Fractal Softworks Forum

Please login or register.

Login with username, password and session length
Advanced search  
Pages: 1 ... 7 8 [9]

Author Topic: [0.9.1a] Version Checker v2.0b (released 2020-08-28)  (Read 184163 times)

Jaghaimo

  • Commander
  • ***
  • Posts: 128
    • View Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #120 on: August 29, 2020, 05:02:46 AM »

Yes, you can't follow redirection as both http and https bitbucket link will redirect to aws using https. You can change that uri  though (headers, location) and use http and make another connection and that one will not redirect.

Important bit:
Code
< location: https://bbuseruploads.s3.amazonaws.com/28f61879-1a03-4984-a85e-4721d4286f43/downloads/79d45eaa-fdc8-45e7-9796-9a8d9ede4912/radar.version?Signature=GmhGRelSLojFYEIIg3yPlzcxTK8%3D&Expires=1598704285&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=uDt_ok35kJmlLOHoxMLu0texPAGn.u3i&response-content-disposition=attachment%3B%20filename%3D%22radar.version%22

Changed to http:
Spoiler
Code
> curl --verbose http://bbuseruploads.s3.amazonaws.com/28f61879-1a03-4984-a85e-4721d4286f43/downloads/79d45eaa-fdc8-45e7-9796-9a8d9ede4912/radar.version\?Signature\=GmhGRelSLojFYEIIg3yPlzcxTK8%3D\&Expires\=1598704285\&AWSAccessKeyId\=AKIA6KOSE3BNJRRFUUX6\&versionId\=uDt_ok35kJmlLOHoxMLu0texPAGn.u3i\&response-content-disposition\=attachment%3B%20filename%3D%22radar.version%22
*   Trying 52.217.11.148:80...
* TCP_NODELAY set
* Connected to bbuseruploads.s3.amazonaws.com (52.217.11.148) port 80 (#0)
> GET /28f61879-1a03-4984-a85e-4721d4286f43/downloads/79d45eaa-fdc8-45e7-9796-9a8d9ede4912/radar.version?Signature=GmhGRelSLojFYEIIg3yPlzcxTK8%3D&Expires=1598704285&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=uDt_ok35kJmlLOHoxMLu0texPAGn.u3i&response-content-disposition=attachment%3B%20filename%3D%22radar.version%22 HTTP/1.1
> Host: bbuseruploads.s3.amazonaws.com
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< x-amz-id-2: CuF9LmZcBmR6w2ix43anMMe+Z5SxCJojsDIauKP9i2WfsFe7BdS+5gQ01UEH7eKhA+j/xmBDJMk=
< x-amz-request-id: 130523F0CE8AEA91
< Date: Sat, 29 Aug 2020 12:03:44 GMT
< Last-Modified: Wed, 01 Jul 2020 02:04:24 GMT
< ETag: "7890af3c0f67afae2b669f2ac33a1967"
< x-amz-version-id: uDt_ok35kJmlLOHoxMLu0texPAGn.u3i
< Content-Disposition: attachment; filename="radar.version"
< Accept-Ranges: bytes
< Content-Type: application/octet-stream
< Content-Length: 252
< Server: AmazonS3
<
{
    "masterVersionFile":"https://bitbucket.org/LazyWizard/common-radar/downloads/radar.version",
    "modName":"Common Radar",
    "modThreadId":7526,
    "modVersion":
    {
        "major":2,
        "minor":5,
        "patch":0
    }
}
* Connection #0 to host bbuseruploads.s3.amazonaws.com left intact
[close]
Full:
Spoiler
Code
> curl --verbose https://bitbucket.org/LazyWizard/common-radar/downloads/radar.version
*   Trying 18.205.93.2:443...
