Red Hat Bugzilla – Bug 979705
libsoup/gnults can't connect to TLSv1-only webdav/caldav server because it specified version 3 (0x0300) in ClientHello
Last modified: 2013-07-02 05:33:51 EDT
Description of problem:
evolution/e-d-s/libsoup/gnults can't connect to TLSv1-only caldav server because it specified version 3 (0x0300) in ClientHello. According to RFCs, latest TLS version supported by client should be specified in client hellos, for which GnuTLS provides convenient %LATEST_RECORD_VERSION keyword:
The bug might easily be in lower layers (libsoup) as wel...
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. create a new caldav calendar in evolution:
- use any uri on https server that supports only TLSv1 or better
- check "Use SSL"
2. start network capture on port 443
3. hit "Browser server to discover calendar" button
* version in ClientHello handshake is SSL 3.0 (0x0300)
* connection is refused
* version in ClientHello is highest supported by client
* connection is established
My server supports just TLSv1 (apache + mod_nss: TLS 1.1 and 1.2 aren't supported yet and I disabled SSLv3 support)
The issue is the same when using nautilus to connect to the same server via webdav, thust I expect that the problematic component is actually libsoup.
This is bug #975457, from my point of view.
yes, this is exactly the same bug as 975457
Thanks for the confirmation, I'm marking it as such.
*** This bug has been marked as a duplicate of bug 975457 ***