- changed milestone to 2020.3.0 release
SSL failure on macOS Sierra with misleading error message
When running the installer on our macOS "Sierra" system (macOS 10.12), I see the "Socket error" message at the bottom of this posting. This is with Apple's /usr/bin/python
(2.7.10) as the first python in my $PATH
.
The same error occurs with the current development version, with the URL in the error message being the only difference.
However, if I set UPCXX_PYTHON=/usr/local/bin/python
(or permute my $PATH
to put /usr/local/bin
first) then I get Python v2.7.16 from Homebrew and everything works.
Additionally, Apple's python on High Sierra (macOS 10.13) reports the same version (2.7.10) but does not show the problem
I am going to guess, based on past experience, that the problem is most likely related to which SSL protocols/ciphers supported by Apple's system libraries on macOS 10.12 (which are not used by Homebrew's build). If so, they are leading to a failed SSL setup which is (poorly) reported as EOF.
Assuming my hypothesis is correct, I think this indicates a need for more documentation regarding Python/SSL interactions. At a minimum, it would be helpful to indicate (in the message itself, or accompanying docs) that "Internet troubles" are sometimes a symptom of too-old SSL support.
The error message (yes, it appears twice):
Downloading https://gasnet.lbl.gov/EX/GASNet-2019.3.0.tar.gz
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Internet troubles.
Socket error "EOF occurred in violation of protocol (_ssl.c:590)" when attempting to download "https://gasnet.lbl.gov/EX/GASNet-2019.3.0.tar.gz".
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Internet troubles.
Socket error "EOF occurred in violation of protocol (_ssl.c:590)" when attempting to download "https://gasnet.lbl.gov/EX/GASNet-2019.3.0.tar.gz".
UPC++ Installation failed. Please report the entire log above to: upcxx@googlegroups.com
Comments (7)
-
-
reporter I would like to propose an alternative resolution to this issue in the upcoming 2019.9.0 release.
I want us to consider making the "offline" installer the default (and possibly only) download.
Such a change would have its own benefits, but in relation to this issue it would render SSL negotiation a moot point for anyone not settingGASNET
to an https URL.
Reactions? -
I would like to propose an alternative resolution to this issue in the upcoming 2019.9.0 release. I want us to consider making the "offline" installer the default (and possibly only) download.
I agree we should transition to the offline installer being the only tarball we package for the upcoming release. We'll need to discuss further what file naming convention to use moving forward.
However, the code implementing the online installer needs to remain functional and supported, as that's the mode users get when git cloning the public repo. This notably includes any users asked to validate bug fixes in the develop branch.
Assuming we resolve to follow-though with this plan, this issue can be downgraded in priority and/or closed as "won't fix".
-
reporter I am fine with a "won't fix" resolution on this issue, so long as we open a new one to cover the transition to offline installer as the only tarball. I will take care of that later today, or perhaps tomorrow, unless somebody beats me to it.
-
reporter As promised, the question of an offline installer as our only release tarball now has its own issue: https://bitbucket.org/berkeleylab/upcxx/issues/250
I am closing this issue as "wontfix"
-
reporter - changed status to wontfix
This has only been seem on a macOS that will reach informal EOL in a couple months, and shifting to releasing the offline installer as our main (or only) tarball should eliminate the problem for many end-users.
-
reporter Not only have we made a switch to offline installers, but the recent change in build infrastructure means the cases where a URL is fetched no longer use python to do so.
- Log in to comment
This issue was triaged at the 2019-07-24 Pagoda issue meeting and assigned a new milestone.