search

commercialhaskell / stack

The Haskell Tool Stack
http://haskellstack.org
BSD 3-Clause "New" or "Revised" License
4k stars 843 forks source link

"ConnectionTimeout" when attempting to run stack setup on WSL 2 #5063

Open fluarchivxe opened 5 years ago

fluarchivxe commented 5 years ago

General summary/comments (optional)

There seems to be some issue with setting up Stack on the new WSL 2 (as far as I'm aware WSL 1 doesn't suffer from the same issue). Thinking it may have something to do with Hyper-V's NAT but I'm not sure. wget https://s3.amazonaws.com/haddock.stackage.org/snapshots.json seems to work fine (the JSON is downloaded successfully) so I'm not sure where the error in Stack is coming in

Steps to reproduce

  1. Start a WSL 2 distro instance
  2. Install stack using the official binary and then run stack setup

Expected

The GHC is installed and ready to go

Actual

$ stack setup --verbose
Version 2.1.3, Git revision 636e3a759d51127df2b62f90772def126cdf6d1f (7735 commits) x86_64 hpack-0.31.2
2019-10-23 17:57:56.404263: [debug] Checking for project config at: /home/fluxe/stack.yaml
2019-10-23 17:57:56.404768: [debug] Checking for project config at: /home/stack.yaml
2019-10-23 17:57:56.405062: [debug] Checking for project config at: /stack.yaml
2019-10-23 17:57:56.405206: [debug] No project config file found, using defaults.
2019-10-23 17:57:56.414073: [debug] SELECT COUNT(*) FROM "last_performed" WHERE ("action"=?) AND ("timestamp">=?); [PersistInt64 1,PersistUTCTime 2019-10-22 16:57:56.4140244 UTC]
2019-10-23 17:57:56.414587: [debug] Run from outside a project, using implicit global project config
2019-10-23 17:57:56.414716: [info] Writing implicit global project config file to: /home/fluxe/.stack/global-project/stack.yaml
2019-10-23 17:57:56.414810: [info] Note: You can change the snapshot via the resolver field there.
2019-10-23 17:57:56.415042: [debug] Downloading snapshot versions file from https://s3.amazonaws.com/haddock.stackage.org/snapshots.json
2019-10-23 17:58:26.446965: [error] HttpExceptionRequest Request {
  host                 = "s3.amazonaws.com"
  port                 = 443
  secure               = True
  requestHeaders       = [("Accept","application/json"),("User-Agent","The Haskell Stack")]
  path                 = "/haddock.stackage.org/snapshots.json"
  queryString          = ""
  method               = "GET"
  proxy                = Nothing
  rawBody              = False
  redirectCount        = 10
  responseTimeout      = ResponseTimeoutDefault
  requestVersion       = HTTP/1.1
}
 ConnectionTimeout

Stack version

$ stack --version
Version 2.1.3, Git revision 636e3a759d51127df2b62f90772def126cdf6d1f (7735 commits) x86_64 hpack-0.31.2

Method of installation

Any ideas on what's going on here?

mattaudesse commented 5 years ago

Hey @rebeccaclavier,

We see these kinds of timeouts occasionally, and they're usually only temporary, but if you find you get the same result more often than not you may want to consider using a mirror - depending upon where you're located this can apparently make a huge difference.

Here's an example of how to configure a mirror for fetching snapshots: https://docs.haskellstack.org/en/stable/install_and_upgrade/#china-based-users

The WSL 2 angle is interesting though... Unfortunately I'm not set up to help reproduce, but I agree that's a good place to start digging if stack setup --verbose fails reliably 100% of the time and wget always succeeds.

Would you please retry a few times and let us know if you see any different results?

fluarchivxe commented 5 years ago

Tried multiple times on multiple days, same issue unfortunately. I'm in the UK, tried the Chinese mirror but I'm getting the error failed to parse field 'package-indices': failed to parse field 'hackage-security': key "hackage-security" not present.

EDIT: Never mind, I just worked out I needed to add the keys. That seems to work, but is there a mirror that's non-Chinese?

mattaudesse commented 5 years ago

Hey again @rebeccaclavier - apologies for the delayed response.

I've tried to track down some info RE: alternative mirrors but couldn't find much.

