Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nightly regression: The SSL certificate is invalid #3340

Closed
cuviper opened this issue Nov 28, 2016 · 11 comments · Fixed by #3342
Closed

Nightly regression: The SSL certificate is invalid #3340

cuviper opened this issue Nov 28, 2016 · 11 comments · Fixed by #3342

Comments

@cuviper
Copy link
Member

cuviper commented Nov 28, 2016

We're having cargo trouble on rust-num/num#243, and it appears to be a new regression in the nightly. Note the initial Travis build succeeded, which was using cargo 0.16.0-nightly (b26d672 2016-11-25). Then several homu builds have all failed using cargo 0.16.0-nightly (3568be9 2016-11-26).

$ cargo build --verbose
    Updating registry `https://github.com/rust-lang/crates.io-index`
error: failed to load source for a dependency on `rand`
Caused by:
  Unable to update registry https://github.com/rust-lang/crates.io-index
Caused by:
  failed to fetch `https://github.com/rust-lang/crates.io-index`
Caused by:
  [16/-17] The SSL certificate is invalid

I confirmed the error locally after updating to the same cargo, running on Fedora 25.
@indiv0 indiv0 mentioned this issue Nov 28, 2016
Merged
@alexcrichton alexcrichton mentioned this issue Nov 28, 2016
Closed
@brson
Copy link
Contributor

brson commented Nov 28, 2016

Lots of people reporting this problem today. cc @alexcrichton

@fabricedesre fabricedesre mentioned this issue Nov 28, 2016
Merged
@brson
Copy link
Contributor

brson commented Nov 28, 2016

On IRC camlorn said the workaround for #598 worked for this too.

alexcrichton added a commit to alexcrichton/cargo that referenced this issue Nov 28, 2016
@alexcrichton
Bump git2 dep to fix SSL paths
52fa741 
This commit includes alexcrichton/git2-rs@a8f4a7faa which switches the order of
initialization of libgit2. That commit ensures that the relevant env vars which
a statically linked OpenSSL needs to function are set before libgit2 is
initialized to ensure that libgit2 uses them.

This was regressed accidentally in alexcrichton/git2-rs@071902aa when
initialization was tweaked.

Closes rust-lang#3340
@alexcrichton alexcrichton mentioned this issue Nov 28, 2016
Merged
@alexcrichton
Copy link
Member

Fixed in #3342

bors added a commit that referenced this issue Nov 29, 2016
@bors
Auto merge of #3342 - alexcrichton:fix-ssl, r=alexcrichton
930bdaa 
Bump git2 dep to fix SSL paths

This commit includes alexcrichton/git2-rs@a8f4a7faa which switches the order of
initialization of libgit2. That commit ensures that the relevant env vars which
a statically linked OpenSSL needs to function are set before libgit2 is
initialized to ensure that libgit2 uses them.

This was regressed accidentally in alexcrichton/git2-rs@071902aa when
initialization was tweaked.

Closes #3340
@est31 est31 mentioned this issue Nov 29, 2016
Closed
@christolliday christolliday mentioned this issue Nov 29, 2016
Closed
@Marwes Marwes mentioned this issue Nov 29, 2016
Merged
@antiagainst antiagainst mentioned this issue Nov 29, 2016
Merged
emk added a commit to emk/credentials that referenced this issue Nov 29, 2016
@emk
travis: Try to work around SSL error
2f8f0f2 
rust-lang/cargo#3340
@cuviper
Copy link
Member Author

cuviper commented Nov 29, 2016

FWIW, that #598 workaround isn't quite right for Fedora 25 -- instead it's SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt, which is actually a symlink to /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem.

@alexcrichton alexcrichton mentioned this issue Nov 29, 2016
Closed
@fitzgen fitzgen mentioned this issue Nov 30, 2016
Merged
jonhoo added a commit to mit-pdos/noria that referenced this issue Nov 30, 2016
@jonhoo
workaround for rust-lang/cargo#3340
6ee2596
japaric pushed a commit to japaric/compiler-builtins that referenced this issue Nov 30, 2016
ci: work around rust-lang/cargo#3340
08ad97e
@fitzgen fitzgen mentioned this issue Nov 30, 2016
Merged
japaric pushed a commit to japaric/compiler-builtins that referenced this issue Nov 30, 2016
ci: work around rust-lang/cargo#3340
4736d18
@tbu-
Copy link
Contributor

tbu- commented Nov 30, 2016

The new nightly doesn't include the new Cargo, maybe the nightly build of Cargo is broken?

