confirmation that debian #480041 is a gnutls problem, and steps to reproduce
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Nov 21 17:54:00 CET 2008
On Fri 2008-11-21 02:24:02 -0500, Nikos Mavrogiannopoulos wrote:
> Hello, this does not seem to be a gnutls error. The server merely asks
> for renegotiation, gnutls-cli ignores it (legal behavior) and server
> does not like it thus sends a fatal alert. However which version of
> gnutls-cli is that? Can you try with the latest?
That was originally tested against debian's 2.4.2-3. With 2.6.2-1
(from debian experimental), i get the same output:
...
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.0
- Key Exchange: DHE-RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed
- Simple Client Mode:
*** Non fatal error: Rehandshake was requested by the peer.
*** Fatal error: A TLS fatal alert has been received.
*** Received alert [10]: Unexpected message
*** Server has terminated the connection abnormally.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
URL: </pipermail/attachments/20081121/c471b888/attachment.pgp>
More information about the Gnutls-devel
mailing list