Your message dated Thu, 19 Jan 2023 18:56:43 +0000
with message-id <Y8mSazUMAgXhYMQL@???>
and subject line Fixed in Debian #921151
has caused the Devuan bug report #270,
regarding unable to connect using TLSv1.2.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@???
immediately.)
--
270:
https://bugs.devuan.org/cgi/bugreport.cgi?bug=270
Devuan Bug Tracking System
Contact owner@??? with problems
Package: mariadb-client
Version: 10.1.37-0+deb9u1
Severity: important
-- System Information:
Distributor ID: Devuan
Description: Devuan GNU/Linux 2.0 (ascii)
Release: 2.0
Codename: ascii
Architecture: x86_64
Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages mariadb-client depends on:
ii mariadb-client-10.1 10.1.37-0+deb9u1
mariadb-client recommends no packages.
mariadb-client suggests no packages.
-- no debconf information
Mariadb-client is unable to negotiate to TLSv1.2. I have tested this
with server versions: 10.1.37-MariaDB Gentoo Linux mariadb-10.1.37
10.1.34-MariaDB Gentoo Linux mariadb-10.1.34
. It should be noted that only the client version:
Ver 15.1 Distrib 10.1.37-MariaDB, for debian-linux-gnu (x86_64) using
readline 5.2 is unable to connect to the servers listed previously when
TLSv1.2 is enforced. However clients on other operating systems tested:
Ver 15.1 Distrib 10.1.34-MariaDB, for Linux (x86_64) using readline 7.0
Ver 15.1 Distrib 10.1.37-MariaDB, for Linux (x86_64) using readline 7.0
are able to connect just fine. Upon further inspection, looking at
packet traces with WireShark it appears that the Debian client is only
attempting to negotiate a connection with TLSv1.1, which is blacklisted
while the Gentoo clients are able to negotiate at TLSv1.2. The Debian
client fails and prints "ERROR 2026 (HY000): SSL connection error:
unknown error number" to stdout.
Version: