[Bug 1928100] Re: TLS handshake is fatal, not transient - hence not retried

Launchpad Bug Tracker 1928100 at bugs.launchpad.net
Thu Jul 8 15:29:50 UTC 2021 

This bug was fixed in the package apt - 2.2.4ubuntu0.1

---------------
apt (2.2.4ubuntu0.1) hirsute; urgency=medium

  * Merge 2.2.4 from Debian unstable
  * Extend the JSON hook fixes with support for version 0.2 (LP: #1926150)
    - json: Add origins fields to version
    - upgrade: Add JSON hook support (AptCli::Hooks::Upgrade)
    - json: Add `package-list` and `statistics` install hooks
    - json: Hook protocol 0.2 (added upgrade,downgrade,reinstall modes)

apt (2.2.4) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Various bugfixes to the JSON hooks:
    - encoder fixes:
      + json: Escape strings using \u escape sequences, add test
      + json: Actually pop states
      + json: Encode NULL strings as null
    - json: Flush standard file descriptors before calling hooks
      (this avoids output from hooks in middle of apt output)
    - Non-installed JSON changes:
      + test/json: Make the test hook more reliable
      + Fix a typo in json-hooks-protocol.md (thanks to Brian Murray)
  * Avoid infinite loop on EOF on media change prompt (LP: #1928687)
  * Turn TLS handshake issues into transient errors (LP: #1928100),
    this makes behavior consistent with TCP and enables Acquire::Retries
  * policy: Apply phasing to uninstalled packages too (LP: #1925745),
    this prevents inconsistencies when installing new binaries that depend
    on the same version of an already installed binary.

  [ David Kalnischkies ]
  * URI encode Filename field of Packages files (again). This fixes a
    regression introduced in 2.1.15 that causes download failures of
    packages with an epoch included in their filename (LP: #1931874).

 -- Julian Andres Klode <juliank at ubuntu.com>  Mon, 14 Jun 2021 16:27:40
+0200

** Changed in: apt (Ubuntu Hirsute)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1928100

Title:
  TLS handshake is fatal, not transient - hence not retried

Status in apt package in Ubuntu:
  Fix Released
Status in apt source package in Hirsute:
  Fix Released

Bug description:
  [Impact]
  TLS handshakes are reported as fatal errors rather than transient errors like other connection errors on unencrypted connections. This seems wrong - a server may just be spinning up or down and fail during the handshake, and prevents retrying such downloads

  [Test plan]

  A test case has been added to the integration test suite that ensures
  handshake errors are retried upon configuration.

  [Where problems could occur]
  Transient errors do not cause an error exit from apt update, so scripts relying on errors from TLS handshakes in such situations will fail.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1928100/+subscriptions

More information about the foundations-bugs mailing list