Perhaps @borsboom would be a good person to ask?

ghost commented 4 years ago

Is there any update on this? I too ran into this problem with stack setup on WSL-2. Reverting to WSL-1 fixed all the problems.

I do remember something about WSL-2 and IP addresses: https://docs.microsoft.com/en-us/windows/wsl/wsl2-ux-changes

Anyways, if there is anything I can do to help fix this problem, I am more than happy to do it. I just don't know where I'd start.

mattaudesse commented 4 years ago

Note: I've asked to get some more eyes on this via Slack - hopefully one of the core devs can shed some light.

Thanks again for reporting and sorry it's taking awhile to sort out @JonathanGallagher + @rebeccaclavier.

mattaudesse commented 4 years ago

Hey again - so, one suggestion I heard was to try using http-conduit rather than stack to see if the same problem is reproducible without any extra moving pieces.

Would one of you please try adapting this example code to fetch https://s3.amazonaws.com/haddock.stackage.org/snapshots.json and see how it goes under WSL-2?

Thanks!

jakzale commented 4 years ago

I had a similar issue on my machine. I believe it is connected to how WSL 2 handles network and DNS, as WSL 2 gets connected through a Hyper-V adapter.

Setting DNS manually as described in WSL 2 Troubleshooting resolved the issue.

mattaudesse commented 4 years ago

Cool, nice find and thanks for sharing @jakzale.

It seems like manually fiddling with symlinks and backups might get frustrating/brittle, but probably much less so than not being able to reach stackage.

I wonder if there's a clean way to extend the resolve.conf that's being generated for you automatically (I do this with dnsmasq on FreeBSD, for instance). If not it might suffice to just plug into Google's DNS servers like so:

# /etc/resolv.conf

nameserver 8.8.8.8
nameserver 8.8.4.4

If other folks find this helps we should probably make note of it in the docs.

zcg0696 commented 4 years ago

@mattaudesse I had same issue with "casa.fpcomplete.com/v1/pull", using Google's DNS did solved my problem.

lukad commented 4 years ago

I'm having the same problem and changing my dns changes absolutely nothing. I was already using 8.8.8.8. I also tried 8.8.4.4 and my ISP dns.

~ $ host -v casa.fpcomplete.com
Trying "casa.fpcomplete.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33734
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;casa.fpcomplete.com.           IN      A

;; ANSWER SECTION:
casa.fpcomplete.com.    36      IN      A       18.210.104.222
casa.fpcomplete.com.    36      IN      A       35.153.43.183
casa.fpcomplete.com.    36      IN      A       23.22.87.210

Received 85 bytes from 8.8.8.8#53 in 19 ms
Trying "casa.fpcomplete.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42299
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;casa.fpcomplete.com.           IN      AAAA

;; AUTHORITY SECTION:
fpcomplete.com.         426     IN      SOA     ns-1359.awsdns-41.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

Received 119 bytes from 8.8.8.8#53 in 20 ms
Trying "casa.fpcomplete.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57317
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;casa.fpcomplete.com.           IN      MX

;; AUTHORITY SECTION:
fpcomplete.com.         659     IN      SOA     ns-1359.awsdns-41.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

Received 119 bytes from 8.8.8.8#53 in 18 ms

I'm pretty sure that dns is not culprit. I just had to run stack build a couple of times because every run it would get stuck on another dependency.

Edit:

Just tried this on my linux machine and had the same problem, so it's probably unrelated to wsl. Maybe it's just a flaky server?

nartamonov commented 4 years ago

I managed to solve the problem by manually writing in /etc/resolv.conf:

nameserver 8.8.8.8
nameserver 8.8.4.4

Now stack upgrade, update and setup work fine. Windows 10 build 2004, WSL2.

Kudostoy0u commented 3 years ago

@nartamonov @mattaudesse The new nameserver worked perfectly. I just did sudo vim /etc/resolv.conf, and replaced the whole thing with

nameserver 8.8.8.8
nameserver 8.8.4.4

Everything started working after that.

Meowcolm024 commented 3 years ago

I've encounter the same issue in ArchWSL :(

hasufell commented 3 years ago

Do you people have the same issue connecting to said servers when using plain curl under WSL2 with the default nameservers set?

ikeyan commented 2 years ago

@hasufell no, curl works.

