[sr #107696] GnuTLS 2.10 client cannot negotiate TLS 1.2 to GnuTLS 2.8 server
Michael Cronenworth
INVALID.NOREPLY at gnu.org
Tue May 24 17:02:56 CEST 2011
URL:
<http://savannah.gnu.org/support/?107696>
Summary: GnuTLS 2.10 client cannot negotiate TLS 1.2 to
GnuTLS 2.8 server
Project: GnuTLS
Submitted by: mooninite
Submitted on: Tue 24 May 2011 03:02:55 PM GMT
Category: Core library
Priority: 5 - Normal
Severity: 3 - Normal
Status: None
Privacy: Public
Assigned to: None
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Operating System: GNU/Linux
_______________________________________________________
Details:
Copied from Red Hat Bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=707266
Description of problem:
Fedora 14 server - GnuTLS 2.8.6
Fedora 15 client - GnuTLS 2.10.5
The server is initialized with the following priorities:
"NONE:+VERS-TLS1.2:+AES-256-CBC:+RSA:+SHA1:+COMP-DEFLATE"
When the client attempts to connect the attempt fails with "handshake failed"
as the reason. When I change the server to be:
"NONE:+VERS-TLS1.1:+AES-256-CBC:+RSA:+SHA1:+COMP-DEFLATE"
the connection succeeds. TLS 1.0 also works.
Version-Release number of selected component (if applicable):
gnutls-2.8.6-2.fc14.x86_64
gnutls-2.10.5-1.fc15.x86_64
How reproducible: Always
Steps to Reproduce:
1. Setup GnuTLS 2.8.6 server with the priorities above.
2. Setup GnuTLS 2.10.5 client with the same priorities.
3. Attempt to connect to the server.
Actual results:
Handshake failure.
Expected results:
Connection succeeds.
Additional info:
If I connect to a 2.10.5 server with the 2.10.5 client, it succeeds. It seems
there is some incompatibility between 2.8 and 2.10.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?107696>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
More information about the Gnutls-devel
mailing list