New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error: server is not connected to the internet message - but I am, or so I think ... #16255

Closed
jnfrmarks opened this Issue May 11, 2015 · 88 comments

Comments

Projects
None yet
@jnfrmarks

jnfrmarks commented May 11, 2015

Steps to reproduce

  1. Install 8.1
  2. Navigate to the admin page
  3. Check the security warnings

Expected behaviour

They should make sense

Actual behaviour

This one doesn't make sense as I am connected to the internet:

p340

More information is needed (a pointer to a link?) on how to resolve this.

Server Host info:

Ubuntu 14.04
PHP 5.5.9

Server configuration:

ownCloud Enterprise Edition 8.1 beta 1 (daily) Build:2015-05-11T03:08:42+00:00 52fc45e

@jnfrmarks jnfrmarks added this to the 8.1-current milestone May 11, 2015

@derkostka

This comment has been minimized.

Contributor

derkostka commented May 11, 2015

i can confirm this, how is the connection checked ? maybe something is missing ...

@karlitschek karlitschek added the bug label May 11, 2015

@ghost

This comment has been minimized.

ghost commented May 12, 2015

The check seems to be done here:

* Checks if the ownCloud server can connect to the internet using HTTPS and HTTP

So www.owncloud.org needs to be reachable.

@DeepDiver1975

This comment has been minimized.

Member

DeepDiver1975 commented May 12, 2015

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented May 12, 2015

Please create a test.php in the same directory as your index.php with the following input and report the output:

<?php

require_once('./lib/base.php');


$client = \OC::$server->getHTTPClientService()->newClient();
try {
    $client->get('https://www.owncloud.org/');
    $client->get('http://www.owncloud.org/');
} catch (\Exception $e) {
    throw $e;
}

Also be sure to add define('DEBUG', true); at top of your config.php so that we have a proper stacktrace.

@derkostka

This comment has been minimized.

Contributor

derkostka commented May 12, 2015

Thanks for your Help, here is the trace:

Interner Serverfehler

Der Server hat einen internen Fehler und konnte Ihre Anfrage nicht
vervollständigen.

Bitte wende Dich an den Serveradministrator, sollte dieser Fehler mehrfach
auftreten, und füge Deiner Anfrage die unten stehenden technischen Details
bei.

Weitere Details können im Serverprotokoll gefunden werden.

Technische Details

Entfernte Adresse: 2a02:2450:102d:3ff:cd66:9893:147a:7cAnforderungskennung:
VVJssn8AAAEAAGcnRB8AAAAGTyp: GuzzleHttp\Exception\RequestExceptionCode:
0Nachricht: cURL error 5: Could not resolve proxy:
www.aaaaowncloud.orgDatei:
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Exception/RequestException.phpZeile:
51

Spur

#0 /var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/RequestFsm.php(104):
GuzzleHttp\Exception\RequestException::wrapException(Object(GuzzleHttp\Message\Request),
Object(GuzzleHttp\Ring\Exception\RingException)) #1
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/RequestFsm.php(132):
GuzzleHttp\RequestFsm->__invoke(Object(GuzzleHttp\Transaction)) #2
/var/www/owncloud/3rdparty/react/promise/src/FulfilledPromise.php(24):
GuzzleHttp\RequestFsm->GuzzleHttp{closure}(Array) #3
/var/www/owncloud/3rdparty/guzzlehttp/ringphp/src/Future/CompletedFutureValue.php(55):
React\Promise\FulfilledPromise->then(Object(Closure), NULL, NULL) #4
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Message/FutureResponse.php(43):
GuzzleHttp\Ring\Future\CompletedFutureValue->then(Object(Closure), NULL,
NULL) #5
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/RequestFsm.php(135):
GuzzleHttp\Message\FutureResponse::proxy(Object(GuzzleHttp\Ring\Future\CompletedFutureArray),
Object(Closure)) #6
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Client.php(232):
GuzzleHttp\RequestFsm->__invoke(Object(GuzzleHttp\Transaction)) #7
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Client.php(192):
GuzzleHttp\Client->send(Object(GuzzleHttp\Message\Request)) #8
/var/www/owncloud/lib/private/http/client/client.php(122):
GuzzleHttp\Client->get('https://www.aaa...', Array) #9
/var/www/owncloud/test.php(3): OC\Http\Client\Client->get('https://www.aaa...')
#10 {main}
Am 12.05.2015 09:46 schrieb "Lukas Reschke" notifications@github.com:

