search

nicohman / wyvern

A simple CLI client for installing and maintaining linux GOG games
GNU General Public License v3.0
87 stars 5 forks source link

wrong signature type #29

Closed phwoomp closed 5 years ago

phwoomp commented 5 years ago

Hello Nicohman,

First of all, I really like the program you are making! Keep up the good work!

Unfortunately I cannot get it to work properly. I logged in with a OAuth token, when i do wyvern ls, it shows the games I have but when I download I get this error:

Error downloading file. Error message:https://gog.com/downloads/dead_cells/en3installer0: error trying to connect: error:1414D172:SSL routines:tls12_check_peer_sigalg:wrong signature type:../ssl/t1_lib.c:1110:

Also when I try to login with my username and password I get this error:

ERROR 2019-08-17T07:06:41Z: wyvern: Could not login to GOG. ERROR 2019-08-17T07:06:41Z: wyvern: Error: Error(SessionNetwork(ReqwestError(Error(Hyper(Error(Connect, Custom { kind: Other, error: Ssl(Error { code: ErrorCode(1), cause: Some(Ssl(ErrorStack([Error { code: 336908658, library: "SSL routines", function: "tls12_check_peer_sigalg", reason: "wrong signature type", file: "../ssl/t1_lib.c", line: 1110 }]))) }, X509VerifyResult { code: 0, error: "ok" }) })), "https://gog.com/"))), State { next_error: None, backtrace: InternalBacktrace { backtrace: None } }) Hopefully it can be solved, I would love to use wyvern!

clort81 commented 5 years ago

Same error here ERROR 2019-08-23T16:35:12Z: wyvern: Could not login to GOG. ERROR 2019-08-23T16:35:12Z: wyvern: Error: Error(SessionNetwork(ReqwestError(Error(Hyper(Error(Connect, Custom { kind: Other, error: Ssl(Error { code: ErrorCode(1), cause: Some(Ssl(ErrorStack([Error { code: 336908658, library: "SSL routines", function: "tls12_check_peer_sigalg", reason: "wrong signature type", file: "../ssl/t1_lib.c", line: 1110 }]))) }, X509VerifyResult { code: 0, error: "ok" }) })), "https://gog.com/"))), State { next_error: None, backtrace: InternalBacktrace { backtrace: None } })

thanks for making this also. if i find any answers i'll post.

nicohman commented 5 years ago

That is really weird. Do these happen with downloading all games or just specific ones?

clort81 commented 5 years ago

Ok some googling seems to indicate that gog.com is using an older security and should upgrade. If running openssl 1.1.1 as I am, it requires SECLEVEL=2. There is some insecurity in dropping it down to SECLEVEL=1, in /etc/ssl/openssl.cnf Where you change the value for “CipherString” from “DEFAULT@SECLEVEL=2” to “DEFAULT@SECLEVEL=1”

Afaict Gog.com ought to address this. https://community.home-assistant.io/t/debian-10-and-openssl-1-1-1b-wrong-signature-type-errors/121050

[EDIT] it might be possible for wyvern to specify the openssl option "-ciper DEFAULT_at_SECLEVEL=1" to curl?

phwoomp commented 5 years ago

Thanks for looking into the issue. It seems that clort81 found the problem's cause and workaround solution. When I change my seclevel to 1, wyvern works fine. But for now I'd rather wait until either gog updates their security or until there is a specific option for wyvern to use level 1 like clort81 said.