On Tue, Oct 28, 2014 at 11:08:30AM +0100, Szépe Viktor wrote: > What can we do now? > I cannot write a bug report because I do not know how TLS works and I can't > speak C.
Submit a Debian bug report, specify exact gnutls package version, provide samples of the servers having problems with it. I don't think it is needed to know C to submit a bug report. > Are you able to read gnutls_certificate_get_peers's source? I can't reproduce this problem, so it's hard for me to debug it. -- Alexander. > Idézem/Quoting "Alexander V. Lukyanov" <l...@netis.ru>: > > >On Mon, Oct 27, 2014 at 04:28:11PM +0100, Szépe Viktor wrote: > >>Thank you for the feed! > >> > >>I still have > >>**** Certificate verification: Not trusted: no issuer was found > >>with GNUTLS. > >> > >>With your Fedora it is OK. > >>With gnutls-cli it is also OK on my Debian system. > >>The problem comes with lftp on my Debian system. > >>On Fedora 'Issued by' is always == 'Checking against'. > >>On Debian there is a "mis-comparition". > > > >I think it may be a bug in gnutls' function gnutls_certificate_get_peers. > >It returns the certificate chain, probably it has a missing link or wrong > >order. > > > >>Is it a gnutls issue or an lftp? (gnutls-cli never fails) > > > >Probably gnutls-cli uses another certificate verification method. > > > >-- > > Alexander. > > > Szépe Viktor > -- > +36-20-4242498 s...@szepe.net skype: szepe.viktor > Budapest, XX. kerület _______________________________________________ lftp mailing list lftp@uniyar.ac.ru http://univ.uniyar.ac.ru/mailman/listinfo/lftp