21949 – lftp always fail on https sites b/c of gnutls

Bug 21949 - lftp always fail on https sites b/c of gnutls

Summary: lftp always fail on https sites b/c of gnutls

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	RPM Packages (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	Mageia Bug Squad
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2017-10-27 16:06 CEST by Thierry Vignaud
Modified:	2017-10-27 16:13 CEST (History)
CC List:	1 user (show)

See Also:
Source RPM:	gnutls lftp
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Thierry Vignaud 2017-10-27 16:06:59 CEST

lftp always fail on https sites since at least a month. eg:
$ LC_ALL=C lftp https://www.google.fr/
cd: Fatal error: gnutls_handshake: No or insufficient priorities were set.

Same with:
$ gnutls-cli www.google.com 
(...)
Error in setting priorities: The request is invalid.

$ gnutls-cli -d999 www.google.com 
(...)
|<5>| REC[0x1a60c10]: Allocating epoch #0
|<2>| unable to access: /etc/gnutls/default-priorities: 2
|<2>| resolved 'SYSTEM' to '@SYSTEM', next ''
|<2>| selected priority string: @SYSTEM
|<3>| ASSERT: priority.c[gnutls_priority_set_direct]:1616
Error in setting priorities: The request is invalid.

Comment 1 Thierry Vignaud 2017-10-27 16:07:33 CEST

I think the breakage was introduced by:
* Thu Aug 24 2017 guillomovitch <guillomovitch> 3.6.0-1.mga7
+ Revision: 1147609
- new version 3.6.0
- add support for system-wide cipher selection policies

CC: (none) => guillomovitch

Comment 2 Thierry Vignaud 2017-10-27 16:13:55 CEST

Fixed in gnutls-3.6.1-2

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.