search

rust-lang / cargo

The Rust package manager
https://doc.rust-lang.org/cargo
Apache License 2.0
12.83k stars 2.42k forks source link

spurious network error #14129

Open barak-reif-cko opened 5 months ago

barak-reif-cko commented 5 months ago

Problem

connecting to crates.io from cargo fails:

❯ cargo build
warning: unused manifest key: http
    Updating crates.io index
warning: spurious network error (3 tries remaining): [35] SSL connect error (LibreSSL/3.3.6: error:04FFF06A:rsa routines:CRYPTO_internal:block type is not 01)
warning: spurious network error (2 tries remaining): [35] SSL connect error (LibreSSL/3.3.6: error:04FFF06A:rsa routines:CRYPTO_internal:block type is not 01)
warning: spurious network error (1 tries remaining): [35] SSL connect error (LibreSSL/3.3.6: error:04FFF06A:rsa routines:CRYPTO_internal:block type is not 01)
error: failed to get `aws-config` as a dependency of package `rust-lambda-data-api v0.1.0 (-------------)`

Caused by:
  download of config.json failed

Caused by:
  failed to download from `https://index.crates.io/config.json`

Caused by:
  [35] SSL connect error (LibreSSL/3.3.6: error:04FFF06A:rsa routines:CRYPTO_internal:block type is not 01)

not issue on the curl side:

❯ curl -Iv https://index.crates.io/config.json
* Host index.crates.io:443 was resolved.
* IPv6: (none)
* IPv4: 13.226.2.43, 13.226.2.121, 13.226.2.98, 13.226.2.116
*   Trying 13.226.2.43:443...
* Connected to index.crates.io (13.226.2.43) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
*  CAfile: /Library/Application Support/Netskope/STAgent/data/nscacert_combined.pem
*  CApath: none
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-AES128-GCM-SHA256 / [blank] / UNDEF
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=crates.io
*  start date: Dec 26 00:00:00 2023 GMT
*  expire date: Jan 23 23:59:59 2025 GMT
*  subjectAltName: host "index.crates.io" matched cert's "index.crates.io"
*  issuer: C=US; O=Amazon; CN=Amazon RSA 2048 M02
*  SSL certificate verify ok.
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://index.crates.io/config.json
* [HTTP/2] [1] [:method: HEAD]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: index.crates.io]
* [HTTP/2] [1] [:path: /config.json]
* [HTTP/2] [1] [user-agent: curl/8.6.0]
* [HTTP/2] [1] [accept: */*]
> HEAD /config.json HTTP/2
> Host: index.crates.io
> User-Agent: curl/8.6.0
> Accept: */*
> 
< HTTP/2 200 
HTTP/2 200 
< content-type: application/octet-stream
content-type: application/octet-stream
< content-length: 76
content-length: 76
< last-modified: Tue, 12 Mar 2024 07:31:15 GMT
last-modified: Tue, 12 Mar 2024 07:31:15 GMT
< x-amz-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
< x-amz-version-id: oJr.VPzoI2MIgYxW8Lam7ayZJlnQq_9z
x-amz-version-id: oJr.VPzoI2MIgYxW8Lam7ayZJlnQq_9z
< accept-ranges: bytes
accept-ranges: bytes
< server: AmazonS3
server: AmazonS3
< date: Sun, 23 Jun 2024 07:44:14 GMT
date: Sun, 23 Jun 2024 07:44:14 GMT
< etag: "652b69f181634dbf60fc8c3ec9f776e5"
etag: "652b69f181634dbf60fc8c3ec9f776e5"
< vary: Accept-Encoding
vary: Accept-Encoding
< x-cache: Hit from cloudfront
x-cache: Hit from cloudfront
< via: 1.1 0e7c1faba1392f39c179bd78da48eb4e.cloudfront.net (CloudFront)
via: 1.1 0e7c1faba1392f39c179bd78da48eb4e.cloudfront.net (CloudFront)
< x-amz-cf-pop: TLV50-C1
x-amz-cf-pop: TLV50-C1
< x-amz-cf-id: J0a7h5a9jqjAOZDJvWl5x0EpT90jyu-Z3LTcUob71Axc-p7FKPaglQ==
x-amz-cf-id: J0a7h5a9jqjAOZDJvWl5x0EpT90jyu-Z3LTcUob71Axc-p7FKPaglQ==
< age: 799
age: 799

< 
* Connection #0 to hos

Steps

  1. macOs
  2. any rust project
  3. cargo build

Possible Solution(s)

No response

Notes

using self signed certificates (company) but using a combined pem file, this is the first time in a year this happened.

Version

cargo 1.79.0 (ffa9cf99a 2024-06-03)
release: 1.79.0
commit-hash: ffa9cf99a594e59032757403d4c780b46dc2c43a
commit-date: 2024-06-03
host: aarch64-apple-darwin
libgit2: 1.7.2 (sys:0.18.3 vendored)
libcurl: 8.6.0 (sys:0.4.72+curl-8.6.0 system ssl:(SecureTransport) LibreSSL/3.3.6)
ssl: OpenSSL 1.1.1w  11 Sep 2023
os: Mac OS 14.5.0 [64-bit]
Zymlex commented 3 weeks ago

Still relevant.

weihanglo commented 3 weeks ago

On macOS cargo uses libcurl from the system. Try curl https://index.crates.io/config.json and see if it has the problem.

Zymlex commented 3 weeks ago

I can only suggest that the problem is older version of Windows (Server 2019, 17763)

weihanglo commented 3 weeks ago

Please see and https://github.com/rust-lang/cargo/issues/13291#issuecomment-1891012711 and share the output of them.

https://github.com/rust-lang/cargo/issues/14517 also mentioned potential BitDefender issue. And the main issue of networking is https://github.com/rust-lang/cargo/issues/6513.

Anyway, networking problem is hard. It is hard from our side to remotely debug. We'll need your help for collecting sufficient data/logs.