[Bug 1595592] Re: gnutls fail on elpa.gnu.org address

Thu Jun 23 18:36:53 UTC 2016

"The TLS connection was non-properly terminated" usually means that
something like a TCP RST or FIN packet was received on the connection,
or an ICMP Destination Unreachable message killed the connection. It's a
warning that the application layer inside the TLS session didn't
initiate the termination.

The other error messages in the gnu.org bug report also suggest that
there is some connection mangling or perhaps other local issues.

I'm able to connect to elpa.gnu.org with no trouble:

$ gnutls-cli elpa.gnu.org
Processed 173 CA certificate(s).
Resolving 'elpa.gnu.org'...
Connecting to '208.118.235.89:443'...
- Certificate type: X.509
- Got a certificate list of 3 certificates.
- Certificate[0] info:
 - subject `CN=elpa.gnu.org', issuer `C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3', RSA key 2048 bits, signed using RSA-SHA256, activated `2016-04-04 14:46:00 UTC', expires `2016-07-03 14:46:00 UTC', SHA-1 fingerprint `166ad56ce1ecdab73c26e0a6950cc4c67a1f2019'
	Public Key ID:
		f299e84d06e63febdd7b7229670f805ffdc97395
	Public key's random art:
		+--[ RSA 2048]----+
		|                 |
		|                 |
		|                 |
		|           .   ..|
		|      + S . . .Eo|
		|     o = o . o. +|
		|      o *   . .=o|
		|     . =.. .o *.o|
		|      ..=o. oO ..|
		+-----------------+

- Certificate[1] info:
 - subject `CN=elpa.gnu.org', issuer `C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3', RSA key 2048 bits, signed using RSA-SHA256, activated `2016-04-04 14:46:00 UTC', expires `2016-07-03 14:46:00 UTC', SHA-1 fingerprint `166ad56ce1ecdab73c26e0a6950cc4c67a1f2019'
- Certificate[2] info:
 - subject `C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3', issuer `O=Digital Signature Trust Co.,CN=DST Root CA X3', RSA key 2048 bits, signed using RSA-SHA256, activated `2016-03-17 16:40:46 UTC', expires `2021-03-17 16:40:46 UTC', SHA-1 fingerprint `e6a3b45b062d509b3382282d196efe97d5956ccb'
- Status: The certificate is trusted. 
- Description: (TLS1.2)-(ECDHE-RSA-SECP256R1)-(AES-128-GCM)
- Session ID: 59:5F:33:75:74:05:D9:93:C3:D9:8C:AD:B8:93:B2:9E:88:11:00:3C:8C:F3:D1:7F:D4:23:54:E6:02:FD:A5:16
- Ephemeral EC Diffie-Hellman parameters
 - Using curve: SECP256R1
 - Curve size: 256 bits
- Version: TLS1.2
- Key Exchange: ECDHE-RSA
- Server Signature: RSA-SHA256
- Cipher: AES-128-GCM
- MAC: AEAD
- Compression: NULL
- Options: safe renegotiation,
- Handshake was completed

- Simple Client Mode:

If you manage to reproduce these issues please do report back.

Thanks

** Changed in: gnutls26 (Ubuntu)
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1595592

Title:
  gnutls fail on elpa.gnu.org address

Status in gnutls26 package in Ubuntu:
  Incomplete

Bug description:
  This happen on xubuntu 16.04 lts.
  I have reported the bug here:

  https://debbugs.gnu.org/cgi/bugreport.cgi?bug=23782

  Sorry to not being able to give more infos, I had to use something else as 16.04
  was not usable for now.

  Thanks.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1595592/+subscriptions