LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   RDesktop TLS handshake failed after GnuTLS updgrade. (https://www.linuxquestions.org/questions/slackware-14/rdesktop-tls-handshake-failed-after-gnutls-updgrade-4175735848/)

bortolotto 04-09-2024 06:12 PM
RDesktop TLS handshake failed after GnuTLS updgrade.
 
Today after slackpkg upgrade-all
A RDesktop connection that I do daily to work on a notebook but using my desktop stopped to work.

Code:
diniz@darkstar:~$ rdesktop -v -k pt-br -a 32 -r sound:local -d **domain** -u "**domain**\**user**" 192.168.15.111
is_wm_active(): WM name: KWin
Connecting to server using SSL...
Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
Core(error): tcp_tls_connect(), TLS handshake failed. GnuTLS error: The encryption algorithm is not supported.
Failed to connect using SSL, trying with plain RDP.
Failed to connect, SSL required by server.
I reinstalled version 3.8.4 ...
Code:
Upgrading gnutls-3.8.5-x86_64-1 package using mirror/slackware64-cumulative/slackware64/n/gnutls-3.8.4-x86_64-1.txz
and worked.

Code:
diniz@darkstar:~$ rdesktop -v -k pt-br -a 32 -r sound:local -d **domain** -u "**domain**\**user**" 192.168.15.111
is_wm_active(): WM name: KWin
Connecting to server using SSL...
Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
TLS  Session info: (TLS1.2)-(RSA)-(AES-256-GCM)

Connection established using SSL.
Connection successful
Any idea about what I could be missing?

rkelsen 04-09-2024 07:27 PM
Quote:
Originally Posted by bortolotto (Post 6495064)
Code:
GnuTLS error: The encryption algorithm is not supported.
Code:
TLS  Session info: (TLS1.2)-(RSA)-(AES-256-GCM)
Some clues there. The older version supports your encryption method, but the new one doesn't. Perhaps caused by a change in the default config options? The SlackBuild hasn't changed.

bortolotto 04-09-2024 09:38 PM
Issue #1540 on GnuTLS 3.8.5
 
Hi!
After some research I found same issue reported on GnuTLS.
https://gitlab.com/gnutls/gnutls/-/issues/1540

A bypass to that error is to create a config file.
Code:
mkdir  /etc/gnutls && touch /etc/gnutls/config

After that the connection succeeds.
Should we suggest to add that dir/file to Patrick or just wait an upstream update?

allend 04-10-2024 07:07 AM
Given
Quote:
Since there probably are many more distros not shipping a config at all, the issue might have a rather wide impact and warrant a follow-up release.
in https://gitlab.com/gnutls/gnutls/-/i...ote_1853760757, a wait on upstream seems best.

bortolotto 04-10-2024 09:02 PM
Patched!!
 
n/gnutls-3.8.5-x86_64-2.txz: Rebuilt.
[PATCH] Fix RSAES-PKCS1-v1_5 system-wide configuration.

https://mirrors.slackware.com/slackw...ime=1712776154


All times are GMT -5. The time now is 09:20 PM.