Fix: failed to connect to github when run 'install.sh'

[BruceZu]

Replace protocol https with git to let install.sh work in an environment where the HTTPS/SSL connection cannot be available somehow.

==== how to retrigger

bash-3.2# GIT_CURL_VERBOSE=1 GIT_TRACE=1 git -c
advice.detachedHead=false clone https://github.com/creationix/nvm.git -b
v0.34.0 --depth=1
21:49:01.676517 git.c:419               trace: built-in: git clone
https://github.com/creationix/nvm.git -b v0.34.0 --depth=1
Cloning into 'nvm'...
21:49:01.678041 run-command.c:643       trace: run_command:
git-remote-https origin https://github.com/creationix/nvm.git
warning: Protocol restrictions not supported with cURL < 7.19.4
* Couldn't find host github.com in the .netrc file; using defaults
*   Trying 192.30.255.113...
* TCP_NODELAY set
* Connected to github.com (192.30.255.113) port 443 (#0)
* Cipher selection:
* ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs/
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443
* Closing connection 0
fatal: unable to access 'https://github.com/creationix/nvm.git/':
OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443

==== environment

bash-3.2# git --version
git version 2.21.0
bash-3.2# curl --version
curl 7.64.1 (x86_64-pc-linux-gnu) libcurl/7.64.1 OpenSSL/0.9.7m
zlib/1.2.3
Release-Date: 2019-03-27
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL
UnixSockets

==== Refer
angular/angular-phonecat#212

[ljharb]

I'm very confused. Why would we want to use the git protocol when the source isn't git?

What problem is this fixing? The install script works as-is just fine, and has done so for years. What's broken?

[BruceZu]

Hi ljharb,
You can find the problem and what is broken in the commit message.
The issue happened in 'chroot' environment where there is no ssh key there and need not provide ssh key. nvm should not assume the user should always have ssh.
see https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols

[ljharb]

Why would you need an ssh key for https? Any environment that can't make HTTPS/SSL connections is utterly broken, if that's what you're implying.

[BruceZu]

• Do you mean curl need to provide HTTPS/SSL connections?
  Please see 'Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps' in my commit message.

• The patched version with git protocol works well now.
  May I know why not use git protocol?

[ljharb]

Absolutely, curl needs to be able to connect with SSL. I see that "https" is in "Protocols" so i'm not clear on what's not already working.

Because the git protocol only makes sense when used with git - when used with curl, the only protocol that should be used here is https.

[BruceZu]

about what's not already working

bash-3.2# curl -k  -o- https://raw.githubusercontent.com/creationix/nvm/v0.34.0/install.sh | bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 13226  100 13226    0     0   1308      0  0:00:10  0:00:10 --:--:--  3125
=> Downloading nvm from git to '/home/jenkins/.nvm'
=> Cloning into '/home/jenkins/.nvm'...
warning: Protocol restrictions not supported with cURL < 7.19.4
fatal: unable to access 'https://github.com/creationix/nvm.git/': OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443 
Failed to clone nvm repo. Please report this!

I agree git protocol cannot resolve the nvm install issue. still need check the curl why it does not support SSL connect.
Any help will be appreciated.
I am planning reinstall the curl

[ljharb]

it kind of looks like your system doesn’t have OpenSSL installed

[BruceZu]

I have openssl

bash-3.2# openssl version -a 
OpenSSL 0.9.7m 23 Feb 2007
built on: Wed Jan 13 14:52:56 PST 2010
platform: linux-elf
options:  bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) blowfish(idx) 
compiler: gcc -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_HW -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_IDEA -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
OPENSSLDIR: "/etc/ssl"

let me upgrade it to a new version. Thank you, @ljharb

[ljharb]

Sounds like this can be closed?

[BruceZu]

please give me some time, I will update with the result.

[BruceZu]

bash-3.2# nvm install 10.15.3
Version '10.15.3' not found - try `nvm ls-remote` to browse available versions.
bash-3.2# mvn ls-remote
OpenJDK 64-Bit Server VM warning: Can't detect initial thread stack location - find_vma failed

any hints?

[BruceZu]

it is not stable

second time to run and show

bash-3.2# nvm install 10.15.3
Version '10.15.3' not found - try `nvm ls-remote` to browse available versions.
bash-3.2# nvm ls-remote
            N/A
bash-3.2# 

[BruceZu]

$ sudo chroot . /bin/sh /home/bzu/.nvm/bash_completion 
/home/bzu/.nvm/bash_completion: line 6: return: can only `return' from a function or sourced script

[BruceZu]

$ sudo chroot . /bin/ls -l /home/bzu/.nvm/versions/node/v10.15.3/bin/node
-rwxrwxrwx 1 root root 39224256 2019-04-17 23:09 /home/bzu/.nvm/versions/node/v10.15.3/bin/node
$ sudo chroot . /bin/bash /home/bzu/.nvm/nvm.sh
/usr/bin/env: node: No such file or directory
sudo chroot . /bin/ls -l /home/bzu/.nvm/
total 208
drwxrwxrwx 3 root root   4096 2019-04-17 23:09 alias
-rwxrwxrwx 1 root root   2122 2019-04-17 23:09 bash_completion
-rwxrwxrwx 1 root root   1057 2019-04-17 23:09 CONTRIBUTING.md
-rwxrwxrwx 1 root root   4011 2019-04-17 23:09 Dockerfile
-rwxrwxrwx 1 root root  13226 2019-04-17 23:09 install.sh
-rwxrwxrwx 1 root root   1078 2019-04-17 23:09 LICENSE.md
-rwxrwxrwx 1 root root   5364 2019-04-17 23:09 Makefile
-rwxrwxrwx 1 root root    344 2019-04-17 23:09 nvm-exec
-rwxrwxrwx 1 root root 110106 2019-04-17 23:09 nvm.sh
-rwxrwxrwx 1 root root   2016 2019-04-17 23:09 package.json
-rwxrwxrwx 1 root root  28679 2019-04-17 23:09 README.md
-rwxrwxrwx 1 root root    910 2019-04-17 23:09 ROADMAP.md
drwxrwxrwx 9 root root   4096 2019-04-17 21:56 test
-rwxrwxrwx 1 root root   2206 2019-04-17 23:09 update_test_mocks.sh
drwxrwxrwx 3 root root   4096 2019-04-17 23:09 versions

strange behavior

[BruceZu]

This topic can be closed. The chroot jail is wrong with
some library dependencies do not exist inside the chroot environment.
They are link in the host machine. After check and fix all of them.
node works now.

Thank you @ljharb

[ljharb]

In the future, it may be better to discuss on an issue before making a PR.