forgejo-contrib/forgejo-cli
20
407
Fork
You've already forked forgejo-cli
51

support TLS v1.3-only forgejo instances #557

Open
opened 2026年07月09日 13:26:46 +02:00 by ds-cbo · 3 comments

Expected Behavior

fj should work on Forgejo instances behind TLS v1.3-only proxies

Actual Behavior

% fj repo view
Error: error sending request for url (###)
Caused by:
 0: client error (Connect)
 1: bad protocol version
Location:
 src/repo.rs:1556:16

recompiling without ?'ing into eyre::Result and just adding .unwrap() at src/repo.rs:1556:

% RUST_BACKTRACE=1 ~/vendor/forgejo-cli/target/release/fj repo view
thread 'main' (1451536) panicked at src/repo.rs:1556:62:
called `Result::unwrap()` on an `Err` value: ReqwestError(reqwest::Error { kind: Request, url: "###", source: hyper_util::client::legacy::Error(Connect, Error { code: -9836, message: "bad protocol version" }) })
stack backtrace:
 0: __rustc::rust_begin_unwind
 1: core::panicking::panic_fmt
 2: core::result::unwrap_failed
 3: fj::repo::view_repo::{{closure}}
 4: fj::repo::RepoCommand::run::{{closure}}
 5: fj::Command::run::{{closure}}
 6: fj::main::{{closure}}
 7: fj::main

Steps to Reproduce

Configure a Forgejo instance behind a TLS 1.3-only proxy (f.ex. with nginx ssl_protocols TLSv1.3;) , then try fj repo view

I have tried reqwest/default-tls, reqwest/rustls-tls and reqwest/native-tls features through forgejo-api but none of them fix this issue. I am guessing the "legacy" in hyper_util::client::legacy::Error explains why, but I'm not sure who calls for that.

fj Version

% ~/vendor/forgejo-cli/target/release/fj version --verbose
fj v0.5.0
user agent: forgejo-cli/0.5.0 (https://codeberg.org/forgejo-contrib/forgejo-cli/)
build type: from source
 target: aarch64-apple-darwin

Forgejo Version

v15.0

Code of Conduct

  • I agree to act in accordance with the CoC & AI Agreement.
  • This issue was not generated by an LLM, even in part.
### Expected Behavior `fj` should work on Forgejo instances behind TLS v1.3-only proxies ### Actual Behavior ``` % fj repo view Error: error sending request for url (###) Caused by: 0: client error (Connect) 1: bad protocol version Location: src/repo.rs:1556:16 ``` recompiling without `?`'ing into `eyre::Result` and just adding `.unwrap()` at `src/repo.rs:1556`: ``` % RUST_BACKTRACE=1 ~/vendor/forgejo-cli/target/release/fj repo view thread 'main' (1451536) panicked at src/repo.rs:1556:62: called `Result::unwrap()` on an `Err` value: ReqwestError(reqwest::Error { kind: Request, url: "###", source: hyper_util::client::legacy::Error(Connect, Error { code: -9836, message: "bad protocol version" }) }) stack backtrace: 0: __rustc::rust_begin_unwind 1: core::panicking::panic_fmt 2: core::result::unwrap_failed 3: fj::repo::view_repo::{{closure}} 4: fj::repo::RepoCommand::run::{{closure}} 5: fj::Command::run::{{closure}} 6: fj::main::{{closure}} 7: fj::main ``` ### Steps to Reproduce Configure a Forgejo instance behind a TLS 1.3-only proxy (f.ex. with nginx `ssl_protocols TLSv1.3;`) , then try `fj repo view` I have tried `reqwest/default-tls`, `reqwest/rustls-tls` and `reqwest/native-tls` features through forgejo-api but none of them fix this issue. I am guessing the "legacy" in `hyper_util::client::legacy::Error` explains why, but I'm not sure who calls for that. ### `fj` Version ``` % ~/vendor/forgejo-cli/target/release/fj version --verbose fj v0.5.0 user agent: forgejo-cli/0.5.0 (https://codeberg.org/forgejo-contrib/forgejo-cli/) build type: from source target: aarch64-apple-darwin ``` ### Forgejo Version v15.0 ### Code of Conduct - [x] I agree to act in accordance with the CoC & AI Agreement. - [x] This issue was not generated by an LLM, even in part.
Contributor
Copy link

That looks like it should be reported to the reqwest repo. forgjo-api constructs the client with only the user agent and default headers explicitly configured. No explicit handling of TLS, outside of feature selection

That looks like it should be reported to the [reqwest repo](https://github.com/seanmonstar/reqwest/tree/master). `forgjo-api` constructs the client with only the user agent and default headers explicitly configured. No explicit handling of TLS, outside of feature selection
Contributor
Copy link

But out of curiosity, can you try setting the version of reqwest to the latest available one? 0.13.4, to be precise. Might be a problem, that has already been resolved

But out of curiosity, can you try setting the version of `reqwest` to the latest available one? `0.13.4`, to be precise. Might be a problem, that has already been resolved
Author
Copy link

Bumping reqwest to 0.13.4 did indeed fix this issue, but it also causes some tests to fail, I'll see if those are easy to fix and then I'll send a PR. Thanks

Bumping reqwest to 0.13.4 did indeed fix this issue, but it also causes some tests to fail, I'll see if those are easy to fix and then I'll send a PR. Thanks
Sign in to join this conversation.
No Branch/Tag specified
main
renovate/comrak-0.x
renovate/uuid-1.x-lockfile
renovate/lock-file-maintenance
docs/contributing
no-port-in-refspec
login/v16.next.forgejo.org
crates-io-publish
0.5.x
compile-time-fluent
0.4.x
localization-alias-demo
api_url_field
v0.5.0
v0.4.1
v0.4.0
v0.3.0
v0.2.0
v0.1.1
v0.1.0
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels
Kind/Breaking
Breaking change that won't be backward compatible
Kind/Bug
Something is not working
Kind/Design
Discussion about UI/UX design
Kind/Documentation
Documentation changes
Kind/Enhancement
Improve existing functionality
Kind/Feature
New functionality
Kind/Security
This is security issue
Kind/Testing
Issue or pull request related to testing
Kind/Upstream
This is an issue with upstream software (Forgejo) that is probably not our fault
Priority
Critical
The priority is critical
Priority
High
The priority is high
Priority
Low
The priority is low
Priority
Medium
The priority is medium
Reviewed
Confirmed
Issue has been confirmed
Reviewed
Duplicate
This issue or pull request already exists
Reviewed
Invalid
Invalid issue
Reviewed
Won't Fix
This issue won't be fixed
Status
Abandoned
Somebody has started to work on this but abandoned work
Status
Blocked
Something is blocking this issue or pull request
Status
Need More Info
Feedback is required to reproduce issue or to continue work
Suspicious
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
forgejo-contrib/forgejo-cli#557
Reference in a new issue
forgejo-contrib/forgejo-cli
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?