(GH-531) Fix - Powershell v2 fails to download SSL v3 files

Powershell, which uses the .NET Framework v2, has a bug that prevents it from falling back to SSL3 when TLS doesn't properly download files. So it causes the response to timeout because it never receives a response. This forces the security protocol to SSL3 when using Poshv2.
chocolatey-archive · Jul 29, 2014 · 10499fc · 10499fc
1 parent 096bf8a
commit 10499fc
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 8 deletions.
diff --git a/src/chocolatey.ps1 b/src/chocolatey.ps1
@@ -166,6 +166,13 @@ Write-Debug "Arguments: `$command = '$command'|`$force=$force`
 |`$packageParameters='$packageParameters'`
 |PowerShellVersion=$($host.version)|OSVersion=$([System.Environment]::OSVersion.Version.ToString())"
 
+$currentProtocol = [System.Net.ServicePointManager]::SecurityProtocol
+Write-Debug "Current Security Protocol - $currentProtocol"
+if ($host.Version -lt (new-object 'Version' 3,0)) {
+  Write-Debug "Converting Security Protocol to SSL3 only for Powershell v2"
+  [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Ssl3
+}
+
 # run level environment variables
 $env:chocolateyForceX86 = $null
 if ($forceX86) {
@@ -206,6 +213,10 @@ foreach ($packageName in $packageNames) {
     if ($badPackages -ne '') { $badPackages += ', '}
     $badPackages += "$packageName"
   }
+  finally {
+    # ensure protocol is set appropriately
+    [System.Net.ServicePointManager]::SecurityProtocol = $currentProtocol
+  }
 }
 
 if ($badPackages -ne '') {

diff --git a/src/helpers/functions/Get-WebHeaders.ps1 b/src/helpers/functions/Get-WebHeaders.ps1
@@ -7,6 +7,7 @@ param(
   if ($url -eq '') { return }
 
   $request = [System.Net.HttpWebRequest]::Create($url);
+  #$request.Method = "HEAD"
   #to check if a proxy is required
   $client = New-Object System.Net.WebClient
   if (!$client.Proxy.IsBypassed($url))
@@ -18,31 +19,50 @@ param(
       $creds = $cred.GetNetworkCredential();
     }
     $proxyAddress = $client.Proxy.GetProxy($url).Authority
-    Write-host "Using this proxyserver: $proxyAddress"
+    Write-Host "Using this proxyserver: $proxyAddress"
     $proxy = New-Object System.Net.WebProxy($proxyAddress)
     $proxy.credentials = $creds
     $request.proxy = $proxy
   }
 
+  $request.Accept = "*/*"
+  $request.AllowAutoRedirect = $true
+  $request.MaximumAutomaticRedirections=10
+
   #http://stackoverflow.com/questions/518181/too-many-automatic-redirections-were-attempted-error-message-when-using-a-httpw
   $request.CookieContainer = New-Object System.Net.CookieContainer
   if ($userAgent -ne $null) {
     Write-Debug "Setting the UserAgent to `'$userAgent`'"
     $request.UserAgent = $userAgent
   }
 
-  $response = $request.GetResponse();
-
-  $headers = @{}
-  Write-Debug "Web Headers Received:"
-  foreach ($key in $response.Headers) {
-    $value = $response.Headers[$key];
+  Write-Debug "Request Headers:"
+  foreach ($key in $request.Headers) {
+    $value = $request.Headers[$key];
     if ($value) {
       $headers.Add("$key","$value")
       Write-Debug "  `'$key`':`'$value`'"
     }
   }
-  $response.Close();
+
+  $headers = @{}
+
+  try {
+    $response = $request.GetResponse();
+
+    Write-Debug "Response Headers:"
+    foreach ($key in $response.Headers) {
+      $value = $response.Headers[$key];
+      if ($value) {
+        $headers.Add("$key","$value")
+        Write-Debug "  `'$key`':`'$value`'"
+      }
+    }
+
+    $response.Close();
+  } catch {
+    Write-Host "Attempt to get headers for $url failed.`n  $($_.Exception.Message)"
+  }
 
   $headers
 }