GnuTLS versions 2.9.7 and later breaks libsoup (epiphany)
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Jun 8 23:41:35 CEST 2010
Andreas Metzler wrote:
> Hello,
> this is http://bugs.debian.org/576339
>
> With GnuTLS versions 2.9.7 and later epiphany is unable to load https
> sites. Reproducing this is very easy on Debian/unstable
> (+experimental)
>
> sudo apt-get install epiphany-browser
> sudo apt-get install libgnutls26=2.9.11-1
> epiphany-browser https://db.debian.org/
>
> epiphany simply gets stuck, resending the same request again and
> again. GnuTLS 2.9.6 and earlier (including 2.8.x) are fine.
Hi,
The problem seems to be the support for TLS 1.2. It seems that epiphany
sets a priority string of "NORMAL:!VERS-TLS1.1:!VERS-TLS1.0". Thus the
allowed versions are now TLS 1.2 and SSL 3.0. The servers do not support
TLS 1.2 thus falling back to TLS 1.0 which is not supported. A quick fix
would be to add !VERS-TLS1.2 to epiphany (I have no idea where it is).
regards,
Nikos
More information about the Gnutls-devel
mailing list