TLS handshake is fatal, not transient - hence not retried

This bug was fixed in the package apt - 2.3.4

---------------
apt (2.3.4) experimental; urgency=medium

  [ Khem Raj ]
  * srvrec: Keep support for older resolver

  [ Julian Andres Klode ]
  * Turn TLS handshake issues into transient errors (LP: #1928100)

 -- Julian Andres Klode <email address hidden> Wed, 12 May 2021 18:04:33 +0200

Hello Julian, or anyone else affected,

Accepted apt into hirsute-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/2.2.4ubuntu0.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-hirsute to verification-done-hirsute. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-hirsute. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

All autopkgtests for the newly accepted apt (2.2.4ubuntu0.1) for hirsute have finished running.
The following regressions have been reported in tests triggered by the package:

ubuntu-advantage-tools/unknown (amd64, ppc64el, s390x, armhf)
reprotest/0.7.16 (arm64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/hirsute/update_excuses.html#apt

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

autopkgtest have passed, so verified

This bug was fixed in the package apt - 2.2.4ubuntu0.1

---------------
apt (2.2.4ubuntu0.1) hirsute; urgency=medium

  * Merge 2.2.4 from Debian unstable
  * Extend the JSON hook fixes with support for version 0.2 (LP: #1926150)
    - json: Add origins fields to version
    - upgrade: Add JSON hook support (AptCli::Hooks::Upgrade)
    - json: Add `package-list` and `statistics` install hooks
    - json: Hook protocol 0.2 (added upgrade,downgrade,reinstall modes)

apt (2.2.4) unstable; urgency=medium

  [ Julian Andres Klode ]
  * Various bugfixes to the JSON hooks:
    - encoder fixes:
      + json: Escape strings using \u escape sequences, add test
      + json: Actually pop states
      + json: Encode NULL strings as null
    - json: Flush standard file descriptors before calling hooks
      (this avoids output from hooks in middle of apt output)
    - Non-installed JSON changes:
      + test/json: Make the test hook more reliable
      + Fix a typo in json-hooks-protocol.md (thanks to Brian Murray)
  * Avoid infinite loop on EOF on media change prompt (LP: #1928687)
  * Turn TLS handshake issues into transient errors (LP: #1928100),
    this makes behavior consistent with TCP and enables Acquire::Retries
  * policy: Apply phasing to uninstalled packages too (LP: #1925745),
    this prevents inconsistencies when installing new binaries that depend
    on the same version of an already installed binary.

  [ David Kalnischkies ]
  * URI encode Filename field of Packages files (again). This fixes a
    regression introduced in 2.1.15 that causes download failures of
    packages with an epoch included in their filename (LP: #1931874).

 -- Julian Andres Klode <email address hidden> Mon, 14 Jun 2021 16:27:40 +0200

The verification of the Stable Release Update for apt has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.