[MacPorts] #66750: aom failed to download because of tlsv1 alter internal error

MacPorts noreply at macports.org
Mon Jan 23 06:54:14 UTC 2023 

#66750: aom failed to download because of tlsv1 alter internal error
---------------------+--------------------
 Reporter:  pinxue   |      Owner:  (none)
     Type:  defect   |     Status:  new
 Priority:  Normal   |  Milestone:
Component:  ports    |    Version:  2.8.0
 Keywords:  ventura  |       Port:  aom
---------------------+--------------------
 System:
 Ventura 13.1 (22C65)
 Darwin version 22.2.0; root:xnu-8792.61.2~4/RELEASE_ARM64_T6000 arm64
 MacPorts 2.8.0

 I still have this issue, with tlsv1 alter internal error:

 {{{
 :notice:fetch --->  Fetching distfiles for aom
 :debug:fetch Executing org.macports.fetch (aom)
 :debug:fetch Executing: /usr/bin/git clone --progress
 https://aomedia.googlesource.com/aom.git
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_multimedia_aom/aom/work/aom-3.5.0
 2>&1
 :debug:fetch system: /usr/bin/git clone --progress
 https://aomedia.googlesource.com/aom.git
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_multimedia_aom/aom/work/aom-3.5.0
 2>&1
 :info:fetch Cloning into
 '/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_multimedia_aom/aom/work/aom-3.5.0'...
 :info:fetch fatal: unable to access
 'https://aomedia.googlesource.com/aom.git/': error:1404B438:SSL
 routines:ST_CONNECT:tlsv1 alert internal error
 :info:fetch Command failed: /usr/bin/git clone --progress
 https://aomedia.googlesource.com/aom.git
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_multimedia_aom/aom/work/aom-3.5.0
 2>&1
 :info:fetch Exit code: 128
 :error:fetch Failed to fetch aom: Git clone failed
 :debug:fetch Error code: NONE
 :debug:fetch Backtrace: Git clone failed
 :debug:fetch     while executing
 :debug:fetch "gitfetch"
 :debug:fetch     (procedure "portfetch::fetch_main" line 14)
 :debug:fetch     invoked from within
 :debug:fetch "$procedure $targetname"
 }}}


 It seems a certificate config issue.

 curl info:
 {{{
 curl -v https://aomedia.googlesource.com/aom.git/
 *   Trying 64.190.63.111:443...
 * Connected to aomedia.googlesource.com (64.190.63.111) port 443 (#0)
 * found 139 certificates in /opt/local/share/curl/curl-ca-bundle.crt
 * GnuTLS ciphers: NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509:-VERS-SSL3.0
 * ALPN: offers h2
 * ALPN: offers http/1.1
 * gnutls_handshake() failed: Internal error
 * Closing connection 0
 curl: (35) gnutls_handshake() failed: Internal error
 }}}


 Tried to access the git repo on a Linux box works:
 {{{
 curl -v https://aomedia.googlesource.com/aom.git/
 *   Trying 2607:f8b0:4023:c0b::52:443...
 * Connected to aomedia.googlesource.com (2607:f8b0:4023:c0b::52) port 443
 (#0)
 * ALPN, offering h2
 * ALPN, offering http/1.1
 * successfully set certificate verify locations:
 *  CAfile: /etc/ssl/certs/ca-certificates.crt
 *  CApath: /etc/ssl/certs
 * TLSv1.3 (OUT), TLS handshake, Client hello (1):
 * TLSv1.3 (IN), TLS handshake, Server hello (2):
 * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
 * TLSv1.3 (IN), TLS handshake, Certificate (11):
 * TLSv1.3 (IN), TLS handshake, CERT verify (15):
 * TLSv1.3 (IN), TLS handshake, Finished (20):
 * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
 * TLSv1.3 (OUT), TLS handshake, Finished (20):
 * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
 * ALPN, server accepted to use h2
 * Server certificate:
 *  subject: CN=*.googlecode.com
 *  start date: Jan  2 08:18:33 2023 GMT
 *  expire date: Mar 27 08:18:32 2023 GMT
 *  subjectAltName: host "aomedia.googlesource.com" matched cert's
 "*.googlesource.com"
 *  issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1C3
 *  SSL certificate verify ok.
 * Using HTTP2, server supports multi-use
 * Connection state changed (HTTP/2 confirmed)
 * Copying HTTP/2 data in stream buffer to connection buffer after upgrade:
 len=0
 * Using Stream ID: 1 (easy handle 0x560779009ad0)
 > GET /aom.git/ HTTP/2
 > Host: aomedia.googlesource.com
 > user-agent: curl/7.74.0
 > accept: */*
 >
 * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
 * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
 * old SSL session ID is stale, removing
 * Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
 < HTTP/2 200
 }}}

-- 
Ticket URL: <https://trac.macports.org/ticket/66750>
MacPorts <https://www.macports.org/>
Ports system for macOS

More information about the macports-tickets mailing list