Skip to content
This repository has been archived by the owner on Apr 13, 2021. It is now read-only.

Occasionally unable to download get_theca #1

Open
dLobatog opened this issue Mar 10, 2015 · 3 comments
Open

Occasionally unable to download get_theca #1

dLobatog opened this issue Mar 10, 2015 · 3 comments

Comments

@dLobatog
Copy link
Contributor

I noticed often times the domain is not responding properly to my curl requests. I tried from two different machines in different locations and networks and all I get is:

* About to connect() to static.bracewel.net port 443 (#0)
*   Trying 104.27.132.116...
* Connected to static.bracewel.net (104.27.132.116) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* NSS error -12286 (SSL_ERROR_NO_CYPHER_OVERLAP)
* Cannot communicate securely with peer: no common encryption algorithm(s).
* Error in TLS handshake, trying SSLv3...
> GET /theca/get_theca.sh HTTP/1.1
> User-Agent: curl/7.29.0
> Host: static.bracewel.net
> Accept: */*
> 
* Connection died, retrying a fresh connect
* Closing connection 0
* Issue another request to this URL: 'https://static.bracewel.net/theca/get_theca.sh'
* About to connect() to static.bracewel.net port 443 (#1)
*   Trying 104.27.132.116...
* Connected to static.bracewel.net (104.27.132.116) port 443 (#1)
* TLS disabled due to previous handshake failure
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* NSS error -12286 (SSL_ERROR_NO_CYPHER_OVERLAP)
* Cannot communicate securely with peer: no common encryption algorithm(s).
* Closing connection 1

Other curl requests the script does, like the one to https://static.rust-lang.org/rustup.sh work well. wgetting get_theca works too without a problem, downloading it from the browser works too. Let me know if you need more help.

Tested on:

  • System 1 (Fedora 21)
    curl 7.37.0 (x86_64-redhat-linux-gnu) libcurl/7.37.0 NSS/3.17.4 Basic ECC zlib/1.2.8 libidn/1.28 libssh2/1.4.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz Metalink
  • System 2 (CentOS 7)
    curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.15.4 zlib/1.2.7 libidn/1.28 libssh2/1.4.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz
@rolandshoemaker
Copy link
Owner

I believe this is due to a typo in a Cloudflare page rule I had that was supposed to disable browser integrity checks on the static subdomain, I seem to have fixed it but if you still see this let me know...

@dLobatog
Copy link
Contributor Author

@rolandshoemaker Same result, sorry :/

@rolandshoemaker
Copy link
Owner

Are you still seeing this? I've tested it a few times over the last few days on Ubuntu 14.04 and OS X 10.10.2 (with 7.35.0 and 7.37.1 respectively and same common features as you) and not seen any problems so far...

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dLobatog @rolandshoemaker