Note: I'm living in France and my ISP is Orange. I have IPv6 connectivity. On the first try, I reproduced the blog.python.org issue:
haypo@selma$ openssl s_client -connect blog.python.org -port 443 </dev/null 2>&1|tee log; grep -E 'Certificate chain|no peer certificate available' log (...) no peer certificate available But for python.org, it works for me: haypo@selma$ openssl s_client -connect python.org -port 443 </dev/null 2>&1|tee log; grep -E 'Certificate chain|no peer certificate available' log (...) Certificate chain The following command also works properly: $ curl -6 -v -I https://www.python.org/ (...) * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * Server certificate: * subject: CN=www.python.org,O=Python Software Foundation,L=Wolfeboro,ST=New Hampshire,C=US,postalCode=03894-4801,STREET=16 Allen Rd,serialNumber=3359300,incorporationState=Delaware,incorporationCountry=US,businessCategory=Private Organization (...) IPv6 traceroute to python.org: haypo@selma$ traceroute6 python.org traceroute to python.org (2001:4802:7901:0:e60a:1375:0:6), 30 hops max, 80 byte packets 1 2a01:cb1c:4af:5600:b2b2:8fff:fe9b:a9f0 (2a01:cb1c:4af:5600:b2b2:8fff:fe9b:a9f0) 6.061 ms 6.027 ms 6.017 ms 2 2a01cb08a004020d0193025300750016.ipv6.abo.wanadoo.fr (2a01:cb08:a004:20d:193:253:75:16) 17.206 ms 17.203 ms 17.196 ms 3 2a01:cfc4:0:1f00::a (2a01:cfc4:0:1f00::a) 19.962 ms 19.996 ms 19.989 ms 4 ae106-0.pastr3.paris03.opentransit.net (2a01:cfc4:0:2100::3) 29.762 ms 34.047 ms 34.048 ms 5 ae-26.r04.parsfr01.fr.bb.gin.ntt.net (2001:728:0:4000::6d) 37.070 ms 37.065 ms 37.055 ms 6 ae-2.r25.londen12.uk.bb.gin.ntt.net (2001:728:0:2000::181) 56.603 ms 35.463 ms 37.785 ms 7 ae-1.r24.londen12.uk.bb.gin.ntt.net (2001:728:0:2000::151) 37.780 ms 36.336 ms 36.339 ms 8 ae-5.r24.nycmny01.us.bb.gin.ntt.net (2001:418:0:2000::24d) 103.634 ms 103.594 ms 107.559 ms 9 ae-1.r25.nycmny01.us.bb.gin.ntt.net (2001:418:0:2000::27e) 107.512 ms 103.466 ms 103.459 ms 10 ae-9.r22.asbnva02.us.bb.gin.ntt.net (2001:418:0:2000::1fe) 114.485 ms 114.471 ms 114.457 ms 11 ae-1.r05.asbnva02.us.bb.gin.ntt.net (2001:418:0:2000::19) 120.910 ms 114.392 ms 102.718 ms 12 ae-0.a01.asbnva02.us.bb.gin.ntt.net (2001:418:0:2000::2cd) 108.669 ms ae-1.a01.asbnva02.us.bb.gin.ntt.net (2001:418:0:2000::2d1) 105.013 ms 103.748 ms 13 2001:418:0:5000::8ed (2001:418:0:5000::8ed) 103.643 ms 103.579 ms 103.567 ms 14 2001:4802:800:dc1:ca:: (2001:4802:800:dc1:ca::) 109.676 ms 109.709 ms 2001:4802:800:dc2:cb:: (2001:4802:800:dc2:cb::) 116.053 ms 15 2001:4802:800:dc2:ca::1 (2001:4802:800:dc2:ca::1) 112.816 ms 2001:4802:800:dc1:ca::1 (2001:4802:800:dc1:ca::1) 124.222 ms 2001:4802:800:dc2:ca::1 (2001:4802:800:dc2:ca::1) 120.993 ms 16 corea-core7.iad3.rackspace.net (2001:4802:800:ca:c7::1) 124.154 ms coreb-core7.iad3.rackspace.net (2001:4802:800:cb:c7::1) 118.295 ms corea-core7.iad3.rackspace.net (2001:4802:800:ca:c7::1) 120.946 ms 17 2001:4802:800:5000::403a:6 (2001:4802:800:5000::403a:6) 102.160 ms 102.134 ms 109.862 ms 18 2001:4802:7901:0:e60a:1375:0:6 (2001:4802:7901:0:e60a:1375:0:6) 105.901 ms 109.252 ms 105.737 ms IPv6 traceroute to blog.python.org: haypo@selma$ traceroute6 blog.python.org traceroute to blog.python.org (2a00:1450:4001:814::2013), 30 hops max, 80 byte packets 1 2a01:cb1c:4af:5600:b2b2:8fff:fe9b:a9f0 (2a01:cb1c:4af:5600:b2b2:8fff:fe9b:a9f0) 5.688 ms 5.575 ms 5.427 ms 2 2a01cb08a004020d0193025300750016.ipv6.abo.wanadoo.fr (2a01:cb08:a004:20d:193:253:75:16) 15.191 ms 15.223 ms 15.201 ms 3 2a01:cfc4:0:1f00::a (2a01:cfc4:0:1f00::a) 19.354 ms 19.375 ms 21.667 ms 4 ae102-0.marcr6.marseille03.opentransit.net (2a01:cfc4:0:2100::9) 21.655 ms 23.945 ms 23.974 ms 5 2001:4860:1:1::a4 (2001:4860:1:1::a4) 28.128 ms 2001:4860:1:1:0:1587:0:c (2001:4860:1:1:0:1587:0:c) 28.160 ms 2001:4860:1:1::a4 (2001:4860:1:1::a4) 28.137 ms 6 2001:4860::9:4001:c34 (2001:4860::9:4001:c34) 33.138 ms 15.627 ms 15.592 ms 7 2001:4860::9:4000:e392 (2001:4860::9:4000:e392) 32.223 ms 29.887 ms 2001:4860::9:4001:7bc (2001:4860::9:4001:7bc) 23.638 ms 8 2001:4860::8:0:cb95 (2001:4860::8:0:cb95) 32.209 ms 2001:4860::8:0:cb93 (2001:4860::8:0:cb93) 32.203 ms 34.571 ms 9 2001:4860::1:0:d0d8 (2001:4860::1:0:d0d8) 34.576 ms 2001:4860::1:0:d0d9 (2001:4860::1:0:d0d9) 34.567 ms 2001:4860::1:0:d0d8 (2001:4860::1:0:d0d8) 38.061 ms 10 2001:4860:0:11df::1 (2001:4860:0:11df::1) 38.049 ms * 2001:4860:0:1::1aad (2001:4860:0:1::1aad) 41.809 ms 11 fra15s11-in-x13.1e100.net (2a00:1450:4001:814::2013) 41.802 ms 44.339 ms 29.161 ms Victor 2017-11-16 15:26 GMT+01:00 Victor Stinner <victor.stin...@gmail.com>: > Hi, > >> * gnutls_handshake() failed: Error in the pull function. > > It looks more like a TLS issue rather than an IPv6 issue. It reminds > me a similar TLS issue on blog.python.org: > > "blog.python.org in HTTPS doesn't provide a server certificate?" > https://github.com/python/psf-infra-meta/issues/3 > > You may want to try the following command to get more information your > TLS issue: > > openssl s_client -connect blog.python.org -port 443 > > Look for "no peer certificate available" or "New, (NONE), Cipher is > (NONE)" in the output. > > Victor > > 2017-11-16 15:07 GMT+01:00 Antoine Pitrou <anto...@python.org>: >> >> Hello, >> >> I'm having IPv6 issues on *.python.org. Is anyone having the same >> issues or is it just me? Who should I report this to? >> >> $ curl -6 -v -I https://www.python.org/ >> * Trying 2a04:4e42:9::223... >> * Connected to www.python.org (2a04:4e42:9::223) port 443 (#0) >> * found 148 certificates in /etc/ssl/certs/ca-certificates.crt >> * found 604 certificates in /etc/ssl/certs >> * ALPN, offering http/1.1 >> * gnutls_handshake() failed: Error in the pull function. >> * Closing connection 0 >> curl: (35) gnutls_handshake() failed: Error in the pull function. >> >> >> Regards >> >> Antoine. >> _______________________________________________ >> python-committers mailing list >> python-committers@python.org >> https://mail.python.org/mailman/listinfo/python-committers >> Code of Conduct: https://www.python.org/psf/codeofconduct/ _______________________________________________ python-committers mailing list python-committers@python.org https://mail.python.org/mailman/listinfo/python-committers Code of Conduct: https://www.python.org/psf/codeofconduct/