$ rustup show 
Default host: x86_64-unknown-linux-gnu

installed toolchains
--------------------

stable-x86_64-unknown-linux-gnu
nightly-x86_64-unknown-linux-gnu (default)

active toolchain
----------------

nightly-x86_64-unknown-linux-gnu (default)
rustc 1.15.0-nightly (1c448574b 2016-11-28)

$ cargo --version
cargo 0.16.0-nightly (3568be9 2016-11-26)

@alexcrichton
Copy link
Member

A new rust nightly didn't go out, so a new Cargo nightly didn't go out. The fix isn't in nightlies.

bors added a commit to rust-lang/compiler-builtins that referenced this issue Nov 30, 2016
@bors
Auto merge of #122 - japaric:fix-ci, r=japaric
105f724 
ci: work around rust-lang/cargo#3340

Today's "rust up" didn't give me a fixed Cargo so let's work around the problem to fix Travis builds.
@steveklabnik steveklabnik mentioned this issue Nov 30, 2016
Closed
@oli-obk oli-obk mentioned this issue Dec 1, 2016
Merged
alexcrichton added a commit to alexcrichton/cargo that referenced this issue Dec 1, 2016
@alexcrichton
Bump git2 dep to fix SSL paths
18455ad 
This commit includes alexcrichton/git2-rs@a8f4a7faa which switches the order of
initialization of libgit2. That commit ensures that the relevant env vars which
a statically linked OpenSSL needs to function are set before libgit2 is
initialized to ensure that libgit2 uses them.

This was regressed accidentally in alexcrichton/git2-rs@071902aa when
initialization was tweaked.

Closes rust-lang#3340
@bunnybooboo
Copy link

This is also experienced in Arch Linux rolling release. Pretty excited to come find there's a fix on the way.

@cuviper cuviper mentioned this issue Dec 1, 2016
Merged
@dginev dginev mentioned this issue Dec 2, 2016
Closed
@notriddle notriddle mentioned this issue Dec 2, 2016
Merged
@tbu-
Copy link
Contributor

tbu- commented Dec 3, 2016

New nightly doesn't contain a new cargo, still from 2016-11-26, rustc is from 2016-12-01.

@alexcrichton
Copy link
Member

Ah I can't believe I forgot about that, this is now a rustup issue -- rust-lang/rustup#844

dflemstr added a commit to dflemstr/rq that referenced this issue Dec 4, 2016
@dflemstr
Use pinned version of nightly because of rust-lang/cargo#3340
3fa9834
@sanmai-NL
Copy link

sanmai-NL commented Dec 5, 2016
edited
Loading

Could you (I think @alexcrichton and @brson) please also do a postmortem on this issue? From what I can see the bug was introduced in libgit2-sys, which was then tagged 0.6.5 but not sufficiently tested. In what places can some more basic tests be added? E.g. testing against a locally running https Git server hosting a crates index seems very useful?

@alexcrichton alexcrichton mentioned this issue Dec 5, 2016
Closed
@alexcrichton
Copy link
Member

@sanmai-NL yes I can try to write something up when everything is working again. Unfortunately I don't know how to test this, it's a very specific issue that seems like it could greatly complicate the test infrastructure naively at least.

@tbu- tbu- mentioned this issue Dec 5, 2016
Closed
@lambda-fairy lambda-fairy mentioned this issue Dec 5, 2016
Merged
japaric pushed a commit to japaric/compiler-builtins that referenced this issue Dec 11, 2016
work around rust-lang/cargo#3340
c9155e3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Bump git2 dep to fix SSL paths alexcrichton/cargo
6 participants
@cuviper @alexcrichton @brson @sanmai-NL @bunnybooboo @tbu-