Devuan bug report logs - #270
unable to connect using TLSv1.2.

Package: mariadb-client; Maintainer for mariadb-client is (unknown); Source for mariadb-client is src:mariadb-10.5.

Reported by: Thomas Groman <tgrom.automail@nuegia.net>

Date: Sun, 16 Dec 2018 04:03:01 UTC

Severity: normal

Tags: debian

Done: Mark Hindley <mark@hindley.org.uk>

Forwarded to https://bugs.debian.org/921151

Full log

Message #5 received at submit@bugs.devuan.org (full text, mbox, reply):

Received: (at submit) by bugs.devuan.org; 16 Dec 2018 04:00:03 +0000
Return-Path: <tgrom.automail@nuegia.net>
Delivered-To: devuanbugs@dyne.org
Received: from tupac3.dyne.org [195.169.149.119]
	by fulcanelli with IMAP (fetchmail-6.3.26)
	for <debbugs@localhost> (single-drop); Sun, 16 Dec 2018 05:00:03 +0100 (CET)
Received: from mail.onlinenw.com (mail.onlinenw.com [206.212.237.200])
	by vm6.ganeti.dyne.org (Postfix) with ESMTP id 7C9F0F604AE
	for <submit@bugs.devuan.org>; Sun, 16 Dec 2018 04:51:24 +0100 (CET)
Received: (qmail 13416 invoked from network); 16 Dec 2018 03:51:15 -0000
Received: from localhost (HELO lappy) (tgrom.automail@nuegia.net@127.0.0.1)
	by mail1.onlinenw.com with SMTP
	(d648699c-00e5-11e9-93e5-00188bf9ee8f); Sat, 15 Dec 2018 19:51:15 -0800
Date: Sat, 15 Dec 2018 19:53:44 -0800
From: Thomas Groman <tgrom.automail@nuegia.net>
Disposition-Notification-To: Thomas Groman <tgrom.automail@nuegia.net>
To: Devuan Bug Tracking System <submit@bugs.devuan.org>
Subject: unable to connect using TLSv1.2.
Message-ID: <154493212845.23324.11005533420082713814.reportbug@lappy>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-MagicMail-OS: MagicMail 3.0-Stable
X-MagicMail-UUID: d648699c-00e5-11e9-93e5-00188bf9ee8f
X-MagicMail-Authenticated: tgrom.automail@nuegia.net
X-MagicMail-SourceIP: 127.0.0.1
X-MagicMail-RegexMatch: 2
X-MagicMail-EnvelopeFrom: <tgrom.automail@nuegia.net>
X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE,SPF_PASS
	autolearn=disabled version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tupac3.dyne.org

Package: mariadb-client
Version: 10.1.37-0+deb9u1
Severity: important



-- System Information:
Distributor ID:	Devuan
Description:	Devuan GNU/Linux 2.0 (ascii)
Release:	2.0
Codename:	ascii

Architecture: x86_64

Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages mariadb-client depends on:
ii  mariadb-client-10.1  10.1.37-0+deb9u1

mariadb-client recommends no packages.

mariadb-client suggests no packages.

-- no debconf information

Mariadb-client is unable to negotiate to TLSv1.2. I have tested this
with server versions: 10.1.37-MariaDB Gentoo Linux mariadb-10.1.37
10.1.34-MariaDB Gentoo Linux mariadb-10.1.34
. It should be noted that only the client version:
Ver 15.1 Distrib 10.1.37-MariaDB, for debian-linux-gnu (x86_64) using
readline 5.2 is unable to connect to the servers listed previously when
TLSv1.2 is enforced. However clients on other operating systems tested:
Ver 15.1 Distrib 10.1.34-MariaDB, for Linux (x86_64) using readline 7.0
Ver 15.1 Distrib 10.1.37-MariaDB, for Linux (x86_64) using readline 7.0
are able to connect just fine. Upon further inspection, looking at
packet traces with WireShark it appears that the Debian client is only
attempting to negotiate a connection with TLSv1.1, which is blacklisted
while the Gentoo clients are able to negotiate at TLSv1.2. The Debian
client fails and prints "ERROR 2026 (HY000): SSL connection error:
unknown error number" to stdout.

Send a report that this bug log contains spam.

Devuan bug report logs - #270 unable to connect using TLSv1.2.

Devuan bug report logs - #270
unable to connect using TLSv1.2.