Your message dated Sat, 7 Feb 2009 14:57:48 +0100
with message-id <[email protected]>
and subject line Re: Bug#396867: gnutls-bin: does not seem to properly handle
rehandshake request
has caused the Debian Bug report #396867,
regarding gnutls-bin: does not seem to properly handle rehandshake request
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
396867: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396867
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: gnutls-bin
Version: 1.4.4-2
Severity: normal
Hi,
I have one internal https server (running IIS on Windows Server 2003)
which seems to request a rehandshake after the http request was
transmitted. This seems to badly confuse gnutls-cli:
| $ gnutls-cli -p 443 a.b.c.d
| Resolving 'a.b.c.d'...
| Connecting to 'a.b.c.d:443'...
| - Certificate type: X.509
| - Got a certificate list of 1 certificates.
|
| - Certificate[0] info:
| # The hostname in the certificate does NOT match 'a.b.c.d'.
| # valid since: Wed Jul 20 12:23:32 CEST 2005
| # expires at: Wed Sep 9 12:34:44 CEST 2009
| # fingerprint: 6B:22:44:F3:22:CC:BA:36:64:70:0F:C0:D5:CD:87:9E
| # Subject's DN:
C=DE,ST=BW,L=City,O=Site,OU=Site,CN=some.invalid.host.name.example
| # Issuer's DN: CN=unqualifiedname
|
|
| - Peer's certificate issuer is unknown
| - Peer's certificate is NOT trusted
| - Version: TLS 1.0
| - Key Exchange: RSA
| - Cipher: ARCFOUR 128
| - MAC: MD5
| - Compression: NULL
| - Handshake was completed
|
| - Simple Client Mode:
|
| GET / HTTP/1.0
|
| *** Non fatal error: Rehandshake was requested by the peer.
After this, nothing happens any more. Ctrl-C out.
Trying the same with openssl s_client -connect a.b.c.d:443 works fine.
With other servers (for example running apache on Linux), gnutls-cli
works fine as well.
Greetings
Marc
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18.1-scyw00225
Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Versions of packages gnutls-bin depends on:
ii libc6 2.3.6.ds1-7 GNU C Library: Shared libraries
ii libgcrypt11 1.2.3-2 LGPL Crypto library - runtime libr
ii libgnutls13 1.4.4-2 the GNU TLS library - runtime libr
ii libgpg-error0 1.4-1 library for common error values an
ii libopencdk8 0.5.9-2 Open Crypto Development Kit (OpenC
ii libtasn1-3 0.3.6-2 Manage ASN.1 structures (runtime)
ii zlib1g 1:1.2.3-13 compression library - runtime
gnutls-bin recommends no packages.
-- no debconf information
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835
--- End Message ---
--- Begin Message ---
Version: 2.6.3-1
On 2006-11-03 Marc Haber <[email protected]> wrote:
> Package: gnutls-bin
> Version: 1.4.4-2
> Severity: normal
> Hi,
> I have one internal https server (running IIS on Windows Server 2003)
> which seems to request a rehandshake after the http request was
> transmitted. This seems to badly confuse gnutls-cli:
[...]
This should be fixed with upstream versions 2.6.3/2.7.3. The former is
available in experimental. Closing.
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
--- End Message ---
