컬이 필요한 파일을 다운로드하지 않습니다

tag-icon tag-icon centos
컬이 필요한 파일을 다운로드하지 않습니다

GitLab의 bash 스크립트를 다운로드할 수 없습니다. 그러나 브라우저에서 링크를 열 수는 있습니다.

이 문제를 어떻게 해결할 수 있나요?

[root@localhost ~]# curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:39 --:--:--     0

네트워크 관련 문제인가요?

편집하다:

[root@localhost ~]# curl -v https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* About to connect() to packages.gitlab.com port 443 (#0)
*   Trying 54.153.54.194...
* Connected to packages.gitlab.com (54.153.54.194) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
  0     0    0     0    0     0      0      0 --:--:--  0:02:00 --:--:--     0* NSS error -5961 (PR_CONNECT_RESET_ERROR)
* TCP connection reset by peer
  0     0    0     0    0     0      0      0 --:--:--  0:02:01 --:--:--     0
* Closing connection 0
curl: (35) TCP connection reset by peer

편집 2:

[root@localhost ~]# openssl s_client -connect packages.gitlab.com:443 -state -nbio
CONNECTED(00000003)
turning on non blocking io
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A
write R BLOCK
^C
[root@localhost ~]#

편집 3:

[root@localhost ~]# wget  https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
--2018-08-31 06:09:29--  https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh
Resolving packages.gitlab.com (packages.gitlab.com)... 54.153.54.194
Connecting to packages.gitlab.com (packages.gitlab.com)|54.153.54.194|:443... connected.
^C
[root@localhost ~]# clock
Fri 31 Aug 2018 06:13:51 AM EDT  -0.850009 seconds

편집 4:

 [root@localhost ~]# curl -v --tlsv1 https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                  Dload  Upload   Total   Spent    Left  Speed
   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* About to connect() to packages.gitlab.com port 443 (#0)
 *   Trying 54.153.54.194...
 * Connected to packages.gitlab.com (54.153.54.194) port 443 (#0)
 * Initializing NSS with certpath: sql:/etc/pki/nssdb
 *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
   CApath: none
   0     0    0     0    0     0      0      0 --:--:--  0:02:00 --:--:--     0* NSS error -5961 (PR_CONNECT_RESET_ERROR)
 * TCP connection reset by peer
   0     0    0     0    0     0      0      0 --:--:--  0:02:01 --:--:--     0
 * Closing connection 0
 curl: (35) TCP connection reset by peer
 [root@localhost ~]# curl -v --tlsv1.1 https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                  Dload  Upload   Total   Spent    Left  Speed
   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* About to connect() to packages.gitlab.com port 443 (#0)
 *   Trying 54.153.54.194...
 * Connected to packages.gitlab.com (54.153.54.194) port 443 (#0)
 * Initializing NSS with certpath: sql:/etc/pki/nssdb
 *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
   CApath: none
   0     0    0     0    0     0      0      0 --:--:--  0:02:00 --:--:--     0* NSS error -5961 (PR_CONNECT_RESET_ERROR)
 * TCP connection reset by peer
   0     0    0     0    0     0      0      0 --:--:--  0:02:01 --:--:--     0
 * Closing connection 0
 curl: (35) TCP connection reset by peer
 [root@localhost ~]# curl -v --tlsv1.2 https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                  Dload  Upload   Total   Spent    Left  Speed
   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* About to connect() to packages.gitlab.com port 443 (#0)
 *   Trying 54.153.54.194...
 * Connected to packages.gitlab.com (54.153.54.194) port 443 (#0)
 * Initializing NSS with certpath: sql:/etc/pki/nssdb
 *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
   CApath: none
   0     0    0     0    0     0      0      0 --:--:--  0:02:00 --:--:--     0* NSS error -5961 (PR_CONNECT_RESET_ERROR)
 * TCP connection reset by peer
   0     0    0     0    0     0      0      0 --:--:--  0:02:01 --:--:--     0
 * Closing connection 0
 curl: (35) TCP connection reset by peer
 [root@localhost ~]#

답변1

발견된 문제는 MSS/MTU와 관련이 있었습니다. 이 문제를 해결하려면 라우터에서 mss 값을 1452로 조정해야 합니다. 이제 모든 사용자/서버에는 이 문제가 발생하지 않습니다.

답변2

요점은 Gitlab이 어떤 환경에서도 sslv2 및 sslv3을 지원하지 않는다는 것입니다(참조:Qualys SSL 검사 보고서Gitlab의 구성 > 프로토콜). 귀하의 컬, openssl 및 wget 버전이 오래된 프로토콜을 사용하여 서버에 연결을 시도하고 있습니다.

curl클라이언트가 대신 TLS를 사용하도록 강제할 수 있는 경우 . 다음 옵션을 시도해 보세요.

--tlsv1
--tlsv1.1
--tlsv1.2
--sslv2 # this will not work on Gitlab
--sslv3 # this will not work on Gitlab

귀하의 운영 체제가 오래되었거나 구식이라고 가정합니다. 시스템을 업데이트해야 합니다.

관련 정보