1.2.0.tar.gz'... > following redirection to `https://cloud.github.com/downloads/magit/magit/= magit-1.2.0.tar.gz'... > ERROR: Throw to key `gnutls-error' with args `(# handshake)'. > failed to download "guix-file.cszPnB" from "https://github.com/downloads/= magit/magit/magit-1.2.0.tar.gz" > guix download: error: https://github.com/downloads/magit/magit/magit-1.2.= 0.tar.gz: download failed I see that as well. However, other github.com URLs works: --8<---------------cut here---------------start------------->8--- $ guix download https://github.com/flavio/qjson/archive/0.8.1.tar.gz starting download of `guix-file.tL8gal' from `https://github.com/flavio/qjs= on/archive/0.8.1.tar.gz'... following redirection to `https://codeload.github.com/flavio/qjson/tar.gz/0= .8.1'... https://codeload.github.com/.../0.8.1 100.0% of 71.6 KiB /gnu/store/fqfm3zm9pzwgic9sz2x8hk8ykm9yhkqw-0.8.1.tar.gz 163fspi0xc705irv79qw861fmh68pjyla9vx3kqiq6xrdhb9834j $ guix download https://github.com/maebert/jrnl/archive/1.8.4.tar.gz starting download of `guix-file.oK809e' from `https://github.com/maebert/jr= nl/archive/1.8.4.tar.gz'... following redirection to `https://codeload.github.com/maebert/jrnl/tar.gz/1= .8.4'... https://codeload.github.com/.../1.8.4 100.0% of 162.4 KiB /gnu/store/cb39bf5ljrglj72bxarcsws241qhw5a8-1.8.4.tar.gz 019ky09sj5i7frmca0imv4jm46mn3f4lzah2wmiwxh22cisj7ksn --8<---------------cut here---------------end--------------->8--- With debugging enabled in build/download.scm, the relevant part is: --8<---------------cut here---------------start------------->8--- gnutls: [699|3] HSK[0x104e530]: CLIENT HELLO was queued [249 bytes] gnutls: [699|7] HWRITE: enqueued [CLIENT HELLO] 249. Total 249 bytes. gnutls: [699|7] HWRITE FLUSH: 249 bytes in buffer. gnutls: [699|4] REC[0x104e530]: Preparing Packet Handshake(22) with length:= 249 and min pad: 0 gnutls: [699|9] ENC[0x104e530]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 gnutls: [699|7] WRITE: enqueued 254 bytes for 0xe. Total 254 bytes. gnutls: [699|4] REC[0x104e530]: Sent Packet[1] Handshake(22) in epoch 0 and= length: 254 gnutls: [699|7] HWRITE: wrote 1 bytes, 0 bytes left. gnutls: [699|7] WRITE FLUSH: 254 bytes in buffer. gnutls: [699|7] WRITE: wrote 254 bytes, 0 bytes left. gnutls: [699|2] ASSERT: gnutls_buffers.c:1075 gnutls: [699|7] READ: Got 5 bytes from 0xe gnutls: [699|7] READ: read 5 bytes from 0xe gnutls: [699|7] RB: Have 0 bytes into buffer. Adding 5 bytes. gnutls: [699|7] RB: Requested 5 bytes gnutls: [699|4] REC[0x104e530]: SSL 3.3 Alert packet received. Epoch 0, len= gth: 2 gnutls: [699|4] REC[0x104e530]: Expected Packet Handshake(22) gnutls: [699|4] REC[0x104e530]: Received Packet Alert(21) with length: 2 gnutls: [699|7] READ: Got 2 bytes from 0xe gnutls: [699|7] READ: read 2 bytes from 0xe gnutls: [699|7] RB: Have 5 bytes into buffer. Adding 2 bytes. gnutls: [699|7] RB: Requested 7 bytes gnutls: [699|4] REC[0x104e530]: Decrypted Packet[0] Alert(21) with length: 2 gnutls: [699|4] REC[0x104e530]: Alert[2|40] - Handshake failed - was receiv= ed --8<---------------cut here---------------end--------------->8--- Wget can be made to fail similarly: --8<---------------cut here---------------start------------->8--- $ wget --secure-protocol=3DSSLv3 -O /dev/null https://github.com/downloads/= magit/magit/magit-1.2.0.tar.gz --2014-08-13 23:48:53-- https://github.com/downloads/magit/magit/magit-1.2= .0.tar.gz Resolving github.com... 192.30.252.128 Connecting to github.com|192.30.252.128|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://cloud.github.com/downloads/magit/magit/magit-1.2.0.tar.gz= [following] --2014-08-13 23:48:54-- https://cloud.github.com/downloads/magit/magit/mag= it-1.2.0.tar.gz Resolving cloud.github.com... 54.230.44.78, 54.230.44.145, 54.230.44.189, .