Ergebnis für URL: http://bugs.debian.org/528661 Debian Bug report logs - [1]#528661
elinks eternally stuck in SSL negotiation phase
[2]version graph
Package: [3]elinks; Maintainer for [4]elinks is [5]aHhkm+d+ a+l+m+hkm+w+d+y+
(Ahmed El-Mahmoudy) ; Source for [6]elinks is
[7]src:elinks ([8]PTS, [9]buildd, [10]popcon).
Reported by: [11]Petr Baudis
Date: Thu, 14 May 2009 13:57:01 UTC
Severity: important
Fixed in version elinks/0.12~pre4-1
Done: Y Giridhar Appaji Nag
Bug is archived. No further changes may be made.
[12]Toggle useless messages
View this report as an [13]mbox folder, [14]status mbox, [15]maintainer mbox
____________________________________________________________________________
Report forwarded to debian-bugs-dist@lists.debian.org, Y Giridhar Appaji Nag
:
Bug#528661; Package elinks. (Thu, 14 May 2009 13:57:04 GMT) ([16]full text,
[17]mbox, [18]link).
____________________________________________________________________________
Acknowledgement sent to Petr Baudis :
New Bug report received and forwarded. Copy sent to Y Giridhar Appaji Nag
. (Thu, 14 May 2009 13:57:04 GMT) ([19]full text, [20]mbox,
[21]link).
____________________________________________________________________________
[22]Message #5 received at submit@bugs.debian.org ([23]full text, [24]mbox,
[25]reply):
From: Petr Baudis
To: Debian Bug Tracking System
Subject: elinks eternally stuck in SSL negotiation phase
Date: Thu, 14 May 2009 15:56:19 +0200
Package: elinks
Version: 0.12~pre3-2
Severity: important
When accessing [26]https://bugzilla.novell.com/, ELinks gets stuck in the
"SSL negotiation" phase forever. Links2 handles the page fine.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.29-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=cs_CZ.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages elinks depends on:
ii elinks-data 0.12~pre3-2 advanced text-mode WWW browser - d
ii libbz2-1.0 1.0.5-1 high-quality block-sorting file co
ii libc6 2.9-4 GNU C Library: Shared libraries
ii libcomerr2 1.41.3-1 common error description library
ii libexpat1 2.0.1-4 XML parsing C library - runtime li
ii libfsplib0 0.9-1 FSP v2 protocol stack library - sh
ii libgnutls26 2.6.6-1 the GNU TLS library - runtime libr
ii libgpm2 1.20.4-3.2 General Purpose Mouse - shared lib
ii libgssapi-krb5-2 1.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries - k
ii libidn11 1.14-3 GNU Libidn library, implementation
ii libk5crypto3 1.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries - C
ii libkrb5-3 1.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries
ii liblua50 5.0.3-3 Main interpreter library for the L
ii liblualib50 5.0.3-3 Extension library for the Lua 5.0
ii libmozjs1d 1.9.0.7-1 The Mozilla SpiderMonkey JavaScrip
ii libperl5.10 5.10.0-19 Shared Perl library
ii libruby1.8 1.8.7.72-3.1 Libraries necessary to run Ruby 1.
ii libtre4 0.7.5-2 regexp matching library with appro
ii zlib1g 1:1.2.3.3.dfsg-13 compression library - runtime
elinks recommends no packages.
Versions of packages elinks suggests:
ii elinks-doc 0.12~pre3-2 advanced text-mode WWW browser - d
-- no debconf information
____________________________________________________________________________
Information forwarded to debian-bugs-dist@lists.debian.org, Y Giridhar Appaji Nag
:
Bug#528661; Package elinks. (Thu, 14 May 2009 14:03:02 GMT) ([27]full text,
[28]mbox, [29]link).
____________________________________________________________________________
Acknowledgement sent to Petr Baudis :
Extra info received and forwarded to list. Copy sent to Y Giridhar Appaji Nag
. (Thu, 14 May 2009 14:03:02 GMT) ([30]full text, [31]mbox,
[32]link).
____________________________________________________________________________
[33]Message #10 received at submit@bugs.debian.org ([34]full text, [35]mbox,
[36]reply):
From: Petr Baudis
To: Debian Bug Tracking System
Subject: Re: Bug#528661: elinks eternally stuck in SSL negotiation phase
Date: Thu, 14 May 2009 16:02:25 +0200
I'm sorry, I was too quick to file a bug - after waiting several
minutes initially, the SSL negotiation phase finished; on subsequent
requests on the site, the delay is also longer than usual, but
acceptable. Still, this is quite an inconvience and should be fixed;
links2 serves me the page immediately.
____________________________________________________________________________
Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#528661; Package elinks. (Thu, 14 May 2009 20:33:02 GMT) ([37]full text,
[38]mbox, [39]link).
____________________________________________________________________________
[40]Message #13 received at 528661@bugs.debian.org ([41]full text, [42]mbox,
[43]reply):
From: Y Giridhar Appaji Nag
To: Petr Baudis , 528661@bugs.debian.org
Subject: Re: Bug#528661: elinks eternally stuck in SSL negotiation phase
Date: Fri, 15 May 2009 01:59:50 +0530
[[44]Message part 1 (text/plain, inline)]
Hi Petr,
On 09/05/14 16:02 +0200, Petr Baudis said ...
> I'm sorry, I was too quick to file a bug - after waiting several
> minutes initially, the SSL negotiation phase finished; on subsequent
> requests on the site, the delay is also longer than usual, but
> acceptable. Still, this is quite an inconvience and should be fixed;
> links2 serves me the page immediately.
I will check if this is this because elinks uses gnutls and links2 uses
openssl.
Giridhar
--
Y Giridhar Appaji Nag | [45]http://appaji.net/
[[46]signature.asc (application/pgp-signature, inline)]
____________________________________________________________________________
Information forwarded to debian-bugs-dist@lists.debian.org, Y Giridhar Appaji Nag
:
Bug#528661; Package elinks. (Sun, 24 May 2009 14:48:02 GMT) ([47]full text,
[48]mbox, [49]link).
____________________________________________________________________________
Acknowledgement sent to Kalle Olavi Niemitalo :
Extra info received and forwarded to list. Copy sent to Y Giridhar Appaji Nag
. (Sun, 24 May 2009 14:48:02 GMT) ([50]full text, [51]mbox,
[52]link).
____________________________________________________________________________
[53]Message #18 received at 528661@bugs.debian.org ([54]full text, [55]mbox,
[56]reply):
From: Kalle Olavi Niemitalo
To: Petr Baudis
Cc: 528661@bugs.debian.org
Subject: Re: Bug#528661: elinks eternally stuck in SSL negotiation phase
Date: Sun, 24 May 2009 17:43:05 +0300
[[57]Message part 1 (text/plain, inline)]
Y Giridhar Appaji Nag writes:
> I will check if this is this because elinks uses gnutls and links2 uses
> openssl.
