[gnutls-devel] Problem with proxied connections on 3.5.3

Andreas Metzler ametzler at bebt.de
Fri Aug 26 19:18:46 CEST 2016


this is https://bugs.debian.org/835342 reported by
marcelomendes at gmail.com:
>> Trying to git clone a github repo using libgnutls30 3.5.3-2 throw the
>> following error:
>> fatal: unable to access 'https://github.com/xxx/yyy/': gnutls_handshake()
>> failed: Public key signature verification has failed.
>> Same happens for curl:
>> curl https://duckduckgo.com
>> curl: (35) gnutls_handshake() failed: Public key signature verification has
>> failed.

> Are you able to reproduce either of these errors with gnutls-cli?

First, let me say I'm behind a proxy server.

Both versions of gnutls-bin (3.5.3-3 and the old 3.5.2-3) have the
same behavior:

gnutls-cli -V --port 443 duckduckgo.com
Processed 173 CA certificate(s).
Resolving 'duckduckgo.com:443'...
Connecting to ''...
Connecting to ''...
Connecting to ''...

and stay there for some quit some time until I ctrl+c

But, with the old version of libgnutls30 (3.5.2-3) got from here:
commands like git clone/pull works and curl -I https://... works too.

I tried from my vps and this issue doesn't happen with either version,
thats a weird thing :)

Out of curiosity, the commands worked from inside a ubuntu-xenial
vagrant box (virtualbox vms) with older versions of libgnutls30
cu Andreas

`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Gnutls-devel mailing list