On Tue, Aug 28, 2018 at 09:53:58AM -0300, Antonio Terceiro wrote:
> On Thu, Aug 23, 2018 at 03:24:52PM -0600, dann frazier wrote:
> > Package: bip
> > Version: 0.8.9-1.1
> > Severity: normal
> > Tags: patch
> >
> > I run bip on a stretch system, and connect to it from a hexchat client on
> > sid. After a recent upgrade of the client, which pulled in openssl 1.1,
> > hexchat began failing to connect to my server with the message:
> >
> > error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
> >
> > I found that backporting bip 0.9.0~rc3-1 to jessie worked. I further found
> > that just cherry-picking the following commit back to bip 0.8.9 seems to be
> > sufficient:
> >
> > 39414f8 Handle OpenSSL version 1.1
>
> I just tried backporting commit 39414f8 to the bip version in stretch,
> and it doesn't really fix the issue. There is probably some other commit
> that is needed.
I literally poked that patch into debian/patches{/series}, quilt
applied it and rebuilt, and it started working for me. Maybe there's
something different about our configs?
