Package: gnutls-bin Version: 1.4.4-2 Severity: normal Hi,
I have one internal https server (running IIS on Windows Server 2003) which seems to request a rehandshake after the http request was transmitted. This seems to badly confuse gnutls-cli: | $ gnutls-cli -p 443 a.b.c.d | Resolving 'a.b.c.d'... | Connecting to 'a.b.c.d:443'... | - Certificate type: X.509 | - Got a certificate list of 1 certificates. | | - Certificate[0] info: | # The hostname in the certificate does NOT match 'a.b.c.d'. | # valid since: Wed Jul 20 12:23:32 CEST 2005 | # expires at: Wed Sep 9 12:34:44 CEST 2009 | # fingerprint: 6B:22:44:F3:22:CC:BA:36:64:70:0F:C0:D5:CD:87:9E | # Subject's DN: C=DE,ST=BW,L=City,O=Site,OU=Site,CN=some.invalid.host.name.example | # Issuer's DN: CN=unqualifiedname | | | - Peer's certificate issuer is unknown | - Peer's certificate is NOT trusted | - Version: TLS 1.0 | - Key Exchange: RSA | - Cipher: ARCFOUR 128 | - MAC: MD5 | - Compression: NULL | - Handshake was completed | | - Simple Client Mode: | | GET / HTTP/1.0 | | *** Non fatal error: Rehandshake was requested by the peer. After this, nothing happens any more. Ctrl-C out. Trying the same with openssl s_client -connect a.b.c.d:443 works fine. With other servers (for example running apache on Linux), gnutls-cli works fine as well. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.1-scyw00225 Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages gnutls-bin depends on: ii libc6 2.3.6.ds1-7 GNU C Library: Shared libraries ii libgcrypt11 1.2.3-2 LGPL Crypto library - runtime libr ii libgnutls13 1.4.4-2 the GNU TLS library - runtime libr ii libgpg-error0 1.4-1 library for common error values an ii libopencdk8 0.5.9-2 Open Crypto Development Kit (OpenC ii libtasn1-3 0.3.6-2 Manage ASN.1 structures (runtime) ii zlib1g 1:1.2.3-13 compression library - runtime gnutls-bin recommends no packages. -- no debconf information -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]