** Description changed: [Impact] TLS sessions can renegotiate keys, but APT does not support it; meaning their HTTPS connections stop working. [Test case] - ... + We don't really have a reproducer. You'd need a server that re-negotiates by path; e.g. because it requires a a certain client certificate for a certain path. + + We know it does not break other use cases, and the patch was tested by + the patch submitter @ Akamai (see + https://github.com/Debian/apt/pull/93). [Regression potential] - Could we get stuck on renegotiation?
** Description changed: [Impact] TLS sessions can renegotiate keys, but APT does not support it; meaning their HTTPS connections stop working. [Test case] We don't really have a reproducer. You'd need a server that re-negotiates by path; e.g. because it requires a a certain client certificate for a certain path. - We know it does not break other use cases, and the patch was tested by - the patch submitter @ Akamai (see - https://github.com/Debian/apt/pull/93). + We know it does not break other use cases, having run that for quite + some time in eoan and Debian stretch, and the patch was tested by the + patch submitter @ Akamai (see https://github.com/Debian/apt/pull/93). [Regression potential] - Could we get stuck on renegotiation? ** No longer affects: apt (Ubuntu Cosmic) ** Changed in: apt (Ubuntu Disco) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1829861 Title: handle TLS session renegotiation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1829861/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
