On Tue, Oct 08, 2013 at 11:54:07AM +0200, Clement Hermann (nodens) wrote: > Hello Kurt, > > Is there any news on this issue ? I have reports of the same problem > from other debian users, and only debian users. > > After upgrade of the remote (netbsd) box, the problem still occurs. > The issue is also still present in current sid version. > > We need to apply the ubuntu patch to connect (attached), wich seem to > disable TLS_1.2 client altogether. I think this is enough, the second > part of the patch may not be needed.
Yes, disabling TLS 1.2 seems to fix your issue, but I really have no idea why. I also don't think this is a good idea. You say that the other side is using OpenSSL 1.0.1, but it looks like a really weird version to me. It doesn't seem to support TLS 1.2 but does 1.1 while there never was a version released that only didn't do 1.2 but did 1.1. It seems to be a snapshot from cvs/git since it says "1.0.1-stable 05 Jun 2011" and doesn't actually have any real version in it. Looking at the release history and git repository, it seems to be in the middle of a development cycle. Please note that 1.0.1 was released on 19 Apr 2012. So I suggest you upgrade it to a released version like 1.0.1e or the current 1.0.1-stable version. Kurt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