$ cat /etc/resolv.conf
# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf:
# [network]
# generateResolvConf = false
nameserver 172.30.160.1
$ curl -v -L https://get.haskellstack.org/upgrade/linux-x86_64-static.tar.gz > x
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 23.21.55.33:443...
* TCP_NODELAY set
* Connected to get.haskellstack.org (23.21.55.33) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [19 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [4060 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=get.haskellstack.org
*  start date: Feb 12 20:43:45 2022 GMT
*  expire date: May 13 20:43:44 2022 GMT
*  subjectAltName: host "get.haskellstack.org" matched cert's "get.haskellstack.org"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
} [5 bytes data]
* Using Stream ID: 1 (easy handle 0x55b41012b880)
} [5 bytes data]
> GET /upgrade/linux-x86_64-static.tar.gz HTTP/2
(omitted)
hasufell commented 2 years ago

Well, stack uses the network package and haskell-tls for downloads, which are not as robust as system curl wrt esoteric environments.

That's why both cabal and ghcup shell out to curl/wget for downloads.

markokocic commented 2 years ago

The issue is not only WSL related. I had the same issue on a quite standard debian image hosted on Hetzner.

For me, adding the following entries to /etc/hosts fixed the stack build issues:

185.199.110.133 raw.githubusercontent.com
151.101.245.175 downloads.haskell.org
HuStmpHrrr commented 2 years ago

The issue is not only WSL related. I had the same issue on a quite standard debian image hosted on Hetzner.

For me, adding the following entries to /etc/hosts fixed the stack build issues:

185.199.110.133 raw.githubusercontent.com
151.101.245.175 downloads.haskell.org

this works for me!

Sy-D commented 2 years ago

Hey guys, I'm running into the same problem on a 2020 Macbook Pro with MacOS Monterey Version 12.3.1.

I installed stack through this command on my zsh shell. (zsh 5.8 (x86_64-apple-darwin21.0)) as stated in the doc's. curl -sSL https://get.haskellstack.org/ | sh\n

After that I generated a new project and inside that directory I tried different stack commands (build, test, path --local-bin, setup --verbose, setup --install-ghc, exec myproject)

Every of these commands give me a ConnectionTimeout. That's the output

Writing implicit global project config file to: /Users/simonuni/.stack/global-project/stack.yaml
Note: You can change the snapshot via the resolver field there.
Using latest snapshot resolver: lts-19.30
Exception while reading snapshot from https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/19/30.yaml:
HttpExceptionRequest Request {
  host                 = "raw.githubusercontent.com"
  port                 = 443
  secure               = True
  requestHeaders       = [("User-Agent","Haskell pantry package")]
  path                 = "/commercialhaskell/stackage-snapshots/master/lts/19/30.yaml"
  queryString          = ""
  method               = "GET"
  proxy                = Nothing
  rawBody              = False
  redirectCount        = 10
  responseTimeout      = ResponseTimeoutDefault
  requestVersion       = HTTP/1.1
  proxySecureMode      = ProxySecureWithConnect
}
 ConnectionTimeout

I followed several solutions here, but they didn't fix the issue. Like adding google's DNS 8.8.8.8, 8.8.4.4 via the system settings-network tab and I added both DNS A records to my /etc/hosts file

185.199.110.133 raw.githubusercontent.com 151.101.245.175 downloads.haskell.org

Is there any other way to fix this? Thanks for any input !

