unofficial mirror of help-gnu-emacs@gnu.org
 help / color / mirror / Atom feed
* EWW problems with SNI https sites?
@ 2019-07-11  8:50 Hideki Saito
  2019-07-11  9:31 ` Colin Baxter
       [not found] ` <mailman.898.1562835105.2688.help-gnu-emacs@gnu.org>
  0 siblings, 2 replies; 7+ messages in thread
From: Hideki Saito @ 2019-07-11  8:50 UTC (permalink / raw)
  To: help-gnu-emacs

Hello,
I'm having a bit of problem with EWW accessing some sites under Windows,
namely, some sites returning "400 Bad Request" -- the reason being "The
plain HTTP request was sent to HTTPS port"

This seems to affect a lot of CloudFlare hosted sites. But even without
CloudFlare, this seems to be affecting SNI (Server Name Indication -- ones
without dedicated IP address) hosts as well.

Here's the pattern I'm seeing:
1) https://www.hidekisaito.com (CloudFlare) -- doesn't work
2) https://hidekisaito.com (SNI) -- doesn't work
3) https://duckduckgo.com -- works
4) https://twitter.com -- works
5) https://helpa.hidekisaito.com (SNI) -- doesn't work (due to the
maintenance, the site might be down for next few hours.

I have my personal ELPA site on #5 site, and this seems to be causing
issue; M-x list-package fails with the same error, M-x
package-refresh-content somehow successfully fetch the list. (But doesn't
help as fetching and installing the package would fail with 400 Bad Request)

I can live with eww not working, but it's painful that list-package doesn't
work. Do you happen to know if there are anyways to force list-package (and
package download) to use the method used by package-refresh-content?

Please let me know if this is something I should be reporting as a bug.

Thank you.

Hideki Saito (斉藤英樹)


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: EWW problems with SNI https sites?
  2019-07-11  8:50 EWW problems with SNI https sites? Hideki Saito
@ 2019-07-11  9:31 ` Colin Baxter
  2019-07-11 12:53   ` Eli Zaretskii
       [not found] ` <mailman.898.1562835105.2688.help-gnu-emacs@gnu.org>
  1 sibling, 1 reply; 7+ messages in thread
From: Colin Baxter @ 2019-07-11  9:31 UTC (permalink / raw)
  To: Hideki Saito; +Cc: help-gnu-emacs

Dear Hideki,
>>>>> Hideki Saito <hidekis@gmail.com> writes:

    > Hello, I'm having a bit of problem with EWW accessing some sites
    > under Windows, namely, some sites returning "400 Bad Request" --
    > the reason being "The plain HTTP request was sent to HTTPS port"

    > This seems to affect a lot of CloudFlare hosted sites. But even
    > without CloudFlare, this seems to be affecting SNI (Server Name
    > Indication -- ones without dedicated IP address) hosts as well.

    > Here's the pattern I'm seeing: 1) https://www.hidekisaito.com
    > (CloudFlare) -- doesn't work 2) https://hidekisaito.com (SNI) --
    > doesn't work 3) https://duckduckgo.com -- works 4)
    > https://twitter.com -- works 5) https://helpa.hidekisaito.com
    > (SNI) -- doesn't work (due to the maintenance, the site might be
    > down for next few hours.

It looks like a MS Windows issue because these sites work fine with eww
under linux. Have you tried emacs-w3m?

Best wishes,

-- 
Colin Baxter



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: EWW problems with SNI https sites?
  2019-07-11  9:31 ` Colin Baxter
@ 2019-07-11 12:53   ` Eli Zaretskii
  0 siblings, 0 replies; 7+ messages in thread
From: Eli Zaretskii @ 2019-07-11 12:53 UTC (permalink / raw)
  To: help-gnu-emacs

> From: Colin Baxter <m43cap@yandex.com>
> Date: Thu, 11 Jul 2019 10:31:11 +0100
> Cc: , help-gnu-emacs@gnu.org
> 
> >>>>> Hideki Saito <hidekis@gmail.com> writes:
> 
>     > Hello, I'm having a bit of problem with EWW accessing some sites
>     > under Windows, namely, some sites returning "400 Bad Request" --
>     > the reason being "The plain HTTP request was sent to HTTPS port"
> 
>     > This seems to affect a lot of CloudFlare hosted sites. But even
>     > without CloudFlare, this seems to be affecting SNI (Server Name
>     > Indication -- ones without dedicated IP address) hosts as well.
> 
>     > Here's the pattern I'm seeing: 1) https://www.hidekisaito.com
>     > (CloudFlare) -- doesn't work 2) https://hidekisaito.com (SNI) --
>     > doesn't work 3) https://duckduckgo.com -- works 4)
>     > https://twitter.com -- works 5) https://helpa.hidekisaito.com
>     > (SNI) -- doesn't work (due to the maintenance, the site might be
>     > down for next few hours.
> 
> It looks like a MS Windows issue because these sites work fine with eww
> under linux. Have you tried emacs-w3m?