* TCP_NODELAY set
* Connected to bitbucket.org (18.205.93.2) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=Delaware; serialNumber=3928449; C=US; ST=California; L=San Francisco; O=Atlassian, Inc.; OU=Bitbucket; CN=bitbucket.org
*  start date: Mar 27 00:00:00 2020 GMT
*  expire date: May 23 12:00:00 2022 GMT
*  subjectAltName: host "bitbucket.org" matched cert's "bitbucket.org"
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 Extended Validation Server CA
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55571d6825f0)
> GET /LazyWizard/common-radar/downloads/radar.version HTTP/2
> Host: bitbucket.org
> user-agent: curl/7.68.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Connection state changed (MAX_CONCURRENT_STREAMS == 200)!
< HTTP/2 302
< content-security-policy-report-only: script-src 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' http: https: https://d301sr5gafysq2.cloudfront.net; style-src 'self' 'unsafe-inline' https://aui-cdn.atlassian.com https://d301sr5gafysq2.cloudfront.net; report-uri https://web-security-reports.services.atlassian.com/csp-report/bb-website; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *; connect-src bitbucket.org *.bitbucket.org bb-inf.net *.bb-inf.net analytics.atlassian.com as.atlassian.com api-private.stg.atlassian.com api-private.atlassian.com cofs.staging.public.atl-paas.net cofs.prod.public.atl-paas.net intake.opbeat.com api.media.atlassian.com api.segment.io xid.statuspage.io xid.atlassian.com xid.sourcetreeapp.com bam.nr-data.net sentry.io bqlf8qjztdtr.statuspage.io https://d301sr5gafysq2.cloudfront.net; object-src about:; base-uri 'self'
< server: nginx
< vary: Accept-Language, Cookie
< cache-control: max-age=900
< content-type: text/html; charset=utf-8
< x-b3-traceid: d1551ac921c40da9
< x-dc-location: ash2
< strict-transport-security: max-age=31536000; includeSubDomains; preload
< date: Sat, 29 Aug 2020 12:01:25 GMT
< location: https://bbuseruploads.s3.amazonaws.com/28f61879-1a03-4984-a85e-4721d4286f43/downloads/79d45eaa-fdc8-45e7-9796-9a8d9ede4912/radar.version?Signature=GmhGRelSLojFYEIIg3yPlzcxTK8%3D&Expires=1598704285&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=uDt_ok35kJmlLOHoxMLu0texPAGn.u3i&response-content-disposition=attachment%3B%20filename%3D%22radar.version%22
< x-served-by: app-3015
< expires: Sat, 29 Aug 2020 12:01:25 GMT
< content-language: en
< x-static-version: 08de812ccc5d
< x-content-type-options: nosniff
< x-render-time: 0.0785510540009
< x-request-count: 3371
< x-frame-options: SAMEORIGIN
< x-version: 08de812ccc5d
< dc-location: ash2
< x-cache-info: caching
< content-length: 0
<
* Connection #0 to host bitbucket.org left intact
[close]
« Last Edit: August 29, 2020, 05:06:22 AM by Jaghaimo »
Logged
Stellar Logistics - logistic services
Hyperspace Network - information services
Galactic Markets - economy services

