Interoperability issue with The Bat (Debian Bug #316522)

Marc Haber mh+gnutls-devel at zugschlus.de
Thu Jan 3 01:24:58 CET 2008


Hi,

Simon Josefsson has suggested to me (a member of the maintainer team
for Exim's packages for the Debian Operating System) that it might be
a good idea to move a technical debate from our blogs
(http://blog.zugschlus.de/archives/585-exim4-vs.-OpenSSL-vs.-GnuTLS.html,
http://blog.josefsson.org/2007/11/09/response-to-gnutls-in-exim-debate/)
to gnutls-devel as this list is a better medium for archived discussion.

I'll send a dedicated mail for each of Debian's bug reports, so that
the threads are not going to intermix.

Debian Bug #316522, http://bugs.debian.org/316522
=================================================

Simon writes:
>  When the email client TheBat talks with exim4 4.50-8, gnutls (in
>  exim4) will log (gnutls_handshake): An error was encountered at the
>  TLS Finished packet calculation. Other clients than TheBat reportedly
>  works. An older version of Exim4, specifically 4.32-2, worked though.
>  It is unclear whether the version of GnuTLS changed when exim4 was
>  upgraded from 4.32-2 to 4.50-8.

Unfortunately, I wasn't able to find out which GnuTLS library exim4
4.32-2 was compiled against since snapshot.debian.net is incomplete
here. 4.32-4 was built for Debian on April 26, 2004.

Exim 4.50-8 in Debian has a binary depends on libgnutls11 (>= 1.0.16).

>  There is no discussion of whether changing to OpenSSL would solve the
>  problem. Conclusion: The problem with TheBat warrants debugging.
>  However, this do not seem to be a widely reported problem. Further,
>  TheBat is not free software so we cannot help debug it. Questions:
>  The reported said earlier versions worked, which GnuTLS versions was
>  this? Can the problem be pin-pointed to a specific GnuTLS release or
>  Exim4 release? Does the problem go away with OpenSSL?

Can you ask these questions to the submitter on the BTS?

It might be possible (judging from
https://www.ritlabs.com/bt/view.php?id=5785) that The Bat by default
refuses to talk TLS to a server presenting a self-signed certificate.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190





More information about the Gnutls-devel mailing list