Re: exim4 & libgnutls26: "A TLS packet with unexpected length was received."
On 29.03.17 16:36, Antoine Beaupré wrote:
> Is this a regression in GnuTLS? Or just an aggravating problem from the
> rising adoption of SHA-512?
I don't think the only problem with libgnutls26 is SHA-512. As it seems
the mentioned error can occur in many situations, some for example write
about "the random size padding of packets to prevent communications
compromise for stream ciphers" [1]. I personally believe it is not
related to the SHA-512 issue, since the error from Exim is slightly
different in that case:
"...(gnutls_handshake): A TLS packet with..." opposed to the one I see
mostly "...(recv): A TLS packet with...".
To conclude: I don't know why that error occurs nor whether it came from
a regression or if it always has been there.
> I would tend towards fixing this only if it's the former, not the
> latter. This is, after all, why we want people to upgrade...
It is wise to upgrade in many situations and I completely agree that the
newer versions solve many problems. There are situations though, where
upgrading is difficult, is not yet feasible and for those situations LTS
is great.
Is backporting a newer version an option?
Regards, Adrian.
[1] comment #3 under
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1111882
--
.~..
_ //__
~~~~~~~~~~~~\°___/~~~~~~~
Adrian Zaugg
Zweierstrasse 56
CH-8004 Zürich
044 291 02 38
_________________________
(This eMail gets best displayed
using a monospace font.)
Reply to: