there is no TLS stream available` using `http://` or `https://`

Question

there is no TLS stream available` using `http://` or `https://`

lytico opened this issue 4 years ago · 5 comments

Checks out repo OK using git:// protocol, but fails with error there is no TLS stream available using http:// or https:// protocols.

Reproduction steps

dotdevelop/dotdevelop#52 (comment)

or

run tests with http-checkout
see: https://github.com/dotdevelop/libgit2sharp/runs/1770928010?check_suite_focus=true

Expected behavior

Actual behavior

Version of LibGit2Sharp (release number or SHA1)

[3a544af]

Operating system(s) tested; .NET runtime tested

Arch

.NET Core SDK Version: 3.1.403

Answer 1 · 2021-02-13T17:06:17.000Z

Same behaviour No TLS Stream available confirmed on Mint and fedora.

Answer 2 · 2021-03-08T16:50:12.000Z

The error text "there is no TLS stream available" occurs only in libgit2/src/tls_stream.c -

int git_tls_stream_new(git_stream **out, const char *host, const char *port)
{
    if (tls_ctor)
        return tls_ctor(out, host, port);

    #ifdef GIT_SECURE_TRANSPORT
        return git_stransport_stream_new(out, host, port);
    #elif defined(GIT_OPENSSL)
        return git_openssl_stream_new(out, host, port);
   #else
        GIT_UNUSED(out);
        GIT_UNUSED(host);
        GIT_UNUSED(port);  

        giterr_set(GITERR_SSL, "there is no TLS stream available");
        return -1;
    #endif
}

the #ifdefs check compile-time constants GIT_SECURE_TRANSPORT and GIT_OPENSSL which are set by the first pass of cmake .. as it tests the build environment, so an error is set only if these constants are not defined. This suggests that VersionControl->Checkout is displaying the error message with http or https protocols not because of a bug but because libgit2sharp.nativebinaries are being built without them.

A dis-assembly of libgit2-6777db8.so confirms that there is no call to git_stransport_stream_new or git_open_ssl_stream_new in git_tls_stream_new.

I've not yet looked in detail into building the nuget package for LibGit2Sharp.Nativebinaries, and why (eg) GIT_OPENSSL is not being set by cmake at compile time. The openssl 1.1.1j-1 package is definitely on my machine, so I would expect it to be detected.

@lytico - any thoughts?

Answer 3 · 2021-03-12T11:43:38.000Z

cloning from https://github.com/libgit2/libgit2sharp/tree/master/ and making some changes,
most of the tests run: https://github.com/dotdevelop/libgit2sharp/actions/runs/646029208
at least no problem with there is no TLS stream available

branch: https://github.com/dotdevelop/libgit2sharp/tree/dd/repos/libgit2/master

so this proves the problem is NOT in LibGit2Sharp.Nativebinaries, cause the package version is the same.

i guess the critical parts are here:

https://github.com/dotdevelop/libgit2sharp/blob/dd/repos/libgit2/master/LibGit2Sharp/Core/NativeMethods.cs

and try adding

https://github.com/dotdevelop/libgit2sharp/blob/dd/repos/libgit2/master/LibGit2Sharp/Core/ManagedHttpSmartSubtransport.cs

maybe more changes are needed.

Answer 4 · 2021-03-12T12:57:24.000Z

merged some changes into https://github.com/dotdevelop/libgit2sharp/tree/dd/issues/2 , looks good:
https://github.com/dotdevelop/libgit2sharp/runs/2095054029

Answer 5 · 2021-03-12T16:32:26.000Z

solved, and in dotdevelop/dotdevelop