= .. Connecting to cloud.github.com|54.230.44.78|:443... connected. GnuTLS: A TLS fatal alert has been received. GnuTLS: received alert [40]: Handshake failed Unable to establish SSL connection. --8<---------------cut here---------------end--------------->8--- But its default --secure-protocol=3Dauto just works, although its gnutls.c just seems to use the default priorities like we do. Further investigation needed... Ludo=E2=80=99. From debbugs-submit-bounces@debbugs.gnu.org Tue Sep 23 05:46:50 2014 Received: (at control) by debbugs.gnu.org; 23 Sep 2014 09:46:50 +0000 Received: from localhost ([127.0.0.1]:49435 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XWMgL-0007yz-En for submit@debbugs.gnu.org; Tue, 23 Sep 2014 05:46:49 -0400 Received: from fencepost.gnu.org ([208.118.235.10]:52979) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XWMgI-0007yq-FI for control@debbugs.gnu.org; Tue, 23 Sep 2014 05:46:47 -0400 Received: from rgm by fencepost.gnu.org with local (Exim 4.71) (envelope-from ) id 1XWMgI-000638-7K for control@debbugs.gnu.org; Tue, 23 Sep 2014 05:46:46 -0400 Date: Tue, 23 Sep 2014 05:46:46 -0400 Message-Id: Subject: control message for bug 18524 To: X-Mailer: mail (GNU Mailutils 2.1) From: Glenn Morris X-Spam-Score: -6.0 (------) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -6.0 (------) reassign 18524 guix From unknown Wed Jun 25 03:56:53 2025 X-Loop: help-debbugs@gnu.org Subject: bug#18524: Guix unable to download from github due to TLS fatal alert Resent-From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 14 Oct 2014 21:15:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 18524 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Mark H Weaver Cc: guix-devel@gnu.org, 18524@debbugs.gnu.org Received: via spool by 18524-submit@debbugs.gnu.org id=B18524.141332128119944 (code B ref 18524); Tue, 14 Oct 2014 21:15:02 +0000 Received: (at 18524) by debbugs.gnu.org; 14 Oct 2014 21:14:41 +0000 Received: from localhost ([127.0.0.1]:43588 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xe9QW-0005BZ-Dt for submit@debbugs.gnu.org; Tue, 14 Oct 2014 17:14:40 -0400 Received: from hera.aquilenet.fr ([141.255.128.1]:51837) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xe9QT-0005BK-7P for 18524@debbugs.gnu.org; Tue, 14 Oct 2014 17:14:38 -0400 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id CDF313DD4; Tue, 14 Oct 2014 23:14:35 +0200 (CEST) Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q+GGVLqST0L4; Tue, 14 Oct 2014 23:14:35 +0200 (CEST) Received: from pluto (reverse-83.fdn.fr [80.67.176.83]) by hera.aquilenet.fr (Postfix) with ESMTPSA id 6F3D03B52; Tue, 14 Oct 2014 23:14:35 +0200 (CEST) From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) References: <87y4utm4ju.fsf@netris.org> <8738d0tdir.fsf@yeeloong.lan> <87y4us12b5.fsf@gnu.org> Date: Tue, 14 Oct 2014 23:14:44 +0200 In-Reply-To: <87y4us12b5.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Wed, 13 Aug 2014 23:56:30 +0200") Message-ID: <87h9z61hh7.fsf@gnu.org> User-Agent: Gnus/5.130011 (Ma Gnus v0.11) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 1.0 (+) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) I had managed to bork =E2=80=98set-session-server-name!=E2=80=99 in GnuTLS = (which addresses this bug), so this is fixed in commit 5186158 and upstream: . Sorry about that! Ludo=E2=80=99. From unknown Wed Jun 25 03:56:53 2025 X-Loop: help-debbugs@gnu.org Subject: bug#18524: Guix unable to download from github due to TLS fatal alert Resent-From: Mark H Weaver Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 14 Oct 2014 21:52:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 18524 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Cc: guix-devel@gnu.org, 18524@debbugs.gnu.org Received: via spool by 18524-submit@debbugs.gnu.org id=B18524.141332351325850 (code B ref 18524); Tue, 14 Oct 2014 21:52:01 +0000 Received: (at 18524) by debbugs.gnu.org; 14 Oct 2014 21:51:53 +0000 Received: from localhost ([127.0.0.1]:43596 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XeA0W-0006ip-FN for submit@debbugs.gnu.org; Tue, 14 Oct 2014 17:51:52 -0400 Received: from world.peace.net ([96.39.62.75]:39467) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XeA0I-0006iB-By for 18524@debbugs.gnu.org; Tue, 14 Oct 2014 17:51:50 -0400 Received: from c-24-62-95-23.hsd1.ma.comcast.net ([24.62.95.23] helo=yeeloong.lan) by world.peace.net with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1XeA0A-00026Y-Tc; Tue, 14 Oct 2014 17:51:31 -0400 From: Mark H Weaver References: <87y4utm4ju.fsf@netris.org> <8738d0tdir.fsf@yeeloong.lan> <87y4us12b5.fsf@gnu.org> <87h9z61hh7.fsf@gnu.org> Date: Tue, 14 Oct 2014 17:50:58 -0400 In-Reply-To: <87h9z61hh7.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Tue, 14 Oct 2014 23:14:44 +0200") Message-ID: <87ppdu722l.fsf@yeeloong.lan> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.94 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) ludo@gnu.org (Ludovic Court=C3=A8s) writes: > I had managed to bork =E2=80=98set-session-server-name!=E2=80=99 in GnuTL= S (which > addresses this bug), so this is fixed in commit 5186158 and upstream: > . > > Sorry about that! No worries, thanks for taking care of this! Mark From unknown Wed Jun 25 03:56:53 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.503 (Entity 5.503) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#18524: closed (Re: bug#18524: Guix unable to download from github due to TLS fatal alert) Message-ID: References: <874muhjlpi.fsf@gnu.org> <87y4us12b5.fsf@gnu.org> X-Gnu-PR-Message: they-closed 18524 X-Gnu-PR-Package: guix Reply-To: 18524@debbugs.gnu.org Date: Sun, 02 Nov 2014 22:13:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1414966382-1261-1" This is a multi-part message in MIME format... ------------=_1414966382-1261-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #18524: Guix unable to download from github due to TLS fatal alert which was filed against the guix package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 18524@debbugs.gnu.org. --=20 18524: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D18524 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1414966382-1261-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 18524-done) by debbugs.gnu.org; 2 Nov 2014 22:12:22 +0000 Received: from localhost ([127.0.0.1]:46491 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xl3Nl-0000JL-SX for submit@debbugs.gnu.org; Sun, 02 Nov 2014 17:12:22 -0500 Received: from hera.aquilenet.fr ([141.255.128.1]:36139) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xl3Nk-0000JC-AA for 18524-done@debbugs.gnu.org; Sun, 02 Nov 2014 17:12:20 -0500 