Bug#482279: Same thing happens with python-pycurl

Simon Josefsson simon at josefsson.org
Mon May 25 10:14:40 UTC 2009


Mike <stuff at mikepalmer.net> writes:

> For me it always happens when I was on a network with a Cisco ASA/ADSM
> dynamically routing traffic using lenny's packages. As I saw it,
> anytime you ping something and get Redirect() you will always get this
> message and not be able to connect from a binary built against
> libgnutls.

Can you reproduce it with gnutls-cli?  As suggested earlier in this bug,
please run 'gnutls-cli -d 4711 some.https.host' and quote the output.

What kind of configuration is there on the Cisco box?  Does it modify or
filter traffic depending on some patterns?  Perhaps it doesn't recognize
TLS 1.1?

> In the case of python-pycurl, I just rebuilt against openssl to get me
> around the error since I needed a solution immediately. Unfortunately,
> none of those networks I saw it on are available to me for testing
> past fixing the problem for the appliance-like debian image we give to
> customers.
>
> Anyways, just thought I would drop in and hopefully give you guys a
> clue into reproducing this bug. Seems like a rather nasty one
> considering it can't handshake at all and ~170 packages in stable
> depend on this library. Sorry I can't be of more use.

Hm, what you are describing here does not seem to match the original
report for this bug.  In the original report, the handshake was
successful, only later (when entering a large mailbox) does it fail.

I suspect the causes for your problem and the problem of the original
reporter are different.

/Simon





More information about the Pkg-gnutls-maint mailing list