found 642051 1.13.4-1 tags 642051 + confirmed upstream forwarded 642051 https://savannah.gnu.org/bugs/index.php?34642 thanks
Hello Daniel, Thanks for your detailed report. It is always reproducible and I forwarded it to upstream. Am Sonntag, den 18.09.2011, 22:13 -0400 schrieb Daniel Kahn Gillmor: > Setting wget's --secure-protocol option to SSLv3 produces a "GnuTLS > internal error", despite the fact that GnuTLS is capable of handling > SSLv3: > > 0 dkg@pip:~/tmp$ wget --secure-protocol=SSLv3 https://encrypted.google.com > --2011-09-18 22:06:47-- https://encrypted.google.com/ > Resolving encrypted.google.com (encrypted.google.com)... 74.125.226.128, > 74.125.226.142, 74.125.226.143, ... > Connecting to encrypted.google.com > (encrypted.google.com)|74.125.226.128|:443... connected. > GnuTLS: GnuTLS internal error. > Unable to establish SSL connection. > 4 dkg@pip:~/tmp$ wget --secure-protocol=TLSv1 https://encrypted.google.com > --2011-09-18 22:06:53-- https://encrypted.google.com/ > Resolving encrypted.google.com (encrypted.google.com)... 74.125.226.128, > 74.125.226.142, 74.125.226.143, ... > Connecting to encrypted.google.com > (encrypted.google.com)|74.125.226.128|:443... connected. > HTTP request sent, awaiting response... 200 OK > Length: unspecified [text/html] > Saving to: `index.html' > > [ <=> ] 9,938 --.-K/s in 0.06s > > > 2011-09-18 22:06:54 (164 KB/s) - `index.html' saved [9938] > > 0 dkg@pip:~/tmp$ gnutls-cli --priority 'SECURE:-VERS-TLS-ALL:+VERS-SSL3.0' > encrypted.google.com < /dev/null > Resolving 'encrypted.google.com'... > Connecting to '74.125.226.128:443'... > - Certificate type: X.509 > - Got a certificate list of 2 certificates. > - Certificate[0] info: > - subject `C=US,ST=California,L=Mountain View,O=Google > Inc,CN=*.google.com', issuer `C=US,O=Google Inc,CN=Google Internet > Authority', RSA key 1024 bits, signed using RSA-SHA1, activated `2011-09-05 > 06:05:49 UTC', expires `2012-09-05 06:15:49 UTC', SHA-1 fingerprint > `56f6a9a9d2edfd1ab2f9637ed351ac56b359a98d' > - Certificate[1] info: > - subject `C=US,O=Google Inc,CN=Google Internet Authority', issuer > `C=US,O=Equifax,OU=Equifax Secure Certificate Authority', RSA key 1024 bits, > signed using RSA-SHA1, activated `2009-06-08 20:43:27 UTC', expires > `2013-06-07 19:43:27 UTC', SHA-1 fingerprint > `dd7a7f131ddba33d3e8670179483e6fea6987d6a' > - The hostname in the certificate matches 'encrypted.google.com'. > - Peer's certificate issuer is unknown > - Peer's certificate is NOT trusted > - Version: SSL3.0 > - Key Exchange: RSA > - Cipher: ARCFOUR-128 > - MAC: SHA1 > - Compression: NULL > - Handshake was completed > > - Simple Client Mode: > > 0 dkg@pip:~/tmp$ > > > Maybe something is wrong with how wget is initializing gnutls? -- Noël Köthe <noel debian.org> Debian GNU/Linux, www.debian.org
signature.asc
Description: This is a digitally signed message part
