Dev version and https trackers

Suggestions and discussion of future versions
jeps
Leecher
Leecher
Posts: 80
Joined: Wed May 18, 2011 4:32 pm

Dev version and https trackers

Post by jeps »

Hi.

During my investigation of the

Code: Select all

https://forum.deluge-torrent.org/viewtopic.php?f=7&t=56122
I ran into another problem using the dev version(s).
When adding a Torrent from an https tracker, the certificate validation always failed.
When switching to the public version (2.0.5) the same Torrent on the same https tracker worked (the certificate handling worked).

Is that a known issue with the dev version?
both my dev and public Deluge is running Libtorrent 2.0.5.0.
mhertz
Moderator
Moderator
Posts: 2182
Joined: Wed Jan 22, 2014 5:05 am
Location: Denmark

Re: Dev version and https trackers

Post by mhertz »

I believe shouldn't be a dev-build-related issue, atleast not seen reported, or encountered myself neither.

I'm guessing you refer to doadin's dev-builds, so If you have time once, then could you kindly please test my dev-version also thanks, as if there's an issue with mine, then I'd like to know thanks - if having 7-zip you can just right-click installer and select extract to folder and run deluge.exe from there, and delete folder when finished testing - Same with doadin's btw, likewise deluge 1.3.x official, and all other NSIS installers. Mine will though show error when extracting because I include multiple libtorrent's etc, confusing 7z, so just select 'Yes to all' upon that error.

Anyway, all I know is that openssl for libtorrent works for https tracker authentication, and another openssl dll-pair likewise works for '_SSL' module from stdlib, e.g. used from yarss2 etc - I check these whenever making a build, as bitten from it in older times, and have checked this works likewise on doadin's build previously.

However, I don't know much about certificates and such generally e.g. the ssl option in deluge itself specifically, which have no clue about honestly, and never messed with, so maybe that is where your issue lies?

What I mean is that the extent of my checking is that if openssl not there or in wrong version/configuration, then when adding torrent with https tracker, then the tracker tab will state under status: 'Unsupported protocol' or something of that nature, whereas will state 'Announce OK' if working. Likewise when adding feed with yarss2, then will state under it's log-tab 'Unsupported protocol' and no matches returned, if not working - both of these aren't the case, as far I see here atleast.

Do you have any tips for reproducal and what's/where the error specifically? Preferably wiith public torrent/magnet, as have no private tracker accounts myself.

Thanks for reporting.
Cas
Top Bloke
Top Bloke
Posts: 3679
Joined: Mon Dec 07, 2009 6:04 am
Location: Scotland

Re: Dev version and https trackers

Post by Cas »

@jeps How did you install the dev version of Deluge and libtorrent?

The primary reason https trackers don't work is due to libtorrent not being build with or finding the openssl libs.
mhertz
Moderator
Moderator
Posts: 2182
Joined: Wed Jan 22, 2014 5:05 am
Location: Denmark

Re: Dev version and https trackers

Post by mhertz »

I feel so stupid, thought for some reason this was windows subforum, sorry for blabbing on off-topic, and glad Cas could provide useful feedback. Please disregard, and sorry again.

Edit: Maybe this, if libtorrent from pypi(and as regarding Linux), where I previously posted issue/solution under 'Edit' section of following post: viewtopic.php?p=234350#p234350

But then shouldn't change between stable and dev deluge, unless changing where libtorrent comes from in between, so maybe not that anyway, and just something I recalled maybe to be relevant. There's also another certificate issue referenced in beginning of linked post's thread btw.
jeps
Leecher
Leecher
Posts: 80
Joined: Wed May 18, 2011 4:32 pm

Re: Dev version and https trackers

Post by jeps »

Libtorrent install:

Code: Select all

sudo pip install libtorrent==2.0.*
Deluge install using Deluge's PPA.

So when changing version:
Remove all Deluge components, change repository and install Deluge.

The only way I can (sort of) getting https to work in the dev builds is by using ltConfig and disabling:
"validate_https_trackers"
Actually found this "solution" in a post by mhertz ;)

The above "solution" is a way of fooling one self, since you are ignoring the security risk (not using the security protection).
I have searched for a way to make this work.
So if my Linux version needs some tweaking to make up for the libtorrents short-coming please tell ...

PS.
I tried the version in your thread, mhertz, but for some reason none of your suggestions work in my setup.
Cas
Top Bloke
Top Bloke
Posts: 3679
Joined: Mon Dec 07, 2009 6:04 am
Location: Scotland

Re: Dev version and https trackers

Post by Cas »

I was able to replicate with the following random tracker https://tr.highstar.shop:443/announce added to a created torrent so it was as mhertz suggested the path to CA cert cannot be found for the PyPi libtorrent.

However I am surprised that the following would not work for you on Ubuntu:

Code: Select all

SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt deluge
An alternative would be to install certifi and use it's CA certs:

Code: Select all

sudo pip install certifi
SSL_CERT_FILE=$(python -c "import certifi; print(certifi.where())") deluge
I will discuss with libtorrent devs to come up with a solution to this. I know when building the wheels this was a known potential issue
jeps
Leecher
Leecher
Posts: 80
Joined: Wed May 18, 2011 4:32 pm

Re: Dev version and https trackers

Post by jeps »

I must have misunderstood what I was supposed to do in my previous attempts.
Missed that I was supposed to start deluged that way :o

This way of starting deluged makes https tracker work so that's nice.
Hope you come up with a solution.
mhertz
Moderator
Moderator
Posts: 2182
Joined: Wed Jan 22, 2014 5:05 am
Location: Denmark

Re: Dev version and https trackers

Post by mhertz »

You can export that env-var in one of your startup shell files, e.g .zprofile or whatever called in bash, or .bashrc/.zshrc/.xinitrc etc.

I'll try investigate and dissect what specific dev commit changes this behavior between dev and stable deluge, as reported here, or if even can replicate this distinction firstly myself, of-course, but will be later, as not time now.
mhertz
Moderator
Moderator
Posts: 2182
Joined: Wed Jan 22, 2014 5:05 am
Location: Denmark

Re: Dev version and https trackers

Post by mhertz »

Tested this on ubuntu, and there's no distinction regarding this, between deluge stable and dev, I.e both need workaround posted by Cas, and not just dev. Just wanted to make sure. Thanks Cas and jeps :) Should have reported myself previously maybe(libtorrent), but didn't because was known issue, as Cas stated.
jeps
Leecher
Leecher
Posts: 80
Joined: Wed May 18, 2011 4:32 pm

Re: Dev version and https trackers

Post by jeps »

Well, to be completely honest I am not sure I can confirm your findings, mhertz.

I am quite sure that when I changed from Deluge 2.0.5 to the latest dev build (without doing other changes) and back again, the https issue followed the dev build.

I did the switch between the 2 versions several times and was puzzled by this https issue.
The libtorrent version stayed unchanged during the switching (2.0.5.0)

I might supplement my informations with my setup:
Client part:
Windows server 2019
Deluge 2.1.0.dev59

Server:
Mint 20.2 (based on Ubuntu 20.04 LTS)
Libtorrent 2.0.5
Post Reply