Hi, one of my aur packages (eccodes) has a problem getting the source package using the new version of curl (7.79.0). The output of the old curl version looks like: ----------------------------------------------------------------------------- jankoh@kohni-mobil ~/projects/eccodes $ curl -v https://confluence.ecmwf.int/ download/attachments/45757960/eccodes-2.23.0-Source.tar.gz?api=v2 * Trying 136.156.180.232:443... * Connected to confluence.ecmwf.int (136.156.180.232) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt * CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server did not agree to a protocol * Server certificate: * subject: jurisdictionC=GB; businessCategory=Non-Commercial Entity; serialNumber=ISBN: 9780101820028; C=GB; ST=West Berkshire; L=Reading; O=European Cen tre for Medium-Range Weather Forecasts; CN=confluence.ecmwf.int * start date: Mar 29 16:16:45 2021 GMT * expire date: Mar 29 16:26:00 2022 GMT * subjectAltName: host "confluence.ecmwf.int" matched cert's "confluence.ecmwf.int" * issuer: C=NL; O=QuoVadis Trustlink B.V.; CN=QuoVadis Europe EV SSL CA G1 * SSL certificate verify ok.
GET /download/attachments/45757960/eccodes-2.23.0-Source.tar.gz?api=v2 HTTP/ 1.1 Host: confluence.ecmwf.int User-Agent: curl/7.78.0 Accept: */*
* Mark bundle as not supporting multiuse < HTTP/1.1 200 200 < Date: Sun, 19 Sep 2021 19:48:11 GMT < Server: Apache < Cache-Control: no-cache, must-revalidate < Expires: Thu, 01 Jan 1970 00:00:00 GMT < X-Confluence-Request-Time: 1632080871142 < Set-Cookie: JSESSIONID=659BDBFF1F03F2DC7848A7BEECF3CCC3; Path=/; HttpOnly < Last-Modified: Mon, 19 Jan 1970 20:46:07 GMT < Accept-Ranges: bytes < X-Content-Type-Options: nosniff < Content-Disposition: inline; filename="eccodes-2.23.0-Source.tar.gz" < Content-Type: application/x-gzip;charset=UTF-8 < Content-Length: 12037258 < Strict-Transport-Security: max-age=15552000 < Warning: Binary output can mess up your terminal. Use "--output -" to tell Warning: curl to output it to your terminal anyway, or consider "--output Warning: <FILE>" to save to a file. * Failure writing output to destination * Closing connection 0 * TLSv1.2 (OUT), TLS alert, close notify (256): jankoh@kohni-mobil ~/projects/eccodes $ ----------------------------------------------------------------------------- The new version outputs: ----------------------------------------------------------------------------- jankoh@kohni-mobil ~/projects/eccodes $ curl -v -i https:// confluence.ecmwf.int/download/attachments/45757960/eccodes-2.23.0- Source.tar.gz?api=v2 * Trying 136.156.180.232:443... * Connected to confluence.ecmwf.int (136.156.180.232) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt * CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server did not agree to a protocol * Server certificate: * subject: jurisdictionC=GB; businessCategory=Non-Commercial Entity; serialNumber=ISBN: 9780101820028; C=GB; ST=West Berkshire; L=Reading; O=European Centre for Medium-Range Weather Forecasts; CN=confluence.ecmwf.int * start date: Mar 29 16:16:45 2021 GMT * expire date: Mar 29 16:26:00 2022 GMT * subjectAltName: host "confluence.ecmwf.int" matched cert's "confluence.ecmwf.int" * issuer: C=NL; O=QuoVadis Trustlink B.V.; CN=QuoVadis Europe EV SSL CA G1 * SSL certificate verify ok.
GET /download/attachments/45757960/eccodes-2.23.0-Source.tar.gz?api=v2 HTTP/ 1.1 Host: confluence.ecmwf.int User-Agent: curl/7.79.0 Accept: */*
* Unsupported response code in HTTP response * Closing connection 0 * TLSv1.2 (OUT), TLS alert, close notify (256): curl: (1) Unsupported response code in HTTP response jankoh@kohni-mobil ~/projects/eccodes $ ----------------------------------------------------------------------------- I see the response code is 200 200, which has an additional errournous 200. Since the upgrade my automated daily test builds fail, so I'd like to know if I should file a bug report either upstream or the arch bugtracker. I can download the file using chrome or wget, so it might be a workaroud if I could tell makepkg to use wget instead of curl. However, executing ----------------------------------------------------------------------------- sudo sed -i -r "s/(http[s]?::)\/usr\/bin\/curl\ -qgb\ \"\"\ -fLC\ -\ --retry\ 3\ --retry-delay\ 3 -o/\1\/usr\/sbin\/wget\ --no-cookies\ --retry-connrefused\ -t\ 3\ --waitretry\ 3 -O/" /etc/makepkg.conf ----------------------------------------------------------------------------- inside the build container will not help users that upgrade or install the package. I could post the workaround to the packages page, but this will also affect other packages to be build, and wget needs to be installed before that workaround will actually work. Any tips on how to go on? TIA -- MfG Jan