Please create a test.php in the same directory as your index.php with the
following input and report the output:

getHTTPClientService()->newClient();try { $client->get('https://www.aaaaowncloud.org/'); $client->get('http://www.owncloud.org/');} catch (\Exception $e) { throw $e;} Also be sure to add define('DEBUG', true); at top of your config.php so that we have a proper stacktrace. — Reply to this email directly or view it on GitHub https://github.com//issues/16255#issuecomment-101173236.
@derkostka

This comment has been minimized.

Contributor

derkostka commented May 12, 2015

and once more without that AAA in the URL:
Interner Serverfehler
Der Server hat einen internen Fehler und konnte Ihre Anfrage nicht vervollständigen.
Bitte wende Dich an den Serveradministrator, sollte dieser Fehler mehrfach auftreten, und füge Deiner Anfrage die unten stehenden technischen Details bei.
Weitere Details können im Serverprotokoll gefunden werden.

Technische Details
Entfernte Adresse: 2a02:2450:102d:3ff:cd66:9893:147a:7c
Anforderungskennung: VVJuXn8AAAEAAGlEY7kAAAAC
Typ: GuzzleHttp\Exception\RequestException
Code: 0
Nachricht: cURL error 56: Proxy CONNECT aborted
Datei: /var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Exception/RequestException.php
Zeile: 51

Spur
#0 /var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/RequestFsm.php(104): GuzzleHttp\Exception\RequestException::wrapException(Object(GuzzleHttp\Message\Request), Object(GuzzleHttp\Ring\Exception\RingException))
#1 /var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/RequestFsm.php(132): GuzzleHttp\RequestFsm->__invoke(Object(GuzzleHttp\Transaction))
#2 /var/www/owncloud/3rdparty/react/promise/src/FulfilledPromise.php(24): GuzzleHttp\RequestFsm->GuzzleHttp{closure}(Array)
#3 /var/www/owncloud/3rdparty/guzzlehttp/ringphp/src/Future/CompletedFutureValue.php(55): React\Promise\FulfilledPromise->then(Object(Closure), NULL, NULL)
#4 /var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Message/FutureResponse.php(43): GuzzleHttp\Ring\Future\CompletedFutureValue->then(Object(Closure), NULL, NULL)
#5 /var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/RequestFsm.php(135): GuzzleHttp\Message\FutureResponse::proxy(Object(GuzzleHttp\Ring\Future\CompletedFutureArray), Object(Closure))
#6 /var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Client.php(232): GuzzleHttp\RequestFsm->__invoke(Object(GuzzleHttp\Transaction))
#7 /var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Client.php(192): GuzzleHttp\Client->send(Object(GuzzleHttp\Message\Request))
#8 /var/www/owncloud/lib/private/http/client/client.php(122): GuzzleHttp\Client->get('https://www.own...', Array)
#9 /var/www/owncloud/test.php(3): OC\Http\Client\Client->get('https://www.own...')
#10 {main}

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented May 12, 2015

@derkostka Interesting. Can you post your config.php and also try by fixing the aaaaaowncloud.org to owncloud.org - technically it should fail then as well if it is what I suspect. Thanks!

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented May 12, 2015

Ah you were faster ;-) - Config.php still applies :-)

@derkostka

This comment has been minimized.

Contributor

derkostka commented May 12, 2015

Sure !

Please consider that if i upgrade i usually keep the old config. May be
something is missing here for OC 8.1 ...

Welcome to Ubuntu 15.04 (GNU/Linux 3.8.13.28 armv7l)

cat /var/www/owncloud/config/config.php

'someocinstanceid', 'passwordsalt' => 'tastysalt', 'hashingCost' => 10, 'trusted_domains' => array ( 0 => 'cloud.sebastiankostka.de', 1 => 'de1.portmap64.net', 2 => '192.168.6.9', 3 => 'odroid', 4 => 'vpn', ), 'datadirectory' => '/media/data/owncloud/data', 'version' => '8.1.0.5', 'dbtype' => 'mysql', 'dbhost' => '127.0.0.1', 'dbname' => 'owncloud', 'dbuser' => 'ownclouduser', 'dbpassword' => 'mysecretpassword', 'dbtableprefix' => 'oc_', 'sqlite.journal_mode' => 'DELETE', 'installed' => true, 'default_language' => 'de', 'defaultapp' => 'files', 'knowledgebaseenabled' => true, 'enable_avatars' => true, 'allow_user_to_change_display_name' => true, 'remember_login_cookie_lifetime' => 1296000, 'session_lifetime' => 86400, 'session_keepalive' => true, 'skeletondirectory' => '', 'mail_domain' => 'mydomain', 'mail_from_address' => 'owncloud', 'mail_smtpdebug' => false, 'mail_smtpmode' => 'smtp', 'mail_smtphost' => 'mail', 'mail_smtpport' => 465, 'mail_smtptimeout' => 10, 'mail_smtpsecure' => 'ssl', 'mail_smtpauth' => true, 'mail_smtpauthtype' => 'LOGIN', 'mail_smtpname' => 'me@mymail', 'mail_smtppassword' => 'secret', 'overwritehost' => '', 'overwriteprotocol' => '', 'overwritewebroot' => '', 'overwritecondaddr' => '', 'overwrite.cli.url' => '', 'proxy' => '', 'proxyuserpwd' => '', 'trashbin_retention_obligation' => 30, 'trashbin_auto_expire' => true, 'appcodechecker' => false, 'updatechecker' => true, 'has_internet_connection' => true, 'check_for_working_webdav' => true, 'check_for_working_htaccess' => true, 'config_is_read_only' => false, 'log_type' => 'owncloud', 'logfile' => '/var/log/owncloud.log', 'loglevel' => 0, 'logdateformat' => 'F d, Y H:i:s', 'logtimezone' => 'Europe/Berlin', 'log_query' => false, 'cron_log' => true, 'log_rotate_size' => 104857600, '3rdpartyroot' => '', '3rdpartyurl' => '', 'customclient_desktop' => 'http://owncloud.org/sync-clients/', 'customclient_android' => ' https://play.google.com/store/apps/details?id=com.owncloud.android', 'customclient_ios' => ' https://itunes.apple.com/us/app/owncloud/id543672169?mt=8', 'appstoreenabled' => true, 'appstoreurl' => 'https://api.owncloud.com/v1', 'apps_paths' => array ( 0 => array ( 'path' => '/var/www/owncloud/apps', 'url' => '/apps', 'writable' => true, ), 1 => array ( 'path' => '/var/www/owncloud/apps2', 'url' => '/apps2', 'writable' => true, ), ), 'enable_previews' => true, 'preview_max_x' => NULL, 'preview_max_y' => NULL, 'preview_max_scale_factor' => 10, 'preview_max_filesize_image' => 50, 'preview_libreoffice_path' => '/usr/bin/libreoffice', 'preview_office_cl_parameters' => ' --headless --nologo --nofirststartwizard --invisible --norestore -convert-to pdf -outdir ', 'enabledPreviewProviders' => array ( 0 => 'OC\Preview\Image', 1 => 'OC\Preview\MP3', 2 => 'OC\Preview\TXT', 3 => 'OC\Preview\MarkDown', ), 'ldapUserCleanupInterval' => 51, 'maintenance' => false, 'singleuser' => false, 'forcessl' => true, 'forceSSLforSubdomains' => true, 'openssl' => array ( 'config' => '/absolute/location/of/openssl.cnf', ), 'blacklisted_files' => array ( 0 => '.htaccess', ), 'share_folder' => '/', 'theme' => '', 'xframe_restriction' => true, 'cipher' => 'AES-256-CFB', 'redis' => array ( 'host' => 'localhost', 'port' => 6379, 'timeout' => 0, ), 'memcached_servers' => array ( 0 => array ( 0 => 'localhost', 1 => 11211, ), ), 'cache_path' => '', 'quota_include_external_storage' => false, 'filesystem_check_changes' => 1, 'asset-pipeline.enabled' => false, 'assetdirectory' => '/var/www/owncloud', 'mount_file' => 'data/mount.json', 'filesystem_cache_readonly' => false, 'supportedDatabases' => array ( 0 => 'sqlite', 1 => 'mysql', 2 => 'pgsql', 3 => 'oci', 4 => 'mssql', ), 'custom_csp_policy' => 'default-src \'self\'; script-src \'self\' \'unsafe-eval\'; style-src \'self\' \'unsafe-inline\'; frame-src *; img-src *; font-src \'self\' data:; media-src *; connect-src *', 'secret' => 'somesecret', 'trusted_proxies' => array ( 0 => '203.0.113.45', 1 => '198.51.100.128', ), 'forwarded_for_headers' => array ( 0 => 'HTTP_X_FORWARDED', 1 => 'HTTP_FORWARDED_FOR', ), 'max_filesize_animated_gifs_public_sharing' => 10, 'ldapIgnoreNamingRules' => false, ); Am 12.05.2015 23:21 schrieb "Lukas Reschke" notifications@github.com: > @derkostka https://github.com/derkostka Interesting. Can you post your > config.php and also try by fixing the aaaaaowncloud.org to owncloud.org - > technically it should fail then as well if it is what I suspect. Thanks! > > — > Reply to this email directly or view it on GitHub > https://github.com//issues/16255#issuecomment-101425597.
@ghost

This comment has been minimized.

ghost commented May 12, 2015

@derkostka
Seems you have copied over the config.sample.php? 🙈

@derkostka

This comment has been minimized.

Contributor

derkostka commented May 12, 2015

@RealRancor
edit: had to read twice, it's late .. sorry.

anyway, if it is a configuration problem the error message should indicate that.

@derkostka

This comment has been minimized.

Contributor

derkostka commented May 12, 2015

so yes, I copied over the sample and did my modifications as far as I knew them ...

@ghost

This comment has been minimized.

ghost commented May 13, 2015

@derkostka
In general copying over the config.sample.php is not supported and can cause various issues. Newer versions of OC will also "bail out" if you're doing this there:

https://github.com/owncloud/core/blob/v8.0.3/config/config.sample.php#L7-L10
https://github.com/owncloud/core/blob/v8.0.3/config/config.sample.php#L973-L980

The second message you have posted says:

"cURL error 56: Proxy CONNECT aborted"

Your current config.php contains the default "trusted_proxies" setting:

https://github.com/owncloud/core/blob/v8.0.3/config/config.sample.php#L955

which could cause this.

@derkostka

This comment has been minimized.

Contributor

derkostka commented May 13, 2015

Thanks for the pointer. Good to see this one is probably (my) configuration fault. @jnfrmarks does this also apply to you ?

Edit: I did remove all Proxy-relations i´ve seen from the config, still:
Nachricht: cURL error 56: Proxy CONNECT aborted

I am away for the weekend, but i will rework my complete config and look again in a test instance. meanwhile, let´s wait for jnfrmarks reply. Thanks for the support !

@cmonteroluque cmonteroluque modified the milestones: 8.2-next, 8.1-current Jun 14, 2015

@jnfrmarks

This comment has been minimized.

jnfrmarks commented Jun 16, 2015

@RealRancor @derkostka @LukasReschke

I'm getting back to this now and don't know what I need to do here. I still see the warning on my CentOS system but not on my ubuntu system.

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented Jun 16, 2015

@jnfrmarks Any way you can grant me access to that system?

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented Jun 16, 2015

Relevant error entry:

{"reqId":"gYucJ95zFT8VH1f3+Htt","remoteAddr":"172.16.12.96","app":"PHP","message":"GuzzleHttp\\Exception\\ClientException: Client error response [url] https:\/\/owncloud.org\/ [status code] 400 [reason phrase] Bad Request at \/var\/www\/html\/owncloud\/3rdparty\/guzzlehttp\/guzzle\/src\/Exception\/RequestException.php#89","level":3,"time":"2015-06-16T07:23:58+00:00","method":"GET","url":"\/owncloud\/test.php"}

When dumping the error entry:


object(GuzzleHttp\Message\Response)#486 (7) {
  ["reasonPhrase":"GuzzleHttp\Message\Response":private]=>
  string(11) "Bad Request"
  ["statusCode":"GuzzleHttp\Message\Response":private]=>
  int(400)
  ["effectiveUrl":"GuzzleHttp\Message\Response":private]=>
  string(29) "https://owncloud.org/test.php"
  ["headers":"GuzzleHttp\Message\AbstractMessage":private]=>
  array(8) {
    ["date"]=>
    array(1) {
      [0]=>
      string(29) "Tue, 16 Jun 2015 15:24:52 GMT"
    }
    ["server"]=>
    array(1) {
      [0]=>
      string(6) "Apache"
    }
    ["x-frame-options"]=>
    array(1) {
      [0]=>
      string(10) "SAMEORIGIN"
    }
    ["strict-transport-security"]=>
    array(1) {
      [0]=>
      string(16) "max-age=31536000"
    }
    ["x-xss-protection"]=>
    array(1) {
      [0]=>
      string(13) "1; mode=block"
    }
    ["content-length"]=>
    array(1) {
      [0]=>
      string(3) "347"
    }
    ["connection"]=>
    array(1) {
      [0]=>
      string(5) "close"
    }
    ["content-type"]=>
    array(1) {
      [0]=>
      string(29) "text/html; charset=iso-8859-1"
    }
  }
  ["headerNames":"GuzzleHttp\Message\AbstractMessage":private]=>
  array(8) {
    ["date"]=>
    string(4) "Date"
    ["server"]=>
    string(6) "Server"
    ["x-frame-options"]=>
    string(15) "X-Frame-Options"
    ["strict-transport-security"]=>
    string(25) "Strict-Transport-Security"
    ["x-xss-protection"]=>
    string(16) "X-XSS-Protection"
    ["content-length"]=>
    string(14) "Content-Length"
    ["connection"]=>
    string(10) "Connection"
    ["content-type"]=>
    string(12) "Content-Type"
  }
  ["body":"GuzzleHttp\Message\AbstractMessage":private]=>
  object(GuzzleHttp\Stream\Stream)#487 (7) {
    ["stream":"GuzzleHttp\Stream\Stream":private]=>
    resource(421) of type (stream)
    ["size":"GuzzleHttp\Stream\Stream":private]=>
    NULL
    ["seekable":"GuzzleHttp\Stream\Stream":private]=>
    bool(true)
    ["readable":"GuzzleHttp\Stream\Stream":private]=>
    bool(true)
    ["writable":"GuzzleHttp\Stream\Stream":private]=>
    bool(true)
    ["uri":"GuzzleHttp\Stream\Stream":private]=>
    string(10) "php://temp"
    ["customMetadata":"GuzzleHttp\Stream\Stream":private]=>
    array(0) {
    }
  }
  ["protocolVersion":"GuzzleHttp\Message\AbstractMessage":private]=>
  string(3) "1.1"
}

This means 172.18.5.39 gets a 400 returned from owncloud.org which results in this behaviour since a 400 status code is an error. Requires investigation on the owncloud.org server side as well. (on it)

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented Jun 16, 2015

On the owncloud.org server:

[Tue Jun 16 17:28:24 2015] [error] [client XXXX] Re-negotiation request failed
[Tue Jun 16 17:28:24 2015] [error] SSL Library Error: 336068946 error:14080152:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation disabled
[Tue Jun 16 17:28:24 2015] [error] [client XXXX] Re-negotiation request failed
[Tue Jun 16 17:28:24 2015] [error] SSL Library Error: 336068946 error:14080152:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation disabled
[Tue Jun 16 17:28:30 2015] [error] Hostname www.owncloud.org provided via SNI and hostname owncloud.org provided via HTTP are different
[Tue Jun 16 17:28:30 2015] [error] Hostname www.owncloud.org provided via SNI and hostname owncloud.org provided via HTTP are different

Looks like an SNI related issue. Digging…

@ghost

This comment has been minimized.

ghost commented Jun 16, 2015

Looks like an SNI related issue

Thought about the same. Is curl used for this request?

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented Jun 16, 2015

Is curl used for this request?

Yup. With 8.1 we always use the PHP cURL bindings in form of a wrapper around GuzzleHttp.

