[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#48103: 28.0.50; tls connection failing on invoking package-list-pack
From: |
wilde |
Subject: |
bug#48103: 28.0.50; tls connection failing on invoking package-list-packages (and other operations) |
Date: |
Tue, 04 May 2021 15:14:37 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (berkeley-unix) |
Lars Ingebrigtsen <larsi@gnus.org> wrote:
> wilde@sha-bang.de writes:
>
>> It turns out that setting 'gnutls-algorithm-priority to
>> "normal:-vers-tls1.3" fixes the problem for me:
>> (setq gnutls-algorithm-priority "normal:-vers-tls1.3")
>>
>> The question that still remains is: why is this customization
>> necessary?
>
> It shouldn't be -- gnutls should degrade gracefully here, and your
> test
> with gnutls-cli seems to indicate that it does. So it sounds like
> there's a bug in how Emacs interfaces with the gnutls library in this
> situation.
I agree, that this looks like a bug.
>> And why is it only necessary on this NetBSD system but on none of my
>> GNU/Linux systems?
>
> Perhaps the version of gnutls on NetBSD doesn't support TLS 1.3?
On my NetBSD system:
% gnutls-cli -l | grep -i tls1.3
TLS_AES_128_GCM_SHA256 0x13, 0x01 TLS1.3
TLS_AES_256_GCM_SHA384 0x13, 0x02 TLS1.3
TLS_CHACHA20_POLY1305_SHA256 0x13, 0x03 TLS1.3
TLS_AES_128_CCM_SHA256 0x13, 0x04 TLS1.3
TLS_AES_128_CCM_8_SHA256 0x13, 0x05 TLS1.3
Protocols: VERS-TLS1.0, VERS-TLS1.1, VERS-TLS1.2, VERS-TLS1.3, VERS-DTLS0.9,
VERS-DTLS1.0, VERS-DTLS1.2
This output is identical to the output I get on my GNU/Linux system
where the system does not exist. So I'd assume the TLS 1.3 support does
not differ...
Thanks for your support,
sascha