Coder Social home page Coder Social logo

Comments (7)

andrewpollock avatar andrewpollock commented on June 19, 2024

@RichardoC thanks for reporting this, I'm having trouble reproducing it though.

from osv.dev.

andrewpollock avatar andrewpollock commented on June 19, 2024

@RichardoC Given you changed the title, I wonder if step 3 of your reproduction needs to be edited as well? If I'm reading correctly, it sounds like the problems were all within google.github.io, which is GitHub serving infrastructure. I wonder if it had a temporary glitch?

from osv.dev.

RichardoC avatar RichardoC commented on June 19, 2024

Here's a video of the issue, I suspect it's just that the URL for the FAQ's is wrong
Screencast from 16-11-23 23:20:00.webm

from osv.dev.

andrewpollock avatar andrewpollock commented on June 19, 2024

Thanks for the screencast, that helped surface the additional detail of Firefox being the browser.

This is looking to me like some sort of browser certificate pinning error, because for me with Chrome, I'm seeing everything to be in order, and based on the failure message I'm seeing, the certificate being expected by your browser is a Google certificate, but this site is a *.github.io site.

Would you mind trying this with a totally fresh Firefox browser profile or (I think Firefox calls it "Private Browsing" window?)

from osv.dev.

andrewpollock avatar andrewpollock commented on June 19, 2024

This is what I'm seeing with Chrome, and doesn't look like what you're seeing with Firefox:

$ echo | openssl s_client -showcerts -servername google.github.io -connect google.github.io:443 2>/dev/null | openssl x509 -inform pem -noout -text