The sample tcp.c in the GNUTLS sources reportedly has the same problem.
[58]http://savannah.gnu.org/support/?106776
If GNUTLS is not soon fixed, perhaps someone can package
nss_compat_ossl for Debian. Alternatively, we could make ELinks
save SERVER_BLACKLIST_NO_TLS and similar flags in a file.
For the record, [59]https://bugzilla.novell.com/index.cgi sends headers:
HTTP/1.1 200 OK
Date: Sun, 24 May 2009 14:34:34 GMT
Server: Apache/2.2.3 (Linux/SUSE)
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Content-Length: 2960
Set-Cookie: ZNPCQ002-bugzilla=V0016cef11da; path=/
P3p: CP="NOI"
Via: 1.1 ICS_SERVER (iChain 2.3.416)
And the ciphersuite eventually negotiated is:
SSL3.0 - RSA - ARCFOUR-128 - SHA1 - X.509 (compr: NULL)
[[60]Message part 2 (application/pgp-signature, inline)]
____________________________________________________________________________
Bug reassigned from package `[61]elinks' to `[62]gnutls26'. Request was from Y
Giridhar Appaji Nag to control@bugs.debian.org. (Thu, 28 May
2009 10:21:10 GMT) ([63]full text, [64]mbox, [65]link).
____________________________________________________________________________
Information forwarded to debian-bugs-dist@lists.debian.org, Debian GnuTLS
Maintainers :
Bug#528661; Package gnutls26. (Thu, 28 May 2009 22:03:42 GMT) ([66]full text,
[67]mbox, [68]link).
____________________________________________________________________________
Acknowledgement sent to Simon Josefsson :
Extra info received and forwarded to list. Copy sent to Debian GnuTLS Maintainers
. (Thu, 28 May 2009 22:04:29 GMT)
([69]full text, [70]mbox, [71]link).
____________________________________________________________________________
[72]Message #25 received at 528661@bugs.debian.org ([73]full text, [74]mbox,
[75]reply):
From: Simon Josefsson
To: Kalle Olavi Niemitalo , Petr Baudis , Y Giridhar
Appaji Nag
Cc: 528661@bugs.debian.org
Subject: Re: Bug#528661: elinks eternally stuck in SSL negotiation phase
Date: Thu, 28 May 2009 23:38:27 +0200
The problem is a buggy server, see the upstream bug about this [1], so I
don't see anything that can/should be changed in GnuTLS.
Rather than closing this bug, we could re-assign the problem back to
elinks as a wishlist bug to provide better error handling in this
situation.
A naive solution would be to disable TLS1.1 in elinks. Here is a patch
against elinks to accomplish that.
diff --git a/src/network/ssl/ssl.c b/src/network/ssl/ssl.c
index 7ae3a04..81db379 100644
--- a/src/network/ssl/ssl.c
+++ b/src/network/ssl/ssl.c
@@ -278,7 +278,7 @@ init_ssl_connection(struct socket *socket)
return S_SSL_ERROR;
}
- gnutls_set_default_priority(*state);
+ gnutls_priority_set_direct (*state, "NORMAL:-VERS-TLS1.1", NULL);
gnutls_handshake_set_private_extensions(*state, 1);
gnutls_cipher_set_priority(*state, cipher_priority);
gnutls_kx_set_priority(*state, kx_priority);
/Simon
[1] [76]http://savannah.gnu.org/support/?106776
____________________________________________________________________________
Information forwarded to debian-bugs-dist@lists.debian.org, Debian GnuTLS
Maintainers :
Bug#528661; Package gnutls26. (Fri, 29 May 2009 10:51:02 GMT) ([77]full text,
[78]mbox, [79]link).
____________________________________________________________________________
Acknowledgement sent to Petr Baudis :
Extra info received and forwarded to list. Copy sent to Debian GnuTLS Maintainers
. (Fri, 29 May 2009 10:51:02 GMT)
([80]full text, [81]mbox, [82]link).
____________________________________________________________________________
[83]Message #30 received at 528661@bugs.debian.org ([84]full text, [85]mbox,
[86]reply):
From: Petr Baudis
To: Simon Josefsson
Cc: Kalle Olavi Niemitalo , Y Giridhar Appaji Nag
, 528661@bugs.debian.org
Subject: Re: Bug#528661: elinks eternally stuck in SSL negotiation phase
Date: Fri, 29 May 2009 12:29:52 +0200
On Thu, May 28, 2009 at 11:38:27PM +0200, Simon Josefsson wrote:
> The problem is a buggy server, see the upstream bug about this [1], so I
> don't see anything that can/should be changed in GnuTLS.
Then why do Firefox and applications using OpenSSL have no trouble
talking to the server?
Petr "Pasky" Baudis
____________________________________________________________________________
Information forwarded to debian-bugs-dist@lists.debian.org, Debian GnuTLS
Maintainers :
Bug#528661; Package gnutls26. (Fri, 29 May 2009 10:54:12 GMT) ([87]full text,
[88]mbox, [89]link).
____________________________________________________________________________
Acknowledgement sent to Simon Josefsson :
Extra info received and forwarded to list. Copy sent to Debian GnuTLS Maintainers
. (Fri, 29 May 2009 10:54:12 GMT)
([90]full text, [91]mbox, [92]link).
____________________________________________________________________________
[93]Message #35 received at 528661@bugs.debian.org ([94]full text, [95]mbox,
[96]reply):
From: Simon Josefsson
To: Petr Baudis
Cc: Kalle Olavi Niemitalo , Y Giridhar Appaji Nag
, 528661@bugs.debian.org
Subject: Re: Bug#528661: elinks eternally stuck in SSL negotiation phase
Date: Fri, 29 May 2009 12:43:01 +0200
Petr Baudis writes:
> On Thu, May 28, 2009 at 11:38:27PM +0200, Simon Josefsson wrote:
>> The problem is a buggy server, see the upstream bug about this [1], so I
>> don't see anything that can/should be changed in GnuTLS.
>
> Then why do Firefox and applications using OpenSSL have no trouble
> talking to the server?
I believe they only work when they do not attempt to negotiate TLS 1.1.
I see in elinks/src/network/ssl/ssl.c:
context = SSL_CTX_new(SSLv23_client_method());
The man page reads:
SSLv23_method(void), SSLv23_server_method(void),
SSLv23_client_method(void)
A TLS/SSL connection established with these methods will understand
the SSLv2, SSLv3, and TLSv1 protocol. A client will send out SSLv2
client hello messages and will indicate that it also understands
SSLv3 and TLSv1. A server will understand SSLv2, SSLv3, and TLSv1
client hello messages. This is the best choice when compatibility
is a concern.