This is a PHP bug: https://bugs.php.net/bug.php?id=67639

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented Jun 16, 2015

For testing purposes:

<?php
function doCurl($url) {
    $ch = curl_init($url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    $result = curl_exec($ch);
    $code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);
    return $code;
}
echo "HTTP Status: ".doCurl("https://owncloud.org")."\n";
echo "HTTP Status: ".doCurl("https://www.owncloud.org")."\n";

If the second line returns a 400 then the PHP version is affected by this bug.

@jnfrmarks

This comment has been minimized.

jnfrmarks commented Jun 16, 2015

@LukasReschke

Is there something we need to do to either remove the bug message or let the customer know about the php bug?

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented Jun 16, 2015

Well… Recompiling PHP with a newer cURL version might help. Besides that everything else that we can do is only cosmetic and it is indeed possibly that this breaks other features as well when it comes to handling connections to hosts with SNI. Though having connections in the same PHP request to two different domains running on the same server with SNI is unlikely. I would however not say that this is impossible.

If we just want to get rid of this error we need to stop using SNI on owncloud.org, for this please get in touch with sysadmin.

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented Jun 16, 2015

On the first moment I can think about S2S breaking when handling SNI stuff with an alias, for example when the ownCloud instance is accessible from www.owncloud.org as well as owncloud.org, in this case the file cache and whatever might go 💥

@urbenlegend

This comment has been minimized.

urbenlegend commented Jul 20, 2015

The fix hasn't even hit Fedora yet so I would guess there aren't any packages for CentOS

@Tgarius

This comment has been minimized.

Tgarius commented Jul 23, 2015

I used the rpm's from above (centos7) and the message is gone.

@erm67

This comment has been minimized.

erm67 commented Jul 26, 2015

The patch found in:
https://bugzilla.redhat.com/show_bug.cgi?id=1104597

fixes the problem for fedora 22 as well. Too bad there aren't official rpm available yet.

@dpackman

This comment has been minimized.

dpackman commented Aug 10, 2015

I was able to compile curl 7.43 from source at http://curl.haxx.se using
./configure --enable-tls-srp --enable-ldaps --enable-ldap
make install
and adding the line
LD_LIBRARY_PATH=/usr/local/lib
to the appropriate system environment file for your web server such as
/etc/sysconfig/httpd
This way I was able to fix the problem without disturbing the rpms and dependencies.

@Lonecrowe

This comment has been minimized.

Lonecrowe commented Aug 11, 2015

So shouldn't there be a recommendation from the Owncloud community to advise against using Centos as of now until its sorted or there is an actual permanent fix? I tried recompiling curl as well as many other dozens of solutions without any luck.

@dpackman

This comment has been minimized.

dpackman commented Aug 11, 2015

You say you recompiled curl and it didn't work? Did you try the test case above outside of owncloud for testing?

@ghost

This comment has been minimized.

ghost commented Aug 11, 2015

@Lonecrowe oC 8.1.1 shows the messages what to do in the admin section like seen here:

https://doc.owncloud.org/server/8.1/admin_manual/configuration_server/security_setup_warnings.html#outdated-nss-openssl-version

Because of a bug in one single library its probably a little bit overkill to advise against a whole distribution.

@LukasReschke

This comment has been minimized.

Member

LukasReschke commented Aug 12, 2015

Generally speaking, a lot of the stuff should work even with older and buggy NSS. We employed workarounds for installing apps, if that with 8.1.1 does not work then please file a detailled issue. The more information the better.

However, there are problems left. So in rare cases where you do a Server-to-Server share to different instances on the same server using SNI this will lead to problems. There are some others, but as a regular user you are not likely to experience a lot of them.

Using CentOS and RHEL is completely fine. While it would be better that they update their stuff this is not completely dangerous.

As we now have a check and also mitigated some other issues I'm going to close this.

@ghost

This comment has been minimized.

ghost commented Aug 14, 2015

Thank you @dpackman. Your fix worked perfectly for me!

@Chais

This comment has been minimized.

Chais commented Aug 19, 2015

So what's the proposed fix now? I'm still experiencing this on Arch with curl 7.43.0-1 and nss 3.19.2-2

@ghost

This comment has been minimized.