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:4d:72:d7:7c:dd:a7:02:dd:5a:67:f2:a2:3b:bd:d9
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1
        Validity
            Not Before: Feb 21 00:00:00 2023 GMT
            Not After : Mar 20 23:59:59 2024 GMT
        Subject: C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.github.io
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b8:b0:60:0e:1a:2f:f1:b1:86:4b:64:ec:11:9f:
                    a6:79:be:e8:87:f1:88:c5:b4:49:9b:10:bb:ca:af:
                    ea:af:be:54:0c:78:43:7f:ca:7b:4e:45:5b:0b:24:
                    29:f1:bb:23:fc:19:a4:c7:6c:70:49:76:53:d3:09:
                    23:65:b2:48:7b:b6:1c:aa:07:1a:e2:79:1a:f9:7a:
                    5e:e7:16:f8:a6:4a:d5:39:a3:e2:0d:f7:57:ef:ed:
                    f8:08:76:5b:52:da:8b:d0:e6:1e:6e:2f:f9:0f:99:
                    4b:6a:52:ca:34:e1:a4:c9:20:33:d3:97:e8:7a:77:
                    c5:03:10:26:41:82:61:47:a2:af:c4:56:3f:76:a2:
                    38:cb:b2:70:ae:72:7a:43:c1:7e:27:a3:5e:d6:e3:
                    f6:e7:a5:30:70:bd:2a:96:27:7a:7b:fb:40:d2:57:
                    77:af:23:12:27:42:3a:c6:0b:6a:8c:bd:ba:2d:ee:
                    3f:9f:15:ee:62:57:a4:a6:95:50:af:43:b0:ac:76:
                    b8:e1:0e:d9:ff:56:ec:74:50:86:b5:1f:96:2c:d1:
                    95:05:e5:b7:05:67:93:4e:9e:f2:5a:38:1f:a7:8f:
                    43:5a:de:3c:57:da:48:7a:50:c6:88:38:15:c8:97:
                    2c:2c:ec:f8:39:09:36:bd:19:8d:03:56:41:66:07:
                    24:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                B7:6B:A2:EA:A8:AA:84:8C:79:EA:B4:DA:0F:98:B2:C5:95:76:B9:F4
            X509v3 Subject Key Identifier: 
                8D:02:1C:75:5A:CD:C6:A6:41:78:69:28:C3:F7:AA:A7:98:3B:D5:BB
            X509v3 Subject Alternative Name: 
                DNS:*.github.io, DNS:github.io, DNS:*.github.com, DNS:github.com, DNS:www.github.com, DNS:*.githubusercontent.com, DNS:githubusercontent.com
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
                Full Name:
                  URI:http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                  CPS: http://www.digicert.com/CPS
            Authority Information Access: 
                OCSP - URI:http://ocsp.digicert.com
                CA Issuers - URI:http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt
            X509v3 Basic Constraints: 
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Feb 21 15:03:41.179 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:AA:7E:67:D2:3B:C3:31:79:E5:59:FD:
                                F2:73:AA:A0:41:A7:E5:6A:79:10:D4:39:40:55:1B:24:
                                D3:3A:7E:37:7B:02:21:00:94:F4:4B:6E:E6:98:65:25:
                                A6:A3:62:0C:00:CF:F8:9A:3C:0B:A9:18:1C:5F:BB:53:
                                A4:D8:EF:86:C7:5C:70:1A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 73:D9:9E:89:1B:4C:96:78:A0:20:7D:47:9D:E6:B2:C6:
                                1C:D0:51:5E:71:19:2A:8C:6B:80:10:7A:C1:77:72:B5
                    Timestamp : Feb 21 15:03:41.162 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:82:E0:7E:5D:05:40:34:18:F6:30:F7:
                                09:CD:BC:FE:2C:13:EB:90:30:CE:10:ED:E8:A7:9D:A3:
                                74:75:12:5B:72:02:20:5D:1F:9D:87:56:AA:F7:6D:9A:
                                04:0D:4A:7B:35:DE:90:29:A5:D4:16:A7:8F:DF:FE:37:
                                AB:35:8B:24:23:B9:2B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Feb 21 15:03:41.130 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:13:FF:00:36:A8:61:87:48:A6:6A:04:09:
                                BC:E3:3E:AA:13:E7:46:3D:06:75:68:23:18:E7:6A:45:
                                49:F7:30:F1:02:20:3F:F4:9C:8A:E6:46:D3:65:F6:98:
                                13:BF:9A:20:D3:DA:10:A9:E3:2E:5D:DA:C7:3B:14:4E:
                                4F:4E:1C:82:A5:B3
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        37:a4:1b:11:22:9f:fc:9f:c9:67:07:8f:aa:86:13:9f:e0:08:
        1d:6e:0c:8d:65:fb:03:79:50:c6:76:ba:30:90:a0:a4:1c:79:
        13:07:b9:5a:18:8d:97:4c:05:71:8a:d0:22:17:c6:19:a2:22:
        8b:03:f6:2c:84:71:6c:55:df:e2:99:43:65:e5:d7:b7:b7:37:
        4c:c6:c8:e5:f1:d8:a7:7b:07:5d:eb:b8:1c:50:a4:a3:8e:f0:
        4c:f8:b8:6a:72:59:be:43:0e:8a:de:b5:5e:8f:9e:3f:5a:43:
        64:82:cc:e0:de:76:f4:be:a6:12:0a:06:68:bb:77:e1:4c:ef:
        4b:4d:67:af:f6:72:c7:6b:1b:9c:48:53:a7:7f:ed:76:18:5c:
        f0:f6:c6:4c:24:53:57:57:e1:42:a6:3d:ae:e1:f5:93:f2:6a:
        fa:29:72:01:3e:b7:06:f1:2f:1a:0e:91:c5:ec:35:bf:f5:da:
        33:95:de:24:12:0d:f5:c3:23:8d:40:82:d1:5c:eb:de:0a:08:
        e8:e5:83:e5:0a:8b:3a:5e:98:4e:77:4f:9f:dc:ab:7e:ce:a8:
        28:4f:aa:79:4f:c9:be:8f:60:88:6e:6b:f9:20:6c:7f:38:96:
        d6:da:d7:11:03:43:d8:b8:51:87:ce:32:22:4d:64:4c:c4:75:
        27:d0:e3:df

from osv.dev.

RichardoC avatar RichardoC commented on June 19, 2024

Good news, this seems to be working now! My guess is there was some kind of DNS issue, because this is now correctly pointing to a Github server rather than a Google one.
https://www.shodan.io/host/185.199.109.153

from osv.dev.

andrewpollock avatar andrewpollock commented on June 19, 2024

Most strange. I'd love to know what it was pointing at when you were experiencing the errors...

from osv.dev.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.