Ubuntu Trunk Checksum failed
-
root@FogWest:~/svn/trunk/bin# curl -vvko "checksums" https://fogproject.org/inits/index.php * Hostname was NOT found in DNS cache % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 162.213.199.177... * Connected to fogproject.org (162.213.199.177) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): } [data not shown] * SSLv3, TLS handshake, Server hello (2): { [data not shown] * SSLv3, TLS handshake, CERT (11): { [data not shown] * SSLv3, TLS handshake, Server key exchange (12): { [data not shown] * SSLv3, TLS handshake, Server finished (14): { [data not shown] * SSLv3, TLS handshake, Client key exchange (16): } [data not shown] * SSLv3, TLS change cipher, Client hello (1): } [data not shown] * SSLv3, TLS handshake, Finished (20): } [data not shown] * Unknown SSL protocol error in connection to fogproject.org:443 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 * Closing connection 0 curl: (35) Unknown SSL protocol error in connection to fogproject.org:443 root@FogWest:~/svn/trunk/bin# -
@reflexxion Which version of curl and openssl?
dpkg -l | grep -e " curl" -e " openssl" -
root@FogWest:~/svn/trunk/bin# dpkg -l | grep -e "curl" -e "openssl" ii curl 7.35.0-1ubuntu2.6 i386 command line tool for transferring data with URL syntax ii libcurl3:i386 7.35.0-1ubuntu2.6 i386 easy-to-use client-side URL transfer library (OpenSSL flavour) ii libcurl3-gnutls:i386 7.35.0-1ubuntu2.6 i386 easy-to-use client-side URL transfer library (GnuTLS flavour) ii libcurl4-openssl-dev:i386 7.35.0-1ubuntu2.6 i386 development files and documentation for libcurl (OpenSSL flavour) ii libgnutls-openssl27:i386 2.12.23-12ubuntu2.5 i386 GNU TLS library - OpenSSL wrapper ii openssl 1.0.2g-1+deb.sury.org~trusty+1 i386 Secure Sockets Layer toolkit - cryptographic utility ii php5-curl 5.6.19+dfsg-1+deb.sury.org~trusty+1 i386 CURL module for php5 ii python-openssl 0.13-2ubuntu6 i386 Python 2 wrapper around the OpenSSL library ii python3-pycurl 7.19.3-0ubuntu3 i386 Python 3 bindings to libcurl root@FogWest:~/svn/trunk/bin# -
@reflexxion Ok, I have: curl
7.35.0-1ubuntu2.6but openssl1.0.1f-1ubuntu2.18on one of my test servers (curl downloading the checksums fine!) -
@Sebastian-Roth do you know how I can downgrade to test?
-
I have the same openssl version on my production system.
-
@reflexxion Before downgrading you might want to try forcing curl to use different SSL protocol versions and/or cipher suites:
curl --tlsv1.0 -ko "checksums" https://fogproject.org/inits/index.php curl --tlsv1.1 -ko "checksums" https://fogproject.org/inits/index.php curl --tlsv1.2 -ko "checksums" https://fogproject.org/inits/index.php curl --tlsv1 --ciphers AES256-SHA -ko "checksums" https://fogproject.org/inits/index.phpSee if any of those is working for you…
-
root@FogWest:~/svn/trunk/bin# curl --tlsv1 --ciphers AES256-SHA -ko "checksums" https://fogproject.org/inits/index.php % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 277 0 277 0 0 454 0 --:--:-- --:--:-- --:--:-- 454 root@FogWest:~/svn/trunk/bin# curl --tlsv1.0 -ko "checksums" https://fogproject.org/inits/index.php % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 277 0 277 0 0 498 0 --:--:-- --:--:-- --:--:-- 499 root@FogWest:~/svn/trunk/bin# curl --tlsv1.1 -ko "checksums" https://fogproject.org/inits/index.php % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 277 0 277 0 0 481 0 --:--:-- --:--:-- --:--:-- 480 root@FogWest:~/svn/trunk/bin# curl --tlsv1.2 -ko "checksums" https://fogproject.org/inits/index.php % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 curl: (35) Unknown SSL protocol error in connection to fogproject.org:443 root@FogWest:~/svn/trunk/bin# curl --tlsv1 --ciphers AES256-SHA -ko "checksums" https://fogproject.org/inits/index.php % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 277 0 277 0 0 401 0 --:--:-- --:--:-- --:--:-- 400 root@FogWest:~/svn/trunk/bin# -
@reflexxion Ok, TLSv1.1 seams to work. So as a quick fix you can force curl to always use TLSv1.1 encrpytion via curlrc:
echo "tlsv1.1" >> ~/.curlrc
Then try running the installer again! -
@Sebastian-Roth THAT FIXED IT SIR! Thanks! Not sure if this has been helpful diagnostics for you guys… but I’ve certainly learned a lot! Thanks again!
-
@Sebastian-Roth Well, it fixed the install issue. The kernel update portion of the GUI is still not functional (not significant I don’t think) and the “estimated fog sites” is not working as well. No worries with that stuff… just thought I’d report it!
-
@reflexxion Thanks for your patients trying all the things out. This will definitely help others who run into similar issues. But I guess not very many people have the package repo deb.sury.org added like you have. Seams like others have trouble with curl and ssl versions as well: https://sourceforge.net/p/curl/bugs/1319/
@Quazz Which “same” version of openssl did you mean?
1.0.1f-1ubuntu2.18or @reflexxion’s1.0.2g-1+deb.sury.org~trusty+1?? If it is 1.0.2… then which version of curl you have? -
@Sebastian-Roth The same as reflexxion, but my curl is newer.
I have : 7.43.0-1ubuntu2.1
-
Good to know. So it seams to only cause problems with a distinct combination of curl and openssl version(s). Possibly the newer curl version works around an openssl bug or the other way round…
