On Sun, 14 Nov 2010 at 12:51:34 +0100, Daniel Stenberg wrote: > This turned out to be a minor bug in curl, yes, and I've fixed it > upstream now.
Thanks! (https://github.com/bagder/curl/commit/cbf4961bf3e42d88f6489f981efd509faa86f501 for those following the Debian bug log) > BUT, I'd like to stress that the timeout problem was > just a false track and it simply made the error reporting a bit > confused and now with my fix curl will instead say this: > > $ ./src/curl -k > https://apt-test.aviatis.com/apt-cacher/ftp.us.debian.org/debian/dists/squeeze/ > -v That's not meant to work here: the test case is an apt repository where you have to present a client certificate to gain access. Presumably Johannes also has a real repository that contains private data or something, but this one is just a mirror of ftp.us.debian.org configured with similar access control, for testing; see http://apt-test.aviatis.com/ for a working client certificate and its private key. > curl: (35) gnutls_handshake() failed: Decryption has failed. > routines:SSL3_READ_BYTES:sslv3 alert handshake failure, errno 0 You'd know better than I do whether these are what you'd expect to see if the server requires a client certificate and you didn't have one... I'm not sure whether apt-cacher does directory listings, but here's the URL to a flat-file which works with Debian's (OpenSSL-based) curl(1): https://apt-test.aviatis.com/apt-cacher/ftp.us.debian.org/debian/dists/squeeze/Release The command I've been using to test is something like this: curl -k https://apt-test.aviatis.com/apt-cacher/ftp.us.debian.org/debian/dists/squeeze/Release --cert ../test-client.apt-test.aviatis.com.crt --key ../test-client.apt-test.aviatis.com.key Hope this helps, S -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