They all work for me on Windows, so this is not an issue with Emacs on
Windows, it's probably local to OP's system or maybe the network
setup.

What version of Emacs is the one where it doesn't work?



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: EWW problems with SNI https sites?
       [not found] ` <mailman.898.1562835105.2688.help-gnu-emacs@gnu.org>
@ 2019-07-11 13:28   ` Lars Magne Ingebrigtsen
  2019-07-13  5:03     ` Hideki Saito
  0 siblings, 1 reply; 7+ messages in thread
From: Lars Magne Ingebrigtsen @ 2019-07-11 13:28 UTC (permalink / raw)
  To: Hideki Saito; +Cc: help-gnu-emacs

Hideki Saito <hidekis@gmail.com> writes:

> I'm having a bit of problem with EWW accessing some sites under Windows,
> namely, some sites returning "400 Bad Request" -- the reason being "The
> plain HTTP request was sent to HTTPS port"

What Emacs version are you using?  Emacs 26 should have SNI support.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: EWW problems with SNI https sites?
  2019-07-11 13:28   ` Lars Magne Ingebrigtsen
@ 2019-07-13  5:03     ` Hideki Saito
  2019-07-14  5:24       ` Hideki Saito
  0 siblings, 1 reply; 7+ messages in thread
From: Hideki Saito @ 2019-07-13  5:03 UTC (permalink / raw)
  To: Lars Magne Ingebrigtsen; +Cc: help-gnu-emacs

It's 26.2.
I will see if there are any other variables that might make a difference...

Hideki Saito (斉藤英樹)


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: EWW problems with SNI https sites?
  2019-07-13  5:03     ` Hideki Saito
@ 2019-07-14  5:24       ` Hideki Saito
  2019-07-15 10:28         ` Robert Pluim
  0 siblings, 1 reply; 7+ messages in thread
From: Hideki Saito @ 2019-07-14  5:24 UTC (permalink / raw)
  To: help-gnu-emacs

I think I've figured out pattern, although I'm not still sure what's going
on.
This probably is not really related with SNI, but related to IPv6 --
perhaps there's some incompatibility with the way Windows IPv6 stack
handles thing; if I disable IPv6, I'm not seeing this is happening. (And
this seems to be Windows specific issue as this does not happen on Linux on
the same network.)

For the same reason, other places like https://wikipedia.org also fails.
(Where it resolves to IPv6.)
Anyone encountering similar issue and any workaround? (Unfortunately I
can't really disable IPv6 as I'm relying certain things for it. Wondering
if there's a way to disable IPv6 just for Emacs...)

Hideki Saito (斉藤英樹)


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: EWW problems with SNI https sites?
  2019-07-14  5:24       ` Hideki Saito
@ 2019-07-15 10:28         ` Robert Pluim
  0 siblings, 0 replies; 7+ messages in thread
From: Robert Pluim @ 2019-07-15 10:28 UTC (permalink / raw)
  To: Hideki Saito; +Cc: help-gnu-emacs

>>>>> On Sat, 13 Jul 2019 22:24:40 -0700, Hideki Saito <hidekis@gmail.com> said:

    Hideki> I think I've figured out pattern, although I'm not still sure what's going
    Hideki> on.
    Hideki> This probably is not really related with SNI, but related to IPv6 --
    Hideki> perhaps there's some incompatibility with the way Windows IPv6 stack
    Hideki> handles thing; if I disable IPv6, I'm not seeing this is happening. (And
    Hideki> this seems to be Windows specific issue as this does not happen on Linux on
    Hideki> the same network.)

    Hideki> For the same reason, other places like https://wikipedia.org also fails.
    Hideki> (Where it resolves to IPv6.)
    Hideki> Anyone encountering similar issue and any workaround? (Unfortunately I
    Hideki> can't really disable IPv6 as I'm relying certain things for it. Wondering
    Hideki> if there's a way to disable IPv6 just for Emacs...)

Based on your original report of the error message "The plain HTTP
request was sent to HTTPS port", this is an issue Emacs has with
falling back from IP address A + TLS to IP address B + TLS, which
tends to manifest itself when the DNS response for a host returns an
IPv6 address, but that address is not actually reachable over IPv6.

I have a potential fix which I can send you as a patch, assuming you
can rebuild emacs.

Robert



^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2019-07-15 10:28 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-07-11  8:50 EWW problems with SNI https sites? Hideki Saito
2019-07-11  9:31 ` Colin Baxter
2019-07-11 12:53   ` Eli Zaretskii
     [not found] ` <mailman.898.1562835105.2688.help-gnu-emacs@gnu.org>
2019-07-11 13:28   ` Lars Magne Ingebrigtsen
2019-07-13  5:03     ` Hideki Saito
2019-07-14  5:24       ` Hideki Saito
2019-07-15 10:28         ` Robert Pluim

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).