[Bug 1111882] Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received

Julian Andres Klode julian.klode at gmail.com
Wed Aug 16 18:09:23 UTC 2017 

While this does affect apt, there is no actionable item here, as we
can't switch to OpenSSL for legal reasons, and won't switch to another
more obscure TLS library. Fixing the GnuTLS bug is dealt with by the
gnutls task.

Curl and Git are not my topic.

** Changed in: apt (Ubuntu)
       Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/1111882

Title:
  GnuTLS recv error (-9): A TLS packet with unexpected length was
  received

Status in apt package in Ubuntu:
  Invalid
Status in curl package in Ubuntu:
  Invalid
Status in git package in Ubuntu:
  Confirmed
Status in gnutls26 package in Ubuntu:
  Confirmed

Bug description:
  On Precise 12.04 whilst attempting:

  GIT_CURL_VERBOSE=1 git clone -v https://git01.codeplex.com/typescript

  the operation fails after the final git pack-file has been received
  and the already-created repository is deleted from the file system.

  ...
  > POST /typescript/git-upload-pack HTTP/1.1
  User-Agent: git/1.8.1.2.433.g9808ce0.dirty
  Host: git01.codeplex.com
  Accept-Encoding: gzip
  Content-Type: application/x-git-upload-pack-request
  Accept: application/x-git-upload-pack-result
  Content-Length: 611

  * upload completely sent off: 611out of 611 bytes
  < HTTP/1.1 200 OK
  < Cache-Control: no-cache, max-age=0, must-revalidate
  < Pragma: no-cache
  < Content-Type: application/x-git-upload-pack-result
  < Expires: Fri, 01 Jan 1980 00:00:00 GMT
  < Server: Microsoft-IIS/7.5
  < X-Powered-By: ASP.NET
  < Date: Thu, 31 Jan 2013 21:43:55 GMT
  < Connection: close
  < 
  remote: Counting objects: 149766, done.
  remote: Compressing objects: 100% (10580/10580), done.
  * GnuTLS recv error (-9): A TLS packet with unexpected length was received.
  * Closing connection #0
  remote: Total 149766 (delta 138201), reused 149559 (delta 138077)
  Receiving objects: 100% (149766/149766), 198.98 MiB | 361 KiB/s, done.
  error: RPC failed; result=56, HTTP code = 200
  Resolving deltas: 100% (138201/138201), done.

  git exits at this point but it deletes the entire cloned ./typescript
  directory.

  I tried building the latest git binary and included an additional
  debug option in "http.c" that allowed me to set the protocol version
  using an environment option:

  CURLOPT_SSLVERSION=1 git clone ...

  where 1 = TLSv1, 2 = SSLv2, 3 = SSLv3.

  I tried each protocol but the result was the same.

  The knock-on bug here is that git ought not to delete what it has
  fetched - in this case more than 250MB of data.

  I did try to build the latest gnutls but it needs a very recent
  version of libnettle which has the "rsa_decrypt_tr" function. I
  stopped at that point since I don't want to get into dependency and
  library version issues.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1111882/+subscriptions

More information about the foundations-bugs mailing list