So if you don't care about TLS 1.1 support, and by using
SSLv23_client_method that seems to be the intention (or?), then you
probably want to ask GnuTLS to disable TLS 1.1 too.
Firefox may have some logic to re-try the connection using a lower TLS
version when a higher TLS version did not work out well -- that logic
would be useful to duplicate in elinks too. It doesn't belong in
GnuTLS, since GnuTLS does not establish the connection.
/Simon
____________________________________________________________________________
Information forwarded to debian-bugs-dist@lists.debian.org, Debian GnuTLS
Maintainers :
Bug#528661; Package gnutls26. (Sat, 30 May 2009 07:12:05 GMT) ([97]full text,
[98]mbox, [99]link).
____________________________________________________________________________
Acknowledgement sent to Kalle Olavi Niemitalo :
Extra info received and forwarded to list. Copy sent to Debian GnuTLS Maintainers
. (Sat, 30 May 2009 07:12:05 GMT)
([100]full text, [101]mbox, [102]link).
____________________________________________________________________________
[103]Message #40 received at 528661@bugs.debian.org ([104]full text, [105]mbox,
[106]reply):
From: Kalle Olavi Niemitalo
To: Simon Josefsson
Cc: Petr Baudis , Y Giridhar Appaji Nag ,
528661@bugs.debian.org
Subject: Re: Bug#528661: elinks eternally stuck in SSL negotiation phase
Date: Sat, 30 May 2009 10:11:07 +0300
[[107]Message part 1 (text/plain, inline)]
Simon Josefsson writes:
> Firefox may have some logic to re-try the connection using a lower TLS
> version when a higher TLS version did not work out well -- that logic
> would be useful to duplicate in elinks too.
ELinks already has logic to switch to SSLv3 only.
See ssl_set_no_tls in elinks/src/network/ssl/socket.c:
[108]http://repo.or.cz/w/elinks.git?a=blob;f=src/network/ssl/socket.c;h=45b4b4a8887d2b54c1
2321a107c1b5a5d7382e85;hb=3801698ff1ddfa2aa94466e90851e496d95156c0
If the SSLv3 connection then succeeds, ELinks uses SSLv3 for
later connections to the same server too. This corresponds to
Pasky's report that only the first connection was slow. ELinks
doesn't save this blacklist to a file though, so it is lost when
ELinks is restarted.
Can you do something in GNUTLS to make the TLSv1.1 connection
fail sooner?
[[109]Message part 2 (application/pgp-signature, inline)]
____________________________________________________________________________
Information forwarded to debian-bugs-dist@lists.debian.org, Debian GnuTLS
Maintainers :
Bug#528661; Package gnutls26. (Sun, 31 May 2009 10:12:07 GMT) ([110]full text,
[111]mbox, [112]link).
____________________________________________________________________________
Acknowledgement sent to Kalle Olavi Niemitalo :
Extra info received and forwarded to list. Copy sent to Debian GnuTLS Maintainers
. (Sun, 31 May 2009 10:12:07 GMT)
([113]full text, [114]mbox, [115]link).
____________________________________________________________________________
[116]Message #45 received at 528661@bugs.debian.org ([117]full text, [118]mbox,
[119]reply):
From: Kalle Olavi Niemitalo
To: 526349@bugs.debian.org, 529821@bugs.debian.org, 528661@bugs.debian.org
Subject: fixed in upstream ELinks 0.12pre4
Date: Sun, 31 May 2009 13:01:02 +0300
[[120]Message part 1 (text/plain, inline)]
package elinks
tags 529821 + fixed-upstream
quit
These bugs have been fixed in today's upstream ELinks 0.12pre4.
* Debian build bug 529821: Use ``pkg-config gnutls'' instead of
``libgnutls-config'', which is not included in GNUTLS 2.7.x.
You can no longer specify the location of GNUTLS using
``configure --with-gnutls=DIR''.
* Debian bug 528661: If using GNUTLS 2.1.7 or later, disable various
TLS extensions (including CERT and SERVERNAME) to help handshaking
with the SSLv3-only bugzilla.novell.com.
* Debian build bug 526349: Include asciidoc.py from AsciiDoc 7.1.2,
to remove all dependencies on the installed version.
FYI, there's also one change thought useful for Debian's elinks-lite.
* build enhancement: Recognize ``configure --without-tre''.
[[121]Message part 2 (application/pgp-signature, inline)]
____________________________________________________________________________
Information forwarded to debian-bugs-dist@lists.debian.org, Debian GnuTLS
Maintainers :
Bug#528661; Package gnutls26. (Mon, 01 Jun 2009 09:00:03 GMT) ([122]full text,
[123]mbox, [124]link).
____________________________________________________________________________
Acknowledgement sent to Simon Josefsson :
Extra info received and forwarded to list. Copy sent to Debian GnuTLS Maintainers
. (Mon, 01 Jun 2009 09:00:03 GMT)
([125]full text, [126]mbox, [127]link).
____________________________________________________________________________
[128]Message #50 received at 528661@bugs.debian.org ([129]full text, [130]mbox,
[131]reply):
From: Simon Josefsson
To: Kalle Olavi Niemitalo
Cc: Petr Baudis , Y Giridhar Appaji Nag ,
528661@bugs.debian.org
Subject: Re: Bug#528661: elinks eternally stuck in SSL negotiation phase
Date: Mon, 01 Jun 2009 10:51:53 +0200
Kalle Olavi Niemitalo writes:
> Simon Josefsson writes:
>
>> Firefox may have some logic to re-try the connection using a lower TLS
>> version when a higher TLS version did not work out well -- that logic
>> would be useful to duplicate in elinks too.
>
> ELinks already has logic to switch to SSLv3 only.
> See ssl_set_no_tls in elinks/src/network/ssl/socket.c:
> [132]http://repo.or.cz/w/elinks.git?a=blob;f=src/network/ssl/socket.c;h=45b4b4a8887d2b54
c12321a107c1b5a5d7382e85;hb=3801698ff1ddfa2aa94466e90851e496d95156c0
>
> If the SSLv3 connection then succeeds, ELinks uses SSLv3 for
> later connections to the same server too. This corresponds to
> Pasky's report that only the first connection was slow. ELinks
> doesn't save this blacklist to a file though, so it is lost when
> ELinks is restarted.
Ah, that's good.
> Can you do something in GNUTLS to make the TLSv1.1 connection
> fail sooner?
I can't think of anything, but ideas welcome. The problem is that the
server never replies to the initial packet, and does not shut down the
TCP connection. So GnuTLS has no way of knowing that the server is
buggy. And GnuTLS cannot re-connect to the server, since it is the
application that is responsible for managing the connections.
One solution would be for elinks to first try TLS 1.1, and if there is
no response within 5 seconds, re-try the connection using TLS 1.0.
