Just a thought, but in the case of using the NetworkManager plugin where
I'm not certain you can easily modify the command line args (I've not
looked into this at all)- I wonder if Ubuntu setting the priority
similar to what Fedora is doing and providing a default gnutls
configuration for OpenConne
It's not an immediate fix for anyone, but we are working on a patch set
which will allow the user to override the ciphersuite priority string
from the command line, so that future issues related to ciphersuite
incompatibility don't require recompilation to fix.
https://gitlab.com/openconnect/openc
I'm not sure this "fixable" on Ubuntu with the standard build of
openconnect, at least not by messing with system default priorities for
gnutls. Correct me if I'm wrong but I've done some digging this morning
and comparing the openconnect build on ubuntu 19.10 against the fedora
build the main diff
On Fedora latest stable enabling legacy crypto policies solves this for
me. I’m on my phone and haven’t spent a lot of time googling how to do
this for Ubuntu but here’s the fedora docs for reference:
https://fedoraproject.org/wiki/Changes/StrongCryptoSettings
--
You received this bug notificati
Any solution to this that doesn't involve building from source? I have
this problem in Ubuntu 19.10. Openconnect works fine in 18.04, but I get
a TLS error in anything newer.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bug
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: openconnect (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822467
Title:
I've read through the bug report linked above and have tried building
OpenConnect with +SHA256 added with no luck. I may be missing something
else that was done to get it working. I do know if I build against
gnutls 3.5.18 it does work so it does look like the priority string
change going to 3.5.19
Er, the latter. On request from the reported, after he attached a
tcpdump. I've deleted that and made it public again. And also granted
you permissions on the gitlab project so you should be able to see it
anyway (amongst other things).
--
You received this bug notification because you are a memb
@dwmw2, did you delete issue #21? Or make it confidential? I can't see
it even when logged in to Gitlab.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822467
Title:
OpeonConnect fails with generic
Is this https://gitlab.com/openconnect/openconnect/issues/21 ?
** Bug watch added: gitlab.com/openconnect/openconnect/issues #21
https://gitlab.com/openconnect/openconnect/issues/21
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Package changed: kinit (Ubuntu) => openconnect (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822467
Title:
OpeonConnect fails with generic TLS Fatal Alert Error
To manage notifications
11 matches
Mail list logo