[Bug 1444656] Re: GnuTLS TLS 1.2 handshake failure
Samuel Leslie
sdl at nexiom.net
Tue Mar 21 01:46:00 UTC 2017
Hi Seth,
I've attached a debdiff which is generated off the latest gnutls26
package: 2.12.23-12ubuntu2.7. That said, no changes to my earlier patch
were required to apply cleanly. Hopefully this is what you're after?
I should also add that this patch should ideally be reviewed by someone
knowledgeable about GnuTLS and C, as I don't consider myself to meet
either of those requirements! Particularly given this is a security
library.
Cheers,
-SDL
** Patch added: "gnutls26_2.12.23-12ubuntu2.8.debdiff"
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1444656/+attachment/4841301/+files/gnutls26_2.12.23-12ubuntu2.8.debdiff
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1444656
Title:
GnuTLS TLS 1.2 handshake failure
Status in gnutls26 package in Ubuntu:
Invalid
Status in gnutls26 source package in Trusty:
Triaged
Bug description:
I'm experiencing the same issue as here:
http://comments.gmane.org/gmane.network.gnutls.general/3713
I came across a SSL handshake problem with gnutls-cli when connecting to
some websites, see below. It is somehow specific to gnutls as
openssl/Chrome/Firefox can connect fine.
Is this is a bug in gnutls or do you have any ideas how to
troubleshoot it?
$ gnutls-cli --version
gnutls-cli (GnuTLS) 2.12.23
Packaged by Debian (2.12.23-12ubuntu2.1)
$ gnutls-cli www.openlearning.com
Resolving 'www.openlearning.com'...
Connecting to '119.9.9.205:443'...
*** Fatal error: A TLS fatal alert has been received.
*** Received alert [40]: Handshake failed
*** Handshake has failed
GnuTLS error: A TLS fatal alert has been received.
$ gnutls-cli sequencewiz.com
Resolving 'sequencewiz.com'...
Connecting to '50.112.144.117:443'...
*** Fatal error: A TLS packet with unexpected length was received.
*** Handshake has failed
GnuTLS error: A TLS packet with unexpected length was received.
Thank you,
Please back port the latest GnuTLS to Trusty as it is an LTS release and clearly GnuTLS 2.12 is an old branch.
I've also attached packet captures of this.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1444656/+subscriptions
More information about the foundations-bugs
mailing list