[RTEMS Project] #4839: TLS needs updating to 1.3 for Trac (devel.rtems.org)

RTEMS trac trac at rtems.org
Thu Feb 9 14:33:22 UTC 2023 

#4839: TLS needs updating to 1.3 for Trac (devel.rtems.org)
------------------------------+--------------------------
 Reporter:  Joel Sherrill     |       Owner:  Amar Takhar
     Type:  infra             |      Status:  accepted
 Priority:  normal            |   Milestone:  Indefinite
Component:  admin             |     Version:
 Severity:  normal            |  Resolution:
 Keywords:  funded project-1  |  Blocked By:
 Blocking:                    |
------------------------------+--------------------------
Description changed by Joel Sherrill:

Old description:

> Passing along a report from a user that their IT has blocked pages using
> TLS 1.2. This impacts at least the RSB downloading patches associated
> with RTEMS tickets.
>
> I will follow up when I get the promised output logs. They said curl,
> wget, RSB, etc. were tried during experiments.

New description:

 Passing along a report from a user that their IT has blocked pages using
 TLS 1.2. This impacts at least the RSB downloading patches associated with
 RTEMS tickets.

 Here is their curl verbose output in case it helps:

 {{{
 $ curl -vvvv https://devel.rtems.org/raw-
 attachment/ticket/4783/0001-checks.c-Ensure-argument-is-an-
 integer-v2.patch
 *   Trying 140.211.10.146...
 * TCP_NODELAY set
 * Connected to devel.rtems.org (140.211.10.146) port 443 (#0)
 * ALPN, offering h2
 * ALPN, offering http/1.1
 * successfully set certificate verify locations:
 *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
   CApath: none
 * TLSv1.3 (OUT), TLS handshake, Client hello (1):
 * TLSv1.3 (IN), TLS handshake, Server hello (2):
 * TLSv1.2 (IN), TLS handshake, Certificate (11):
 * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
 * TLSv1.2 (IN), TLS handshake, Server finished (14):
 * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
 * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
 * TLSv1.2 (OUT), TLS handshake, Finished (20):
 * TLSv1.2 (IN), TLS alert, bad record mac (532):
 * error:140943FC:SSL routines:ssl3_read_bytes:sslv3 alert bad record mac
 * Closing connection 0
 curl: (35) error:140943FC:SSL routines:ssl3_read_bytes:sslv3 alert bad
 record mac
 }}}

--

--
Ticket URL: <http://devel.rtems.org/ticket/4839#comment:2>
RTEMS Project <http://www.rtems.org/>
RTEMS Project

More information about the bugs mailing list