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id A1A4A3F0B for <18524-done@debbugs.gnu.org>; Sun, 2 Nov 2014 23:12:19 +0100 (CET) Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F9guG0eBrkqY for <18524-done@debbugs.gnu.org>; Sun, 2 Nov 2014 23:12:19 +0100 (CET) Received: from pluto (reverse-83.fdn.fr [80.67.176.83]) by hera.aquilenet.fr (Postfix) with ESMTPSA id 566AB1232 for <18524-done@debbugs.gnu.org>; Sun, 2 Nov 2014 23:12:19 +0100 (CET) From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: 18524-done@debbugs.gnu.org Subject: Re: bug#18524: Guix unable to download from github due to TLS fatal alert References: <87y4utm4ju.fsf@netris.org> <8738d0tdir.fsf@yeeloong.lan> <87y4us12b5.fsf@gnu.org> <87h9z61hh7.fsf@gnu.org> Date: Sun, 02 Nov 2014 23:12:41 +0100 In-Reply-To: <87h9z61hh7.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Tue, 14 Oct 2014 23:14:44 +0200") Message-ID: <874muhjlpi.fsf@gnu.org> User-Agent: Gnus/5.130011 (Ma Gnus v0.11) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: 18524-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) Was fixed with the GnuTLS upgrade in 3de9a5936c09038d5eeb1fab6966f34f8ea30574. Ludo=E2=80=99. ------------=_1414966382-1261-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 22 Sep 2014 12:09:27 +0000 Received: from localhost ([127.0.0.1]:48173 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XW2Qo-0005RN-Ta for submit@debbugs.gnu.org; Mon, 22 Sep 2014 08:09:27 -0400 Received: from eggs.gnu.org ([208.118.235.92]:53155) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XW2Qn-0005RD-3H for submit@debbugs.gnu.org; Mon, 22 Sep 2014 08:09:25 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XW2QY-00076E-F3 for submit@debbugs.gnu.org; Mon, 22 Sep 2014 08:09:24 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.2 required=5.0 tests=BAYES_50,RP_MATCHES_RCVD, TVD_RCVD_SPACE_BRACKET,UNPARSEABLE_RELAY autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([208.118.235.17]:60100) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XW2QY-00070n-CJ for submit@debbugs.gnu.org; Mon, 22 Sep 2014 08:09:10 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51588) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XW2Fn-0004Fc-N7 for bug-guix@gnu.org; Mon, 22 Sep 2014 07:58:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XW2Fh-0003py-BP for bug-guix@gnu.org; Mon, 22 Sep 2014 07:58:03 -0400 Received: from hera.aquilenet.fr ([2a01:474::1]:53274) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XW2Fh-0003pR-0o for bug-guix@gnu.org; Mon, 22 Sep 2014 07:57:57 -0400 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 502C13A84 for ; Mon, 22 Sep 2014 13:48:50 +0200 (CEST) Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uEs6lX8-pxhh for ; Mon, 22 Sep 2014 13:48:50 +0200 (CEST) Received: from pluto (reverse-83.fdn.fr [80.67.176.83]) by hera.aquilenet.fr (Postfix) with ESMTPSA id CF3232F4E for ; Mon, 22 Sep 2014 13:48:49 +0200 (CEST) Resent-To: bug-guix@gnu.org Resent-From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Resent-Date: Mon, 22 Sep 2014 13:48:50 +0200 Resent-Message-ID: <87sijjri3h.fsf@gnu.org> Received: from solo.fdn.fr ([unix socket]) by solo (Cyrus v2.4.16-Debian-2.4.16-4+deb7u2) with LMTPA; Wed, 13 Aug 2014 23:56:54 +0200 X-Sieve: CMU Sieve 2.4 Received: by solo.fdn.fr (Postfix) id C74CBD07CC; Wed, 13 Aug 2014 23:56:54 +0200 (CEST) Received: from fencepost.gnu.org (fencepost.gnu.org [IPv6:2001:4830:134:3::e]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by solo.fdn.fr (Postfix) with ESMTPS id 84F7DD07C7 for ; Wed, 13 Aug 2014 23:56:54 +0200 (CEST) Received: from eggs.gnu.org ([2001:4830:134:3::10]:33253) by fencepost.