Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tls: unexpected message #316

Open
nervuri opened this issue May 12, 2022 · 9 comments
Open

tls: unexpected message #316

nervuri opened this issue May 12, 2022 · 9 comments
Labels
bug Something isn't working help wanted Extra attention is needed upstream The issue is with a library.

Comments

@nervuri
Copy link

nervuri commented May 12, 2022

amfora gemini://gemini.ucant.org/ -> URL Fetch Error: Failed to connect to the server: local error: tls: unexpected message.

The capsule works in other clients.

I'm using:

Amfora 1.9.2
Commit: 61d864540140f463a183e187e4211c258bd518bf
Built by: goreleaser
@makew0rld
Copy link
Owner

Thanks for finding this. Can confirm the bug with version:

Amfora v1.9.2-32-g3917402
Commit: 3917402e2d44b6a302bf4a4d39570896a989d29c
Built by: Makefile

This seems to be an upstream bug with Go's TLS library. Or perhaps not a bug at all, but an issue with the server, and other non-Go clients are more forgiving of it.

Related Go issues:

This capsule uses the bespoke blizanci server. Maybe the issue is there, maybe not. Would require some testing and reading into its code.

@makew0rld makew0rld added bug Something isn't working help wanted Extra attention is needed upstream The issue is with a library. labels May 12, 2022
@mk270
Copy link

mk270 commented May 13, 2022

working theory is that we're hitting the following missing feature / bug of the underlying server-side TLS implementation: erlang/otp#5950

Is the amfora TLS client trying to use a TLS version earlier than TLS v1.3?

@nervuri
Copy link
Author

nervuri commented May 13, 2022

TLS 1.3 is used. Amfora supports both 1.3 and 1.2.

@mk270
Copy link

mk270 commented May 13, 2022

Aha! I shall have to check this out by installing Amfora. The Erlang/OTP people will be interested to hear what on earth is going on here.

@makew0rld
Copy link
Owner

@mk270 thanks looking into this! Let me know how things go. Once this is confirmed to be a server-side problem I'll close this issue, but you can still put updates here.

TLS 1.3 is used. Amfora supports both 1.3 and 1.2.

Can confirm.

@mk270
Copy link

mk270 commented May 13, 2022

Thanks. does Amfora default to TLS v1.2 though?

@mk270
Copy link

mk270 commented May 13, 2022

I've checked this with gemget, which seems to use the same client TLS library (but maybe not in the same way), and the problem doesn't recur. I'll have to try with Amfora directly.

@makew0rld
Copy link
Owner

The problem is recurring for me with gemget, I'd be surprised if it didn't. Maybe you're using an older version, and something in Go's TLS lib changed somewhat recently that is causing this bug? Strange...

~
➤ gemget -o- gemini://gemini.ucant.org/ 
Info: Started gemini://gemini.ucant.org/
Error: failed to connect to the server: local error: tls: unexpected message

~
➤ gemget -v
gemget v1.8.0-3-g257682e
Commit: 257682ea01077b5c75a2214f2feab96f27dceb90
Built by: Makefile

Does Amfora default to TLS v1.2 though?

This is handled by the Go TLS lib. The only setting I've made related to versions is that TLS 1.2 is the minimum supported version, so TLS 1.0 will never be used. I would assume that the client uses the highest version that the server supports. Can't find an RFC or code snippet to support this right now, but it would be weird for it to do anything else.

So the answer is that Amfora will use TLS 1.3 if the server supports it, and otherwise use TLS 1.2.

@mk270
Copy link

mk270 commented Jun 8, 2022

It looks like upstream has just put a lot of work into fixing this. Let's re-test in due course.

erlang/otp#6041

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working help wanted Extra attention is needed upstream The issue is with a library.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mk270 @makew0rld @nervuri