Your message dated Mon, 7 Jun 2004 06:33:45 +0200 (CEST)
with message-id <[EMAIL PROTECTED]>
and subject line Bug#253054: apache-ssl doesn't follow the TLS protocol
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 6 Jun 2004 21:48:44 +0000
>From [EMAIL PROTECTED] Sun Jun 06 14:48:44 2004
Return-path: <[EMAIL PROTECTED]>
Received: from smtp.netcabo.pt [212.113.174.9] 
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1BX5VU-0003Sf-00; Sun, 06 Jun 2004 14:48:44 -0700
Received: from dijkstra.casa.net ([81.84.14.162]) by smtp.netcabo.pt with 
Microsoft SMTPSVC(5.0.2195.6713);
         Sun, 6 Jun 2004 22:48:12 +0100
Subject: apache-ssl doesn't follow the TLS protocol
From: Pedro Corte-Real <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Content-Type: multipart/signed; micalg=pgp-sha1; 
protocol="application/pgp-signature"; boundary="=-JLCop3iQaggoxq6hcOVA"
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.5.7 
Date: Sun, 06 Jun 2004 22:48:11 +0100
X-OriginalArrivalTime: 06 Jun 2004 21:48:12.0325 (UTC) 
FILETIME=[F6DF0D50:01C44C0F]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
        autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 


--=-JLCop3iQaggoxq6hcOVA
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Package: apache-ssl
Severity: important
Version: 1.3.31-1

I'm having problems connecting to an apache-ssl server using gnutls. The
gnutls developers tell me this is because apache isn't following the TLS
protocol.

The example code I'm using can be found at:

http://www.gnu.org/software/gnutls/manual/gnutls/gnutls.html#SECTION0083100=
0000000000000

The transfer will fail after the whole transfer is done, when the apache
server is closing the connection.

The error is:

*** Error: A TLS packet with unexpected length was received.

Pedro.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.4
Locale: LANG=3DC, [EMAIL PROTECTED]

Versions of packages apache-ssl depends on:
ii  apache-common               1.3.31-1     Support files for all Apache w=
ebse
ii  debconf                     1.4.25       Debian configuration managemen=
t sy
ii  dpkg                        1.10.22      Package maintenance system for=
 Deb
ii  libc6                       2.3.2.ds1-13 GNU C Library: Shared librarie=
s an
ii  libdb4.2                    4.2.52-16    Berkeley v4.2 Database Librari=
es [
ii  libexpat1                   1.95.6-8     XML parsing C library - runtim=
e li
ii  libkeynote0                 2.3-10       Decentralized Trust-Management=
 sys
ii  libmagic1                   4.07-2       File type determination librar=
y us
ii  libpam0g                    0.76-21      Pluggable Authentication Modul=
es l
ii  libssl0.9.7                 0.9.7d-3     SSL shared libraries
ii  logrotate                   3.7-1        Log rotation utility
ii  mime-support                3.26-1       MIME files 'mime.types' & 'mai=
lcap
ii  openssl                     0.9.7d-3     Secure Socket Layer (SSL) bina=
ry a
ii  perl                        5.8.4-2      Larry Wall's Practical Extract=
ion
ii  ssl-cert                    1.0-7        Simple debconf wrapper for ope=
nssl


--=-JLCop3iQaggoxq6hcOVA
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBAw5Ea2SBo0jBmgGARAgISAJ9BWuklQNkuf6b1KSolEyZNiJzSgQCgv+GY
421pd7qnWgH5y78ItlJzZC8=
=ONq7
-----END PGP SIGNATURE-----

--=-JLCop3iQaggoxq6hcOVA--


---------------------------------------
Received: (at 253054-done) by bugs.debian.org; 7 Jun 2004 04:33:51 +0000
>From [EMAIL PROTECTED] Sun Jun 06 21:33:51 2004
Return-path: <[EMAIL PROTECTED]>
Received: from port1845.ds1-khk.adsl.cybercity.dk (trider-g7.fabbione.net) 
[212.242.190.82] 
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1BXBpX-0001zx-00; Sun, 06 Jun 2004 21:33:51 -0700
Received: from trider-g7.ext.fabbione.net (port1845.ds1-khk.adsl.cybercity.dk 
[212.242.190.82])
        by trider-g7.fabbione.net (Postfix) with ESMTP id F3F8A9D;
        Mon,  7 Jun 2004 06:33:45 +0200 (CEST)
Date: Mon, 7 Jun 2004 06:33:45 +0200 (CEST)
From: Fabio Massimo Di Nitto <[EMAIL PROTECTED]>
Sender: [EMAIL PROTECTED]
To: Pedro Corte-Real <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Cc: Debian Apache Maintainers <debian-apache@lists.debian.org>
Subject: Re: Bug#253054: apache-ssl doesn't follow the TLS protocol
In-Reply-To: <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.1 required=4.0 tests=BAYES_44,HAS_BUG_NUMBER 
        autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

On Sun, 6 Jun 2004, Pedro Corte-Real wrote:

> Package: apache-ssl
> Severity: important
> Version: 1.3.31-1
>
> I'm having problems connecting to an apache-ssl server using gnutls. The
> gnutls developers tell me this is because apache isn't following the TLS
> protocol.

apache-ssl does not support TLS at all.

You might want to play with apache + libapache-mod-ssl, where the latter
claims supports for TLS.

Fabio

-- 
<user> fajita: step one
<fajita> Whatever the problem, step one is always to look in the error log.
<user> fajita: step two
<fajita> When in danger or in doubt, step two is to scream and shout.


Reply via email to