[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[gnutls-dev] Re: Bug#134584: noch ein gnutls problem

From: Andrew McDonald
Subject: [gnutls-dev] Re: Bug#134584: noch ein gnutls problem
Date: Thu Feb 21 20:51:01 2002
User-agent: Mutt/1.3.27i

I'm Cc'ing gnutls-dev on this to get some more ideas. (See for info). Main symptom is a
"FATAL_ALERT_RECEIVED" - mutt now suggests RC4/ARCFOUR so that
shouldn't be the problem.

On Thu, Feb 21, 2002 at 06:36:17AM +0100, Martin Samuelsson wrote:
> On Tue, Feb 19, 2002 at 07:55:56PM +0000, Andrew McDonald wrote:
> > Next thing to try, does the server only accepts SSLv2 hellos?
> > (The server's broken if this is the case). Try connecting to the
> > IMAP/SSL port (tcp 993) with
> > openssl s_client -tls1 -connect host:port
> > to check this. (If this fails you might want to try -no_tls or -ssl2 as
> > well).
> as far as i can understand, it works ok.

Yes, that looks like TLS1 is OK for it.

> > Does the server have a DSS certificate? (Not supported in gnutls 0.3.5,
> > but will be in some future releases). If you control the server you
> > might be able to try:
> > openssl x509 -in certificate_file -text -noout
> I don't think I have the priviliges needed.

I thought the OpenSSL s_client connection might have shown whether it
was using RSA or DSS, but didn't. Anyway, try copying the certificate
sent as part of the exchange into a file and running openssl x509 on

> > Other testing is likely to require recompiling gnutls with debugging
> > enabled.
> Tell me what to do, and it'll be done.

Recompiling gnutls with some of the DEBUGs in lib/gnutls_int.h #defined
will print out lots of information. I think WRITE_DEBUG is probably the
main one of interest.

Andrew McDonald
E-mail: address@hidden

Attachment: pgpzNDCzWUpvw.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]