Marc Haber <[EMAIL PROTECTED]> writes: > just another exim4 issue which - this time - uncovered an issue in > gnutls-cli and libgnutls. When connecting to mail.campbell-lange.net, > GnuTLS clients crash during TLS handshake. This happens with exim, but > also with gnutls-cli (both from current unstable, but both crashes > also occur with etch clients). The server is running Debian lenny. > > Here is the output of gnutls-cli on current sid: > $ gnutls-cli -s -p 25 mail.campbell-lange.net > Resolving 'mail.campbell-lange.net'... > Connecting to '217.147.82.36:25'...
Ah, thanks, I didn't notice the hostname before. Ok, this seems to be the same problem as Marc F. Clemente's report in #466477 (which seems unrelated to the original problem in that bug..). It isn't a crash (as in segfault) in the library, only in gnutls-cli -- and the patch provided in that bug report solves the crash. Exim should have received the internal error in memory allocation code. However, the real cause here are the excessively large set of known CAs that the server sends. GnuTLS probably can't handle the size here. The error message is probably slightly incorrect, it is probably running into a fixed size memory size limit. I'll see if I can debug this further. /Simon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
