GnuTLS issue (Mandos Server/Client)
Adam Williamson
awilliam at redhat.com
Wed Apr 2 17:15:19 UTC 2014
On Wed, 2014-04-02 at 10:50 -0600, Nathanael D. Noblet wrote:
> Hello,
>
> I'm working on getting a package (mandos) included in Fedora/EPEL.
> Currently its heavily focused on debian based distros so I'm not ready
> for a review. However I have it working in a few situations but have
> some issues in others. I'm hoping someone here may be able to shed light
> on what may be going on. So that I can finish adding the bits needed to
> be fully functional and then included.
>
> So the whole thing works only if servers and clients are on the same
> OS version. Different errors are thrown for different combinations.
>
> Client OS Server OS Error
> F20 CentOS 6 TLS packet with unexpected length was received
> CentOS 6 F20 The TLS connection was non-properly terminated
> CentOS 6 CentOS 6 No error
> F20 F20 No error
>
> CentOS gnutls versions
> CentOS 6 = gnutls 2.8.5
> F20 = gnutls 3.1.20
>
> The server is a python app and sets the priority string as follows:
> priority=SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP
> this is fed to some gnutls function somewhere in the stack.
>
> I'm at a complete loss as to why it doesn't work. Pointers or docs or
> anything else that can help me figure out why an app can talk to itself
> as long as the same base OS is used would be GREATLY appreciated..
Well, have you tried the 'obvious' - building the newer gnutls on CentOS
6 (or the older on Fedora 20) and building mandos against that, to see
if the issue is in gnutls or somewhere else in the 'base system'? That'd
narrow it down at least.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
More information about the devel
mailing list