Bug 21949

Summary:	lftp always fail on https sites b/c of gnutls
Product:	Mageia	Reporter:	Thierry Vignaud <thierry.vignaud>
Component:	RPM Packages	Assignee:	Mageia Bug Squad <bugsquad>
Status:	RESOLVED FIXED	QA Contact:
Severity:	major
Priority:	Normal	CC:	guillomovitch
Version:	Cauldron
Target Milestone:	---
Hardware:	All
OS:	Linux
Whiteboard:
Source RPM:	gnutls lftp	CVE:
Status comment:

Description Thierry Vignaud 2017-10-27 16:06:59 CEST

lftp always fail on https sites since at least a month. eg:
$ LC_ALL=C lftp https://www.google.fr/
cd: Fatal error: gnutls_handshake: No or insufficient priorities were set.

Same with:
$ gnutls-cli www.google.com 
(...)
Error in setting priorities: The request is invalid.

$ gnutls-cli -d999 www.google.com 
(...)
|<5>| REC[0x1a60c10]: Allocating epoch #0
|<2>| unable to access: /etc/gnutls/default-priorities: 2
|<2>| resolved 'SYSTEM' to '@SYSTEM', next ''
|<2>| selected priority string: @SYSTEM
|<3>| ASSERT: priority.c[gnutls_priority_set_direct]:1616
Error in setting priorities: The request is invalid.

Comment 1 Thierry Vignaud 2017-10-27 16:07:33 CEST

I think the breakage was introduced by:
* Thu Aug 24 2017 guillomovitch <guillomovitch> 3.6.0-1.mga7
+ Revision: 1147609
- new version 3.6.0
- add support for system-wide cipher selection policies

CC: (none) => guillomovitch

Comment 2 Thierry Vignaud 2017-10-27 16:13:55 CEST

Fixed in gnutls-3.6.1-2

Resolution: (none) => FIXED
Status: NEW => RESOLVED