libgnutls26 2.12.14 breaks SSL tracker support in Transmission
Bug #937537 reported by
Daniel Swarbrick
This bug affects 25 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gnutls26 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The version of libgnutls26 currently in Pangolin alpha causes SSL torrent trackers to time out during the scrape in Transmission.
Running Transmission with env var TR_CURL_VERBOSE=1 reveals the following:
* Operation timed out after 30001 milliseconds with 0 out of 0 bytes received
* Closing connection #2
* gnutls_handshake() failed: Error in the push function.
* Closing connection #0
I installed libgnutls26 packages from Debian sid (2.12.16-1) and the problem goes away. Please update the packages in Pangolin (or backport a fix).
information type: | Public → Public Security |
information type: | Public Security → Public |
To post a comment you must log in.
SSL trackers are fairly rare, and I was only able to test with one particular (private) tracker. I can't say for sure whether this is a general SSL bug, or something that only affects my particular tracker.
I suspect it has something to do with the less mainstream CA that signed the trackers cert, and I would not be too surprised if this entry from the gnutls 2.12.15 changelog is the culprit:
** libgnutls: Disable signature algorithms that are not supported
for client certificate verification. Reported by Florian Weimer.
In any case, the differences between 2.12.14 and 2.12.16 seem to be negligible.