@hgy59 Is there a specific OpenSSL issue with aarch64?

@ymartin59 mono uses boringSSL (aka btls) as discussed in #3666. It's a known bug as of Elliptic Curve crypto in BTLS broken on ARM64 in Debian 8 .
This mono issue is closed without a solution as for Debian > 8 there is no such error.

The reason of the bug is given as of the buggy GCC 4 support for ARM64.

Suggestions:

• try a build with the latest toolchain (DSM 6.2.2, still GCC 4.9.4)
• try the latest version of Mono (currently 6.8.0.105)
• try to create a newer version of gcc for aarch64 and use it for cross compilation
• try to replace boringSSL by OpenSSL as proposed in mono issue 8888
• as of using mono tls providers an application can change the TLS provider (where available) - but this needs modification of the application code.

The first two suggestions are relativly easy to test, but the others need huge effort.
I already created a build of Mono 6.8.0 but have not added the latest toolchain yet.

@mridude23 as of this older SO item can you please try this solution?

You can try to change the mono TLS provider.

The default TLS provider in newer mono versions is BTLS. But you can change it to the legacy TLS > provider:

Try adding MONO_TLS_PROVIDER=legacy to your environment variables, when you are having > trouble with BTLS.

I have no idea whether the legacy TLS provider is still supported, but give it a try.

@hgy59 I am building mono and jackett with 6.2 toolchain to give it a try.

There is some kind of mistake at https://sourceforge.net/projects/dsgpl/files/DSM%206.2%20Tool%20Chains/Intel%20x86%20Linux%204.4.59%20%28Rtd1296%29/
Wonder why "Intel x86" in folder for an ARMv8 architecture...
I doubt that toolchain may fix this...

@hgy59 Is it possible that an OpenSSL update contains fixes for ARM64?

I wonder why Jackett would suffer this issue alone. Sonarr should also fail.

I saw this _intel_ naming too, but it's the folder name only. TC 6.2.2 has corrected folder name.
My mono_rtd1296-6.2.2_6.8.0.105-14.spk is just ready for testing.
The only binary difference to mono_aarch64-6.1_6.8.0.105-14.spk are the files

bin/mono-sgen
bin/monodis
lib/libmono-btls-shared.so
lib/libmono-native.so.0.0.0

So there is a little chance that the behaviour is different.

@mridude23 just uploaded my special build here:
Update Mono to 6.8.0.105

As usual: _pre-release without any warranty._

I wonder why Jackett would suffer this issue alone. Sonarr should also fail.

The mono issue says:

Others have this issue.
Jackett/Jackett#2173
Radarr/Radarr#2350
MichaIng/DietPi#1711

@hgy59 Is it possible that an OpenSSL update contains fixes for ARM64?

Mono uses BoringSSL, not OpenSSL.
The current mono repo links to this BoringSSL

They have a fix for FreeBSD/aarch64 in this commit https://github.com/mono/boringssl/commit/c5b67767b1f9a0da50cfce60026577797c66f7d9 just 22 days ago.

And some older clang fixes in January 2019 (but tested with gcc 7.x and 8.x only)

• https://github.com/mono/boringssl/commit/3d87996698b28b3ab81dc3d410565733c4147b98
• https://github.com/mono/boringssl/commit/d637462848e93e1f23399af5d8ace0686373eabb

@hgy59 I am interested to know why there is "openssl" word in error message then routines:OPENSSL_internal:POINT_IS_NOT_ON_CURVE?

OK it was "boring" for Google to improve OpenSSL so they forked and do not recommend to depend on it but now others are bored too with issues spread in Chromium and Mono...
Is there a way to build Mono with OpenSSL? Is that this mentioned "legacy" switch?

@mridude23 just uploaded my special build here:
Update Mono to 6.8.0.105

As usual: _pre-release without any warranty._

Installed the package along Jackett 0.14, error still persists.

An error occured while testing this indexer
Exception (eztv): Ssl error:0f000078:elliptic curve routines:OPENSSL_internal:POINT_IS_NOT_ON_CURVE at /spksrc/spk/mono/work-rtd1296-6.2.2/mono-6.8.0.105/external/boringssl/crypto/ec/ec.c:835: The SSL connection could not be established, see inner exception.

@mridude23 just found that libmonoboehm is in the spk package but it should not be there, as it is for x86_64 arch.
Can you try to delete the following files after the installation of mono on your NAS?

/var/packages/mono/target/bin/mono-boehm
/var/packages/mono/target/lib/libmonoboehm-2.0.so
/var/packages/mono/target/lib/libmonoboehm-2.0.so.1
/var/packages/mono/target/lib/libmonoboehm-2.0.so.1.0.0

So, now the packages available in Package Center are at least one version behind.

Installed

• Mono 5.8 with Jackett 0.11: public indexer works, private fails.
• Mono 5.8 with Jackett 0.14: public indexer works, private works. Added Sonarr v3 as well, restored a backup and everything runs as expected now. The Mono seems to be causing all the problems.

LE: Did not see your comment and I was already working on the things I've stated. I'll try tomorrow most likely. If I manage before that I'll let you know.

Can you try to delete the following files after the installation of mono on your NAS?

/var/packages/mono/target/bin/mono-boehm
/var/packages/mono/target/lib/libmonoboehm-2.0.so
/var/packages/mono/target/lib/libmonoboehm-2.0.so.1
/var/packages/mono/target/lib/libmonoboehm-2.0.so.1.0.0

This does not seem to change anything. I tried this both before and after installing the 6.8.0.105 special build.

Try adding MONO_TLS_PROVIDER=legacy to your environment variables, when you are having > trouble with BTLS.

I have no idea whether the legacy TLS provider is still supported, but give it a try.

This also made no difference for me. I guess the legacy provider is no longer supported.

To save having to restart services to test something out, I’m testing with the following:

wget https://github.com/mono/mono/raw/master/mcs/class/Mono.Security/Test/tools/mget/mget.cs
csc mget.cs
mono mget.exe https://example.com/

Until we have a solution for late versions of Mono, I downgraded to 5.8.0.108-11 [6.1 rtd1296] without having to uninstall a bunch of other packages with the following:

wget https://packages.synocommunity.com/mono/11/mono.v11.f15047[rtd1296].spk
rm -rf /volume1/\@appstore/mono /var/packages/mono
synopkg install mono.v11.f15047\[rtd1296\].spk

Note: It seems like editing version in /var/packages/mono/INFO (e.g. prefix with 0.) is also sufficient to trick synopkg into downgrading without having to blow away all the files.

@jasoncodes Thanks for these valuable work-arounds to downgrade packages... we should document them as FAQ, because it happens we get troubles when publishing critical package like Mono or Python...

@mridude23 just uploaded my special build here:
Update Mono to 6.8.0.105

As usual: _pre-release without any warranty._

When I install this mono version, Sonarr v3 "fails to update"

Yeah the mono upgrade is the cause of all the sonarr and jackett issues being reported recently