[gnutls-devel] Problem with proxied connections on 3.5.3
nmav at gnutls.org
Sun Aug 28 00:04:20 CEST 2016
On Fri, Aug 26, 2016 at 7:18 PM, Andreas Metzler <ametzler at bebt.de> wrote:
> this is https://bugs.debian.org/835342 reported by
> marcelomendes at gmail.com:
>>> Trying to git clone a github repo using libgnutls30 3.5.3-2 throw the
>>> following error:
>>> fatal: unable to access 'https://github.com/xxx/yyy/': gnutls_handshake()
>>> failed: Public key signature verification has failed.
>>> Same happens for curl:
>>> curl https://duckduckgo.com
>>> curl: (35) gnutls_handshake() failed: Public key signature verification has
>> Are you able to reproduce either of these errors with gnutls-cli?
> First, let me say I'm behind a proxy server.
> Both versions of gnutls-bin (3.5.3-3 and the old 3.5.2-3) have the
> same behavior:
> gnutls-cli -V --port 443 duckduckgo.com
> Processed 173 CA certificate(s).
> Resolving 'duckduckgo.com:443'...
> Connecting to '126.96.36.199:443'...
> Connecting to '188.8.131.52:443'...
> Connecting to '184.108.40.206:443'...
> and stay there for some quit some time until I ctrl+c
> But, with the old version of libgnutls30 (3.5.2-3) got from here:
> commands like git clone/pull works and curl -I https://... works too.
Something is wrong there. I don't see any changes in gnutls code that
could result to it. Could the user bisect since 3.5.2 and try to
figure out the change that causes that issue? Is there a reproducer?
More information about the Gnutls-devel