Bug#579631: gnutls-bin: gnutls fails to base64 decode cert if header has additional space at EOL
philipp at kolmann.at
Thu Apr 29 10:23:27 UTC 2010
Tags: lenny sid
I got a new cert for my servers and updated also the certs for exim for TLS.
With dovecot and Apache I never had any issues but exim failed to start tls:
2010-04-29 09:43:26 TLS error on connection from xxx.tuwien.ac.at (XXXX)
[128.130.xx.xx] (cert/key setup: cert=/etc/exim4/exim.crt key=/etc/exim4/exim.k
ey): Base64 decoding error.
in the end I found out, that the header of the cert has an additional space
after the -----BEGIN CERTIFICATE----- and before the newline.
gnutls fail then to decode the cert. openssl has no issues with the additinal
blank. Would it be possible to ignore this whitespace in gnutls as well?
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-3-686-bigmem (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages gnutls-bin depends on:
ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib
ii libgcrypt11 1.4.5-2 LGPL Crypto library - runtime libr
ii libgnutls26 2.8.6-1 the GNU TLS library - runtime libr
ii libreadline6 6.1-2 GNU readline and history libraries
ii libtasn1-3 2.5-1 Manage ASN.1 structures (runtime)
ii zlib1g 1:220.127.116.11.dfsg-3 compression library - runtime
gnutls-bin recommends no packages.
gnutls-bin suggests no packages.
-- no debconf information
More information about the Pkg-gnutls-maint