search

uber-go / zap

Blazing fast, structured, leveled logging in Go.
https://pkg.go.dev/go.uber.org/zap
MIT License
21.96k stars 1.43k forks source link

Unable to install with Dep #652

Open natdm opened 5 years ago

natdm commented 5 years ago

https://github.com/uber-go/zap/issues/451

This exact same issue, still.

akshayjshah commented 5 years ago

I'm not sure how to debug without a great deal more information; internally, we install this exact package, via the same dep+Cloudflare mechanism, thousands of times a day.

sanjeevchopra commented 5 years ago

@akshayjshah my project has the same error, when behind a corporate proxy -- only for go.uber.org dependencies though. 

$ echo $GO111MODULE
on
$ go get -v go.uber.org/zap
Fetching https://go.uber.org/zap?go-get=1
https fetch failed: Get https://go.uber.org/zap?go-get=1: x509: certificate signed by unknown authority
Fetching https://go.uber.org?go-get=1
https fetch failed: Get https://go.uber.org?go-get=1: x509: certificate signed by unknown authority
go get go.uber.org/zap: unrecognized import path "go.uber.org/zap" (https fetch: Get https://go.uber.org/zap?go-get=1: x509: certificate signed by unknown authority)

I am trying to figure out what is different about go.uber.org .

The following data is not from behind the proxy: go.uber.org fails

~$ openssl s_client -connect go.uber.org:443
CONNECTED(00000005)
140735769768904:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-22.50.2/libressl/ssl/s23_clnt.c:541:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 318 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
---
~$

uber.com works:

~$ openssl s_client -connect uber.com:443
CONNECTED(00000006)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
 0 s:/C=US/ST=California/L=San Francisco/O=Uber Technologies, Inc./CN=*.uber.com
   i:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
 1 s:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
 2 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIQBBx3nW7NMOKXqIuTxQ6a5DANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcwNzExMDAwMDAwWhcN
MjAwNzE1MTIwMDAwWjBxMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p
YTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXVWJlciBUZWNobm9s
b2dpZXMsIEluYy4xEzARBgNVBAMMCioudWJlci5jb20wggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDO5bHpzfvKjMZZrHORKtKs1d9I63yCy4YFQmomCwbh
HxxRzdjjbcPN0pY2g2rGX16z9AyVji7muu6NlxxXkQWDZDDwWc5U4Y4eRJxo9yqL
Uz64Jvr9Vj8Pl35LZjvQmVq2lh4Ys75fgR1mJ+pIUF+8y5uqGSYLIUUgB8nOej9Q
B8yiVx9fw0VfgMDKEO+5nDmoPfunNojHkI27a/5qZpJZr5UVYaCSnZvFdS1pnVeB
huld7mXMvbAml4ar2UAc3kcreO2d1+U8tD8WRsylHc1ITQ8ysOct2RrGnuyGUdfO
kNPygeKSH12w/HBJszcUGM/zEevEefWm3HERdSg060+LAgMBAAGjggHbMIIB1zAf
BgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUQZ1/XX5O
0lxaqTxd6+/tnn0jcnswHwYDVR0RBBgwFoIKKi51YmVyLmNvbYIIdWJlci5jb20w
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBr
BgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1z
aGEyLWcxLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Et
c2hhMi1nMS5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcC
ARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYB
BQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20w
RgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy
dFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0B
AQsFAAOCAQEABr1gSwegxo0v0fygmfHArrXrLoFT2+ohQ1SR8qG7fyr3MAH8zTQD
64uwM5Xnyno0suhCeqRZXkpcpx/WIMcC/Sr78x9MaWc/QYnOoLcLpoyseiGU9NHq
Ss/vGTxJyLT6SnYXM1Ab334dFIjlusA110bagruw8vrF5+7xJlMskIqBTbGGRuEF
ZCluwQHbuAVLaCnn8ujFIseZTvtyPU/ozeXCaZh1t0SGP3Cs0JN47ydSTxnPBHrP
cxj5RG/HYZBeJfVxRtb7ydjxAt07RxhOhBbIjnOki18GBzQ54QqTq9x2+zTaDNHM
GA2EYGP1vodptnSftCNeaRY8ZCF65wzTzA==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=San Francisco/O=Uber Technologies, Inc./CN=*.uber.com
issuer=/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
---
No client certificate CA names sent
---
SSL handshake has read 4120 bytes and written 444 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 71F05723A94A5CED88471A9EF7D34CF21DA092CFC056F47F618117C1D0FDE258
    Session-ID-ctx:
    Master-Key: 1082B590E8BCEB6AE3847A0E1806BCAAD3997C3C811DC5F4F71B3CFD0CD2410BBE3A0482407EC9E262C4D9D217481CC0
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - d7 02 60 c0 32 11 60 16-ce dd 7e a3 05 d3 1b bc   ..`.2.`...~.....
    0010 - 67 bb 3a 3f 5e 3b b6 fb-24 0b 26 6a 6d 61 e6 85   g.:?^;..$.&jma..
    0020 - fa fc 85 d7 e8 4e c9 23-31 0e d1 1f 02 cc 75 a9   .....N.#1.....u.
    0030 - 3a 11 86 22 be 2c b0 5d-78 a7 7d 19 d1 d6 1f 9a   :..".,.]x.}.....
    0040 - 5e 66 6a 51 eb f2 91 5e-85 dc c9 1b 4e f5 f2 15   ^fjQ...^....N...
    0050 - 51 66 0c db b3 a8 e5 d8-17 d3 8b 7c d6 6f 23 98   Qf.........|.o#.
    0060 - eb 22 96 d6 84 98 e1 00-44 40 0b 92 70 1a fe 34   ."......D@..p..4
    0070 - 1a c4 54 79 3f ad 40 af-7c 89 d9 ca b4 d9 4c ef   ..Ty?.@.|.....L.
    0080 - 36 6d 9a 32 71 3f 47 46-28 8f c6 cb 73 df fe bf   6m.2q?GF(...s...
    0090 - b9 7a c0 1d a5 54 22 4a-b1 46 66 3c aa 8f 07 0d   .z...T"J.Ff<....
    00a0 - 57 52 eb f2 6b 29 b0 45-a1 8d b8 b3 c3 a4 03 3f   WR..k).E.......?

    Start Time: 1543867805
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
closed
~$
natdm commented 5 years ago

Thanks @sanjeevchopra for the example. That's 100% our issue as well. We tried to clone it and hold it locally, but the dependencies in there suffer from the same issues.