Pkg: unable to connect to sa.pkg.julialang.org

cirobr · December 5, 2022, 8:19pm

Cheers,

I’m having this issue under Julia 1.8.2. A clean Julia install has not been able to solve it.

(@v1.8) pkg> up
┌ Warning: could not download https://pkg.julialang.org/registries
│   exception = HTTP/2 301 (Failed to connect to sa.pkg.julialang.org port 443 after 27 ms: Connection refused) while requesting https://pkg.julialang.org/registries
└ @ Pkg.Registry /cache/build/default-amdci4-6/julialang/julia-release-1-dot-8/usr/share/julia/stdlib/v1.8/Pkg/src/Registry/Registry.jl:68
    Updating registry at `~/.julia/registries/General`
Unhandled Task ERROR: IOError: FDWatcher: bad file descriptor (EBADF)
Stacktrace:
 [1] try_yieldto(undo::typeof(Base.ensure_rescheduled))
   @ Base ./task.jl:871
 [2] wait()
   @ Base ./task.jl:931
 [3] wait(c::Base.GenericCondition{Base.Threads.SpinLock})
   @ Base ./condition.jl:124
 [4] _wait(fdw::FileWatching._FDWatcher, mask::FileWatching.FDEvent)
   @ FileWatching ~/packages/julias/julia-1.8/share/julia/stdlib/v1.8/FileWatching/src/FileWatching.jl:535
 [5] wait(fdw::FileWatching.FDWatcher)
   @ FileWatching ~/packages/julias/julia-1.8/share/julia/stdlib/v1.8/FileWatching/src/FileWatching.jl:563
 [6] macro expansion
   @ ~/packages/julias/julia-1.8/share/julia/stdlib/v1.8/Downloads/src/Curl/Multi.jl:166 [inlined]
 [7] (::Downloads.Curl.var"#40#46"{Int32, FileWatching.FDWatcher, Downloads.Curl.Multi})()
   @ Downloads.Curl ./task.jl:484
    Updating git-repo `https://github.com/JuliaRegistries/General.git`
  No Changes to `~/.julia/environments/v1.8/Project.toml`
  No Changes to `~/.julia/environments/v1.8/Manifest.toml`
[ Info: We haven't cleaned this depot up for a bit, running Pkg.gc()...
      Active manifest files: 1 found
      Active artifact files: 0 found
      Active scratchspaces: 0 found
     Deleted no artifacts, repos, packages or scratchspaces

(@v1.8) pkg>

StefanKarpinski · December 5, 2022, 8:27pm

Are you able to download https://pkg.julialang.org/registries in the browser or using curl on the command line, e.g. with curl -L https://pkg.julialang.org/registries.

cirobr · December 5, 2022, 8:49pm

No, I can’t. By the way, issue is being observed since last Sunday on three different computers, each one under very distinct network installation.

(base) ciro@pc-ciro:~$ curl -L https://pkg.julialang.org/registries
curl: (7) Failed to connect to sa.pkg.julialang.org port 443: Connection refused
(base) ciro@pc-ciro:~$

StefanKarpinski · December 5, 2022, 8:57pm

Confirmed that sa.pkg.julialang.org is not allowing connections. I’ve moved this to a new topic since it’s an unrelated issue. That server may be having issues.

cirobr · December 5, 2022, 10:05pm

Server is back. Thanks.

StefanKarpinski · December 6, 2022, 3:26am

Yep, I pinged @staticfloat and he fixed it. Full disk. Thanks for the report!

Cloves_Almeida · March 8, 2023, 5:20pm

Just to let know sa.pkg.julialang.org seems to be dead again. @staticfloat

(@v1.9) pkg> up Revise
┌ Warning: could not download https://pkg.julialang.org/registries
│   exception = RequestError: HTTP/2 301 (Could not resolve host: sa.pkg.julialang.org) while requesting https://pkg.julialang.org/registries

Looks like DNS issue. Output from dig

➜ dig sa.pkg.julialang.org

; <<>> DiG 9.16.1-Ubuntu <<>> sa.pkg.julialang.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 58241
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;sa.pkg.julialang.org.          IN      A

;; Query time: 1630 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Mar 08 14:19:53 -03 2023
;; MSG SIZE  rcvd: 49

ogoid · March 12, 2023, 11:00pm

I’m having the same issue right now. Seems to be only with sa.pkg.julialang.org; other domains, like us-west.pkg.julialang.org, are working fine.

StefanKarpinski · March 13, 2023, 3:35am

@staticfloat ^

staticfloat · March 13, 2023, 7:47pm

Hmmm, I’m not having the issue. When you have this issue, can you please show the output of the following:

$ dig @1.1.1.1 sa.pkg.julialang.org
$ curl -vL https://sa.pkg.julialang.org/meta

ogoid · April 22, 2023, 1:30pm

@staticfloat, sorry for the long delay. I just saw your reply today, as I came back because I’m having the same issue again.

user@hostname ~ [60]> dig @1.1.1.1 sa.pkg.julialang.org

; <<>> DiG 9.18.13 <<>> @1.1.1.1 sa.pkg.julialang.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17250
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;sa.pkg.julialang.org.		IN	A

;; ANSWER SECTION:
sa.pkg.julialang.org.	1799	IN	CNAME	pkgserver-sa.ip.cflo.at.
pkgserver-sa.ip.cflo.at. 3600	IN	A	15.228.68.108

;; Query time: 380 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Sat Apr 22 10:27:35 -03 2023
;; MSG SIZE  rcvd: 102

user@hostname ~> curl -vL https://sa.pkg.julialang.org/meta
*   Trying 52.90.48.121:443...
* Connected to sa.pkg.julialang.org (52.90.48.121) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: none
*  CApath: /var/cache/ca-certs/anchors
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=us-east.pkg.julialang.org
*  start date: Mar  5 16:17:08 2023 GMT
*  expire date: Jun  3 16:17:07 2023 GMT
*  subjectAltName does not match sa.pkg.julialang.org
* SSL: no alternative certificate subject name matches target host name 'sa.pkg.julialang.org'
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):
curl: (60) SSL: no alternative certificate subject name matches target host name 'sa.pkg.julialang.org'
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

For some reason curl is not resolving the domain to the same server? My system/router resolver seems to be pointing to the correct address:

user@hostname ~> nslookup sa.pkg.julialang.org
Server:		192.168.15.1
Address:	192.168.15.1#53

Non-authoritative answer:
sa.pkg.julialang.org	canonical name = pkgserver-sa.ip.cflo.at.
Name:	pkgserver-sa.ip.cflo.at
Address: 15.228.68.108

staticfloat · April 22, 2023, 4:34pm

Are you certain you haven’t done something like overridden the resolver in /etc/hosts or similar?

ogoid · April 22, 2023, 5:48pm

Oh, yeah! This is the old address I’ve set in /etc/hosts previously when the domain was failing to resolve. Removing the line fixed the issue.

Sorry for disturbing you.