[BUG] Powershell v2 fails to download SSLv3 files #531
Comments
@Redsandro yeah, it gets fun. You are trying too hard to get to these VMs - you should really use vagrant - see https://github.com/ferventcoder/vagrant-windows-puppet |
Operation timing out is weird, it shouldn't do that. You might try upgrading chocolatey to the latest version first. |
Sorry, I was a bit TLDR, but I did. Vanilla Windows 7. Vanilla chocolatey. Same error. Offtopic: Vagrant is just VirtualBox with a command line wrapper around it, so there's no real difference between With that said, I didn't know there were Windows base boxes? I couldn't find them anywhere. I thought that was illegal. It does make life easier though. What's in them? How do you communicate with them? They have no ssh, right? How do you preconfigure them on the disk image without starting the license grace period? Also, people don't just have a license lying around, that's why I use the PS - I already use |
depends on the boxes - https://vagrantcloud.com/search?utf8=%E2%9C%93&sort=&provider=&q=windows |
There is also a vagrant box offered by MSOpenTech. It is like 8GB packed though. |
I managed to get one packed down to just under 4GB (still huge) using lzma compression: https://vagrantcloud.com/mwrock/Windows2012R2 Won't work for you since it is a hyper-V box and requires a couple recent vagrant PRs I submitted that allow for .vhd format files and a working implementation of SMB on windows guests. I should make a vbox version. You can try grabbing the evaluation ISO at http://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2012-r2 |
4GB for Windows 2012R2 isn't bad. Mine is 4GB on both vrtualbox and vmware_fusion |
Interesting, I didn't know about these boxes! What do these include? The Modern.ie ones also include guest additions so you can use them without configuration, and after 30 days just remove and re-import them. Ssh would be nice but I can't seem to install stuff without starting the OS (and starting the license timeout)
Isn't it better for chocolatey testing purposes (AKA figuring out why certain users have problems) to use the product most realistically used by the audience? I use these 'boxes', as in, I just import them and repack them to a box without any kind of vagranty additives. |
Back to the issue at hand, what is the output of chocolatey v.27? |
Well like I said the error message is the same, but if you think the new version has more clues in it's output, I will gladly fire up a clean Win7 VM. But note that the Installing Chocolatey
Installing
|
Setting the UserAgent to 'chocolatey command line'
times out on VMSetting the UserAgent to 'chocolatey command line'
DEBUG: Running 'Get-WebHeaders' with url:'http://download.gnome.org/binaries/win32/tomboy/1.14/Tomboy-1.14.0.msi', userAgent: 'chocolatey command line' |
Does it time out on HEAD? |
I believe not, at least not using
|
Setting the UserAgent to 'chocolatey command line'
Upon further investigation, the .net framework is unable to download the file for some reason. It's not just a HEAD request that times out, it's any request. |
The 302 redirect to HTTPS... |
Good find! It won't download a redirect at all, or HTTPS redirect in particular, or just this specific case? Since I got this in Windows 7, but the person who contacted me had a different error - related to DotNet4 needing a reboot, which is the error that would appear after the download was succesful and the script would proceed - he probably had a newer build (probably service pack); I am thinking that this error might be there in Windows <= 7.0 and not in Windows >= 7.1. |
Just of note, this doesn't affect PowerShell 3/4 as they use .NET Framework 4.0 |
It's Powershell v2.0 related as it uses .NET framework 2.0/3.5. Whatever issue it was seems to be fixed in newer versions of powershell, but to be sure I'm going to update to posh 3 in my vm and see if it fails. |
I thought Sorry if stupid question. |
Inspection with fiddler determines that the SSLv3 has a handshake failure - http://social.msdn.microsoft.com/Forums/en-US/5be893c2-b16c-4e2c-ad9a-ab4deb0c8962/ssl-handshake-failure?forum=netfxcompact |
So ideally, in stead of timing out, it would either:
|
@Redsandro Posh v2 uses .net framework 2. |
You are going to love the answer to this... |
Powershell, which uses the .NET Framework v2, has a bug that prevents it from falling back to SSL3 when TLS doesn't properly download files. So it causes the response to timeout because it never receives a response. This forces the security protocol to SSL3 when using Poshv2.
This is a bit naive implementation. What we might want to do is create a short timeout and then move to the fallback when it fails for the remainder of the run. |
I don't fully understand what is happening, but if it works, it works. |
It's b/c the fallback doesn't work on .net framework v2, but it works on v4. If you look at current protocol you will see: |
Limit the fallback to only when there is a failure in the webrequest. This way TLS downloads could still work.
Give it a shot - https://chocolatey.org/packages/chocolatey/0.9.8.28-alpha1 |
Is there a way to install pre-release version directly? Instead of:
|
Seems to work*. 👍
*) Disclaimer: I forgot to make a snapshot so this vm already has tomboy installed. I removed the downloaded file and used |
@Redsandro the undocumented way to get absolute latest:
Note |
It seems cause the same problem with v0.9.10? I install chocolatey in a vanilla win7 sp1 that didn't apply any update.
|
Similar but not the same - you are missing a certificate that is required to allow the installation. https://chocolatey.org/docs/proxy-settings-for-chocolatey#still-having-trust-issues - we'll be moving this to a troubleshooting page. |
I am trying to run a
VirtualBox
vm to test what is going on with my package.I had one user contacting me mentioning my package
Tomboy
is broken. I tried to install it on a friend's machine, and it worked fine. So I wanted to investigate. But I don't have Windows myself. Hence theVirtualBox
solution.However, Virtualbox, I tried Windows 7 x86 and x64, on two different versions of Chocolatey, but they all give this error, that we don't see on non-vm (AKA 'real') Windows. Summarized:
DEBUG: Setting the UserAgent to 'chocolatey command line'
[ERROR] Exception calling "GetResponse" with "0" argument(s): "The operation has timed out"
I think this happens when the package is trying to install it's dependency. In the case of
tomboy
the dependency isgtksharp
. Thegtksharp
installs fine on some version of windows and throws error 1603 on another.Inline edit
gtksharp
throws error on the evaluation version of Windows as a virtual machine:http://pastebin.com/wPVwi51T
but installs fine on a virtual machine of a pirated version of Windows I downloaded from the pirate bay. I am going to remove that one so I can do no more testing. But you can call me 100% confused. Both versions were 'vanilla' out of the box.
Edit 2
I finally figured out that 1603 meant the GTK# installer required .NET 4.0. The evaluation version does not have that. Apparently, the pirated version did. So that's figured out, but I consider the below error message still an issue. Nothing should time out. I expect a message like "dependency installation failed."
-edit- I cannot copy-paste the other log because forgot to install
guest additions
. Stupid VMs. Butv0.9.8.27
stops on the same error.The text was updated successfully, but these errors were encountered: