FWIW, our ldapserver uses the following, which gnutls26 does not support but gnutls30 in wily does:
- Status: The certificate is trusted. - Successfully sent 0 certificate(s) to server. - Description: (TLS1.2)-(ECDHE-RSA-SECP256R1)-(AES-256-CBC)-(SHA384) - Session ID: 8C:43:00:00:5D:F2:98:2F:60:C7:A1:3A:C4:DA:D3:2D:A3:76:8F:6D:83:AE:AA:D6:6C:E3:90:E4:10:91:C0:AD - Ephemeral EC Diffie-Hellman parameters - Using curve: SECP256R1 - Curve size: 256 bits - Version: TLS1.2 - Key Exchange: ECDHE-RSA - Server Signature: RSA-SHA1 - Cipher: AES-256-CBC - MAC: SHA384 - Compression: NULL - Handshake was completed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1444656 Title: GnuTLS TLS 1.2 handshake failure Status in gnutls26 package in Ubuntu: Invalid Status in gnutls26 source package in Trusty: Triaged Bug description: I'm experiencing the same issue as here: http://comments.gmane.org/gmane.network.gnutls.general/3713 I came across a SSL handshake problem with gnutls-cli when connecting to some websites, see below. It is somehow specific to gnutls as openssl/Chrome/Firefox can connect fine. Is this is a bug in gnutls or do you have any ideas how to troubleshoot it? $ gnutls-cli --version gnutls-cli (GnuTLS) 2.12.23 Packaged by Debian (2.12.23-12ubuntu2.1) $ gnutls-cli www.openlearning.com Resolving 'www.openlearning.com'... Connecting to '119.9.9.205:443'... *** Fatal error: A TLS fatal alert has been received. *** Received alert [40]: Handshake failed *** Handshake has failed GnuTLS error: A TLS fatal alert has been received. $ gnutls-cli sequencewiz.com Resolving 'sequencewiz.com'... Connecting to '50.112.144.117:443'... *** Fatal error: A TLS packet with unexpected length was received. *** Handshake has failed GnuTLS error: A TLS packet with unexpected length was received. Thank you, Please back port the latest GnuTLS to Trusty as it is an LTS release and clearly GnuTLS 2.12 is an old branch. I've also attached packet captures of this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1444656/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