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1XHgXN-0005We-Bq for ludo@gnu.org; Wed, 13 Aug 2014 17:56:53 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XHgXF-0000as-Sc for ludo@gnu.org; Wed, 13 Aug 2014 17:56:53 -0400 Received: from lists.gnu.org ([2001:4830:134:3::11]:37341) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XHgXF-0000an-QI for ludo@gnu.org; Wed, 13 Aug 2014 17:56:45 -0400 Received: from localhost ([::1]:50463 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XHgXF-00026c-My for ludo@gnu.org; Wed, 13 Aug 2014 17:56:45 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37182) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XHgX8-00021J-8q for guix-devel@gnu.org; Wed, 13 Aug 2014 17:56:43 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XHgX3-0000WM-Fi for guix-devel@gnu.org; Wed, 13 Aug 2014 17:56:38 -0400 Received: from hera.aquilenet.fr ([2a01:474::1]:33194) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XHgX3-0000WA-0n for guix-devel@gnu.org; Wed, 13 Aug 2014 17:56:33 -0400 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 971B33769; Wed, 13 Aug 2014 23:56:31 +0200 (CEST) Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qI8DoEh-KLdC; Wed, 13 Aug 2014 23:56:31 +0200 (CEST) Received: from pluto (reverse-83.fdn.fr [80.67.176.83]) by hera.aquilenet.fr (Postfix) with ESMTPSA id 1898BAA2; Wed, 13 Aug 2014 23:56:30 +0200 (CEST) From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Mark H Weaver Subject: Re: Guix unable to download from github due to TLS fatal alert References: <87y4utm4ju.fsf@netris.org> <8738d0tdir.fsf@yeeloong.lan> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 26 Thermidor an 222 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0xEA52ECF4 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 83C4 F8E5 10A3 3B4C 5BEA D15D 77DD 95E2 EA52 ECF4 X-OS: x86_64-unknown-linux-gnu Date: Wed, 13 Aug 2014 23:56:30 +0200 In-Reply-To: <8738d0tdir.fsf@yeeloong.lan> (Mark H. Weaver's message of "Wed, 13 Aug 2014 15:06:52 -0400") Message-ID: <87y4us12b5.fsf@gnu.org> User-Agent: Gnus/5.130011 (Ma Gnus v0.11) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 208.118.235.17 X-Spam-Score: -6.0 (------) X-Debbugs-Envelope-To: submit Cc: guix-devel@gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -6.0 (------) Mark H Weaver skribis: > Here's what happens: > > $ guix download https://github.com/downloads/magit/magit/magit-1.2.0.tar.= gz > starting download of `guix-file.cszPnB' from `https://github.com/download= s/magit/magit/magit-1.2.0.tar.gz'... > following redirection to `https://cloud.github.com/downloads/magit/magit/= magit-1.2.0.tar.gz'... > ERROR: Throw to key `gnutls-error' with args `(# handshake)'. > failed to download "guix-file.cszPnB" from "https://github.com/downloads/= magit/magit/magit-1.2.0.tar.gz" > guix download: error: https://github.com/downloads/magit/magit/magit-1.2.= 0.tar.gz: download failed I see that as well. However, other github.com URLs works: --8<---------------cut here---------------start------------->8--- $ guix download https://github.com/flavio/qjson/archive/0.8.1.tar.gz starting download of `guix-file.tL8gal' from `https://github.com/flavio/qjs= on/archive/0.8.1.tar.gz'... following redirection to `https://codeload.github.com/flavio/qjson/tar.gz/0= .8.1'... https://codeload.github.com/.../0.8.1 100.0% of 71.6 KiB /gnu/store/fqfm3zm9pzwgic9sz2x8hk8ykm9yhkqw-0.8.1.tar.gz 163fspi0xc705irv79qw861fmh68pjyla9vx3kqiq6xrdhb9834j $ guix download https://github.com/maebert/jrnl/archive/1.8.4.tar.gz starting download of `guix-file.oK809e' from `https://github.com/maebert/jr= nl/archive/1.8.4.tar.gz'... following redirection to `https://codeload.github.com/maebert/jrnl/tar.gz/1= .8.4'... https://codeload.github.com/.../1.8.4 100.0% of 162.4 KiB /gnu/store/cb39bf5ljrglj72bxarcsws241qhw5a8-1.8.4.tar.gz 019ky09sj5i7frmca0imv4jm46mn3f4lzah2wmiwxh22cisj7ksn --8<---------------cut here---------------end--------------->8--- With debugging enabled in build/download.scm, the relevant part is: --8<---------------cut here---------------start------------->8--- gnutls: [699|3] HSK[0x104e530]: CLIENT HELLO was queued [249 bytes] gnutls: [699|7] HWRITE: enqueued [CLIENT HELLO] 249. Total 249 bytes. gnutls: [699|7] HWRITE FLUSH: 249 bytes in buffer. gnutls: [699|4] REC[0x104e530]: Preparing Packet Handshake(22) with length:= 249 and min pad: 0 gnutls: [699|9] ENC[0x104e530]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 gnutls: [699|7] WRITE: enqueued 254 bytes for 0xe. Total 254 bytes. gnutls: [699|4] REC[0x104e530]: Sent Packet[1] Handshake(22) in epoch 0 and= length: 254 gnutls: [699|7] HWRITE: wrote 1 bytes, 0 bytes left. gnutls: [699|7] WRITE FLUSH: 254 bytes in buffer. gnutls: [699|7] WRITE: wrote 254 bytes, 0 bytes left. gnutls: [699|2] ASSERT: gnutls_buffers.c:1075 gnutls: [699|7] READ: Got 5 bytes from 0xe gnutls: [699|7] READ: read 5 bytes from 0xe gnutls: [699|7] RB: Have 0 bytes into buffer. Adding 5 bytes. gnutls: [699|7] RB: Requested 5 bytes gnutls: [699|4] REC[0x104e530]: SSL 3.3 Alert packet received. Epoch 0, len= gth: 2 gnutls: [699|4] REC[0x104e530]: Expected Packet Handshake(22) gnutls: [699|4] REC[0x104e530]: Received Packet Alert(21) with length: 2 gnutls: [699|7] READ: Got 2 bytes from 0xe gnutls: [699|7] READ: read 2 bytes from 0xe gnutls: [699|7] RB: Have 5 bytes into buffer. Adding 2 bytes. gnutls: [699|7] RB: Requested 7 bytes gnutls: [699|4] REC[0x104e530]: Decrypted Packet[0] Alert(21) with length: 2 gnutls: [699|4] REC[0x104e530]: Alert[2|40] - Handshake failed - was receiv= ed --8<---------------cut here---------------end--------------->8--- Wget can be made to fail similarly: --8<---------------cut here---------------start------------->8--- $ wget --secure-protocol=3DSSLv3 -O /dev/null https://github.com/downloads/= magit/magit/magit-1.2.0.tar.gz --2014-08-13 23:48:53-- https://github.com/downloads/magit/magit/magit-1.2= .0.tar.gz Resolving github.com... 192.30.252.128 Connecting to github.com|192.30.252.128|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://cloud.github.com/downloads/magit/magit/magit-1.2.0.tar.gz= [following] --2014-08-13 23:48:54-- https://cloud.github.com/downloads/magit/magit/mag= it-1.2.0.tar.gz Resolving cloud.github.com... 54.230.44.78, 54.230.44.145, 54.230.44.189, .= .. Connecting to cloud.github.com|54.230.44.78|:443... connected. GnuTLS: A TLS fatal alert has been received. GnuTLS: received alert [40]: Handshake failed Unable to establish SSL connection. --8<---------------cut here---------------end--------------->8--- But its default --secure-protocol=3Dauto just works, although its gnutls.c just seems to use the default priorities like we do. Further investigation needed... Ludo=E2=80=99. ------------=_1414966382-1261-1--