[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#16602: 24.3.50; gnutls sometimes errors out
From: |
Lars Ingebrigtsen |
Subject: |
bug#16602: 24.3.50; gnutls sometimes errors out |
Date: |
Sun, 09 Feb 2014 19:14:11 -0800 |
User-agent: |
Gnus/5.13001 (Ma Gnus v0.10) Emacs/24.3.50 (gnu/linux) |
Ted Zlatanov <tzz@lifelogs.com> writes:
> I'm not aware of anything that could be causing this. I've definitely
> not changed anything recently in the GnuTLS integration code.
>
> As a first step, I would check with `gnutls-cli' whether the same
> invocation has a similar problem.
Doesn't seem to be. I repeated the following ten times, and I got the
output below each time.
Hm. If I set `gnutls-log-level' to 10, then everything works fine, too?
Sounds kinda timing-related...
Oh, and now I'm unable to reproduce the problem with a log level of 0.
Gah.
$ gnutls-cli -p 443 news.ycombinator.com
Processed 149 CA certificate(s).
Resolving 'news.ycombinator.com'...
Connecting to '198.41.190.47:443'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `OU=Domain Control Validated,OU=PositiveSSL
Wildcard,CN=*.ycombinator.com', issuer `C=GB,ST=Greater
Manchester,L=Salford,O=COMODO CA Limited,CN=PositiveSSL CA 2', RSA key 2048
bits, signed using RSA-SHA1, activated `2013-02-26 00:00:00 UTC', expires
`2015-02-26 23:59:59 UTC', SHA-1 fingerprint
`5a2b9a0c7d2965aeb06ab02e300c8fe75df74905'
Public Key Id:
c2db2a3ec8e356ee1b7c673097d7796a0a19cd64
Public key's random art:
+--[ RSA 2048]----+
| |
| |
| E |
| . * . . |
| = S + o . |
| .. B + o |
| . +o o * o |
| = +o + . o |
| o.+++. . |
+-----------------+
- Certificate[1] info:
- subject `C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA
Limited,CN=PositiveSSL CA 2', issuer `C=SE,O=AddTrust AB,OU=AddTrust External
TTP Network,CN=AddTrust External CA Root', RSA key 2048 bits, signed using
RSA-SHA1, activated `2012-02-16 00:00:00 UTC', expires `2020-05-30 10:48:38
UTC', SHA-1 fingerprint `94807b1c788dd2fcbe19c8481ce41cfab8a4c17f'
- Status: The certificate is trusted.
- Description: (TLS1.2-PKIX)-(ECDHE-RSA-SECP256R1)-(AES-128-GCM)-(AEAD)
- Session ID:
70:3C:71:8C:30:93:EB:BB:BA:45:82:EA:94:2C:3F:73:48:B3:EB:50:A0:C5:06:F9:F4:03:85:80:18:3C:16:4D
- Ephemeral EC Diffie-Hellman parameters
- Using curve: SECP256R1
- Curve size: 256 bits
- Version: TLS1.2
- Key Exchange: ECDHE-RSA
- Server Signature: RSA-SHA512
- Cipher: AES-128-GCM
- MAC: AEAD
- Compression: NULL
- Handshake was completed
- Simple Client Mode:
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog http://lars.ingebrigtsen.no/