However, for a web application, it seems TLSv1.1 is of marginal use, so
just ignoring it until people reports that as a problem may be the
simplest approach. It appears to be what Mozilla does.
/Simon
____________________________________________________________________________
Information forwarded to debian-bugs-dist@lists.debian.org, Debian GnuTLS
Maintainers :
Bug#528661; Package gnutls26. (Mon, 01 Jun 2009 09:18:04 GMT) ([133]full text,
[134]mbox, [135]link).
____________________________________________________________________________
Acknowledgement sent to Simon Josefsson :
Extra info received and forwarded to list. Copy sent to Debian GnuTLS Maintainers
. (Mon, 01 Jun 2009 09:18:04 GMT)
([136]full text, [137]mbox, [138]link).
____________________________________________________________________________
[139]Message #55 received at 528661@bugs.debian.org ([140]full text, [141]mbox,
[142]reply):
From: Simon Josefsson
To: Kalle Olavi Niemitalo
Cc: 528661@bugs.debian.org
Subject: Re: Bug#528661: fixed in upstream ELinks 0.12pre4
Date: Mon, 01 Jun 2009 10:57:13 +0200
Kalle Olavi Niemitalo writes:
> * Debian bug 528661: If using GNUTLS 2.1.7 or later, disable various
> TLS extensions (including CERT and SERVERNAME) to help handshaking
> with the SSLv3-only bugzilla.novell.com.
Disabling the SERVERNAME extension seems like a bad idea -- I believe
Mozilla (and IE on Vista) enables it by default, and some sites may be
using that to provide HTTPS virtual hosting.
On the other hand, the elinks code used to send "localhost" as the SNI,
which is even worse than not using the extension at all. So if you
cannot send the proper server name (as entered by the user or from a
HREF tag), it is better to disable the extension (as you have done).
The best is to use the SERVERNAME extension and send the expected
hostname, though.
The problem with bugzilla.novell.com was that it didn't like TLSv1.1.
It didn't have a problem with TLSv1.0 + extensions. (However, there may
be _other_ servers out there that cannot handle TLS extensions...)
/Simon
____________________________________________________________________________
Bug reassigned from package `[143]gnutls26' to `[144]elinks'. Request was from Y
Giridhar Appaji Nag to control@bugs.debian.org. (Tue, 02 Jun
2009 12:21:03 GMT) ([145]full text, [146]mbox, [147]link).
____________________________________________________________________________
Tags added: pending Request was from Y Giridhar Appaji Nag to
control@bugs.debian.org. (Tue, 02 Jun 2009 12:36:04 GMT) ([148]full text,
[149]mbox, [150]link).
____________________________________________________________________________
Reply sent to Y Giridhar Appaji Nag :
You have taken responsibility. (Sun, 07 Jun 2009 17:36:12 GMT) ([151]full text,
[152]mbox, [153]link).
____________________________________________________________________________
Notification sent to Petr Baudis :
Bug acknowledged by developer. (Sun, 07 Jun 2009 17:36:12 GMT) ([154]full text,
[155]mbox, [156]link).
____________________________________________________________________________
[157]Message #64 received at 528661-close@bugs.debian.org ([158]full text,
[159]mbox, [160]reply):
From: Y Giridhar Appaji Nag
To: 528661-close@bugs.debian.org
Subject: Bug#528661: fixed in elinks 0.12~pre4-1
Date: Sun, 07 Jun 2009 17:17:08 +0000
Source: elinks
Source-Version: 0.12~pre4-1
We believe that the bug you reported is fixed in the latest version of
elinks, which is due to be installed in the Debian FTP archive:
elinks-data_0.12~pre4-1_all.deb
to pool/main/e/elinks/elinks-data_0.12~pre4-1_all.deb
elinks-doc_0.12~pre4-1_all.deb
to pool/main/e/elinks/elinks-doc_0.12~pre4-1_all.deb
elinks-lite_0.12~pre4-1_i386.deb
to pool/main/e/elinks/elinks-lite_0.12~pre4-1_i386.deb
elinks_0.12~pre4-1.diff.gz
to pool/main/e/elinks/elinks_0.12~pre4-1.diff.gz
elinks_0.12~pre4-1.dsc
to pool/main/e/elinks/elinks_0.12~pre4-1.dsc
elinks_0.12~pre4-1_i386.deb
to pool/main/e/elinks/elinks_0.12~pre4-1_i386.deb
elinks_0.12~pre4.orig.tar.gz
to pool/main/e/elinks/elinks_0.12~pre4.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 528661@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Y Giridhar Appaji Nag (supplier of updated elinks package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 01 Jun 2009 16:38:57 +0530
Source: elinks
Binary: elinks elinks-data elinks-doc elinks-lite
Architecture: source i386 all
Version: 0.12~pre4-1
Distribution: unstable
Urgency: low
Maintainer: Y Giridhar Appaji Nag
Changed-By: Y Giridhar Appaji Nag
Description:
elinks - advanced text-mode WWW browser
elinks-data - advanced text-mode WWW browser - data files
elinks-doc - advanced text-mode WWW browser - documentation
elinks-lite - advanced text-mode WWW browser - lightweight version
Closes: [161]514544 [162]526349 [163]528661 [164]529821
Changes:
elinks (0.12~pre4-1) unstable; urgency=low
.
* New upstream release 0.12pre4
+ Refresh patches for new upstream release
+ Includes asciidoc.py from AsciiDoc 7.1.2 (Closes: #[165]526349)
+ With GNUTLS 2.1.7 or later disable few TLS extensions -- helps
handshaking with SSLv3-only bugzilla.novell.com (Closes: #[166]528661)
+ Fixes crash while viewing RSS files (Closes: #[167]514544)
+ Prevents FTBFS with gnutls26 >= 2.7.x: Build-Depends: pkg-config to
use 'pkg-config gnutls' instead of 'libgnutls-config' (Closes: #[168]529821)
* Compile elinks-lite with --without-tre
Checksums-Sha1:
7917ab019addd32484fc0a0d2f0bb838356c2ef8 1814 elinks_0.12~pre4-1.dsc
a205912dca137efa817a92bf4ac3a0fb76b7854f 4178911 elinks_0.12~pre4.orig.tar.gz
3b969594c6923856f01527bba4cbe50034a59159 21071 elinks_0.12~pre4-1.diff.gz
48547d6c511f7cb98648ab720093e3ae5ffa8239 530422 elinks_0.12~pre4-1_i386.deb
c321237c795a3179fae38b27c5f06a524127b1d4 353976 elinks-lite_0.12~pre4-1_i386.deb
2f03fdf8c9be54a0895784019b2f059998b70ac2 587108 elinks-data_0.12~pre4-1_all.deb
d7c30ac7330c3a8cece18decffdd081e7d187440 622710 elinks-doc_0.12~pre4-1_all.deb
Checksums-Sha256:
0e3604ef6b98d5cf9ca291d5dc409d2dee83a7a490d43d6afc2a7a3d4f06f799 1814 elinks_0.12~pre4-1.