Here is my curl result @hasufell 

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 2606:4700:310c::ac42:2cc7:443...
*   Trying 172.66.47.57:443...
* Connected to get.haskellstack.org (172.66.47.57) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /Users/simonuni/opt/anaconda3/ssl/cacert.pem
*  CApath: none
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [19 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [4037 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=get.haskellstack.org
*  start date: Sep 23 02:55:54 2022 GMT
*  expire date: Dec 22 02:55:53 2022 GMT
*  subjectAltName: host "get.haskellstack.org" matched cert's "get.haskellstack.org"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fb1c1810600)
} [5 bytes data]
> GET /upgrade/linux-x86_64-static.tar.gz HTTP/2
> Host: get.haskellstack.org
> user-agent: curl/7.78.0
> accept: */*
>
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [230 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [230 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
} [5 bytes data]
< HTTP/2 302
< date: Mon, 24 Oct 2022 20:34:57 GMT
< content-type: text/plain;charset=UTF-8
< content-length: 114
< location: https://github.com/commercialhaskell/stack/releases/download/v2.9.1/stack-2.9.1-linux-x86_64.tar.gz
< access-control-allow-origin: *
< referrer-policy: strict-origin-when-cross-origin
< x-content-type-options: nosniff
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWIYu3QWLdqZ7DefH%2BkqSqNdIze35yde7DtpyHVdpj%2FdLbrdYxsbyPgb%2BUsm9tBB5wJS9R4hqDvBcZf9T5tYG3jZOBOwC3xMi7FlwQ79OHteOkxfflxHxGe24Cs49RMao7M1AhpjLA%3D%3D"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 75f57f069b4958d8-TXL
< alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
<
* Ignoring the response-body
{ [114 bytes data]
100   114  100   114    0     0    256      0 --:--:-- --:--:-- --:--:--   256
* Connection #0 to host get.haskellstack.org left intact
* Issue another request to this URL: 'https://github.com/commercialhaskell/stack/releases/download/v2.9.1/stack-2.9.1-linux-x86_64.tar.gz'
*   Trying 140.82.121.3:443...
* Connected to github.com (140.82.121.3) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /Users/simonuni/opt/anaconda3/ssl/cacert.pem
*  CApath: none
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [19 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [2459 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [79 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [36 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [36 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=github.com
*  start date: Mar 15 00:00:00 2022 GMT
*  expire date: Mar 15 23:59:59 2023 GMT
*  subjectAltName: host "github.com" matched cert's "github.com"
*  issuer: C=US; O=DigiCert Inc; CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fb1c1810600)
} [5 bytes data]
> GET /commercialhaskell/stack/releases/download/v2.9.1/stack-2.9.1-linux-x86_64.tar.gz HTTP/2
> Host: github.com
> user-agent: curl/7.78.0
> accept: */*
>
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0< HTTP/2 302
< server: GitHub.com
< date: Mon, 24 Oct 2022 20:34:57 GMT
< content-type: text/html; charset=utf-8
< vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
< location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/34817922/c477b123-44f1-4e3e-91f1-9f3eccf6d7d6?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221024T203457Z&X-Amz-Expires=300&X-Amz-Signature=62aaa4cb5c36e548705ef0e08154d35476cd025b44d1dd484bb35513cc759fb7&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=34817922&response-content-disposition=attachment%3B%20filename%3Dstack-2.9.1-linux-x86_64.tar.gz&response-content-type=application%2Foctet-stream
< cache-control: no-cache
< strict-transport-security: max-age=31536000; includeSubdomains; preload
< x-frame-options: deny
< x-content-type-options: nosniff
< x-xss-protection: 0
< referrer-policy: no-referrer-when-downgrade
< expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
< content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com objects-origin.githubusercontent.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events *.actions.githubusercontent.com wss://*.actions.githubusercontent.com online.visualstudio.com/api/v1/locations github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com github-cloud.s3.amazonaws.com secured-user-images.githubusercontent.com/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
< content-length: 0
< x-github-request-id: D4E3:5409:361CC8:38A385:6356F6F1
<
{ [0 bytes data]
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Connection #1 to host github.com left intact
* Issue another request to this URL: 'https://objects.githubusercontent.com/github-production-release-asset-2e65be/34817922/c477b123-44f1-4e3e-91f1-9f3eccf6d7d6?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221024T203457Z&X-Amz-Expires=300&X-Amz-Signature=62aaa4cb5c36e548705ef0e08154d35476cd025b44d1dd484bb35513cc759fb7&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=34817922&response-content-disposition=attachment%3B%20filename%3Dstack-2.9.1-linux-x86_64.tar.gz&response-content-type=application%2Foctet-stream'
*   Trying 185.199.110.133:443...
* Connected to objects.githubusercontent.com (185.199.110.133) port 443 (#2)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /Users/simonuni/opt/anaconda3/ssl/cacert.pem
*  CApath: none
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [19 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [3051 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.io
*  start date: Mar 18 00:00:00 2022 GMT
*  expire date: Mar 21 23:59:59 2023 GMT
*  subjectAltName: host "objects.githubusercontent.com" matched cert's "*.githubusercontent.com"
*  issuer: C=US; O=DigiCert Inc; CN=DigiCert TLS RSA SHA256 2020 CA1
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fb1c1810600)
} [5 bytes data]
> GET /github-production-release-asset-2e65be/34817922/c477b123-44f1-4e3e-91f1-9f3eccf6d7d6?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221024T203457Z&X-Amz-Expires=300&X-Amz-Signature=62aaa4cb5c36e548705ef0e08154d35476cd025b44d1dd484bb35513cc759fb7&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=34817922&response-content-disposition=attachment%3B%20filename%3Dstack-2.9.1-linux-x86_64.tar.gz&response-content-type=application%2Foctet-stream HTTP/2
> Host: objects.githubusercontent.com
> user-agent: curl/7.78.0
> accept: */*
>
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [193 bytes data]
< HTTP/2 200
< content-type: application/octet-stream
< content-md5: jBxg+n9qiq92ECIU7jNAsQ==
< last-modified: Mon, 19 Sep 2022 09:34:55 GMT
< etag: "0x8DA9A22367647D9"
< server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
< x-ms-request-id: 92f94c27-e01e-0003-15e8-e7c301000000
< x-ms-version: 2020-04-08
< x-ms-creation-time: Mon, 19 Sep 2022 09:34:55 GMT
< x-ms-lease-status: unlocked
< x-ms-lease-state: available
< x-ms-blob-type: BlockBlob
< content-disposition: attachment; filename=stack-2.9.1-linux-x86_64.tar.gz
< x-ms-server-encrypted: true
< fastly-restarts: 1
< accept-ranges: bytes
< age: 0
< date: Mon, 24 Oct 2022 20:34:58 GMT
< via: 1.1 varnish
< x-served-by: cache-hhn4080-HHN
< x-cache: MISS
< x-cache-hits: 0
< x-timer: S1666643698.056823,VS0,VE516
< content-length: 14117611
<
{ [5 bytes data]
  1 13.4M    1  175k    0     0   111k      0  0:02:03  0:00:01 35 13.4M   35 4895k    0    84 13.4M   100 13.4M  100 13.4M    0     0  3563k      0  0:00:03  0:00:03 --:--:-- 5925k
* Connection #2 to host objects.githubusercontent.com left intact
xavierchow commented 1 year ago

