Bug 279571
| Summary: | security/gnutls: encryption algorithm not supported | ||
|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Robert Clausecker <fuz> |
| Component: | Individual Port(s) | Assignee: | Tijl Coosemans <tijl> |
| Status: | Closed FIXED | ||
| Severity: | Affects Some People | Flags: | bugzilla:
maintainer-feedback?
(tijl) fuz: merge-quarterly? |
| Priority: | --- | ||
| Version: | Latest | ||
| Hardware: | Any | ||
| OS: | Any | ||
| URL: | https://gitlab.com/gnutls/gnutls/-/issues/1540 | ||
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=15c1b5734bfc5c0ad3a2756386fd9f00c0270299 commit 15c1b5734bfc5c0ad3a2756386fd9f00c0270299 Author: Tijl Coosemans <tijl@FreeBSD.org> AuthorDate: 2024-06-14 12:28:49 +0000 Commit: Tijl Coosemans <tijl@FreeBSD.org> CommitDate: 2024-06-14 13:08:45 +0000 security/gnutls: Fix RSAES-PKCS1-v1_5 Add upstream patch to fix RSAES-PKCS1-v1_5 when configuration file is missing. Pet portlint/portclippy/portfmt. PR: 279571 security/gnutls/Makefile | 35 +++++++++++++++++++---------------- security/gnutls/distinfo | 4 +++- 2 files changed, 22 insertions(+), 17 deletions(-) Thanks for the fix. Can this be MFH'ed? |
Recent GnuTLS has a bug where if no system-wide configuration file exists, GnuTLS will refuse to connect to hosts using some normally supported cipher suites. There's a trivial workaround: install an empty configuration file. Please update GnuTLS to just ship an empty @sample ${PREFIX}/etc/gnutls/config to avoid this bug.