On 12/08/2012 05:49 PM, walt wrote:
Third bizarre behavior of pan+gnutls-3 is that the "broken" server is not *always* broken, but works intermittently, sometimes for days at a time, and then breaks again for reasons I can't understand. I just started pan again at 17:30 PST and it connected perfectly to the 'broken' server and stored its 6-byte cert file right beside the 'working' server's 6-byte cert file, like this:
Yesterday the 'broken' server started and stopped working at least five times, and did it again this morning. I still don't understand why this happens but at least I do have another possible clue: When I set pan to *not* trust the server's cert, two different things may happen. First, when the server is broken, pan never presents me with the cert for my approval, i.e. it seems to me that gnutls-3 is not actually fetching/reading the cert and therefore can't ask me to approve it. Second, when the server suddenly starts working again, pan actually does present me with the cert for approval, and in fact it presents it two and sometimes three times, so I have to click away the dialog box more than once. After that, pan works perfectly again for some unpredictable period of time before the server 'breaks' again. To add to my confusion, I can use gnutls-cli-debug -p 563 to examine the server's cert perfectly whether the server is 'broken' or not. That seems to imply that something in pan is changing rather than something in the server, doesn't it? I remain mystified :( _______________________________________________ Pan-users mailing list Pan-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/pan-users
