[outages] Parital iTunes Podcast Outage?

jrk1231-outml at nym.hush.com jrk1231-outml at nym.hush.com
Fri Jul 11 15:18:10 EDT 2014 

_See embedded answers please..._

On 7/11/2014 at 2:38 PM, "Jeremy Chadwick"  wrote:Few things (first
two points might seem like I'm nitpicking but I just
want clarification):

1. What is an "HTTP RST"?  RST implies TCP RST, which is independent
of
a layer 7 protocol like HTTP.  So are you saying you're seeing TCP
RSTs
or are you saying you see something indecipherable (due to SSL use)
that causes the TCP connection to cleanly shut down?

_Meh, yeah, I was being sloppy, posting what Wireshark said vs. the
correct technical detail. It was receiving TCP RST on the HTTPS data
connection within the TLS tunnel._

2. I assume these are "standard HTTPS" connections (TCP port 443)?  I
ask because someone mentioning TLS when also mentioning HTTP (and not
use of the term HTTPS) makes me think of RFC 2817 (which allows a
plaintext HTTP 1.1 connection to be upgraded to TLS 1.1 still across
TCP port 80).

_HTTPS connection to 443. TLS connection establishes fully. HTTP data
requests immediately generate a TCP RST._

3. I believe Wireshark can do this (I'm more familiar with using
openssl
s_client), but I would strongly suggest checking what the SSL
certificate is that the server returns.

It's very possible that the SSL cert the Apple servers use has expired
and the underlying client application lacks proper error handling /
display to handle this situation (e.g. popping up a UI telling the
user
that the comm protocol failed due to SSL library errors, and
displaying
that error result).  You might be surprised how often this happens
(companies not monitoring/tracking SSL cert expiry dates) -- it's
extremely common.

Sigh... Went back and tried pcap on a refresh several times, and got a
ton of out of order and duplicate packets every time, followed by a
fail like previous. I never saw the certificate but I did see several
"Encrypted Alert" messages that Wireshark would not further detail. 

Jeremy, I will send you the small pcap off list if you don't mind, and
maybe you can decipher what is going on.

THANKS!

JK
-- 
| Jeremy Chadwick                                   jdc at koitsu.org |
| UNIX Systems Administrator                http://jdc.koitsu.org/ |
| Making life hard for others since 1977.             PGP 4BD6C0CB |

On Fri, Jul 11, 2014 at 02:18:31PM -0400, J Kibler via Outages wrote:
> Hi,
> 
> Is anyone seeing a partial outage of podcasts using iTunes on a Mac?
> 
> Several of my subscriptions have not updated since the day before
> yesterday and the subscription shows an explanation point inside the
> circle by the podcast name in list view. Running Wireshark and doing
a
> "refresh podcast" on those individual podcasts, I see a successful
TLS
> connection followed by a series of HTTP RSTs and the connection
being
> torn down. Examples of podcasts not updating include:
>  *KQED's Forum *NPR Topics: Technology Podcast *60-Second Science  
> (SciAm) *Discovery    (BBC)
>  My other dozen or so podcasts are updating normally.
> Any ideas?
> 
> TIA!
> 
> JK
> 

> _______________________________________________
> Outages mailing list
> Outages at outages.org
> https://puck.nether.net/mailman/listinfo/outages
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages/attachments/20140711/ef8253d3/attachment.htm>

More information about the Outages mailing list