Comments (11)
Looking at the rpki-client output:
rpki-client: https://rrdp.afrinic.net/notification.xml: connect: Connection refused
This error indicates that the connection to the proxy failed. What is the contents of your http_proxy env var?
The log from the proxy has no CONNECT rrdp.afrinic.net:443 HTTP/1.1
line. Which also indicates that the connection to the proxy failed.
Can you run rpki-client with something like strace and find the failing connect call?
I wonder why the 2nd connect failed.
Not much we can do about the issue in rsync, guess you need wait for a fixed rsync.
from rpki-client-portable.
I have compiled it myself now so I can run it outside the docker container. First I noticed that rpki-client uses the http_proxy environment setting, instead of the https_proxy setting for https connections.
but setting them both to
http_proxy=http://127.0.0.1:8888/
https_proxy=http://127.0.0.1:8888/
and then strace it shows that the incorrect port is being used for connecting to the proxy:
...
31277 socket(AF_INET, SOCK_STREAM|SOCK_NONBLOCK, IPPROTO_TCP) = 7
31277 connect(7, {sa_family=AF_INET, sin_port=htons(443), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 EINPROGRESS (Operation now in progress)
31277 poll([{fd=5, events=POLLIN}, {fd=7, events=POLLOUT}], 2, 15000) = 1 ([{fd=7, revents=POLLOUT|POLLERR|POLLHUP}])
31277 getsockopt(7, SOL_SOCKET, SO_ERROR, [ECONNREFUSED], [4]) = 0
...
I hope this helps.
from rpki-client-portable.
Can you give this patch a try? This should fix the problem with the proxyport settings.
from rpki-client-portable.
Yes, this indeed fixes the proxy issue! Thanks! Looking forward to 8.1 :)
from rpki-client-portable.
@cjeker, how far are we from 8.1? I'm also happy to simply add this fix to the container builds later (in case @BenCastricum refers to rpki/rpki-client:{latest,edge}
on Docker Hub and Red Hat Quay).
from rpki-client-portable.
I have no good answer right now. The fix is committed and should show up in rpki-client-openbsd soon.
So the latest -current builds should have the fix tomorrow. For a real release it may take longer.
from rpki-client-portable.
No need to rush things for me, We won't be using the rpki-client:edge container, but prefer a official tagged release. The edge container also still contains the bugged rsync version,
from rpki-client-portable.
I'm happy to push the fix also to rpki/rpki-client:8.0
which is currently rpki/rpki-client:latest
, if that helps?
from rpki-client-portable.
Then it would still not work 100% due to the rsync issues. We prefer an 8.1 container release with both issues fixed. That makes it clear to coworkers/staff that 8.0 is skipped due to bugs which are (hopefully) fixed in 8.1
from rpki-client-portable.
I'm working at https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/40669 to get a fixed rsync 3.2.7 into Alpine Linux 3.16.
Edit: It got merged and https://gitlab.alpinelinux.org/alpine/aports/-/commit/a2b5319e9212ae4b1fe3e87298114bc483160895 should hopefully lead to updated rsync package soon.
from rpki-client-portable.
As of writing, rpki/rpki-client:latest
, currently evaluating to rpki/rpki-client:8.0
, as well as rpki/rpki-client:edge
both ship the rpki-client bugfix as well as rsync 3.2.7. I'm personally using podman
locally, but commands should be substitutable with docker
:
$ podman pull rpki/rpki-client:latest
$ podman inspect rpki/rpki-client:latest | jq -r '.[0].Config.Labels."org.opencontainers.image.revision"'
a1eed1d6b27e874506e310848ba8384f947f0c57
from rpki-client-portable.
Related Issues (20)
- Issuer certificate not found even tough it is in cache `ta` folder HOT 5
- better documentation on metrics
- vis.c warning on debian HOT 1
- Nightly GitHub Action failure: undefined reference to `spl_read'
- Nightly GitHub Action failure HOT 2
- outformats patch misaligned HOT 2
- 7.9 - release HOT 2
- Nightly GitHub Action failure HOT 2
- Upload signing public key of rpki-client to keys.openpgp.org? HOT 2
- crash with unhandled entity type 7 HOT 6
- Geofeed validation doesn't seem to work correctly on Ubuntu 22.04.1 LTS - RPKI-client 8.2 HOT 2
- Updated rpki-client interval for crontab?
- Nightly GitHub Action failure HOT 1
- Add ARIN TAL to OpenBSD upstream repository? HOT 2
- Nightly GitHub Action failure HOT 1
- symbol collision between libcompat.a and libtls HOT 2
- Apparent lack of HOST_NAME_MAX on macOS? HOT 2
- GitHub Action failure: undefined reference to `inflate' HOT 1
- Nightly GitHub Action failure: implicit declaration of function 'arc4random_uniform' HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rpki-client-portable.