Bug#970264: slrn cannot connect when using SSL encrypted connections
On Mon, Sep 14, 2020 at 09:02:39AM +0200, Moritz Muehlenhoff wrote: > On Sun, Sep 13, 2020 at 03:54:04PM -0700, Brian Murray wrote: > > Package: slrn > > Version: 1.0.3+dfsg-4 > > Severity: important > > User: ubuntu-de...@lists.ubuntu.com > > Usertags: origin-ubuntu groovy > > > > Dear Maintainer, > > > > It is not possible to connect to a secure news server. The following > > command fails: > > > > NNTPSERVER=snews://secure-us.news.easynews.com:8000 slrn --create > > ... > > Connecting to host secure-us.news.easynews.com ... > > Failed to initialize server > > Run-Time Error > > Reason: > > slrn fatal error: > > Failed to initialize server. > > > > The servers for easynews listen on mutliple ports > > (https://help.easynews.com/kb/article/11-nntp-server-addresses/) but it > > is not possible to connect to any of the SSL setups. However, using > > NNTP=news.easynews.com:8000 works without error. > > Can you try a local build with OpenSSL instead of GNUTLS? (by removing > the --with-gnutls in debian/rules) > > As soon as OpenSSL 3.0 is released and uploaded to unstable (which has a > GPL-compatible license) I'm planning to switch slrn to OpenSSL. Summarising further investigation (which happens off bug): Switching to OpenSSL fixes this, which is planned once OpenSSL 3.0 hits unstable. Cheers, Moritz
Bug#970264: slrn cannot connect when using SSL encrypted connections
On Sun, Sep 13, 2020 at 03:54:04PM -0700, Brian Murray wrote: > Package: slrn > Version: 1.0.3+dfsg-4 > Severity: important > User: ubuntu-de...@lists.ubuntu.com > Usertags: origin-ubuntu groovy > > Dear Maintainer, > > It is not possible to connect to a secure news server. The following > command fails: > > NNTPSERVER=snews://secure-us.news.easynews.com:8000 slrn --create > ... > Connecting to host secure-us.news.easynews.com ... > Failed to initialize server > Run-Time Error > Reason: > slrn fatal error: > Failed to initialize server. > > The servers for easynews listen on mutliple ports > (https://help.easynews.com/kb/article/11-nntp-server-addresses/) but it > is not possible to connect to any of the SSL setups. However, using > NNTP=news.easynews.com:8000 works without error. Can you try a local build with OpenSSL instead of GNUTLS? (by removing the --with-gnutls in debian/rules) As soon as OpenSSL 3.0 is released and uploaded to unstable (which has a GPL-compatible license) I'm planning to switch slrn to OpenSSL. Cheers, Moritz
Bug#970264: slrn cannot connect when using SSL encrypted connections
Package: slrn Version: 1.0.3+dfsg-4 Severity: important User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu groovy Dear Maintainer, It is not possible to connect to a secure news server. The following command fails: NNTPSERVER=snews://secure-us.news.easynews.com:8000 slrn --create ... Connecting to host secure-us.news.easynews.com ... Failed to initialize server Run-Time Error Reason: slrn fatal error: Failed to initialize server. The servers for easynews listen on mutliple ports (https://help.easynews.com/kb/article/11-nntp-server-addresses/) but it is not possible to connect to any of the SSL setups. However, using NNTP=news.easynews.com:8000 works without error. Switching the NNTPSERVER to snews://news.newshosting.com:563 results in the same failure. This is also reported in Launchpad about Ubuntu as http://launchpad.net/bugs/1895480. -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.4.0-42-generic (SMP w/4 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE, TAINT_LIVEPATCH Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages slrn depends on: ii debconf [debconf-2.0] 1.5.74 ii libc6 2.31-3 ii libcanlock33.1.0-1 ii libgnutls-openssl273.6.14-2+b1 ii libgnutls303.6.14-2+b1 ii libslang2 2.3.2-5 ii libuu0 0.5.20-12 slrn recommends no packages. Versions of packages slrn suggests: pn slrnpull -- Configuration Files: /etc/news/slrn.rc changed: % This is an empy configuration-file for slrn. This version of the file is % only meant for system-wide preferences. It is left empty by the installation, % to let slrn's default settings be used. % % If you to include options in this file, take a look at the manpage for slrn % or at /usr/share/doc/slrn/examples/slrn.rc.gz set hostname "doe.com" -- debconf information: slrn/getdescs: manually slrn/getdescs_now: false shared/mailname: crucial-lionfish shared/news/server: -- Brian Murray @ubuntu.com