dsc
8f9f4b912312db6cb0303ac3c73e19bcac71a1714898b851877f8fcda5d22504 4178911 elinks_0.12~pre4
.orig.tar.gz
6852763a11683656aae79c3acdd567c74bf29adda78da01375f577277761098e 21071 elinks_0.12~pre4-1
.diff.gz
7ee900c698bf0c5f6c87986963f05350cfec8c809dcbd783ce64c1b1a36cfbf0 530422 elinks_0.12~pre4-
1_i386.deb
03a39c047e89ea8df4f88fe7b63611fbe74be385f93a6e19655f56e65186d243 353976 elinks-lite_0.12~
pre4-1_i386.deb
7b54fd999109ab793b94f11a0d9abb23cc6617c27e006ab491d1c3ede93168b6 587108 elinks-data_0.12~
pre4-1_all.deb
24140d295a9324fe8583fa5e99e0188f7750a816dbaf4092fcc2920e3e4f6366 622710 elinks-doc_0.12~p
re4-1_all.deb
Files:
4073253692bf30018f448d88588d0863 1814 web optional elinks_0.12~pre4-1.dsc
4fc38dfe0835268840dc20a28d6c5d0a 4178911 web optional elinks_0.12~pre4.orig.tar.gz
7ff7856e12fe2d794c519c08aaf0874c 21071 web optional elinks_0.12~pre4-1.diff.gz
bb3ae2ff9e91b39f04ae7f798f6789ed 530422 web optional elinks_0.12~pre4-1_i386.deb
6e630de566355752a25148a8f8ee1319 353976 web extra elinks-lite_0.12~pre4-1_i386.deb
0d25db752c70a85814591657c7a4f9f4 587108 web optional elinks-data_0.12~pre4-1_all.deb
d05e98ff284e39a7a2fb57645e3b20b6 622710 doc optional elinks-doc_0.12~pre4-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBCAAGBQJKK/OeAAoJENbfLHnbvsrcXCIH/RLIXoUW8RFGSZaGTWtM0350
HiTPdO50rqiDVmqkkjI/0kCeImYB6Fbj9KW0DXfC76MP5QLtT79SAAPK/i1sRD4U
m+VZ1R5Y9TTKmcLyqQvOh42Pk7bv/KOOh0OaUdjCsraibP9MuVbHoTLD/m421iLE
MJgFrPmCGtPcK55PMgg3bjM+KarSUZXbF6safPBncdBnPwYWuqAkeYnuRzpWwS23
uaTMcTCwC6OtbgItEQPy7h8bLgWvUzaVehUJERS5wK4rORMZk+qhJN0aUG9MD14a
WOaWX1z09qF5QuBUV19aGlo4X4381QvkZtA/6N/cl5BSJbXAvEDYJBNlp6UvWa4=
=/tb/
-----END PGP SIGNATURE-----
____________________________________________________________________________
Bug archived. Request was from Debbugs Internal Request
to internal_control@bugs.debian.org. (Fri, 24 Jul 2009 07:34:17 GMT) ([169]full
text, [170]mbox, [171]link).
____________________________________________________________________________
Send a report that [172]this bug log contains spam.
____________________________________________________________________________
Debian bug tracking system administrator . Last
modified: Thu May 9 02:04:12 2024; Machine Name: bembo
[174]Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU Public License
version 2. The current version can be obtained from
[175]https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97
Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.
References
1. mailto:528661@bugs.debian.org
2. https://bugs.debian.org/cgi-bin/version.cgi?info=1;collapse=1;package=elinks;absolute=0;fixed=elinks%2F0.12~pre4-1
3. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
4. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
5. https://bugs.debian.org/cgi-bin/pkgreport.cgi?maint=aelmahmoudy%40users.sourceforge.net
6. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
7. https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=elinks
8. https://tracker.debian.org/pkg/elinks
9. https://buildd.debian.org/elinks
10. https://qa.debian.org/popcon.php?package=elinks
11. https://bugs.debian.org/cgi-bin/pkgreport.cgi?submitter=pasky%40ucw.cz
12. javascript:toggle_infmessages();
13. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes
14. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;mboxstatus=yes
15. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;mboxmaint=yes
16. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=2
17. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=2
18. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#1
19. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=4
20. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=4
21. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#3
22. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#5
23. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=5
24. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=5
25.
26. https://bugzilla.novell.com/
27. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=7
28. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=7
29. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#6
30. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=9
31. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=9
32. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#8
33. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#10
34. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=10
35. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=10
36. mailto:528661@bugs.debian.org?body=On%20Thu%2C%2014%20May%202009%2016%3A02%3A25%20%2B0200%20Petr%20Baudis%20%3Cpasky%40ucw.cz%3E%20wrote%3A%0A%3E%20%20%20I%27m%20sorry%2C%20I%20was%20too%20quick%20to%20file%20a%20bug%20-%20after%20waiting%20several%0A%3E%20minutes%20initially%2C%20the%20SSL%20negotiation%20phase%20finished%3B%20on%20subsequent%0A%3E%20requests%20on%20the%20site%2C%20the%20delay%20is%20also%20longer%20than%20usual%2C%20but%0A%3E%20acceptable.%20Still%2C%20this%20is%20quite%20an%20inconvience%20and%20should%20be%20fixed%3B%0A%3E%20links2%20serves%20me%20the%20page%20immediately.%0A%3E%20%0A%3E%20%0A%3E%20%0A&In-Reply-To=%3C20090514140225.GS6058%40machine.or.cz%3E&subject=Re%3A%20Bug%23528661%3A%20elinks%20eternally%20stuck%20in%20SSL%20negotiation%20phase&References=%3C20090514135619.31727.95841.reportbug%40machine.or.cz%3E%0A%20%3C20090514140225.GS6058%40machine.or.cz%3E
37. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=12
38. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=12
39. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#11
40. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#13
41. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=13
42. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=13
