Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL verify failure on push #8

Closed
petemounce opened this issue Feb 14, 2018 · 7 comments
Closed

SSL verify failure on push #8

petemounce opened this issue Feb 14, 2018 · 7 comments

Comments

@petemounce
Copy link
Contributor

When I attempt to push my package, I now get an SSL TrustFailure.

+ docker run --rm --volume /Users/pete/src/github/bazelbuild/bazel/scripts/packages/chocolatey/bazel-package:/Users/pete/src/github/bazelbuild/bazel/scripts/packages/chocolatey/bazel-package --workdir /Users/pete/src/github/bazelbuild/bazel/scripts/packages/chocolatey/bazel-package linuturk/mono-choco push bazel.0.11.0-rc2.nupkg --timeout 30 --apikey=REDACTED_BUT_VALID
Chocolatey v0.10.9.0
Directory 'opt/chocolatey/lib' does not exist.

Chocolatey is not an official build (bypassed with --allow-unofficial).
 If you are seeing this message and it is not expected, your system may
 now be in a bad state. Only official builds are to be trusted.

Attempting to push bazel.0.11.0-rc2.nupkg to https://push.chocolatey.org/
Got a bad hardware address length for an AF_PACKET 16 8
Got a bad hardware address length for an AF_PACKET 16 8
Error: TrustFailure (Ssl error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED
  at /home/buildozer/aports/testing/mono/src/mono-5.2.0.224/external/boringssl/ssl/handshake_client.c:1132)

I did a little digging, and I think it's possible the upstream container doesn't have an up-to-date certchain. (This is far from an area I'm familiar with!).

That lead me to find https://stackoverflow.com/questions/26028971/docker-container-ssl-certificates (but I don't follow what it's doing or the implications, so haven't tried it).

Also, mono/docker@adc7a3e. However, I think the version of the upstream container is deprecated (mono 3x seems quite old).

I'll try changing the upstream container to a later version, rebuilding my package, and report back.
@petemounce
Copy link
Contributor Author

I tried out

4.8.0.524 - this failed to build:

$ docker build -t choco .
Sending build context to Docker daemon    214kB
Step 1/15 : FROM mono:4.8.0.524 as builder
4.8.0.524: Pulling from library/mono
762ae076e9a3: Pull complete
a984d9edc113: Pull complete
efa9977a8eca: Pull complete
6cc137918cae: Pull complete
Digest: sha256:5e49cab7e329bf3eacc7fb256b6dad447fcbbd0a7953a617e0b6bdb484acb738
Status: Downloaded newer image for mono:4.8.0.524
 ---> e247d7774bd5
Step 2/15 : ARG chocoVersion=stable
 ---> Running in 1c0ba781736d
Removing intermediate container 1c0ba781736d
 ---> 1b20d4580b04
Step 3/15 : RUN apt-get update && apt-get install -y wget tar gzip
 ---> Running in 0432c40752dd
Get:1 http://security.debian.org wheezy/updates Release.gpg [1601 B]
Get:2 http://security.debian.org wheezy/updates Release [39.0 kB]
Get:3 http://deb.debian.org wheezy Release.gpg [2373 B]
Get:4 http://deb.debian.org wheezy-updates Release.gpg [1601 B]
Get:5 http://security.debian.org wheezy/updates/main amd64 Packages [774 kB]
Get:6 http://download.mono-project.com wheezy/snapshots/4.8.0.524 Release.gpg [473 B]
Get:7 http://deb.debian.org wheezy Release [191 kB]
Get:8 http://download.mono-project.com wheezy/snapshots/4.8.0.524 Release [5336 B]
Get:9 http://deb.debian.org wheezy-updates Release [155 kB]
Get:10 http://deb.debian.org wheezy/main amd64 Packages [7634 kB]
Get:11 http://download.mono-project.com wheezy/snapshots/4.8.0.524/main amd64 Packages [58.4 kB]
Get:12 http://deb.debian.org wheezy-updates/main amd64 Packages [7481 B]
Fetched 8870 kB in 5s (1766 kB/s)
Reading package lists...
W: Conflicting distribution: http://download.mono-project.com wheezy/snapshots/4.8.0.524 Release (expected wheezy/snapshots but got wheezy)
Reading package lists...
Building dependency tree...
Reading state information...
gzip is already the newest version.
gzip set to manually installed.
tar is already the newest version.
tar set to manually installed.
The following NEW packages will be installed:
  wget
0 upgraded, 1 newly installed, 0 to remove and 11 not upgraded.
Need to get 770 kB of archives.
After this operation, 2223 kB of additional disk space will be used.
Get:1 http://security.debian.org/ wheezy/updates/main wget amd64 1.13.4-3+deb7u5 [770 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 770 kB in 0s (2119 kB/s)
Selecting previously unselected package wget.
(Reading database ... 13089 files and directories currently installed.)
Unpacking wget (from .../wget_1.13.4-3+deb7u5_amd64.deb) ...
Setting up wget (1.13.4-3+deb7u5) ...
Removing intermediate container 0432c40752dd
 ---> e08d748b8d74
Step 4/15 : WORKDIR /usr/local/src/choco
Removing intermediate container 00d00fd59fff
 ---> 6575f263f88e
Step 5/15 : RUN wget "https://github.com/chocolatey/choco/archive/$chocoVersion.tar.gz"
 ---> Running in 80c03e7191f0
--2018-02-14 23:23:02--  https://github.com/chocolatey/choco/archive/stable.tar.gz
Resolving github.com (github.com)... 192.30.253.113, 192.30.253.112
Connecting to github.com (github.com)|192.30.253.113|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/chocolatey/choco/tar.gz/stable [following]
--2018-02-14 23:23:03--  https://codeload.github.com/chocolatey/choco/tar.gz/stable
Resolving codeload.github.com (codeload.github.com)... 192.30.253.121, 192.30.253.120
Connecting to codeload.github.com (codeload.github.com)|192.30.253.121|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/x-gzip]
Saving to: `stable.tar.gz'

     0K .......... .......... .......... .......... ..........  293K
    50K .......... .......... .......... .......... ..........  564K
   100K .......... .......... .......... .......... .......... 4.44M
   150K .......... .......... .......... .......... ..........  674K
   200K .......... .......... .......... .......... .......... 3.86M
   250K .......... .......... .......... .......... ..........  766K
   300K .......... .......... .......... .......... .......... 2.26M
   350K .......... .......... .......... .......... .......... 4.25M
   400K .......... .......... .......... .......... ..........  861K
   450K .......... .......... .......... .......... .......... 2.55M
   500K .......... .......... .......... .......... .......... 1.82M
   550K .......... .......... .......... .......... .......... 1.19M
   600K .......... .......... .......... .......... .......... 1.92M
   650K .......... .......... .......... .......... .......... 3.53M
   700K .......... .......... .......... .......... .......... 1.22M
   750K .......... .......... .......... .......... .......... 1.84M
   800K .......... .......... .......... .......... .......... 3.47M
   850K .......... .......... .......... .......... .......... 1.05M
   900K .......... .......... .......... .......... .......... 2.12M
   950K .......... .......... .......... .......... ..........  461K
  1000K .......... .......... .......... .......... .......... 1.69M
  1050K .......... .......... .......... .......... .......... 9.49M
  1100K .......... .......... .......... .......... .......... 9.35M
  1150K .......... .......... .......... .......... .......... 2.71M
  1200K .......... .......... .......... .......... .......... 2.56M
  1250K .......... .......... .......... .......... .......... 1.35M
  1300K .......... .......... .......... .......... .......... 1.40M
  1350K .......... .......... .......... .......... .......... 1.15M
  1400K .......... .......... .......... .......... .......... 1.22M
  1450K .......... .......... .......... .......... .......... 2.38M
  1500K .......... .......... .......... .......... .......... 1.39M
  1550K .......... .......... .......... .......... .......... 1.06M
  1600K .......... .......... .......... .......... .......... 1.65M
  1650K .......... .......... .......... .......... .......... 1.32M
  1700K .......... .......... .......... .......... .......... 2.09M
  1750K .......... .......... .......... .......... .......... 1.66M
  1800K .......... .......... .......... .......... ..........  257K
  1850K .......... .......... .......... .......... ..........  578K
  1900K .......... .......... .......... .......... .......... 25.4M
  1950K .......... .......... .......... .......... .......... 5.60M
  2000K .......... .......... .......... .......... .......... 3.82M
  2050K .......... .......... .......... .......... .......... 1.03M
  2100K .......... .......... .......... .......... .......... 2.64M
  2150K .......... .......... .......... .......... ..........  736K
  2200K .......... .......... .......... .......... .......... 2.30M
  2250K .......... .......... .......... .......... ..........  708K
  2300K .......... .......... .......... .......... .......... 3.46M
  2350K .......... .......... .......... .......... ..........  741K
  2400K .......... .......... .......... .......... .......... 1.69M
  2450K .......... .......... .......... .......... ..........  771K
  2500K .......... .......... .......... .......... .......... 2.12M
  2550K .......... .......... .......... .......... ..........  797K
  2600K .......... .......... .......... .......... .......... 2.51M
  2650K .......... .......... .......... .......... ..........  778K
  2700K .......... .......... .......... .......... .......... 1.35M
  2750K .......... .......... .......... .......... .......... 1.15M
  2800K .......... .......... .......... .......... .......... 1.35M
  2850K .......... .......... .......... .......... ..........  482K
  2900K .......... .......... .......... .......... .......... 8.51M
