Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
failed to load certain https pages
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
reup
Guru
Guru


Joined: 13 May 2005
Posts: 419
Location: Nederland

PostPosted: Thu Mar 18, 2010 3:02 pm    Post subject: failed to load certain https pages Reply with quote

hello all.

I have a laptop with gentoo on sda1 and fedora on sda2, I mount for both sda3 on /home so the users are the same on both system and the home dirs as well

I did this as I want to use gentoo but in case of problem, I can fall back to another system

the problem I have is that with the gentoo OS, I cannot access certain https pages (https://mail.google.com/mail) while with the fedora OS I can

I try links, elinks, flock, firefox, opera, konqueror and epiphany, so I am sure it is not browser related :-)

I have the same DNS server on both, 4.2.2.1 and 4.2.2.3, and resolv.conf is with attribut +i so it cannot be overwriten

as all my mail is on gmail, I need to stay on fedora until I find a solution

I can ssh to another system, then access my email using elinks but that is not efficient really

last little twist, in fedora, I do a chroot to the gentoo system and then I can access gmail with elinks.

any clue ? this smell like a firewall issue but I can access other https sites (hotmail...)

thanks

reup
_________________
reup

"Don't wiggle the tail of the frog in the oil of the frying peanuts"
Back to top
View user's profile Send private message
disi
Veteran
Veteran


Joined: 28 Nov 2003
Posts: 1354
Location: Out There ...

PostPosted: Thu Mar 18, 2010 3:42 pm    Post subject: Reply with quote

Do you have your java set up correctly?

eselect java list or something, I am not on a linux machine :/

//edit: actual, if I disable java in firefox on Windows it doesn't load either :)
_________________
Gentoo on Uptime Project - Larry is a cow
Back to top
View user's profile Send private message
Veldrin
Veteran
Veteran


Joined: 27 Jul 2004
Posts: 1945
Location: Zurich, Switzerland

PostPosted: Thu Mar 18, 2010 3:48 pm    Post subject: Reply with quote

spontanious idea: openssl (is it installed, and do you have ssl useflag set)

on second thought, this could be kernel related, but i doubt it...

can post also emerge --info

V.

edit: also elaborate what how the problem exactly manifests. Error page (error code)? Timeout?
Back to top
View user's profile Send private message
reup
Guru
Guru


Joined: 13 May 2005
Posts: 419
Location: Nederland

PostPosted: Thu Mar 18, 2010 4:18 pm    Post subject: Reply with quote

I am going to test the java idea, but I have some doubt here as I can connect to other https sites, and elinks works when I am on chroot

as well, gmail warns if java is turned off
Code:

eselect java-vm show
Current system-vm
  sun-jdk-1.6               
Current user-vm
  (unset)             
Code:


eselect java-nsplugin show
Current Java browser plugin
  sun-jdk-1.6     


I beleive that if it is selected systemwise, it should be user available as well
_________________
reup

"Don't wiggle the tail of the frog in the oil of the frying peanuts"
Back to top
View user's profile Send private message
reup
Guru
Guru


Joined: 13 May 2005
Posts: 419
Location: Nederland

PostPosted: Thu Mar 18, 2010 4:25 pm    Post subject: Reply with quote

Code:
ABC / # eix openssl -I
[I] dev-libs/openssl
     Available versions:  0.9.8l-r2 ~0.9.8m **1.0.0_beta5 {bindist gmp kerberos rfc3779 sse2 test zlib}
     Installed versions:  0.9.8l-r2(06:19:26 AM 12/03/2009)(sse2 zlib -bindist -gmp -kerberos -test)
     Homepage:            http://www.openssl.org/
     Description:         Toolkit for SSL v2/v3 and TLS v1

Code:
Portage 2.1.7.17 (default/linux/amd64/10.0, gcc-4.3.4, glibc-2.10.1-r1, 2.6.31.5-127.fc12.x86_64 x86_64)
=================================================================
System uname: Linux-2.6.31.5-127.fc12.x86_64-x86_64-with-gentoo-1.12.13
Timestamp of tree: Sun, 07 Mar 2010 22:30:01 +0000
app-shells/bash:     4.0_p35
dev-java/java-config: 2.1.10
dev-lang/python:     2.6.4-r1
dev-util/cmake:      2.6.4-r3
sys-apps/baselayout: 1.12.13
sys-apps/sandbox:    1.6-r2
sys-devel/autoconf:  2.13, 2.63-r1
sys-devel/automake:  1.8.5-r3, 1.9.6-r2, 1.10.2
sys-devel/binutils:  2.18-r3
sys-devel/gcc:       4.3.4
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6b
virtual/os-headers:  2.6.30-r1
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA PUEL dlj-1.1 skype-eula"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=nocona -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-march=nocona -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch"
GENTOO_MIRRORS="http://mirrors.rit.edu/gentoo/ ftp://mirror.leaseweb.com/gentoo/ http://distfiles.gentoo.bg/ http://mirror.leaseweb.com/gentoo/ ftp://mirrors.rit.edu/gentoo/"
LANG="en_US.UTF-8"
LDFLAGS="-Wl,-O1"
LINGUAS="en_US pt_BR en_GB fr nl"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage/layman/sunrise"
SYNC="rsync://rsync.samerica.gentoo.org/gentoo-portage"
USE="X a52 aac acl acpi alsa amd64 apache2 arts bash-completion berkdb bzip2 cairo cdr cli consolekit cracklib crypt cups curl cxx dbus dri dvd dvdr encode flac fortran gdbm gnome gphoto2 gpm gstreamer gtk hal iconv imap jpeg kde maildir mmx mng modules mp3 mp4 mpeg mplayer msn mudflap multilib mysql mysqli nls nptl nptlonly nsplugin ogg opengl openmp pam pcmcia pcre pda pdf perl php plasma png pppd pulseaudio python qt3support qt4 readline reflection session slang spl sql sse sse2 ssl svg sysfs tcpd theora tidy tokenizer truetype unicode usb v4l v4l2 vorbis webkit wifi wmf xine xinerama xml xorg zeroconf zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_US pt_BR en_GB fr nl" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="intel"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS


_________________
reup

"Don't wiggle the tail of the frog in the oil of the frying peanuts"
Back to top
View user's profile Send private message
reup
Guru
Guru


Joined: 13 May 2005
Posts: 419
Location: Nederland

PostPosted: Sat Mar 20, 2010 2:28 am    Post subject: Reply with quote

I have created another user on my gentoo side of the laptop, and I experience exactly the same issue. gmail and webmail.ziggo.nl do not load until completion, the page start loading then stays on "waiting for www.google.com" (or ziggo.nl) but as soon as I reboot on fedora, no issue what so ever

I noticed that ziggo use a lot of javascript, probably gmail as well, so I wander if there is something on gentoo that prevent the loading of java

any help ?

reup
_________________
reup

"Don't wiggle the tail of the frog in the oil of the frying peanuts"
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15991

PostPosted: Sat Mar 20, 2010 2:50 am    Post subject: Reply with quote

reup wrote:
I wander if there is something on gentoo that prevent the loading of java
You can use NoScript to disable JavaScript except on sites where you explicitly permit it. This is a good idea, but not relevant to your immediate problem.

Since it works when you run the Fedora kernel with the Gentoo-built browser, this sounds like a kernel problem. Does it work if you use the /etc/sysctl.conf settings from Fedora in a Gentoo kernel?

Do you have any strange settings on your firewall? Inability to load large documents can indicate that you have a firewall misconfigured.
Back to top
View user's profile Send private message
reup
Guru
Guru


Joined: 13 May 2005
Posts: 419
Location: Nederland

PostPosted: Sat Mar 20, 2010 2:58 am    Post subject: Reply with quote

I think I did not explain myself clearly, I am sorry if I create confusion

I am using 2 different installation on the same disk, 2 different partition

so using gentoo kernel, I use gentoo build firefox/elinks
using fedora kernel, I use fedora installed firefox/elinks

I just install a dual boot and switch from one OS to the other. the only think they have in commun is the /home
_________________
reup

"Don't wiggle the tail of the frog in the oil of the frying peanuts"
Back to top
View user's profile Send private message
reup
Guru
Guru


Joined: 13 May 2005
Posts: 419
Location: Nederland

PostPosted: Sat Mar 20, 2010 3:00 am    Post subject: Reply with quote

as my setting of gentoo is pretty new, I do not believe that I have a firewall (I have installed none)
_________________
reup

"Don't wiggle the tail of the frog in the oil of the frying peanuts"
Back to top
View user's profile Send private message
reup
Guru
Guru


Joined: 13 May 2005
Posts: 419
Location: Nederland

PostPosted: Sat Mar 20, 2010 2:11 pm    Post subject: Reply with quote

I just changed dns hopping that it was some dns cache, but now, while using opendns, I have exactly the same result, it start loading the page and get stuck in the middle, waiting for the website

maybe this is relevant : at the time the problem started, I made a typo and change manually the date of my laptop to 2052. as I have an automatic mail checker for gmail, is it possiblethat some ssl issue arise at the moment and some cache data are still hunging around ? do we (on gentoo) have a ssl cache ?

reup
_________________
reup

"Don't wiggle the tail of the frog in the oil of the frying peanuts"
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15991

PostPosted: Sat Mar 20, 2010 4:57 pm    Post subject: Reply with quote

reup wrote:
I think I did not explain myself clearly, I am sorry if I create confusion

I am using 2 different installation on the same disk, 2 different partition

so using gentoo kernel, I use gentoo build firefox/elinks
using fedora kernel, I use fedora installed firefox/elinks

I just install a dual boot and switch from one OS to the other. the only think they have in commun is the /home
In your first post, you wrote:
reup wrote:
last little twist, in fedora, I do a chroot to the gentoo system and then I can access gmail with elinks.
From this, it appears that when the Fedora kernel is used to manage your TCP stack, everything is fine, whether you are running programs built by Gentoo or programs supplied by Fedora. Correct? If so, then the problem is in the configuration of your Gentoo kernel, either in what settings you built for it or in some setting that the Gentoo initscripts apply during boot.

reup wrote:
as my setting of gentoo is pretty new, I do not believe that I have a firewall (I have installed none)
So you plug your Ethernet port directly into the ISP uplink and receive a publicly routable IP address?
Back to top
View user's profile Send private message
reup
Guru
Guru


Joined: 13 May 2005
Posts: 419
Location: Nederland

PostPosted: Sat Mar 20, 2010 5:16 pm    Post subject: Reply with quote

yes, I have a 3g modem and I connect directly my laptop to the ISP, the only thing I change is the DNS, as I had problems before, so I use or opendns or 4.2.2.x

reup
_________________
reup

"Don't wiggle the tail of the frog in the oil of the frying peanuts"
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum