Error writing data to TLS socket: The specified session has been invalidated for some reason.

Marius Schamschula lists at schamschula.com
Sun Jan 27 12:24:09 UTC 2019


Ken,

For gnutls 3.6.6 the test suite runs clean under High Sierra: only a few XFAIL, not a single FAIL.

Marius
--
Marius Schamschula




> On Jan 26, 2019, at 9:03 PM, Ken Cunningham <ken.cunningham.webuse at gmail.com> wrote:
> 
> Running the test suite on gnutls on 10.6.8 shows one failure:
> 
> FAIL: srp
> 
> 
> So indeed it's right where I thought the error was, in that srp authentication module. Maybe that same module is broken on other systems too... to be discovered.
> 
> luckily there is a way to disable that module in gnutls, so perhaps that's a way out until this gets sorted:
> 
> --disable-srp-authentication
> 
> Ken
> 
> 
> On 2019-01-18, at 7:33 PM, Ken Cunningham wrote:
> 
>> when I downgraded to gnutls 3.5.x (which required rolling back to the last libidn2 due to a minor abi change) surf and epiphany both worked again.
>> 
>> I’m still puzzled — hard to debug.
>> 
>> Ken
>> 
>>> On Jan 18, 2019, at 5:45 PM, Marius Schamschula <lists at schamschula.com <mailto:lists at schamschula.com>> wrote:
>>> 
>>> Ken,
>>> 
>>> I just installed for surf and epiphany. I tested with my own websites that are using letsencrypt certificates.
>>> 
>>> Indeed, both browsers are broken, in the case of epiphany, I couldn’t even download the http version w/o an error, as it still tried pulling an external resource using https.
>>> 
>>> However, I doubt that the issue is with gnutls: I used both aria2 +gnutls+sqlite3 (my default build) and curl +gnutls to pull down two of my https home pages as well as gitHub.com/macports/ <http://github.com/macports/> w/o any issues.
>>> 
>>> The ABI for gnutls 3.6.x is a superset of version 3.5.x, no previous symbols have been removed or modified, only new functionality has been added:
>>> 
>>> https://lists.gnupg.org/pipermail/gnutls-devel/2017-August/008484.html <https://lists.gnupg.org/pipermail/gnutls-devel/2017-August/008484.html>
>>> 
>>> Marius
>>> --
>>> Marius Schamschula
>>> 
>>> 
>>> 
>>> 
>>>> On Jan 18, 2019, at 6:08 PM, Ken Cunningham <ken.cunningham.webuse at gmail.com <mailto:ken.cunningham.webuse at gmail.com>> wrote:
>>>> 
>>>> I’m not sure which port is causing this error I’m seeing since recent updates.
>>>> 
>>>> To see it, use something like epiphany or surf
>>>> 
>>>> surf www.github.com <http://www.github.com/>
>>>> epiphany www.github.com <http://www.github.com/>
>>>> 
>>>> 
>>>> I think the error is in gnutls, maybe in libidn2?
>>>> 
>>>> I’m narrowing it down to perhaps the srp authentication module, but I’m out of my depth to an extent.
>>>> 
>>>> i’m not sure yet if it’s a MacPorts thing, or some new bug that slipped into gnutls.
>>>> 
>>>> Anyway, it seems to stop the use of things that use gnutls against some authenticating websites.
>>>> 
>>>> Ken
>>> 
>> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-dev/attachments/20190127/ef840773/attachment.html>


More information about the macports-dev mailing list