  2950K .......... .......... .......... .......... .......... 1.01M
  3000K .......... .......... .......... .......... .......... 1.12M
  3050K .......... .......... .......... .......... .......... 1014K
  3100K .......... .......... .......... .......... ..........  881K
  3150K .......... .......... .......... .......... .......... 1.18M
  3200K .......... .......... .......... .......... ..........  659K
  3250K .......... .......... .......... .......... .......... 1.05M
  3300K .......... .......... .......... .......... .......... 1.18M
  3350K .......... .......... .......... .......... ..........  781K
  3400K .......... .......... .......... .......... ..........  967K
  3450K .......... .......... .......... .......... ..........  969K
  3500K .......... .......... .......... .......... ..........  765K
  3550K .......... .......... .......... .......... .......... 2.08M
  3600K .......... .......... .......... .......... ..........  745K
  3650K .......... .......... .......... .......... .......... 1.15M
  3700K .......... .......... .......... .......... .......... 1018K
  3750K .......... .......... .......... .......... ..........  807K
  3800K .......... .......... .......... .......... ..........  680K
  3850K .......... .......... .......... .......... .......... 1.86M
  3900K .......... .......... .......... .......... ..........  806K
  3950K .......... .......... .......... .......... .......... 1.61M
  4000K .......... .......... .......... .......... ..........  792K
  4050K .......... .......... .......... .......... .......... 1.03M
  4100K .......... .......... .......... .......... ..........  864K
  4150K .......... .......... .......... .......... .......... 1.03M
  4200K .......... .......... .......... .......... ..........  382K
  4250K .......... .......... .......... .......... .......... 3.99M
  4300K .......... .......... .......... .......... .......... 1.21M
  4350K .......... .......... .......... .......... .......... 1.23M
  4400K .......... .......... .......... .......... ..........  658K
  4450K .......... .......... .......... .......... ..........  679K
  4500K .......... .......... .......... .......... ..........  835K
  4550K .......... .......... .......... .......... ..........  838K
  4600K .......... .......... .......... .......... ..........  841K
  4650K .......... .......... .......... .......... ..........  666K
  4700K .......... .......... .......... .......... ..........  966K
  4750K .......... .......... .......... .......... ..........  971K
  4800K .......... .......... .......... .......... ..........  690K
  4850K .......... .......... .......... .......... ..........  660K
  4900K .......... .......... .......... .......... .......... 1.19M
  4950K .......... .......... .......... .......... ..........  842K
  5000K .......... .......... .......... .......... ..........  767K
  5050K .......... .......... .......... .......... .......... 1.04M
  5100K .......... .......... .......... .......... ..........  699K
  5150K .......... .......... .......... .......... ..........  695K
  5200K .......... .......... .......... .......... ..........  361K
  5250K .......... .......... .......... .......... .......... 8.38M
  5300K .......... .......... .......... .......... ..........  940K
  5350K .......... .......... .......... .......... ..........  606K
  5400K .......... .......... .......... .......... ..........  762K
  5450K .......... .......... .......... .......... ..........  633K
  5500K .......... .......... .......... .......... ..........  539K
  5550K .......... .......... .......... .......... ..........  755K
  5600K .......... .......... .......... .......... ..........  658K
  5650K .......... .......... .......... .......... ..........  700K
  5700K .......... .......... .......... .......... ..........  763K
  5750K .......... .......... .......... .......... ..........  620K
  5800K .......... .......... .......... .......... ..........  837K
  5850K .......... .......... .......... .......... ..........  606K