LazyWizard

  • Global Moderator
  • Admiral
  • *****
  • Posts: 1324
    • View Profile
    • GitHub Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #121 on: August 29, 2020, 08:09:57 AM »

The problem isn't connecting to AWS over HTTPS - that still works just fine. The problem is getting the AWS URL in the first place as that requires connecting to Bitbucket over HTTPS, and Bitbucket no longer accepts any of the ciphers included with Starsector's JRE.


Querying a Bitbucket-hosted version file over HTTP returns a redirect to the exact same page except using HTTPS:
Spoiler
Code
curl --verbose http://bitbucket.org/LazyWizard/common-radar/downloads/radar.version
*   Trying 18.205.93.0...
* TCP_NODELAY set
* Connected to bitbucket.org (18.205.93.0) port 80 (#0)
> GET /LazyWizard/common-radar/downloads/radar.version HTTP/1.1
> Host: bitbucket.org
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Content-Type: text/html
< Date: Sat, 29 Aug 2020 14:26:56 GMT
< Location: https://bitbucket.org/LazyWizard/common-radar/downloads/radar.version
< Connection: Keep-Alive
< Content-Length: 0
<
* Connection #0 to host bitbucket.org left intact
[close]


And attempting to connect via HTTPS without the required ciphers fails to make it past the handshake, so no data is exchanged:
Spoiler
Code
curl --verbose https://bitbucket.org/LazyWizard/common-radar/downloads/radar.version --tlsv1.2 --ciphers
ECDHE-ECDSA-AES128-SHA256
*   Trying 18.205.93.2...
* TCP_NODELAY set
* Connected to bitbucket.org (18.205.93.2) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ECDHE-ECDSA-AES128-SHA256
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS alert, Server hello (2):
* error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
* stopped the pause stream!
* Closing connection 0
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
[close]


Neither of those options will result in the AWS URL we need to progress.
Logged

Jaghaimo

  • Commander
  • ***
  • Posts: 128
    • View Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #122 on: August 29, 2020, 08:19:06 AM »

My bad, I see it now - for some reason I was sure http bitbucket just redirected to https aws...

It looks like some supported ciphers (eg. aes*_gcm) were added to Java 7 update 191 (this is a commercial build, as public latest build is on update 80): https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8200684

FYI Starsector is using update 79:
Code
java version "1.7.0_79"
Java(TM) SE Runtime Environment (build 1.7.0_79-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode)

Also (for science) I replaced Starsectors bundled jre with 1.8 and version checker worked with bitbucket fine (duh, pretty obvious). The game warns about weird crashes and corrupted saves, so not planning to use that.
« Last Edit: August 29, 2020, 08:38:32 AM by Jaghaimo »
Logged
Stellar Logistics - logistic services
Hyperspace Network - information services
Galactic Markets - economy services

LazyWizard

  • Global Moderator
  • Admiral
  • *****
  • Posts: 1324
    • View Profile
    • GitHub Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #123 on: August 29, 2020, 10:51:33 AM »

My bad, I see it now - for some reason I was sure http bitbucket just redirected to https aws...
Not a problem. Well, except for getting my hopes up that there was some obvious solution I was missing that'd instantly solve all of my problems. You monster.


Also (for science) I replaced Starsectors bundled jre with 1.8 and version checker worked with bitbucket fine (duh, pretty obvious). The game warns about weird crashes and corrupted saves, so not planning to use that.
Yeah, it usually runs fine in 8 but those warnings are there for good reason. For a brief period Starsector shipped with JRE 8, but a subset of players encountered performance and crashing problems and Alex had to revert back to JRE 7. It's a shame. The improvements in Java 8 represent probably the single biggest leap in usability and quality of life of any single Java update I can remember.

I've tried running the game with a bunch of different JREs. I've never personally encountered any problems with 8 (though I recognize I'm just lucky on that front), but 11 has problems due to the game's obfuscation and running Starsector requires disabling class validation (the perfect example of a bad idea). Other JVMs I've tried all either had terrible performance problems (J9) or don't run at all (OpenJDK 13+). So it seems we're stuck with Java 7 for the foreseeable future.
« Last Edit: August 29, 2020, 10:53:36 AM by LazyWizard »
Logged

Jaghaimo

  • Commander
  • ***
  • Posts: 128
    • View Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #124 on: August 29, 2020, 12:24:21 PM »

So there is a project called Bouncy Castle, and they do provide builds for 1.7, and they do have implementation of ciphers still in use by Bitbucket:

Supported ciphers: https://bitbucket.org/blog/update-to-supported-cipher-suites-in-bitbucket-cloud

One of the supported ciphers (probably all supported will be there): https://www.bouncycastle.org/docs/tlsdocs1.5on/org/bouncycastle/tls/CipherSuite.html#TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384

Now the question is, is it worth bundling it with Version Checker just for Bitbucket?
Logged
Stellar Logistics - logistic services
Hyperspace Network - information services
Galactic Markets - economy services

LazyWizard

  • Global Moderator
  • Admiral
  • *****
  • Posts: 1324
    • View Profile
    • GitHub Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #125 on: August 29, 2020, 05:59:55 PM »

It's not. I didn't mention it by name, but bundling Bouncy Castle to add support for the newer ciphers was one of the first things I tried after getting the bug report. It won't work out of the box due to mod classloader restrictions - the end user would have to manually modify their vmparams to bypass this restriction. This is how the mod used to work (the IO classes needed to make an internet connection used to be blocked), but users hated it and I'd rather not return to those days.
Logged

