Re: [Evolution-hackers] evolution failing on TLSv1.3 after gnutls upgrade

[James Bottomley <James Bottomley HansenPartnership com>]

On Thu, 2019-05-16 at 09:05 +0200, Milan Crha via evolution-hackers
wrote:
> On Wed, 2019-05-15 at 15:49 -0700, James Bottomley wrote:
> >     gnutls Add support for timeouts on GnuTLS pulls
> >
> > So if you apply that on top of 2.54.1, the test programme works
> > again.
>
>       Hi,
> do you see from the server logs whether the patched code tried TLS
> v1.3, and then v1.2? I'm only wondering.

My expectation based on the patch is that 1.3 is negotiated
successfully.

I tested against googlemail.com (so no server logs).  I've currently
got an email user out travelling who can't upgrade until I get the
machine back, so I can't test on my server until they come back on
Friday to avoid breaking them.

> After re-reading the previous messages in this thread, you found that
> the development version 2.55.2 works fine. As it's a development
> version, the (usual) distributions may pick the stable version,
> 2.56.0 or later. Or they can find which patch fixed it between 2.55.1
> and 2.55.2 and backport only that one (you referenced that change
> above).

openSUSE has chosen the backport to 2.54.1 route.

> Thinking of it, maybe it's a nonsense to ask them about the TLS
> version downgrade on the fly. My "suggestion" would be over-
> complicated.
>
> In any case, thank you for your time and help on this.

You're welcome,

Regards,

James