issue with TLS 1.2 session ticket handling as client during resumption
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Gnutls |
Fix Released
|
Unknown
|
|||
gnutls28 (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Bionic |
New
|
Medium
|
Unassigned | ||
Eoan |
Won't Fix
|
Medium
|
Unassigned |
Bug Description
Known upstream bug, that has been fixed upstream. There is an issue with session ticket handling in GnuTLS during session resumption.
The issue is intermittent, but can eventually be reproduced by running:
gnutls-cli --resume api.twitter.com 443
When you trigger the bug the output will finish with the following two lines:
*** Fatal error: An unexpected TLS packet was received.
*** handshake has failed: An unexpected TLS packet was received.
This is breaking the Cawbird Snap package based on Bionic/Core18.
The issue affects both Bionic and Eoan.
ProblemType: Bug
DistroRelease: Ubuntu 19.10
Package: gnutls-bin 3.6.9-5ubuntu1.1
ProcVersionSign
Uname: Linux 5.3.0-46-generic x86_64
ApportVersion: 2.20.11-0ubuntu8.8
Architecture: amd64
Date: Sat Apr 18 15:05:04 2020
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
XDG_RUNTIME_
LANG=C.UTF-8
SHELL=/bin/bash
SourcePackage: gnutls28
UpgradeStatus: No upgrade log present (probably fresh install)
Changed in gnutls: | |
status: | Unknown → Fix Released |
description: | updated |
tags: | added: rls-ee-incoming |
Changed in gnutls28 (Ubuntu): | |
importance: | Undecided → High |
The attachment "The upstream diff from MR1087 fixing the issue." seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]