Bug#525962: libgnutls26 makes apt-transport-https fail with ssl key/cert client authentication
Simon Josefsson
simon at josefsson.org
Tue Apr 28 11:02:29 UTC 2009
Marco Amadori <amadorim at vdavda.com> writes:
> On Tuesday 28 April 2009, 12:02:25, you wrote:
>
>> > yes, I attached a log after adding 'Debug::Acquire::https "true";' to the
>> > apt- conf.d/<mystuff> file.
>
>> Unfortunately it doesn't give that many details. What kind of server is
>> it?
>
> It is a debian lenny with apache hosting a custom reprepro repository of some
> debian packages.
Apache with mod_ssl or mod_gnutls?
>> Even if apt-transport-https uses curl, it should be possible to include
>> a call directly to GnuTLS in the code, like this:
>
> I rebuilt apt-transport-https with your suggestions and attached a more
> verbose debug. (1Mb !)
Thanks. It busy waits instead of using select, which causes the long
debug log. Attached is a edited log that cuts out all the repeated
calls to read.
Could you also generate a similar log for gnutls 2.6.x that works?
I'm not sure what the log implies, it seems strange to me. Comparing it
with the gnutls 2.6.x log might suggest something.
> P.S. I do not see this bug showed under libgnutls26 bug page [0], could it be
> due I tagged it "lenny" ?
>
> [0] http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=libgnutls26
It seems to be there now.
/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl_enhanced.debug.gz
Type: application/octet-stream
Size: 24601 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20090428/665a99b3/attachment-0001.obj>
More information about the Pkg-gnutls-maint
mailing list