  5900K .......... .......... .......... .......... ..........  601K
  5950K .......... .......... .......... .......... ..........  852K
  6000K .......... .......... .......... .......... ..........  633K
  6050K .......... .......... .......... .......... ..........  764K
  6100K .......... .......... .......... .......... ..........  604K
  6150K .......... .......... .......... .......... ..........  656K
  6200K .......... .......... .......... .......... ..........  594K
  6250K .......... .......... .......... .......... ..........  664K
  6300K .......... .......... .......... .......... .......... 1.01M
  6350K .......... .......... .......... .......... ..........  625K
  6400K .......... .......... .......... .......... ..........  698K
  6450K .......... .......... .......... .......... ..........  517K
  6500K .......... .......... .......... .......... ..........  523K
  6550K .......... .......... .......... .......... ..........  635K
  6600K .......... .......... .......... .......... .......... 3.00M
  6650K .......... .......... .......... .......... ..........  564K
  6700K .......... .......... .......... .......... ..........  318K
  6750K .......... .......... .......... .......... ..........  613K
  6800K .......... .......... .......... .......... .......... 2.91M
  6850K .......... .......... .......... .......... ..........  583K
  6900K .......... .......... .......... .......... ..........  581K
  6950K .......... .......... .......... .......... ..........  584K
  7000K .......... .......... .......... .......... ..........  335K
  7050K .......... .......... .......... .......... .......... 2.18M
  7100K .......... .......... .......... .......... ..........  494K
  7150K .......... .......... .......... .......... ..........  560K
  7200K .......... .......... .......... .......... ..........  646K
  7250K .......... .......... .......... .......... ..........  593K
  7300K .......... .......... .......... .......... ..........  508K
  7350K .......... .......... .......... .......... ..........  335K
  7400K .......... .......... .......... .......... ..........  472K
  7450K .......... .......... .......... .......... ..........  468K
  7500K .......... .......... .......... .......... ..........  496K
  7550K .......... .......... .......... .......... ..........  558K
  7600K .......... .......... .......... .......... ..........  589K
  7650K .......... .......... .......... .......... ..........  329K
  7700K .......... .......... .......... .......... ..........  589K
  7750K .......... .......... .......... .......... ..........  584K
  7800K .......... .......... .......... .......... ..........  568K
  7850K .......... .......... .......... .......... ..........  246K
  7900K .......... .......... .......... .......... .......... 3.77M
  7950K .......... .......... .......... .......... ..........  310K
  8000K .......... .......... .......... .......... ..........  505K
  8050K .......... .......... .......... .......... ..........  336K
  8100K .......... .......... .......... .......... ..........  573K
  8150K .......... .......... .......... .......... ..........  467K
  8200K .......... .......... .......... .......... ..........  575K
  8250K .......... .......... .......... .......... ..........  427K
  8300K .......... .......... .......... .......... ..........  554K
  8350K .......... .......... .......... .......... ..........  378K
  8400K .......... .......... .......... .......... ..........  572K
  8450K .......... .......... .......... .......... ..........  599K
  8500K .......... .......... .......... .......... ..........  577K
  8550K .......... .......... .......... .......... ..........  582K
  8600K .......... .......... .......... .......... ..........  432K
  8650K .......... .......... .......... .......... ..........  485K
  8700K .......... .......... .......... .......... ..........  479K
  8750K .......... .......... .......... .......... ..........  336K
  8800K .......... .......... .......... .......... ...         544K=11s

2018-02-14 23:23:15 (769 KB/s) - `stable.tar.gz' saved [9056220]

Removing intermediate container 80c03e7191f0
 ---> c6b19a9cb7db
Step 6/15 : RUN tar -xzf "$chocoVersion.tar.gz"
 ---> Running in 0fba4b7e51c8
Removing intermediate container 0fba4b7e51c8
 ---> 10557282d313
Step 7/15 : WORKDIR /usr/local/src/choco/choco-$chocoVersion
Removing intermediate container 2d60f226de75
 ---> c72d3726345d
Step 8/15 : RUN chmod +x build.sh zip.sh
 ---> Running in 97773b2f975f
Removing intermediate container 97773b2f975f
 ---> 7e5a4d856b0b
Step 9/15 : RUN ./build.sh -v
 ---> Running in 687bab890ff6

BUILD FAILED

Mono 4.0 Profile (mono-4.0) is not installed, or not correctly configured.

    The 'System.dll' assembly does not exist in framework assembly directory '/usr/lib/pkgconfig/../../lib/mono/4.0'.

For more information regarding the cause of the build failure, run the build again in debug mode.

Try 'nant -help' for more information
The command '/bin/sh -c ./build.sh -v' returned a non-zero code: 1

5.4.1.6

$ docker build -t choco .
Sending build context to Docker daemon    214kB
Step 1/15 : FROM mono:5.4.1.6 as builder
 ---> 7d0f009c4132
Step 2/15 : ARG chocoVersion=stable
 ---> Using cache
 ---> 262ca06661d2
Step 3/15 : RUN apt-get update && apt-get install -y wget tar gzip
 ---> Using cache
 ---> f0e2d8f8ad6d
Step 4/15 : WORKDIR /usr/local/src/choco
 ---> Using cache
 ---> 8f9b6ffa327b
Step 5/15 : RUN wget -q "https://github.com/chocolatey/choco/archive/$chocoVersion.tar.gz"
 ---> Running in 1f3708d17911
Removing intermediate container 1f3708d17911
 ---> 3323c413e907
Step 6/15 : RUN tar -xzf "$chocoVersion.tar.gz"
 ---> Running in 7b0c503bf3aa
Removing intermediate container 7b0c503bf3aa
 ---> bb0fed01c0b3
Step 7/15 : WORKDIR /usr/local/src/choco/choco-$chocoVersion
Removing intermediate container 210cb9540742
 ---> 5bb4a385a091
Step 8/15 : RUN chmod +x build.sh zip.sh
 ---> Running in 633a4261b0dc
Removing intermediate container 633a4261b0dc
 ---> dd1b4aa00e6d
Step 9/15 : RUN ./build.sh -v
 ---> Running in 4fc7383dd8eb

BUILD FAILED

Mono 4.0 Profile (mono-4.0) is not installed, or not correctly configured.

    The 'System.dll' assembly does not exist in framework assembly directory '/usr/lib/pkgconfig/../../lib/mono/4.0'.

For more information regarding the cause of the build failure, run the build again in debug mode.

Try 'nant -help' for more information
The command '/bin/sh -c ./build.sh -v' returned a non-zero code: 1

up next

googling suggests that a parallel install is required: https://stackoverflow.com/a/33186948/20971. I'm going to try that out.

@petemounce
Copy link
Contributor Author

petemounce commented Feb 14, 2018
edited
Loading

I also found that the 3.x mono images were removed inside mono/docker@454d06e.

I wasn't able to make progress with a parallel install so far.

petemounce pushed a commit to petemounce/bazel that referenced this issue Feb 14, 2018
Fails for Linuturk/mono-choco#8 SSL error
6354c88
@petemounce petemounce mentioned this issue Feb 14, 2018
Closed
@Linuturk
Copy link
Owner

Linuturk commented Feb 14, 2018
edited
Loading

You'll be interested in this issue: chocolatey/choco#1020

I can't bump the mono version because choco won't build with anything newer than the version I have pinned.

They are pinning to 3.12.0 in their Travis builds: https://github.com/chocolatey/choco/blob/master/.travis.yml#L3

@ghost ghost mentioned this issue Feb 16, 2018
Closed
@Linuturk
Copy link
Owner

So, I just hit this same issue in an internal repo. I'm looking at a fix that might require moving away from alpine.

Linuturk added a commit that referenced this issue Feb 20, 2018
@Linuturk
Might correct the SSL cert issue in #8
eb29d35
@Linuturk
Copy link
Owner

Hey @petemounce,

This new container did correct the SSL certificate problems I was having internally. I see you've commented it didn't fix it on your end. I'm not sure what else we'd need to change to get it to work for you.

@pbar1
Copy link

pbar1 commented Aug 8, 2018

In the meantime, this works:

dotnet nuget push -k $CHOCO_API_KEY -s https://push.chocolatey.org/ example.nupkg

@rfay
Copy link
Contributor

rfay commented Sep 17, 2019
edited
Loading

I'm having this problem currently after having it work fine for a really long time:

$ docker run --rm -v $PWD:/tmp/chocolatey -w /tmp/chocolatey linuturk/mono-choco push -s https://push.chocolatey.org/ --api-key=mykey
Chocolatey v0.10.12.0
Directory 'opt/chocolatey/lib' does not exist.

Chocolatey is not an official build (bypassed with --allow-unofficial).
 If you are seeing this message and it is not expected, your system may
 now be in a bad state. Only official builds are to be trusted.

Attempting to push ddev.1.11.0-rc1.nupkg to https://push.chocolatey.org/
Error: TrustFailure (The authentication or decryption has failed.)

@rfay rfay mentioned this issue Sep 17, 2019
Merged
@rfay rfay mentioned this issue Sep 25, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@petemounce @rfay @Linuturk @pbar1