Comments (12)
@vzapo sorry for the late reply.
I checked the logs and noticed that !aotw
command is crashing RABot and it's starting again thanks to supervisorctl
. (who was the dumb/lazy developer who didn't code the damn .catch()
callback? 😇 )
Here's the log message:
{
"level": "error",
"time": "Sat Jan 04 2020 12:54:09 GMT+0000 (UTC)",
"pid": 13577,
"hostname": "retroachievements.org",
"message": "request to https://retroachievements.org/ failed, reason: write EPROTO 139780479150976:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1544:SSL alert number 40\n",
"type": "system",
"errno": "EPROTO",
"code": "EPROTO",
"msg": "request to https://retroachievements.org/ failed, reason: write EPROTO 139780479150976:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1544:SSL alert number 40\n",
"stack": "FetchError: request to https://retroachievements.org/ failed, reason: write EPROTO 139780479150976:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1544:SSL alert number 40\n\n at ClientRequest.<anonymous> (/srv/discord-bot/node_modules/node-fetch/lib/index.js:1455:11)\n at emitOne (events.js:116:13)\n at ClientRequest.emit (events.js:211:7)\n at TLSSocket.socketErrorListener (_http_client.js:387:9)\n at emitOne (events.js:116:13)\n at TLSSocket.emit (events.js:211:7)\n at onwriteError (_stream_writable.js:418:12)\n at onwrite (_stream_writable.js:440:5)\n at _destroy (internal/streams/destroy.js:39:7)\n at TLSSocket.Socket._destroy (net.js:574:3)",
"v": 1
}
making the "stack" property more readable:
FetchError: request to https://retroachievements.org/ failed, reason: write EPROTO 139780479150976:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1544:SSL alert number 40
at ClientRequest.<anonymous> (/srv/discord-bot/node_modules/node-fetch/lib/index.js:1455:11)
at emitOne (events.js:116:13)
at ClientRequest.emit (events.js:211:7)
at TLSSocket.socketErrorListener (_http_client.js:387:9)
at emitOne (events.js:116:13)
at TLSSocket.emit (events.js:211:7)
at onwriteError (_stream_writable.js:418:12)
at onwrite (_stream_writable.js:440:5)
at _destroy (internal/streams/destroy.js:39:7)
at TLSSocket.Socket._destroy (net.js:574:3)
Alright, something related to SSL and such, but curiously it only happens in production. I'm unable to reproduce locally.
I'm still investigating it.
from rabot.
noticed the same behavior for !whatcheevo command, and added the .catch()
to avoid it crashing the bot.
luchaos said he'll check if it's really a SSL certificate issue.
from rabot.
Looks like it's related to the nginx ssl setting ssl_ecdh_curve secp384r1;
which causes issues with node 8 (?) I adjusted the nginx webserver to also allow prime256v1
. See http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ecdh_curve
Please try again and let me know if that changed anything.
Out of curiosity - is that the only instance where https is used? As that problem should probably occur more often if the site is scraped or its API used.
The quickest solution to this problem would be to use http - which is still supported (to my dismay). But i'd rather have it use https instead to be future proof - as the whole server might go https-only some day.
from rabot.
great news @luchaos the issue is no more,that fixed it. !aotw
works now as expected.
I haven't seen this issue on other commands, but will keep an eye.
Also is there a reason not to upgrade to a newer node version? at least 10 or the 12? node 12 has tls.1.3 and also private class fields :)
from rabot.
@meleu apparently this is working now. Is it still an issue somewhere or the ticket can be closed? 👍
from rabot.
I've just tested on #botspam channel and it's not working.
curiously it works fine on my "dev" version, though. 🤔
from rabot.
I've seen on #botspam what your saying and yes it appears to be somehow broken... . I'll try and take another look
from rabot.
@meleu is it possible to get some production logs to investigate !aotw
command more? Can't seem to reproduce any error from local and maybe there's something useful in there...
If you can digup the logs from #botspam channel on 2019/01/02 at 19:07PM GMT:
RABotBOTToday at 7:07 PM
@zapo, :hourglass: Getting AotW info, please wait...
or some newer example would be greatful.
from rabot.
The SSL issue won't be reproducible on local and unfortunately I had not come across an issue like this before but from what I've momentary understand from that error log is the certificate that the request makes to retroachievements.org does not match hence error.
I'm not sure but this might help a bit: https://stackoverflow.com/questions/36370656/solving-sslv3-alert-handshake-failure-when-trying-to-use-a-client-certificate
from rabot.
In an effort to harden security on the server, old protocols and their cipher suites have been disabled for secure connections to https://retroachievements.org.
Going by the log output above it looks like node tries to connect with a sslv3 handshake, while this is not available anymore (only tls1.2 and tls1.3 at the time of writing).
I'll try to figure out what has to be done so that node fetch uses the tls method instead - any hint is appreciated. My node-fu is not that strong.
from rabot.
Upgraded - node 12 is available on the server now :) Thanks for the heads up!
Doing that was on my todo list for quite some time now anyways as node 8 reached its EOL.
from rabot.
Thanks guys!
Closing this issue.
from rabot.
Related Issues (20)
- Hub related info in !gan command HOT 1
- Upgrade to sapphirejs HOT 1
- Value to Time Command HOT 2
- Features list ? HOT 1
- RABot is not accepting new entries for !memefacts HOT 3
- define a Coding Style HOT 5
- Simplify !rules command HOT 5
- meme board moderation HOT 2
- Mem command reading leaderboards
- Calc command can't use comma HOT 1
- Automated Voting Options
- Translating Cheat Codes into Memory Addresses HOT 1
- Command: Memory Difference
- Feature Request - Commands for Tickets HOT 3
- !mem command improvement HOT 2
- [suggestion] identify number of random !meme
- Gan-Command autofills Name HOT 2
- !tweetnewset - generate an image to announce a new set on twitter
- Auto-Publish for Announcement Channels HOT 1
- Role and nickname preservation after rejoining server
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rabot.