43. mailto:528661@bugs.debian.org?References=%3C20090514135619.31727.95841.reportbug%40machine.or.cz%3E%20%3C20090514140225.GS6058%40machine.or.cz%3E%0A%20%3C20090514202949.GA12370%40appaji.net%3E&subject=Re%3A%20Bug%23528661%3A%20elinks%20eternally%20stuck%20in%20SSL%20negotiation%20phase&In-Reply-To=%3C20090514202949.GA12370%40appaji.net%3E&body=On%20Fri%2C%2015%20May%202009%2001%3A59%3A50%20%2B0530%20Y%20Giridhar%20Appaji%20Nag%20%3Cappaji%40debian.org%3E%20wrote%3A%0A%3E%20Hi%20Petr%2C%0A%3E%20%0A%3E%20On%2009%2F05%2F14%2016%3A02%20%2B0200%2C%20Petr%20Baudis%20said%20...%0A%3E%20%3E%20I%27m%20sorry%2C%20I%20was%20too%20quick%20to%20file%20a%20bug%20-%20after%20waiting%20several%0A%3E%20%3E%20minutes%20initially%2C%20the%20SSL%20negotiation%20phase%20finished%3B%20on%20subsequent%0A%3E%20%3E%20requests%20on%20the%20site%2C%20the%20delay%20is%20also%20longer%20than%20usual%2C%20but%0A%3E%20%3E%20acceptable.%20Still%2C%20this%20is%20quite%20an%20inconvience%20and%20should%20be%20fixed%3B%0A%3E%20%3E%20links2%20serves%20me%20the%20page%20immediately.%0A%3E%20%0A%3E%20I%20will%20check%20if%20this%20is%20this%20because%20elinks%20uses%20gnutls%20and%20links2%20uses%0A%3E%20openssl.%0A%3E%20%0A%3E%20Giridhar%0A%3E%20%0A%3E%20--%20%0A%3E%20Y%20Giridhar%20Appaji%20Nag%20%7C%20http%3A%2F%2Fappaji.net%2F%0A
44. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=0;bug=528661;msg=13
45. http://appaji.net/
46. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=528661;filename=signature.asc;msg=13
47. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=15
48. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=15
49. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#14
50. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=17
51. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=17
52. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#16
53. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#18
54. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=18
55. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=18
56. mailto:528661@bugs.debian.org?References=%3C20090514135619.31727.95841.reportbug%40machine.or.cz%3E%0A%09%3C20090514140225.GS6058%40machine.or.cz%3E%0A%09%3C20090514202949.GA12370%40appaji.net%3E%0A%20%3C87eiuer286.fsf%40Astalo.kon.iki.fi%3E&body=On%20Sun%2C%2024%20May%202009%2017%3A43%3A05%20%2B0300%20Kalle%20Olavi%20Niemitalo%20%3Ckon%40iki.fi%3E%20wrote%3A%0A%3E%20Y%20Giridhar%20Appaji%20Nag%20%3Cappaji%40debian.org%3E%20writes%3A%0A%3E%20%0A%3E%20%3E%20I%20will%20check%20if%20this%20is%20this%20because%20elinks%20uses%20gnutls%20and%20links2%20uses%0A%3E%20%3E%20openssl.%0A%3E%20%0A%3E%20The%20sample%20tcp.c%20in%20the%20GNUTLS%20sources%20reportedly%20has%20the%20same%20problem.%0A%3E%20http%3A%2F%2Fsavannah.gnu.org%2Fsupport%2F%3F106776%0A%3E%20%0A%3E%20If%20GNUTLS%20is%20not%20soon%20fixed%2C%20perhaps%20someone%20can%20package%0A%3E%20nss_compat_ossl%20for%20Debian.%20%20Alternatively%2C%20we%20could%20make%20ELinks%0A%3E%20save%20SERVER_BLACKLIST_NO_TLS%20and%20similar%20flags%20in%20a%20file.%0A%3E%20%0A%3E%20For%20the%20record%2C%20https%3A%2F%2Fbugzilla.novell.com%2Findex.cgi%20sends%20headers%3A%0A%3E%20%0A%3E%20HTTP%2F1.1%20200%20OK%0A%3E%20Date%3A%20Sun%2C%2024%20May%202009%2014%3A34%3A34%20GMT%0A%3E%20Server%3A%20Apache%2F2.2.3%20%28Linux%2FSUSE%29%0A%3E%20Vary%3A%20Accept-Encoding%2CUser-Agent%0A%3E%20Content-Encoding%3A%20gzip%0A%3E%20Content-Type%3A%20text%2Fhtml%3B%20charset%3DUTF-8%0A%3E%20Content-Length%3A%202960%0A%3E%20Set-Cookie%3A%20ZNPCQ002-bugzilla%3DV0016cef11da%3B%20path%3D%2F%0A%3E%20P3p%3A%20CP%3D%22NOI%22%0A%3E%20Via%3A%201.1%20ICS_SERVER%20%28iChain%202.3.416%29%0A%3E%20%0A%3E%20And%20the%20ciphersuite%20eventually%20negotiated%20is%3A%0A%3E%20SSL3.0%20-%20RSA%20-%20ARCFOUR-128%20-%20SHA1%20-%20X.509%20%28compr%3A%20NULL%29%0A&In-Reply-To=%3C87eiuer286.fsf%40Astalo.kon.iki.fi%3E&subject=Re%3A%20Bug%23528661%3A%20elinks%20eternally%20stuck%20in%20SSL%20negotiation%20phase
57. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=0;bug=528661;msg=18
58. http://savannah.gnu.org/support/?106776
59. https://bugzilla.novell.com/index.cgi
60. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=528661;msg=18
61. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
62. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=gnutls26
63. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=20
64. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=20
65. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#19
66. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=22
67. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=22
68. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#21
69. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=24
70. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=24
71. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#23
72. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#25
73. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=25
74. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=25
75. mailto:528661@bugs.debian.org?References=%3C87y6sgnc18.fsf%40mocca.josefsson.org%3E&In-Reply-To=%3C87y6sgnc18.fsf%40mocca.josefsson.org%3E&body=On%20Thu%2C%2028%20May%202009%2023%3A38%3A27%20%2B0200%20Simon%20Josefsson%20%3Csimon%40josefsson.org%3E%20wrote%3A%0A%3E%20The%20problem%20is%20a%20buggy%20server%2C%20see%20the%20upstream%20bug%20about%20this%20%5B1%5D%2C%20so%20I%0A%3E%20don%27t%20see%20anything%20that%20can%2Fshould%20be%20changed%20in%20GnuTLS.%0A%3E%20%0A%3E%20Rather%20than%20closing%20this%20bug%2C%20we%20could%20re-assign%20the%20problem%20back%20to%0A%3E%20elinks%20as%20a%20wishlist%20bug%20to%20provide%20better%20error%20handling%20in%20this%0A%3E%20situation.%0A%3E%20%0A%3E%20A%20naive%20solution%20would%20be%20to%20disable%20TLS1.1%20in%20elinks.%20%20Here%20is%20a%20patch%0A%3E%20against%20elinks%20to%20accomplish%20that.%0A%3E%20%0A%3E%20diff%20--git%20a%2Fsrc%2Fnetwork%2Fssl%2Fssl.c%20b%2Fsrc%2Fnetwork%2Fssl%2Fssl.c%0A%3E%20index%207ae3a04..81db379%20100644%0A%3E%20---%20a%2Fsrc%2Fnetwork%2Fssl%2Fssl.c%0A%3E%20%2B%2B%2B%20b%2Fsrc%2Fnetwork%2Fssl%2Fssl.c%0A%3E%20%40%40%20-278%2C7%20%2B278%2C7%20%40%40%20init_ssl_connection%28struct%20socket%20%2Asocket%29%0A%3E%20%20%09%09return%20S_SSL_ERROR%3B%0A%3E%20%20%09%7D%0A%3E%20%20%0A%3E%20-%09gnutls_set_default_priority%28%2Astate%29%3B%0A%3E%20%2B%09gnutls_priority_set_direct%20%28%2Astate%2C%20%22NORMAL%3A-VERS-TLS1.1%22%2C%20NULL%29%3B%0A%3E%20%20%09gnutls_handshake_set_private_extensions%28%2Astate%2C%201%29%3B%0A%3E%20%20%09gnutls_cipher_set_priority%28%2Astate%2C%20cipher_priority%29%3B%0A%3E%20%20%09gnutls_kx_set_priority%28%2Astate%2C%20kx_priority%29%3B%0A%3E%20%0A%3E%20%2FSimon%0A%3E%20%0A%3E%20%5B1%5D%20http%3A%2F%2Fsavannah.gnu.org%2Fsupport%2F%3F106776%0A%3E%20%0A%3E%20%0A%3E%20%0A&subject=Re%3A%20Bug%23528661%3A%20elinks%20eternally%20stuck%20in%20SSL%20negotiation%20phase
