Issue 2715: hub.darcs.net does not support "Extended Main Secret"

Title	hub.darcs.net does not support "Extended Main Secret"
Priority	urgent	Status	needs-diagnosis/design
Milestone		Resolved in
Superseder		Nosy List	ganesh
Assigned To		Topics

Created on 2024-02-18.13:13:11 by ganesh, last changed 2024-02-18.13:13:11 by ganesh.

msg23728 (view)

Author: ganesh

Date: 2024-02-18.13:13:10

Discovered with the test suite, and reproduced directly.

Trying to connect to hub.darcs.net with darcs built against
`tls-2.0.0`, we get

```
Error getting "https://hub.darcs.net/darcs/darcs-screened/_darcs/format": InternalException (HandshakeFailed (Error_Protocol 
"peer does not support Extended Main Secret" HandshakeFailure))
And also:
Error getting "https://hub.darcs.net/darcs/darcs-screened/_darcs/inventory": InternalException (HandshakeFailed 
(Error_Protocol "peer does not support Extended Main Secret" HandshakeFailure))
```

The immediate trigger is that between tls-1.9.0 to tls-2.0.0,
the default setting for this was changed from "AllowEMS" to
"RequireEMS".

I've tried overriding this setting from darcs but ran into
other problems with overriding any TLS settings.

For now I'll probably constrain tls to <2.0.0. The best
long-term fix would probably be to update hub.darcs.net,
or alternatively figure out how to override the TLS settings.

History
Date	User	Action	Args
2024-02-18 13:13:11	ganesh	create

Issue 2715 hub.darcs.net does not support "Extended Main Secret"