[aur-general] Problem downloading a source package with new curl version
Javier
je-vv at e.email
Mon Sep 20 20:07:15 UTC 2021
Did you merge the changes on "/etc/makepkg.conf"? There were curl specific changes coming with pacman 6.0.1-2... I can't tell about your issues, but for other packages, I've had no issues, but I did the merge as soon as it was available...
--
Javier
On 9/20/21 13:50, Jan Kohnert via aur-general wrote:
> Hi,
>
> one of my aur packages (eccodes) has a problem getting the source package
> using the new version of curl (7.79.0).
>
> The output of the old curl version looks like:
> -----------------------------------------------------------------------------
> jankoh at kohni-mobil ~/projects/eccodes $ curl -v https://confluence.ecmwf.int/
> download/attachments/45757960/eccodes-2.23.0-Source.tar.gz?api=v2
> * Trying 136.156.180.232:443...
> * Connected to confluence.ecmwf.int (136.156.180.232) port 443 (#0)
> * ALPN, offering h2
> * ALPN, offering http/1.1
> * successfully set certificate verify locations:
> * CAfile: /etc/ssl/certs/ca-certificates.crt
> * CApath: none
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> * TLSv1.3 (IN), TLS handshake, Server hello (2):
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
> * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
> * TLSv1.2 (IN), TLS handshake, Finished (20):
> * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
> * ALPN, server did not agree to a protocol
> * Server certificate:
> * subject: jurisdictionC=GB; businessCategory=Non-Commercial Entity;
> serialNumber=ISBN: 9780101820028; C=GB; ST=West Berkshire; L=Reading;
> O=European Cen
> tre for Medium-Range Weather Forecasts; CN=confluence.ecmwf.int
> * start date: Mar 29 16:16:45 2021 GMT
> * expire date: Mar 29 16:26:00 2022 GMT
> * subjectAltName: host "confluence.ecmwf.int" matched cert's
> "confluence.ecmwf.int"
> * issuer: C=NL; O=QuoVadis Trustlink B.V.; CN=QuoVadis Europe EV SSL CA G1
> * SSL certificate verify ok.
>> GET /download/attachments/45757960/eccodes-2.23.0-Source.tar.gz?api=v2 HTTP/
> 1.1
>> Host: confluence.ecmwf.int
>> User-Agent: curl/7.78.0
>> Accept: */*
>>
> * Mark bundle as not supporting multiuse
> < HTTP/1.1 200 200
> < Date: Sun, 19 Sep 2021 19:48:11 GMT
> < Server: Apache
> < Cache-Control: no-cache, must-revalidate
> < Expires: Thu, 01 Jan 1970 00:00:00 GMT
> < X-Confluence-Request-Time: 1632080871142
> < Set-Cookie: JSESSIONID=659BDBFF1F03F2DC7848A7BEECF3CCC3; Path=/; HttpOnly
> < Last-Modified: Mon, 19 Jan 1970 20:46:07 GMT
> < Accept-Ranges: bytes
> < X-Content-Type-Options: nosniff
> < Content-Disposition: inline; filename="eccodes-2.23.0-Source.tar.gz"
> < Content-Type: application/x-gzip;charset=UTF-8
> < Content-Length: 12037258
> < Strict-Transport-Security: max-age=15552000
> <
> Warning: Binary output can mess up your terminal. Use "--output -" to tell
> Warning: curl to output it to your terminal anyway, or consider "--output
> Warning: <FILE>" to save to a file.
> * Failure writing output to destination
> * Closing connection 0
> * TLSv1.2 (OUT), TLS alert, close notify (256):
> jankoh at kohni-mobil ~/projects/eccodes $
> -----------------------------------------------------------------------------
>
> The new version outputs:
> -----------------------------------------------------------------------------
> jankoh at kohni-mobil ~/projects/eccodes $ curl -v -i https://
> confluence.ecmwf.int/download/attachments/45757960/eccodes-2.23.0-
> Source.tar.gz?api=v2
> * Trying 136.156.180.232:443...
> * Connected to confluence.ecmwf.int (136.156.180.232) port 443 (#0)
> * ALPN, offering h2
> * ALPN, offering http/1.1
> * successfully set certificate verify locations:
> * CAfile: /etc/ssl/certs/ca-certificates.crt
> * CApath: none
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> * TLSv1.3 (IN), TLS handshake, Server hello (2):
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
> * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
> * TLSv1.2 (IN), TLS handshake, Finished (20):
> * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
> * ALPN, server did not agree to a protocol
> * Server certificate:
> * subject: jurisdictionC=GB; businessCategory=Non-Commercial Entity;
> serialNumber=ISBN: 9780101820028; C=GB; ST=West Berkshire; L=Reading;
> O=European Centre for Medium-Range Weather Forecasts; CN=confluence.ecmwf.int
> * start date: Mar 29 16:16:45 2021 GMT
> * expire date: Mar 29 16:26:00 2022 GMT
> * subjectAltName: host "confluence.ecmwf.int" matched cert's
> "confluence.ecmwf.int"
> * issuer: C=NL; O=QuoVadis Trustlink B.V.; CN=QuoVadis Europe EV SSL CA G1
> * SSL certificate verify ok.
>> GET /download/attachments/45757960/eccodes-2.23.0-Source.tar.gz?api=v2 HTTP/
> 1.1
>> Host: confluence.ecmwf.int
>> User-Agent: curl/7.79.0
>> Accept: */*
>>
> * Unsupported response code in HTTP response
> * Closing connection 0
> * TLSv1.2 (OUT), TLS alert, close notify (256):
> curl: (1) Unsupported response code in HTTP response
> jankoh at kohni-mobil ~/projects/eccodes $
> -----------------------------------------------------------------------------
>
> I see the response code is 200 200, which has an additional errournous 200.
> Since the upgrade my automated daily test builds fail, so I'd like to know if
> I should file a bug report either upstream or the arch bugtracker.
>
> I can download the file using chrome or wget, so it might be a workaroud if I
> could tell makepkg to use wget instead of curl.
>
> However, executing
> -----------------------------------------------------------------------------
> sudo sed -i -r "s/(http[s]?::)\/usr\/bin\/curl\ -qgb\ \"\"\ -fLC\ -\ --retry\
> 3\ --retry-delay\ 3 -o/\1\/usr\/sbin\/wget\ --no-cookies\ --retry-connrefused\
> -t\ 3\ --waitretry\ 3 -O/" /etc/makepkg.conf
> -----------------------------------------------------------------------------
> inside the build container will not help users that upgrade or install the
> package. I could post the workaround to the packages page, but this will also
> affect other packages to be build, and wget needs to be installed before that
> workaround will actually work.
>
> Any tips on how to go on?
>
> TIA
>
--
Javier
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20210920/493b6d60/attachment.sig>
More information about the aur-general
mailing list