Notarization fails with s3 upload error: unhandled error

[ErkkaLehmus]

I am not sure if this is same or related to #84

Using apple-codesign 0.27.0 on linux command-line
rcodesign notary-submit --api-key-file ~/keys/mykey.json --staple MyGame.app.zip

fails with

created submission ID:  --- manually cut out, ask if you need this ---
resolving AWS S3 configuration from Apple-provided credentials
uploading asset to s3://notary-submissions-prod/prod/ --- manually cut out, ask if you need this ---
(you may see additional log output from S3 client)
Error: s3 upload error: unhandled error

I run it a few times, same result every time. And then with -vvv logging the output to a text file. It seems to succesfully send ClientHello to apple, receiving ServerHello, after which there is

[2024-05-09T10:27:37Z DEBUG rustls::client::tls13] Not resuming
[2024-05-09T10:27:37Z TRACE rustls::client::client_conn] EarlyData rejected
[2024-05-09T10:27:37Z TRACE rustls::conn] Dropping CCS
[2024-05-09T10:27:37Z DEBUG rustls::client::tls13] TLS1.3 encrypted extensions: [ServerNameAck, Unknown(UnknownExtension { typ: EllipticCurves, payload: 00040017001d }), Protocols([ProtocolName(6832)])]
[2024-05-09T10:27:37Z DEBUG rustls::client::hs] ALPN protocol is Some(b"h2")
[2024-05-09T10:27:37Z TRACE rustls::client::tls13] Server cert is [--- manually cut out, ask if you need this ---]
[2024-05-09T10:27:37Z TRACE rustls::verify] Unvalidated OCSP response: [--- manually cut out, ask if you need this ---]
[2024-05-09T10:27:38Z TRACE reqwest::blocking::wait] wait at most 30s
[2024-05-09T10:27:38Z WARN  apple_codesign::notarization] created submission ID: --- manually cut out, ask if you need this ---
[2024-05-09T10:27:38Z TRACE reqwest::blocking::client] closing runtime thread (ThreadId(2))
[2024-05-09T10:27:38Z TRACE reqwest::blocking::client] signaled close for runtime thread (ThreadId(2))
[2024-05-09T10:27:38Z TRACE reqwest::blocking::client] (ThreadId(2)) Receiver is shutdown
[2024-05-09T10:27:38Z TRACE reqwest::blocking::client] (ThreadId(2)) end runtime::block_on
[2024-05-09T10:27:38Z TRACE reqwest::blocking::client] (ThreadId(2)) finished
[2024-05-09T10:27:38Z TRACE reqwest::blocking::client] closed runtime thread (ThreadId(2))
[2024-05-09T10:27:38Z WARN  apple_codesign::notarization] resolving AWS S3 configuration from Apple-provided credentials
[2024-05-09T10:27:38Z DEBUG hyper_rustls::config] with_native_roots processed 140 valid and 0 invalid certs
[2024-05-09T10:27:38Z WARN  apple_codesign::notarization] uploading asset to s3://notary-submissions-prod/prod/--- manually cut out, ask if you need this ---
[2024-05-09T10:27:38Z WARN  apple_codesign::notarization] (you may see additional log output from S3 client)
[2024-05-09T10:27:38Z DEBUG rustls::client::hs] No cached session for DnsName("notary-submissions-prod.s3.us-west-2.amazonaws.com")
[2024-05-09T10:27:38Z DEBUG rustls::client::hs] Not resuming any session
[2024-05-09T10:27:38Z TRACE rustls::client::hs] Sending ClientHello Message {

After which there are two times clientHello and ServerHello with amazonaws.com, this time with
[2024-05-09T10:27:38Z DEBUG rustls::client::hs] ALPN protocol is Some(b"http/1.1")

until finally terminating with
Error: s3 upload error: unhandled error

---

I'm connected to the internet by a mobile broad-band, and what little I do understand, on the ISP side there is a proxy behind me and the rest of the world. And not sure if there is anything I can do about it.

I kind of a wanted to test the process with the official Apple tools to verify if there is a problem with my ISP, but unfortunately Apple is not happy with me running on 10.13.6 High Sierra, which is the highest my old macBook can do.

[detorto]

Same problem.
Looks like it depends on package it sends.
One of my pkgs notarizes ok every time, other one fails every time with the same "Error: s3 upload error: unhandled error".

Logs are same with yours.

UPD: Cloned and build a main branch, it shows 0.27.0 version, but managed to upload a binary.