On 2010-11-22 Simon McVittie <s...@debian.org> wrote: [...] > On Sun, 14 Nov 2010 at 17:07:24 +0000, Neil Williams wrote: > > gnutls-cli --insecure -p 443 > > --x509certfile /etc/apt/client-certs/test-client.apt-test.aviatis.com.crt > > --x509keyfile /etc/apt/client-certs/test-client.apt-test.aviatis.com.key > > apt-test.aviatis.com > [...] > > *** Non fatal error: Rehandshake was requested by the peer. > > *** Received rehandshake request > > *** Fatal error: Unsafe renegotiation denied. > > *** Rehandshake Failed.
> That sounds to me as though it might be fallout from CVE-2009-3555. I've > reassigned this to gnutls in the hope that one of its maintainers can shed > some light on it - if this isn't gnutls' fault, please reassign or close > as appropriate. As a suporting data point: gnutls-cli --priority NORMAL:%UNSAFE_RENEGOTIATION succeeds. I will ask gnutls upstream to make sure. cu andreas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