@erm67

This comment has been minimized.

erm67 commented Aug 20, 2015

@Chais file a bug at https://bugs.archlinux.org/ mentioning that this https://bugzilla.redhat.com/show_bug.cgi?id=1104597 patch fixes the problem for fedora 22 (well maybe, if you can, try to patch and recompile nss:-) ), the arch guys are usually very fast to fix things.. I don't understand why RedHat did not merge the patch at least in testing. Maybe there isn't enough people complaining :-)

@sargue

This comment has been minimized.

sargue commented Aug 21, 2015

I also got the admin message "this server has no internet conection...". OC Server 8.1.1

Result from the above PHP/cURL test (seems ok):
HTTP Status: 200
HTTP Status: 301

My system is Debian stable 64 bits.

Apache

Server version: Apache/2.4.10 (Debian)
Server built:   Aug  1 2015 20:53:57
Server's Module Magic Number: 20120211:37
Server loaded:  APR 1.5.1, APR-UTIL 1.5.4
Compiled using: APR 1.5.1, APR-UTIL 1.5.4
Architecture:   64-bit
Server MPM:     prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/apache2"
 -D SUEXEC_BIN="/usr/lib/apache2/suexec"
 -D DEFAULT_PIDLOG="/var/run/apache2.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="mime.types"
 -D SERVER_CONFIG_FILE="apache2.conf"

PHP

PHP 5.6.9-0+deb8u1 (cli) (built: Jun  5 2015 11:03:27)
Copyright (c) 1997-2015 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2015 Zend Technologies
    with Zend OPcache v7.0.4-dev, Copyright (c) 1999-2015, by Zend Technologies

cURL

curl 7.38.0 (x86_64-pc-linux-gnu) libcurl/7.38.0 OpenSSL/1.0.1k zlib/1.2.8 libidn/1.29 libssh2/1.4.3 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API SPNEGO NTLM NTLM_WB SSL libz TLS-SRP
@ghost

This comment has been minimized.

ghost commented Aug 21, 2015

@sargue

This comment has been minimized.

sargue commented Aug 21, 2015

@RealRancor Thanks! It was a missing ca-bundle.crt

Did the "upgrader app" path from latest 8.0 version (waited until 8.1.1, skipped 8.1.0 as I had encryption enabled in the past).

@ghost

This comment has been minimized.

ghost commented Aug 21, 2015

@sargue Yes, the updater is currently failing to copy this ca-bundle.crt if upgrading from oC 8.0.x to 8.1.x: owncloud/updater#164

@crazy4leet

This comment has been minimized.

crazy4leet commented Sep 30, 2015

FYI for anyone following this issue.

Fedora 22/23 has had the updated curl-7.40.0-7.fc22/23 package pushed out to the stable repo 9 days ago (https://bugzilla.redhat.com/show_bug.cgi?id=1104597)

RHEL/CentOS 7.1 has an updated package in the testing repo (https://bugzilla.redhat.com/show_bug.cgi?id=1241172)

@Fohlen

This comment has been minimized.

Fohlen commented Nov 17, 2015

To fix the problem on Ubuntu 13.04 or 14.04, you can actually follow these instructions

  • Use this custom PPA to update your cURL
  • Fetch the latest ca-bundle.crt by executing wget https://raw.githubusercontent.com/owncloud/core/stable8.1/config/ca-bundle.crt in your config folder.

This made things work for me again.
Additionally anyone upgrading should check for empty or invalid proxy settings in their config.php

@koenr

This comment has been minimized.

koenr commented Dec 4, 2015

I had the ca-bundle.crt, but downloading it again as Fohlen commented solved my problem.
Ubuntu 14.04 with default php.

@Varbin

This comment has been minimized.

Varbin commented Dec 8, 2015

This helped me on Debian 7, too!

@adrian-vg

This comment has been minimized.

adrian-vg commented Nov 29, 2017

I just got this error again after several years of not seeing them having tested some of the above fixes.
Getting the internet connection-message on both CentOS 6 and 7.
The COS7 server is a recent fresh install with Owncloud.
The COS6 is an oldie.
Both servers run the latest OC v10.0.3.3 software.
Has something changed?

@MichaIng

This comment has been minimized.

MichaIng commented Dec 19, 2017

Same here on v10.0.4, most interesting this is on a Debian VM, upgraded to Buster, so all packages are more recent than on my other systems (Jessie + Stretch), where the error does not show up.
Use MariaDB + Apache + mod-php + redis-server with it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment