From 98283915f54df275170cc1c8bdaa0b00d343cd69 Mon Sep 17 00:00:00 2001 From: Dan Peebles Date: Thu, 6 Apr 2017 18:18:43 +0000 Subject: [PATCH] Retry downloads on transient SSL errors too --- src/libstore/download.cc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libstore/download.cc b/src/libstore/download.cc index 78fcdc621..d1f760fdc 100644 --- a/src/libstore/download.cc +++ b/src/libstore/download.cc @@ -300,6 +300,8 @@ struct CurlDownloader : public Downloader || httpStatus == 504 || httpStatus == 522 || httpStatus == 524 || code == CURLE_COULDNT_RESOLVE_HOST || code == CURLE_RECV_ERROR + // this is a generic SSL failure that in some cases (e.g., certificate error) is permanent but also appears in transient cases, so we consider it retryable + || code == CURLE_SSL_CONNECT_ERROR #if LIBCURL_VERSION_NUM >= 0x073200 || code == CURLE_HTTP2 || code == CURLE_HTTP2_STREAM