the problem could be also reproduced with the gnutls-cli command. it seeems that's launching the handshake in an incompatible manner with the server.
the same comman from a centos box works (2.8.5 version of gnutls-cli). in the ubuntu box is version 2.12.14
the problem could be also reproduced with the gnutls-cli command. it seeems that's launching the handshake in an incompatible manner with the server.
the same comman from a centos box works (2.8.5 version of gnutls-cli). in the ubuntu box is version 2.12.14
root@ubuntuprov esfreeipa: /etc/ldap# gnutls-cli -d 4 -p 636 freeipaserver. linux.gva. es linux.gva. es'... 222.99: 636'... constate. c:695 AES_128_ CBC_SHA1 AES_128_ CBC_SHA256 CAMELLIA_ 128_CBC_ SHA1 AES_256_ CBC_SHA1 AES_256_ CBC_SHA256 CAMELLIA_ 256_CBC_ SHA1 3DES_EDE_ CBC_SHA1 AES_128_ CBC_SHA1 AES_128_ CBC_SHA256 CAMELLIA_ 128_CBC_ SHA1 AES_256_ CBC_SHA1 AES_256_ CBC_SHA256 CAMELLIA_ 256_CBC_ SHA1 3DES_EDE_ CBC_SHA1 ARCFOUR_ SHA1 128_CBC_ SHA1 128_CBC_ SHA256 128_CBC_ SHA1 256_CBC_ SHA1 256_CBC_ SHA256 256_CBC_ SHA1 EDE_CBC_ SHA1 buffers. c:640 handshake. c:2762 esfreeipa: /etc/ldap#
Resolving 'freeipaserver.
Connecting to '192.168.
|<4>| REC[0x9b5bf68]: Allocating epoch #0
|<2>| ASSERT: gnutls_
|<4>| REC[0x9b5bf68]: Allocating epoch #1
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: RSA_AES_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: RSA_AES_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: RSA_CAMELLIA_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: RSA_AES_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: RSA_AES_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: RSA_CAMELLIA_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: RSA_3DES_
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x9b5bf68]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<2>| EXT[0x9b5bf68]: Sending extension SERVER NAME (31 bytes)
|<2>| EXT[0x9b5bf68]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<2>| EXT[0x9b5bf68]: Sending extension SESSION TICKET (0 bytes)
|<2>| EXT[SIGA]: sent signature algo (4.2) DSA-SHA256
|<2>| EXT[SIGA]: sent signature algo (4.1) RSA-SHA256
|<2>| EXT[SIGA]: sent signature algo (2.1) RSA-SHA1
|<2>| EXT[SIGA]: sent signature algo (2.2) DSA-SHA1
|<2>| EXT[0x9b5bf68]: Sending extension SIGNATURE ALGORITHMS (10 bytes)
|<3>| HSK[0x9b5bf68]: CLIENT HELLO was sent [151 bytes]
|<4>| REC[0x9b5bf68]: Sending Packet[0] Handshake(22) with length: 151
|<4>| REC[0x9b5bf68]: Sent Packet[1] Handshake(22) with length: 156
|<2>| ASSERT: gnutls_
|<2>| ASSERT: gnutls_record.c:969
|<2>| ASSERT: gnutls_
*** Fatal error: A TLS packet with unexpected length was received.
|<4>| REC: Sending Alert[2|22] - Record overflow
|<4>| REC[0x9b5bf68]: Sending Packet[1] Alert(21) with length: 2
|<4>| REC[0x9b5bf68]: Sent Packet[2] Alert(21) with length: 7
*** Handshake has failed
GnuTLS error: A TLS packet with unexpected length was received.
|<4>| REC[0x9b5bf68]: Epoch #0 freed
|<4>| REC[0x9b5bf68]: Epoch #1 freed
root@ubuntuprov