← Back to team overview

touch-packages team mailing list archive

  1. touch-packages team
  2. Mailing list archive
  3. Message #81385

[Bug 1444656] Re: GnuTLS TLS 1.2 handshake failure

  Thread PreviousDate PreviousThread Next 
This seems like a bug that should be fixed in the LTS rather than
requesting a backport.  The 3.2.11 version is available in trusty, but
it's only community supported and doesn't have the utilities built since
it's not the officially supported version.  The version with 5 year
support from Canonical is the old 2.12 version  gnutls28 (3.2.11) has a
lot of reverse dependencies, so a backport is non trivial.  Let's see if
the bug can be fixed in the older version.

** Project changed: trusty-backports => gnutls26 (Ubuntu)

** Also affects: gnutls26 (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Changed in: gnutls26 (Ubuntu)
       Status: New => Invalid

** Changed in: gnutls26 (Ubuntu Trusty)
       Status: New => Triaged

** Changed in: gnutls26 (Ubuntu Trusty)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1444656

Title:
  GnuTLS TLS 1.2 handshake failure

Status in gnutls26 package in Ubuntu:
  Invalid
Status in gnutls26 source package in Trusty:
  Triaged

Bug description:
  I'm experiencing the same issue as here:

  http://comments.gmane.org/gmane.network.gnutls.general/3713

  
  I came across a SSL handshake problem with gnutls-cli when connecting to 
  some websites, see below. It is somehow specific to gnutls as 
  openssl/Chrome/Firefox can connect fine. 

  Is this is a bug in gnutls or do you have any ideas how to
  troubleshoot it?

  $ gnutls-cli --version
  gnutls-cli (GnuTLS) 2.12.23
  Packaged by Debian (2.12.23-12ubuntu2.1)

  $ gnutls-cli www.openlearning.com
  Resolving 'www.openlearning.com'...
  Connecting to '119.9.9.205:443'...
  *** Fatal error: A TLS fatal alert has been received.
  *** Received alert [40]: Handshake failed
  *** Handshake has failed
  GnuTLS error: A TLS fatal alert has been received.

  $ gnutls-cli sequencewiz.com
  Resolving 'sequencewiz.com'...
  Connecting to '50.112.144.117:443'...
  *** Fatal error: A TLS packet with unexpected length was received.
  *** Handshake has failed
  GnuTLS error: A TLS packet with unexpected length was received.

  Thank you,

  
  Please back port the latest GnuTLS to Trusty as it is an LTS release and clearly GnuTLS 2.12 is an old branch.

  I've also attached packet captures of this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1444656/+subscriptions
  Thread PreviousDate PreviousThread Next