76. http://savannah.gnu.org/support/?106776
77. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=27
78. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=27
79. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#26
80. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=29
81. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=29
82. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#28
83. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#30
84. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=30
85. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=30
86. mailto:528661@bugs.debian.org?References=%3C87y6sgnc18.fsf%40mocca.josefsson.org%3E%0A%20%3C20090529102952.GE10035%40machine.or.cz%3E&In-Reply-To=%3C20090529102952.GE10035%40machine.or.cz%3E&body=On%20Fri%2C%2029%20May%202009%2012%3A29%3A52%20%2B0200%20Petr%20Baudis%20%3Cpasky%40ucw.cz%3E%20wrote%3A%0A%3E%20On%20Thu%2C%20May%2028%2C%202009%20at%2011%3A38%3A27PM%20%2B0200%2C%20Simon%20Josefsson%20wrote%3A%0A%3E%20%3E%20The%20problem%20is%20a%20buggy%20server%2C%20see%20the%20upstream%20bug%20about%20this%20%5B1%5D%2C%20so%20I%0A%3E%20%3E%20don%27t%20see%20anything%20that%20can%2Fshould%20be%20changed%20in%20GnuTLS.%0A%3E%20%0A%3E%20Then%20why%20do%20Firefox%20and%20applications%20using%20OpenSSL%20have%20no%20trouble%0A%3E%20talking%20to%20the%20server%3F%0A%3E%20%0A%3E%20%09%09%09%09Petr%20%22Pasky%22%20Baudis%0A%3E%20%0A%3E%20%0A%3E%20%0A&subject=Re%3A%20Bug%23528661%3A%20elinks%20eternally%20stuck%20in%20SSL%20negotiation%20phase
87. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=32
88. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=32
89. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#31
90. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=34
91. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=34
92. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#33
93. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#35
94. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=35
95. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=35
96.
97. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=37
98. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=37
99. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#36
100. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=39
101. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=39
102. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#38
103. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#40
104. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=40
105. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=40
106. mailto:528661@bugs.debian.org?References=%3C87y6sgnc18.fsf%40mocca.josefsson.org%3E%0A%09%3C20090529102952.GE10035%40machine.or.cz%3E%0A%09%3C87ws80ur4a.fsf%40mocca.josefsson.org%3E%0A%20%3C87k53z83qs.fsf%40Astalo.kon.iki.fi%3E&body=On%20Sat%2C%2030%20May%202009%2010%3A11%3A07%20%2B0300%20Kalle%20Olavi%20Niemitalo%20%3Ckon%40iki.fi%3E%20wrote%3A%0A%3E%20Simon%20Josefsson%20%3Csimon%40josefsson.org%3E%20writes%3A%0A%3E%20%0A%3E%20%3E%20Firefox%20may%20have%20some%20logic%20to%20re-try%20the%20connection%20using%20a%20lower%20TLS%0A%3E%20%3E%20version%20when%20a%20higher%20TLS%20version%20did%20not%20work%20out%20well%20--%20that%20logic%0A%3E%20%3E%20would%20be%20useful%20to%20duplicate%20in%20elinks%20too.%0A%3E%20%0A%3E%20ELinks%20already%20has%20logic%20to%20switch%20to%20SSLv3%20only.%0A%3E%20See%20ssl_set_no_tls%20in%20elinks%2Fsrc%2Fnetwork%2Fssl%2Fsocket.c%3A%0A%3E%20http%3A%2F%2Frepo.or.cz%2Fw%2Felinks.git%3Fa%3Dblob%3Bf%3Dsrc%2Fnetwork%2Fssl%2Fsocket.c%3Bh%3D45b4b4a8887d2b54c12321a107c1b5a5d7382e85%3Bhb%3D3801698ff1ddfa2aa94466e90851e496d95156c0%0A%3E%20%0A%3E%20If%20the%20SSLv3%20connection%20then%20succeeds%2C%20ELinks%20uses%20SSLv3%20for%0A%3E%20later%20connections%20to%20the%20same%20server%20too.%20%20This%20corresponds%20to%0A%3E%20Pasky%27s%20report%20that%20only%20the%20first%20connection%20was%20slow.%20%20ELinks%0A%3E%20doesn%27t%20save%20this%20blacklist%20to%20a%20file%20though%2C%20so%20it%20is%20lost%20when%0A%3E%20ELinks%20is%20restarted.%0A%3E%20%0A%3E%20Can%20you%20do%20something%20in%20GNUTLS%20to%20make%20the%20TLSv1.1%20connection%0A%3E%20fail%20sooner%3F%0A&In-Reply-To=%3C87k53z83qs.fsf%40Astalo.kon.iki.fi%3E&subject=Re%3A%20Bug%23528661%3A%20elinks%20eternally%20stuck%20in%20SSL%20negotiation%20phase
107. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=0;bug=528661;msg=40
108. http://repo.or.cz/w/elinks.git?a=blob;f=src/network/ssl/socket.c;h=45b4b4a8887d2b54c12321a107c1b5a5d7382e85;hb=3801698ff1ddfa2aa94466e90851e496d95156c0
109. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=528661;msg=40
110. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=42
111. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=42
112. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#41
113. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=44
114. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=44
115. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#43
116. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#45
117. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=45
118. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=45
