libgnutls26 2.12.14 breaks SSL tracker support in Transmission

SSL trackers are fairly rare, and I was only able to test with one particular (private) tracker. I can't say for sure whether this is a general SSL bug, or something that only affects my particular tracker.

I suspect it has something to do with the less mainstream CA that signed the trackers cert, and I would not be too surprised if this entry from the gnutls 2.12.15 changelog is the culprit:

** libgnutls: Disable signature algorithms that are not supported
for client certificate verification. Reported by Florian Weimer.

In any case, the differences between 2.12.14 and 2.12.16 seem to be negligible.

Status changed to 'Confirmed' because the bug affects multiple users.

Bump... will this be fixed before 12.04 release?

I have the same issue with sll tracker.
Please, fix it!

Ubuntu was released as 12.04 with the SSL support for transmission broken.

Workaround is to get the deb libgnutls26_2.12.18-1 from Debian Sid and restart Transmission after installing it with dpkg -i.

It's interesting.
Transmission depends on libcurl3-gnutls, which itself depends on libgnutls26.

Status changed to 'Confirmed' because the bug affects multiple users.

Thanks tocpcs. I also have this bug on 12.04 and your recipe works great.

I just did a clean install of quantal from a daily ISO (2012-07-17), and notice that Transmission is having no problem connecting to the SSL tracker that was the original reason for opening this bug.

It appears that this entry from the libgnutls26 package changelog fixes the issue:

gnutls26 (2.12.14-5ubuntu3.1) precise-proposed; urgency=low

  * Apply upstream patch to fix validation of certificates when more than
    one with the same short hash exists in the CA bundle (LP: #1003841).

 -- Thorsten Glaser <email address hidden> Thu, 24 May 2012 11:19:12 +0200

I guess this bug could theoretically be closed, since that update is now in precise-updates and quantal.

Hmm. Apparently I spoke too soon. It was working successfully yesterday, on a fresh install, with libgnutls26 2.12.14-5ubuntu4, but today I saw the original symptoms again.

I grabbed a copy of libgnutls26 2.12.20-1 from Debian wheezy, and the problem went away.

C'mon Ubuntu... update this thing!

I am experiencing the also.

* gnutls_handshake() failed: Error in the push function.* Connection #0 seems to be dead!

Im still affected with this same bug. I tried looking for the .deb file from wheezy or sid, and i cant find it. This is likely due to the fact that i have never tried to navigate debian.org.
I was able to get the source from here: http://packages.debian.org/sid/amd64/debug/libgnutls26-dbg ,
but with my limited linux knowledge, i need some more help, or just a pointer to the deb, then im good.

thanks!

Adamaze, packages.debian.org is pretty much the same to navigate as packages.ubuntu.com.

Choose your arch from the links at the bottom of http://packages.debian.org/wheezy/libgnutls26 and download from a mirror of your choice.

I am experiencing this bug as well and can confirm installing libgnutls26 from the Debian Repo resolves this issue. Will gladly provide debug information if requested.

Thanks,
Patrick

I can't get mine to work after installing the Wheezy deb package. Is there anything I might be doing wrong?

The 2.12.20-1 package from sid works on my precise amd64.

How about 12.10?

Nope. Quantal was released whilst this bug just sat quietly in the corner. Maybe we'll be lucky enough to get 2.12.20 when the Debian-sid import is done.

Just installed raring... bug still present. Fix it this cycle maybe? Or is it too soon still?

Raring now has 2.12.20, so this should be fixed. For the SRU's, please check bug 1095052 which I think is a dupe.

Yep, confirmed working here. I should have updated the bug earlier, but didn't want it to miss its first birthday ;-)

I installed a fresh pangolin (from non-pae mini-iso) it is up2date (libgnutls26: Installed: 2.12.14-5ubuntu3.4), i still have this issue (or what it looks like to be) using transmission-daemon + remote

* transmission connect to any tracker except that ssl one
* i can connect to that ssl tracker with another client/platform
* if i disable the ssl in my trackers'profile i can connect with transmission (and download successfully) using new torrents (not ssl torrents) (ssl torrents still not connecting)

the only log i have are some consistent "Scrape error: Could not connect to tracker (announcer.c:1255)" and "Could not connect to tracker (announcer.c:990)" on the ssl torrents

i did not successfully obtain the curl log from first post (not sure how to do it)
i did not try to install another libgnutls26 package because i'm not sure how safe/clean/reversible that process is

fresh install of 12.04 + transmission-daemon from apt.

Confirmed not working with SSL trackers

Install the relevant version of libgnutls26 for wheezy from :
http://packages.debian.org/wheezy/libgnutls26

dpkg -i <package>.deb

rebooted, now working fine

I tried the SID package :http://packages.debian.org/sid/libgnutls26
But this had other dependencies that it needed

This bug exists in 14.04 with fresh updates. Installing libgnutls26 is no longer possible, as it breaks depends for other packages. Version of libgnutls26 from sid doesn't fix the bug.

Can I do something else to fix this or provide more information for fixing?