@Sy-D I met the same issue; I fixed it by disabling the ipv6 on my network(I'm from OSX)

zzantares commented 1 year ago

For the record I experienced the same on Ubuntu 22.04, any stack command resulted in:

HttpExceptionRequest Request {
  host                 = "raw.githubusercontent.com"
  port                 = 443
  secure               = True
  requestHeaders       = [("User-Agent","The Haskell Stack")]
  path                 = "/commercialhaskell/stackage-content/master/stack/stack-setup-2.yaml"
  queryString          = ""
  method               = "GET"
  proxy                = Nothing
  rawBody              = False
  redirectCount        = 10
  responseTimeout      = ResponseTimeoutDefault
  requestVersion       = HTTP/1.1
  proxySecureMode      = ProxySecureWithConnect
}
 ConnectionTimeout

curl worked fine; I thought I was hitting GitHub API rate limits, this wasn't the case, in the end setting DNS servers manually fixed it 👍🏼.

tau-dev commented 1 year ago

This seems to be a bug somewhere in Haskell's networking implementation, see e.g. https://github.com/fosskers/aura/issues/594

asarkar commented 2 months ago

The Haskell ticket linked to by @tau-dev is resolved, but this issue exists as I write, and has been reported by several others on platforms like the Haskell forum, StackOverflow. Is there anything a user do other than the disabling IPV6, and/or switching to Google DNS servers suggestions?

Edit:

I can confirm that this problem no longer exists using stack 3.1.1.

mpilgrem commented 2 months ago

@asarkar, if this has indeed gone away in Stack 3.1.1, that is not Stack's doing. I think Stack makes pretty 'plain vanilla' use of other Haskell packages to fetch files over the internet.

asarkar commented 2 months ago

@mpilgrem If anyone is able to point to a specific package and fix, that’ll be great, but I’m just glad that a simple workaround exists for this issue. When encountered, it’s a complete show stopper since none of the stack commands work.