---
Long story short: The mirror I usually use has added a redirect from
http to https. libfetch detects this, but wrongly uses the old url
scheme to determine the port. This subsequently leads to the following
OpenSSL error:
139741541575496:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:331:
Using the new scheme fixes this. This error message comes from trying
to connect to port 80 with TLS, it can also be observed by issuing
$ openssl s_client -connect alpinelinux.org:80
This bug was introduced in commit
7158474 libfetch: keep http auth only if redirect is for the same host
Best,
Martin
libfetch/http.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libfetch/http.c b/libfetch/http.c
index 8239313..e3d8d53 100644
--- a/libfetch/http.c+++ b/libfetch/http.c
@@ -1065,7 +1065,7 @@ http_request(struct url *URL, const char *op, struct url_stat *us,
goto ouch;
}
if (!new->port)
- new->port = fetch_default_port(url->scheme);+ new->port = fetch_default_port(new->scheme); if (!new->user[0] && !new->pwd[0] &&
new->port == url->port &&
strcmp(new->scheme, url->scheme) == 0 &&
--
2.30.2
Hi!
Thanks for chasing the issue down, and providing a fix. Applied!
Timo
On Fri, 12 Mar 2021 17:08:15 +0100
Martin Vahlensieck <git@academicsolutions.ch> wrote:
> ---> Long story short: The mirror I usually use has added a redirect from> http to https. libfetch detects this, but wrongly uses the old url> scheme to determine the port. This subsequently leads to the> following OpenSSL error:> > 139741541575496:error:1408F10B:SSL routines:ssl3_get_record:wrong> version number:ssl/record/ssl3_record.c:331:> > Using the new scheme fixes this. This error message comes from trying> to connect to port 80 with TLS, it can also be observed by issuing> $ openssl s_client -connect alpinelinux.org:80> > This bug was introduced in commit> 7158474 libfetch: keep http auth only if redirect is for the same host> > Best,> > Martin> > libfetch/http.c | 2 +-> 1 file changed, 1 insertion(+), 1 deletion(-)> > diff --git a/libfetch/http.c b/libfetch/http.c> index 8239313..e3d8d53 100644> --- a/libfetch/http.c> +++ b/libfetch/http.c> @@ -1065,7 +1065,7 @@ http_request(struct url *URL, const char *op,> struct url_stat *us, goto ouch;> }> if (!new->port)> - new->port => fetch_default_port(url->scheme);> + new->port => fetch_default_port(new->scheme); if (!new->user[0] && !new->pwd[0] &&> new->port == url->port &&> strcmp(new->scheme, url->scheme)> == 0 &&