** Tags added: arm64 plucky -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/2097692
Title: IPv6 TLS connection error/SSL_ERROR_SYSCALL in arm64 docker images Status in curl package in Ubuntu: New Bug description: Affected Ubuntu Version: Plucky Puffin/25.04 Affected Package Versions (tested and confirmed): 8.11.0-1ubuntu1 8.11.0-1ubuntu2 8.11.0-1ubuntu2 8.11.1-1ubuntu1 8.11.1-1ubuntu1 NOT Affected Package Versions (via force downgrade): 8.9.1-2ubuntu2.2 8.9.1-2ubuntu3 Affected Platforms: MacBook Pro 2021 (arm64) - Docker Desktop 4.38.0 (Docker 20.10.22, macOS 15.3) NOT Affected Platforms (tested and confirmed): Raspberry Pi 400 (arm64) - Ubuntu 25.04 (Native) Raspberry Pi 400 (arm64) - Docker 27.5.0 (running on Ubuntu 25.04) Input: curl https://launchpadlibrarian.net/763643707/curl_8.11.1-1ubuntu1_source.changes (can be anything with IPv6) Expected Result: Format: 1.8 Date: Sat, 14 Dec 2024 03:39:34 -0600 Source: curl ... Actual Result: curl: (35) TLS connect error: error:00000000:lib(0)::reason(0) Workaround: curl -4 https://launchpadlibrarian.net/763643707/curl_8.11.1-1ubuntu1_source.changes (forcing an IPv4 connection) Description: I have docker images that build using the development branch (ubuntu:devel) regularly, in addition to Noble (ubuntu:latest), for both amd64 and arm64. I recently noticed that curl was not working on the devel images, so I did some digging back, and found that they had been broken since November (an image from 2024-11-24, with no other changes than the curl version, works just fine, but 2024-11-25 is broken). The only packages that change from `dpkg-query -W -f='${Package} ${Version}\n'` are: curl 8.9.1-2ubuntu3 -> 8.11.0-1ubuntu2 libcurl3t64-gnutls 8.9.1-2ubuntu3 -> 8.11.0-1ubuntu2 libcurl4t64 8.9.1-2ubuntu3 -> 8.11.0-1ubuntu2 I tried testing on all released versions of 8.11, and all experienced the same issue. Downgrading the packages to 8.9.1 works to fix curl outright, but I dug a bit deeper. When using `curl -v` on 8.11, I get this output: * Host launchpadlibrarian.net:443 was resolved. * IPv6: 2620:2d:4000:1009::3b8, 2620:2d:4000:1009::13e * IPv4: 185.125.189.228, 185.125.189.229 * Trying [2620:2d:4000:1009::3b8]:443... * ALPN: curl offers h2,http/1.1 * TLSv1.3 (OUT), TLS handshake, Client hello (1): * CAfile: /etc/ssl/certs/ca-certificates.crt * CApath: /etc/ssl/certs * TLS connect error: error:00000000:lib(0)::reason(0) * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to launchpadlibrarian.net:443 * closing connection #0 curl: (35) TLS connect error: error:00000000:lib(0)::reason(0) This indicated to me an issue with the IPv6 connection, so I tried forcing IPv4 with `curl -4`, and lo and behold curl worked again. Running additionally with `curl -6` confirms IPv6 as the culprit of the bug. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/2097692/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
