Bug#993507: libgnutls30: fails to negotiate X25519 where NSS & OpenSSL succeed, success with X448
Lionel Élie Mamane
lionel at mamane.lu
Thu Sep 2 19:37:08 BST 2021
tags 993507 +upstream
forwarded 993507 https://gitlab.com/gnutls/gnutls/-/issues/1249
retitle 993507 libgnutls30: client 'illegal parameter' error when both X25519 and X448 are enabled and the server picks one of those
thanks
On Thu, Sep 02, 2021 at 12:04:02PM +0200, Lionel Elie Mamane wrote:
> $ gnutls-cli --priority 'NORMAL:-GROUP-SECP256R1:-GROUP-SECP384R1:-GROUP-SECP521R1' fxtop.com
> *** Fatal error: An illegal parameter has been received.
> $ gnutls-cli --priority 'NORMAL:-GROUP-SECP256R1:-GROUP-SECP384R1:-GROUP-SECP521R1:-GROUP-X25519' fxtop.com
> - Description: (TLS1.3)-(ECDHE-X448)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
$ gnutls-cli --priority 'NORMAL:-GROUP-ALL:+GROUP-X25519' fxtop.com
succeeds, too, in line with the upstream bug description,
It is not immediately obvious to me in what released version that
upstream bug is fixed.
--
Lionel
More information about the Pkg-gnutls-maint
mailing list