GnuTLS TLS 1.2 handshake failure
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
gnutls26 (Ubuntu) | ||||||
Trusty |
Fix Committed
|
High
|
Unassigned |
Bug Description
[ Impact ]
* GnuTLS fails to handshake using TLS 1.2 because of a protocol failure
[ Other info ]
I'm experiencing the same issue as here:
http://
I came across a SSL handshake problem with gnutls-cli when connecting to
some websites, see below. It is somehow specific to gnutls as
openssl/
Is this is a bug in gnutls or do you have any ideas how to troubleshoot it?
$ gnutls-cli --version
gnutls-cli (GnuTLS) 2.12.23
Packaged by Debian (2.12.23-
[ Test case ]
$ gnutls-cli www.openlearnin
Resolving 'www.openlearni
Connecting to '119.9.
*** Fatal error: A TLS fatal alert has been received.
*** Received alert [40]: Handshake failed
*** Handshake has failed
GnuTLS error: A TLS fatal alert has been received.
$ gnutls-cli sequencewiz.com
Resolving 'sequencewiz.
Connecting to '50.112.
*** Fatal error: A TLS packet with unexpected length was received.
*** Handshake has failed
GnuTLS error: A TLS packet with unexpected length was received.
[ Regression potential ]
* low to moderate, this is an upstream commit dated back 6 years ago, that trusty sadly missed, but was manually tested to work and autopkgtests should give more confidence
Thank you,
Please back port the latest GnuTLS to Trusty as it is an LTS release and clearly GnuTLS 2.12 is an old branch.
I've also attached packet captures of this.
Changed in gnutls26 (Ubuntu): | |
status: | New → Confirmed |
affects: | trusty-backports → gnutls26 (Ubuntu) |
Changed in gnutls26 (Ubuntu): | |
status: | New → Invalid |
Changed in gnutls26 (Ubuntu Trusty): | |
status: | New → Triaged |
importance: | Undecided → High |
no longer affects: | gnutls26 (Ubuntu) |
tags: |
added: patch trusty removed: ssl tls |
Come on guys.
No one cares?
https:/ /bugs.debian. org/cgi- bin/bugreport. cgi?bug= 767610