[gnutls-devel] GnuTLS 3.3.15 + nettle 3.1 - bug
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Jun 10 21:54:46 CEST 2015
On Wed, 2015-06-10 at 20:19 +0200, Andreas Metzler wrote:
> Hello,
>
> Debian unstable currently has GnuTLS 3.3.15 +
> https://gitlab.com/gnutls/gnutls/commit/546782633df475d9071115b5fc13b387539f0ca5
> and builds against nettle 3.1.1. However this combination fails to
> connect to 195.135.220.8:imaps with 'Received alert [20]: Bad record
> MAC'.
>
> * 3.4.1 with nettle 3.1.1 works
> * 3.3.15 + 546782633df475d9071115b5fc13b387539f0ca5 built againsts
> nettle 2.7. works
>
> Using
> http://pkgs.fedoraproject.org/cgit/compat-gnutls28.git/log/gnutls-3.3.15-nettle3.patch
> instead of 546782633df475d9071115b5fc13b387539f0ca5 also works.
> I have searched in vain for the tiny difference between these two
> patches that actually breaks.
> https://bugs.debian.org/cgi-bin/bugreport.cgi?filename=gnutls.log;msg=27;att=1;bug=788011
Thanks for the log. It seems the issue is in camellia256-cbc. I've
pushed a fix which hopefully will fix that. It seems we need interop
tests with camellia as well.
regards,
Nikos
More information about the Gnutls-devel
mailing list