Re: exim4 & libgnutls26: "A TLS packet with unexpected length was received."
On 2017-03-29 13:41:54, Adrian Zaugg wrote:
> I know LTS is not about fixing bugs, this one is critical though and it
> affects probably many wheezy installations. As it gets worse with time,
> it might be that some one would like to care anyway or maybe there is a
> known solution to this problem I haven't found in the net. Any advice is
> highly appreciated - I want to keep encrypted connections as the first
> option for connecting hosts.
Is this a regression in GnuTLS? Or just an aggravating problem from the
rising adoption of SHA-512?
I would tend towards fixing this only if it's the former, not the
latter. This is, after all, why we want people to upgrade...
It could be pretty difficult to backport SHA-512 support in Wheezy's
Dr. King’s major assumption was that if you are nonviolent, if you
suffer, your opponent will see your suffering and will be moved to
change his heart. He only made one fallacious assumption: In order for
nonviolence to work, your opponent must have a conscience. The United
States has none. - Stokely Carmichael