Summary: | <net-libs/glib-networking-2.59.1 with >=net-libs/gnutls-3.6.5 fails to connect with TLS 1.3 enabled servers | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Michał Górny <mgorny> |
Component: | Current packages | Assignee: | Gentoo Linux Gnome Desktop Team <gnome> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | proxy-maint, ykonotopov |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Michał Górny
2019-01-12 08:26:48 UTC
What is your feed update interval value? (In reply to nE0sIghT from comment #1) > What is your feed update interval value? How is that relevant? I just forced update of the specific feed to get the debug output. > How is that relevant?
You are filled issue against Liferea, but don't specified any peace of information related to software functionality.
You are posted some part of liferea debug output and I do not see what are you doing (yes, I see that it is feed update) and what are you expected.
So I tried to meditate what's going on here.
Please write steps to reproduce issue, actual result and expected result.
1. Open Liferea. 2. Have a feed with GitHub as source, e.g. https://github.com/aria2/aria2/releases.atom 3. Try to refresh that feed (e.g. via rightclick -> update). Surprisingly, I expect the feed to be updated. What I get instead is error: The last update of this subscription failed! HTTP error code 0: A network error occurred, or the other end closed the connection unexpectedly maybe bug 673448 could be related too theoretically (In reply to Mart Raudsepp from comment #5) > maybe bug 673448 could be related too theoretically Yep, might be. Do you expect to bump it soonish or should I try it locally first? I do not expect to bump it to an early developer version soonish. But give that or gnutls downgrade a try to make sure this is it. It'd increase the priority of it some more. I upgraded gnutls to version 3.6.5 and tried to make Soup HTTP get request to github which is failed with same error. So this is for sure duplicate of bug 673448 Technically that bug requests upgrade of glib-networking to a stable version, but the comment there (that I meant with the reference) talks about a development release fixing TLS 1.3. I don't want to bump to that for obvious reasons; so hopefully the latest stable fixes it too, or some patches can be backported on top. And I can confirm that downgrading to <3.6 fixes it. Should we add <-dep to glib-networking? Oh, and in case you're wondering, downgrading gnutls actually breaks random revdeps: wget: /usr/lib64/libgnutls.so.30: version `GNUTLS_3_6_3' not found (required by wget) I'm sure our users love having to recover. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b7dae8bcb2d3aeac825419f2f4718ddd31d037ca commit b7dae8bcb2d3aeac825419f2f4718ddd31d037ca Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2019-01-17 13:36:50 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2019-01-17 13:39:58 +0000 net-libs/glib-networking: Require gnutls < 3.6 due to TLS 1.3 issues Bug: https://bugs.gentoo.org/675252 Signed-off-by: Michał Górny <mgorny@gentoo.org> net-libs/glib-networking/glib-networking-2.54.1.ebuild | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9bec7221d6d382de33e9159604f914ef52edd994 commit 9bec7221d6d382de33e9159604f914ef52edd994 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2019-01-17 13:58:46 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2019-01-17 13:58:46 +0000 Revert "net-libs/glib-networking: Require gnutls < 3.6 due to TLS 1.3 issues" This reverts unauthorized commit b7dae8bcb2d3aeac825419f2f4718ddd31d037ca. Bug: https://bugs.gentoo.org/675252 Signed-off-by: Mart Raudsepp <leio@gentoo.org> net-libs/glib-networking/glib-networking-2.54.1.ebuild | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d2e4db289aa5671d58a414a972faeafa5d507b0e commit d2e4db289aa5671d58a414a972faeafa5d507b0e Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2019-01-17 19:16:34 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2019-01-17 19:35:37 +0000 net-libs/glib-networking: bump to 2.58.0 - works better with gnutls-3.6 2.58.0 (and maybe 2.56.x) is enough to have a working TLS 1.3 when gnutls is upgraded to 3.6. glib-networking-2.59.1 just makes test suite work for that - we comment out those tests for 2.58.0 for now instead. Closes: https://bugs.gentoo.org/675252 Closes: https://bugs.gentoo.org/673448 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Mart Raudsepp <leio@gentoo.org> net-libs/glib-networking/Manifest | 1 + .../files/2.58.0-disable-failing-tests.patch | 36 +++++++++++ .../glib-networking/glib-networking-2.58.0.ebuild | 75 ++++++++++++++++++++++ 3 files changed, 112 insertions(+) |