[Bug 1444656] [NEW] GnuTLS TLS 1.2 handshake failure
Robert Russo
rrusso at lsu.edu
Wed Apr 15 19:03:27 UTC 2015
Public bug reported:
I'm experiencing the same issue as here:
http://comments.gmane.org/gmane.network.gnutls.general/3713
I came across a SSL handshake problem with gnutls-cli when connecting to
some websites, see below. It is somehow specific to gnutls as
openssl/Chrome/Firefox can connect fine.
Is this is a bug in gnutls or do you have any ideas how to troubleshoot
it?
$ gnutls-cli --version
gnutls-cli (GnuTLS) 2.12.23
Packaged by Debian (2.12.23-12ubuntu2.1)
$ gnutls-cli www.openlearning.com
Resolving 'www.openlearning.com'...
Connecting to '119.9.9.205:443'...
*** Fatal error: A TLS fatal alert has been received.
*** Received alert [40]: Handshake failed
*** Handshake has failed
GnuTLS error: A TLS fatal alert has been received.
$ gnutls-cli sequencewiz.com
Resolving 'sequencewiz.com'...
Connecting to '50.112.144.117:443'...
*** Fatal error: A TLS packet with unexpected length was received.
*** Handshake has failed
GnuTLS error: A TLS packet with unexpected length was received.
Thank you,
Please back port the latest GnuTLS to Trusty as it is an LTS release and clearly GnuTLS 2.12 is an old branch.
I've also attached packet captures of this.
** Affects: trusty-backports
Importance: Undecided
Status: New
** Tags: ssl tls
** Attachment added: "pap of the server returning a bad handshake when connecting to an tls1.2 protected site."
https://bugs.launchpad.net/bugs/1444656/+attachment/4376565/+files/bad.pcap
--
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to trusty-backports.
Matching subscriptions: ubuntu-backporters
https://bugs.launchpad.net/bugs/1444656
Title:
GnuTLS TLS 1.2 handshake failure
To manage notifications about this bug go to:
https://bugs.launchpad.net/trusty-backports/+bug/1444656/+subscriptions
More information about the ubuntu-backports
mailing list