Deluge 2.0 console ui error adding torrent

[cinderblock63]

I have a script that worked very reliably with deluge 1.3.15. It spawned a simple cli call:

Code: Select all

deluge-console "connect localhost user passwd ; add 'https://domain/file.torrent'"

Now, with Deluge 2.0.3, I'm getting an error when I run the command.

deluge-console Error

Code: Select all

17:32:15 [ERROR   ][deluge.ui.client                                      :169 ] RPCError Message Received!
--------------------------------------------------------------------------------
RPCRequest: core.add_torrent_url(https://domain/file.torrent, {})
--------------------------------------------------------------------------------
ResponseNeverReceived
[<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')]>]: Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/deluge/core/rpcserver.py", line 347, in on_fail
    failure.raiseException()
  File "/usr/lib/python3/dist-packages/twisted/python/failure.py", line 385, in raiseException
    raise self.value.with_traceback(self.tb)
twisted.web._newclient.ResponseNeverReceived: [<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')]>]

--------------------------------------------------------------------------------
Torrent was not added: [Failure instance: Traceback (failure with no frames): <class 'deluge.error.WrappedException'>: [<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')]>]
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/deluge/core/rpcserver.py", line 347, in on_fail
    failure.raiseException()
  File "/usr/lib/python3/dist-packages/twisted/python/failure.py", line 385, in raiseException
    raise self.value.with_traceback(self.tb)
twisted.web._newclient.ResponseNeverReceived: [<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')]>]

]

deluged Error

Code: Select all

17:50:00 [INFO    ][deluge.core.rpcserver         :171 ] Deluge Client connection made from: 127.0.0.1:38902
17:50:00 [INFO    ][deluge.core.core              :532 ] Attempting to add url https://domain/file.torrent
17:50:00 [INFO    ][twisted                       :154 ] Starting factory _HTTP11ClientFactory(<function HTTPConnectionPool._newConnection.<locals>.quiescentCallback at 0x7f4bdea2aea0>, <twisted.internet.endpoints._WrapperEndpoint object at 0x7f4be4024978>)
17:50:00 [WARNING ][deluge.httpdownloader         :315 ] Error occurred downloading file from "https://domain/file.torrent": [<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')]>]
17:50:00 [ERROR   ][deluge.core.core              :546 ] Failed to add torrent from url https://domain/file.torrent
17:50:00 [WARNING ][deluge.core.rpcserver         :242 ] An exception occurred while sending RPC_ERROR to client. Wrapping it and resending. Error to send(causing exception goes next):
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/deluge/core/rpcserver.py", line 347, in on_fail
    failure.raiseException()
  File "/usr/lib/python3/dist-packages/twisted/python/failure.py", line 385, in raiseException
    raise self.value.with_traceback(self.tb)
twisted.web._newclient.ResponseNeverReceived: [<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')]>]
17:50:00 [INFO    ][twisted                       :154 ] Stopping factory _HTTP11ClientFactory(<function HTTPConnectionPool._newConnection.<locals>.quiescentCallback at 0x7f4bdea2aea0>, <twisted.internet.endpoints._WrapperEndpoint object at 0x7f4be4024978>)
17:50:00 [INFO    ][deluge.core.rpcserver         :197 ] Deluge client disconnected: Connection to the other side was lost in a non-clean fashion: Connection lost.
Unhandled error in Deferred:
17:50:02 [CRITICAL][twisted                       :154 ] Unhandled error in Deferred:
17:50:02 [CRITICAL][deluge.log                    :93  ] twisted.internet.defer
[Failure instance: Traceback (failure with no frames): <class 'twisted.web._newclient.ResponseNeverReceived'>: [<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')]>]
]

I have verified that I can download the torrent directly with wget.

I can verify SSL on the target server is working as expected. This produces no error:

Code: Select all

openssl s_client -connect domain:443 -servername domain < /dev/null

Relevant certificate technical details:

Code: Select all

issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA384
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 2785 bytes and written 392 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 384 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)

I have also verified that the daemon can download this URL normally: it works as expected if I use a remote GTK UI to add a torrent via URL.

Possibly of interest, there is a repeating warning on the daemon logs that starts after adding a torrent:

Code: Select all

17:55:06 [WARNING ][deluge.core.torrentmanager    :1617] on_alert_performance: video.mkv: performance warning: max outstanding piece requests reached, outstanding_request_limit_reached
17:55:08 [WARNING ][deluge.core.torrentmanager    :1617] on_alert_performance: video.mkv: performance warning: max outstanding piece requests reached, outstanding_request_limit_reached

Does the RPC system somehow use different certificate verification when downloading?

Possible Solution/Related Posting

https://stackoverflow.com/questions/348 ... sion-1-0-4

[cinderblock63]

Sorry to bump but I've been banging my head against the wall about this for a bit now. Any ideas on even how else I might debug this would be greatly appreciated.

[cinderblock63]

I'm still chasing this issue :-/

Some other projects have had a bunch of trouble with this 'sslv3 alert handshake failure' error. It looks like it's some sort of problem with some dependencies. Possibly dependencies that use an old version of OpenSSL...

I'm using the official deluge ppa to install deluged... Maybe I need to try from source?

[toastie64]

Hi All,

I'm getting an SSL: SSLV3_ALERT_HANDSHAKE_FAILURE error when using the RSS FEED YaRRS2. I am using a Raspberry Pi 4 with deluge 1.3.15 and python version 2.7. With YaRSS2-1.3.1-py2.7.egg.

I was able to get the RSS FEED working with other HTTP sites but not HTTPS. When looking over the logs I see it is erroring out here:
https://zoink.ch/torrent/The.Price.Is.R ... 65-MeGusta[eztv.re].mkv.torrent Exception: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:727)

When I ran an :
openssl s_client -connect zoink.ch:443

I get the same error on another computer in my network. It looks like to me because it is a .torrent it doesn't have a certificate:
CONNECTED(00000005)
140545343623616:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.cSSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 293 bytes
Verification: OK


Is there a way to allow invalid certificates ? Or add an exception for this site?

Thank you!