Package: git Version: 1:2.1.4-2.1 Severity: important Followup-For: Bug #491036
User Certificates Support works. However, if the certificate (more correctly the key of the cert) is encrypted, git fails with a bogus error message: olaf@nucky:~$ git clone https://xxx.science-computing.de/prot-anon.git Klone nach 'prot-anon'... Password for 'cert:////home/olaf/mycert.pem': fatal: unable to access 'https://xxx.science-computing.de/prot-anon.git/': error reading X.509 key or certificate file if you look at the command with strace you see a bogus write call to fileid -1 causing the error message above: > writev(-1, [{"\25\3\3\0\2\1\0", 7}], 1) = -1 EBADF (Bad file descriptor) changing the build dependency from libcurl4-gnutls-dev to libcurl4-openssl-dev fixes the weird behaviour. It smells like a hidden binary incompatibilty between different curl flavours. raising severity to important, since this makes package unusable for any environment secured by user certificates. BTW, centos and SuSE does not show this bug. Maybe the bug has to be fixed in libcurl4-gnutls itself --- git-2.1.4/debian/control 2014-12-20 03:13:38.000000000 +0100 +++ control 2015-10-28 17:55:35.679424672 +0100 @@ -4,7 +4,7 @@ Maintainer: Gerrit Pape <p...@smarden.org> Uploaders: Jonathan Nieder <jrnie...@gmail.com> Build-Depends: libz-dev, libpcre3-dev, gettext, - libcurl4-gnutls-dev, libexpat1-dev, + libcurl4-openssl-dev, libexpat1-dev, subversion, libsvn-perl, libyaml-perl, tcl, libhttp-date-perl | libtime-modules-perl, -- System Information: Debian Release: 8.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages git depends on: ii git-man 1:2.1.4-2.1 ii libc6 2.19-18 ii libcurl3-gnutls 7.38.0-4+deb8u2 ii liberror-perl 0.17-1.1 ii libexpat1 2.1.0-6+deb8u1 ii libpcre3 2:8.35-3.3 ii perl-modules 5.20.2-3+deb8u1 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages git recommends: ii less 458-3 ii openssh-client [ssh-client] 1:6.7p1-5 ii patch 2.7.5-1 ii rsync 3.1.1-3 Versions of packages git suggests: ii gettext-base 0.19.3-2 pn git-arch <none> pn git-cvs <none> pn git-daemon-run | git-daemon-sysvinit <none> pn git-doc <none> pn git-el <none> pn git-email <none> pn git-gui <none> pn git-mediawiki <none> pn git-svn <none> pn gitk <none> pn gitweb <none> -- no debconf information