Worachot

  • Ensign
  • *
  • Posts: 36
    • View Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #126 on: September 05, 2020, 01:33:06 PM »

i am getting allot of failed to load stuff.
36 of my 48 mods get this error

https://gfycat.com/FancyHandsomeAnt
Logged

Xobra

  • Lieutenant
  • **
  • Posts: 63
    • View Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #127 on: September 05, 2020, 01:46:05 PM »

i am getting allot of failed to load stuff.
36 of my 48 mods get this error

https://gfycat.com/FancyHandsomeAnt

It's not this Mods fault; Bitbucket (another Website) changed a few things, making Mods that rely on that site for Version Checking fail; those respective mods need to change it and migrate to another site
Logged

Worachot

  • Ensign
  • *
  • Posts: 36
    • View Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #128 on: September 06, 2020, 03:38:11 AM »

i am getting allot of failed to load stuff.
36 of my 48 mods get this error

https://gfycat.com/FancyHandsomeAnt

It's not this Mods fault; Bitbucket (another Website) changed a few things, making Mods that rely on that site for Version Checking fail; those respective mods need to change it and migrate to another site

Alright, thanks!

so i just need to wait then i guess ^^
Logged

Jaghaimo

  • Commander
  • ***
  • Posts: 128
    • View Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #129 on: September 06, 2020, 02:14:25 PM »

The latest version still triggers SSL warning, as Starsector's version (file you host, url is hardcoded in source code) is still hosted in Bitbucket.

Edit: I see you updated it on 08-29, but latest link is still for 08-28 build.
« Last Edit: September 06, 2020, 02:16:22 PM by Jaghaimo »
Logged
Stellar Logistics - logistic services
Hyperspace Network - information services
Galactic Markets - economy services

LazyWizard

  • Global Moderator
  • Admiral
  • *****
  • Posts: 1324
    • View Profile
    • GitHub Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #130 on: September 14, 2020, 04:56:44 AM »

The latest version still triggers SSL warning, as Starsector's version (file you host, url is hardcoded in source code) is still hosted in Bitbucket.

Edit: I see you updated it on 08-29, but latest link is still for 08-28 build.

Are you sure you updated? The 2.0b build linked in the OP checks the GitHub vanilla.txt URL, not Bitbucket's.
Logged

Offensive_Name

  • Lieutenant
  • **
  • Posts: 61
    • View Profile
    • Email
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #131 on: October 09, 2020, 10:07:33 PM »

So I haven't played starsector since last year. I hopped on my old save to see what was going on and noticed all the errors from version checker, however when I looked in my mod folders version checker wasn't there. Also when I grabbed the new update it did not fix the errors. It's been a long time, is version checker not installed in the mod folder?
Logged

LazyWizard

  • Global Moderator
  • Admiral
  • *****
  • Posts: 1324
    • View Profile
    • GitHub Profile
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #132 on: October 09, 2020, 10:48:56 PM »

Nexerelin includes a bundled version of Version Checker. As for the errors, the simple version is that it's due to Bitbucket (one of the most popular hosts for version files) dropping support for the version of Java that comes with Starsector, making it unable to connect to that site. It's something that has to be fixed on each individual mod authors end, and unfortunately the errors won't go away until you've downloaded an updated version of each mod (and a few mod authors don't plan to release an update until after the next version of Starsector comes out, so their mods will continue to show errors for the rest of 0.9.1a's lifespan).

I'll put out a VC update that ignores mods hosted on Bitbucket soon. That'll at least solve the error spam, but you still wouldn't be able to see when updates are available for any affected mods since your local copy will be pointing at the old URL. You'll have to check their forum threads for updates manually.

TL;DR: Bitbucket = borked, and anything hosted on Bitbucket requires manual update checks like the old days.
« Last Edit: October 09, 2020, 11:02:16 PM by LazyWizard »
Logged

Offensive_Name

  • Lieutenant
  • **
  • Posts: 61
    • View Profile
    • Email
Re: [0.9.1a] Version Checker v2.0b (released 2020-08-28)
« Reply #133 on: October 09, 2020, 11:07:59 PM »

Thanks for letting me know that nexerelin includes the mod and I am not going insane. Looks like I am off to do some good old fashioned update searching.
Logged
Pages: 1 ... 7 8 [9]