-
-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cargo Binstall breaks with Safing Portmaster running #1698
Comments
It receives timeout error when fetching https://static.crates.io/crates/onefetch/2.21.0/download, which is strange, because static.crates.io usually does not fail like this. It doesn't look like a dns thing, rather it's related to the tcp connection between binstall and static.crates.io server I suspect there's two possible causes:
@RayJW I suggest you re-running the command, to see that if you could reproduce that (reliably) |
I was able to reproduce this issue for days over multiple packages, different networks, and different machines. I think is definitely Binstall related since turning off Portmaster results in immediate success. |
Thanks, I suspect that it could be an issue related to reqwest or hyper. I suggest you to try if you could reproducing this problem, by using reqwest = { version = "0.12.4", features = [
"http2",
"stream",
"zstd",
"gzip",
"brotli",
"deflate",
"rustls-tls",
"rustls-tls-webpki-roots",
"rustls-tls-native-roots",
], default-features = false }
hickory-resolver = { version = "0.24.0", features = [
"dnssec-ring",
"dns-over-rustls",
"dns-over-https-rustls",
"dns-over-quic",
"dns-over-h3",
]
] }
[target."cfg(windows)".dependencies]
default-net = { version = "0.22.0", }
ipconfig = { version = "0.3.2", default-features = false } For hickory-dns, we have some custom workarounds on windows. Honestly, I don't think this is a hickory-dns issue, I think it's a reqwest or hyper issue and I think you can reproduce it without hickory-dns |
I built the binary with the options you mentioned added to the binstalk-downloader Cargo.toml. I did however leave the However the outcome looks mostly the same to me.
|
sorry we have some misunderstanding, I'm suggesting that this could be a hyper/reqwest bug, and @RayJW I recommended you to create a new crate, with the reqwest dependency: reqwest = { version = "0.12.4", features = [
"http2",
"stream",
"zstd",
"gzip",
"brotli",
"deflate",
"rustls-tls",
"rustls-tls-webpki-roots",
"rustls-tls-native-roots",
], default-features = false } and then use reqwest directly to download from https://static.crates.io/crates/onefetch/2.21.0/download , to see if you can reproduce this error. The features I enabled is same as the default feature set of cargo-binstall. |
Sorry, currently my development experience with Rust is rather limited, and I use Binstall mostly to download CLI tools that are distributed with Cargo. Could you perhaps give me some more guidance what exactly you would want me to do? |
@RayJW I've put up a cargo-script for you:
Please post the result of it here, I suspect there will be errors from reqwest #!/usr/bin/env cargo +nightly -Zscript
---
[dependencies]
reqwest = { version = "0.12.4", features = [
"http2",
"stream",
"zstd",
"gzip",
"brotli",
"deflate",
"rustls-tls",
"rustls-tls-webpki-roots",
"rustls-tls-native-roots",
], default-features = false }
tokio = { version = "1", features = ["rt-multi-thread", "macros"] }
---
#[tokio::main]
async fn main() {
reqwest::get("https://static.crates.io/crates/onefetch/2.21.0/download")
.await
.unwrap()
.error_for_status()
.unwrap()
.bytes()
.await
.unwrap();
} |
@NobodyXu I did have to add the -S option to the Shebang, otherwise it won't run extra flags. It seems that actually works fine, the output looks like this:
|
Thanks, so the error didn't occur. I wonder if the reqwest options we set in binstalk-downloader makes any difference, would update the script and post it here tomorrow. |
So, I did change the script to the following: #!/usr/bin/env -S cargo +nightly -Zscript
---
[dependencies]
reqwest = { version = "0.12.4", features = [
"http2",
"stream",
"zstd",
"gzip",
"brotli",
"deflate",
], default-features = false }
tokio = { version = "1", features = ["rt-multi-thread", "macros"] }
---
#[tokio::main]
async fn main() {
reqwest::get("https://static.crates.io/crates/onefetch/2.21.0/download")
.await
.unwrap()
.error_for_status()
.unwrap()
.bytes()
.await
.unwrap();
} which changes the output to this:
However, the output looks the same when I disable Portmaster, so maybe this isn't the problem after all. |
Yeah, that change just disabled HTTPS support entirely. |
So, I'm first reporting this issue here, because I think it's a problem with Binstall rather than Portmaster. All other applications work fine, and I tried disabling all Portmaster options for Binstall. On top of that, Portmaster isn't reporting any blocked connections, so I think it's some weird behaviour with DNS resolving in Binstall because the error is a rate limit rather than only a timeout or a resolve failure.
I've confirmed this issue on a Fedora 40 machine and an Ubuntu 22.04 machine on Binstall version 1.6.6. Both immediately start to work once Portmaster is disabled. Here is a log from trying to install the onefetch create with Binstall.
The text was updated successfully, but these errors were encountered: