Your message dated Wed, 29 Nov 2017 23:02:25 +0100
with message-id <[email protected]>
and subject line Re: Bug#840152: rsyslog-gnutls: rsyslog+RELP+TLS=broken
has caused the Debian Bug report #840152,
regarding rsyslog-gnutls: rsyslog+RELP+TLS=broken
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
840152: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840152
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: rsyslog-gnutls
Version: 8.4.2-1+deb8u2, 8.16.0-1~bpo8+1
Severity: important
Hello,
Debian 8.6 x64.
The jessie and jessie-backports rsyslog-gnutls packages are broken with regards
to TLS and RELP.
Setting up a pair of client and server according to:http://www.rsyslog.com
/using-tls-with-relp/
When using tls.authmode="name" the client can't see the server's CN (which has
been verified to exist in the certificate).
When using tls.authmode="fingerprint" and using the correct
SHA:somethingsomething fingerprint in the permitted peers, the client fails to
connect to the server with:
Oct 9 00:20:05 client rsyslogd-2353: omrelp[server.example.com:514]: error
'TLS handshake failed [gnutls error -15: An unexpected TLS packet was
received.]', object '
conn to srvr client.example.com:514' - action may not work as intended [v8.16.0
try http://www.rsyslog.com/e/2353 ]
The server logs:
Oct 9 00:21:13 log rsyslogd-2353: imrelp[514]: error 'TLS handshake failed
[gnutls error -15: An unexpected TLS packet was received.]', object 'lstn 514:
conn to clt 1.1.1.1/client.example.com' - input may not work as intended
[v8.16.0 try http://www.rsyslog.com/e/2353 ]
Thank you
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
On Sun, 9 Oct 2016 19:19:43 +0200 Michael Biebl <[email protected]> wrote:
> Am 08.10.2016 um 23:35 schrieb Demetris Demetriou:
> > Package: rsyslog-gnutls
> > Version: 8.4.2-1+deb8u2, 8.16.0-1~bpo8+1
> > Severity: important
> >
> > Hello,
> >
> > Debian 8.6 x64.
> >
> > The jessie and jessie-backports rsyslog-gnutls packages are broken with
> > regards
> > to TLS and RELP.
>
>
>
>
> Can you share your complete configuration and would it be possible that
> you try it with the latest version 8.22.0-1 from unstable?
>
Closing this bug report as no further information was provided and the
existing one is not sufficient to further investigate it.
Regards,
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
--- End Message ---