119. mailto:528661@bugs.debian.org?subject=Re%3A%20fixed%20in%20upstream%20ELinks%200.12pre4&In-Reply-To=%3C873aal8uch.fsf%40Astalo.kon.iki.fi%3E&body=On%20Sun%2C%2031%20May%202009%2013%3A01%3A02%20%2B0300%20Kalle%20Olavi%20Niemitalo%20%3Ckon%40iki.fi%3E%20wrote%3A%0A%3E%20package%20elinks%0A%3E%20tags%20529821%20%2B%20fixed-upstream%0A%3E%20quit%0A%3E%20%0A%3E%20These%20bugs%20have%20been%20fixed%20in%20today%27s%20upstream%20ELinks%200.12pre4.%0A%3E%20%0A%3E%20%2A%20Debian%20build%20bug%20529821%3A%20Use%20%60%60pkg-config%20gnutls%27%27%20instead%20of%0A%3E%20%20%20%60%60libgnutls-config%27%27%2C%20which%20is%20not%20included%20in%20GNUTLS%202.7.x.%0A%3E%20%20%20You%20can%20no%20longer%20specify%20the%20location%20of%20GNUTLS%20using%0A%3E%20%20%20%60%60configure%20--with-gnutls%3DDIR%27%27.%0A%3E%20%2A%20Debian%20bug%20528661%3A%20If%20using%20GNUTLS%202.1.7%20or%20later%2C%20disable%20various%0A%3E%20%20%20TLS%20extensions%20%28including%20CERT%20and%20SERVERNAME%29%20to%20help%20handshaking%0A%3E%20%20%20with%20the%20SSLv3-only%20bugzilla.novell.com.%0A%3E%20%2A%20Debian%20build%20bug%20526349%3A%20Include%20asciidoc.py%20from%20AsciiDoc%207.1.2%2C%0A%3E%20%20%20to%20remove%20all%20dependencies%20on%20the%20installed%20version.%0A%3E%20%0A%3E%20FYI%2C%20there%27s%20also%20one%20change%20thought%20useful%20for%20Debian%27s%20elinks-lite.%0A%3E%20%0A%3E%20%2A%20build%20enhancement%3A%20Recognize%20%60%60configure%20--without-tre%27%27.%0A&References=%3C873aal8uch.fsf%40Astalo.kon.iki.fi%3E
120. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=0;bug=528661;msg=45
121. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=528661;msg=45
122. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=47
123. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=47
124. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#46
125. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=49
126. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=49
127. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#48
128. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#50
129. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=50
130. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=50
131.
132. http://repo.or.cz/w/elinks.git?a=blob;f=src/network/ssl/socket.c;h=45b4b4a8887d2b54c12321a107c1b5a5d7382e85;hb=3801698ff1ddfa2aa94466e90851e496d95156c0
133. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=52
134. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=52
135. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#51
136. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=54
137. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=54
138. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#53
139. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#55
140. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=55
141. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=55
142. mailto:528661@bugs.debian.org?subject=Re%3A%20Bug%23528661%3A%20fixed%20in%20upstream%20ELinks%200.12pre4&In-Reply-To=%3C87ab4ss55i.fsf%40mocca.josefsson.org%3E&body=On%20Mon%2C%2001%20Jun%202009%2010%3A57%3A13%20%2B0200%20Simon%20Josefsson%20%3Csimon%40josefsson.org%3E%20wrote%3A%0A%3E%20Kalle%20Olavi%20Niemitalo%20%3Ckon%40iki.fi%3E%20writes%3A%0A%3E%20%0A%3E%20%3E%20%2A%20Debian%20bug%20528661%3A%20If%20using%20GNUTLS%202.1.7%20or%20later%2C%20disable%20various%0A%3E%20%3E%20%20%20TLS%20extensions%20%28including%20CERT%20and%20SERVERNAME%29%20to%20help%20handshaking%0A%3E%20%3E%20%20%20with%20the%20SSLv3-only%20bugzilla.novell.com.%0A%3E%20%0A%3E%20Disabling%20the%20SERVERNAME%20extension%20seems%20like%20a%20bad%20idea%20--%20I%20believe%0A%3E%20Mozilla%20%28and%20IE%20on%20Vista%29%20enables%20it%20by%20default%2C%20and%20some%20sites%20may%20be%0A%3E%20using%20that%20to%20provide%20HTTPS%20virtual%20hosting.%0A%3E%20%0A%3E%20On%20the%20other%20hand%2C%20the%20elinks%20code%20used%20to%20send%20%22localhost%22%20as%20the%20SNI%2C%0A%3E%20which%20is%20even%20worse%20than%20not%20using%20the%20extension%20at%20all.%20%20So%20if%20you%0A%3E%20cannot%20send%20the%20proper%20server%20name%20%28as%20entered%20by%20the%20user%20or%20from%20a%0A%3E%20HREF%20tag%29%2C%20it%20is%20better%20to%20disable%20the%20extension%20%28as%20you%20have%20done%29.%0A%3E%20The%20best%20is%20to%20use%20the%20SERVERNAME%20extension%20and%20send%20the%20expected%0A%3E%20hostname%2C%20though.%0A%3E%20%0A%3E%20The%20problem%20with%20bugzilla.novell.com%20was%20that%20it%20didn%27t%20like%20TLSv1.1.%0A%3E%20It%20didn%27t%20have%20a%20problem%20with%20TLSv1.0%20%2B%20extensions.%20%20%28However%2C%20there%20may%0A%3E%20be%20_other_%20servers%20out%20there%20that%20cannot%20handle%20TLS%20extensions...%29%0A%3E%20%0A%3E%20%2FSimon%0A%3E%20%0A%3E%20%0A%3E%20%0A&References=%3C873aal8uch.fsf%40Astalo.kon.iki.fi%3E%0A%20%3C87ab4ss55i.fsf%40mocca.josefsson.org%3E
143. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=gnutls26
144. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
145. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=57
146. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=57
147. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#56
148. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=59
149. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=59
150. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#58
151. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=61
152. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=61
153. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#60
154. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=63
155. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=63
156. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#62
157. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#64
158. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=64
159. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=64
160.
161. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514544
162. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526349
163. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661
164. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529821
165. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526349
166. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661
167. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514544
168. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529821
169. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;msg=66
170. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661;mbox=yes;msg=66
171. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528661#65
172. https://bugs.debian.org/cgi-bin/bugspam.cgi?bug=528661
173. mailto:owner@bugs.debian.org
174. https://www.debian.org/Bugs/
175. https://bugs.debian.org/debbugs-source/
Usage: http://www.kk-software.de/kklynxview/get/URL
e.g. http://www.kk-software.de/kklynxview/get/http://www.kk-software.de
Errormessages are in German, sorry ;-)