PDA

View Full Version : SLED 15 SP1 google online account and other TLS problems



bcskogen
27-Jun-2019, 09:06
Hello - after upgrading from SLED 15 to 15SP1 my Google (gnome online account) gmail stopped working and I also have problems to one other IMAP server using TLS. In evolution I get 'The reported error was “Error reading data from TLS socket: The specified session has been invalidated for some reason.”' and for the Google account I get "Error writing data to TLS socket: The specified session has been invalidated for some reason." from gnome-calendar.

From googling around this seems to be related to a libgnutls. Will there be an update soon for 15SP1 or is it caused by something else?

gnutls-cli -p 993 imap.gmail.com
Processed 548 CA certificate(s).
Resolving 'imap.gmail.com:993'...
Connecting to '209.85.233.108:993'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `CN=imap.gmail.com,O=Google LLC,L=Mountain View,ST=California,C=US', issuer `CN=Google Internet Authority G3,O=Google Trust Services,C=US', serial 0x3af82e3b6f2255b3e63136da668e3026, RSA key 2048 bits, signed using RSA-SHA256, activated `2019-06-11 12:31:43 UTC', expires `2019-09-03 12:20:00 UTC', pin-sha256="+MF2ooNXnzi8ZJepkh3ddbyBo0NRYYezX9KyXtH0dnw="
Public Key ID:
sha1:058718ebc21de801f6068d5234ba2cfafa1144f9
sha256:f8c176a283579f38bc6497a9921ddd75bc81a343516 187b35fd2b25ed1f4767c
Public Key PIN:
pin-sha256:+MF2ooNXnzi8ZJepkh3ddbyBo0NRYYezX9KyXtH0dnw =

- Certificate[1] info:
- subject `CN=Google Internet Authority G3,O=Google Trust Services,C=US', issuer `CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R2', serial 0x01e3a9301cfc7206383f9a531d, RSA key 2048 bits, signed using RSA-SHA256, activated `2017-06-15 00:00:42 UTC', expires `2021-12-15 00:00:42 UTC', pin-sha256="f8NnEFZxQ4ExFOhSN7EiFWtiudZQVD2oY60uauV/n78="
- Status: The certificate is trusted.
- Description: (TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
- Options:
- Handshake was completed

- Simple Client Mode:

* OK Gimap ready for requests from 78.70.163.37 h7mb74586847ljc
^C
gnutls-cli -p 993 imap.googlemail.com
Processed 548 CA certificate(s).
Resolving 'imap.googlemail.com:993'...
Connecting to '64.233.164.16:993'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `CN=imap.googlemail.com,O=Google LLC,L=Mountain View,ST=California,C=US', issuer `CN=Google Internet Authority G3,O=Google Trust Services,C=US', serial 0x286453ec69b1535f69e79f9c888bf0ea, RSA key 2048 bits, signed using RSA-SHA256, activated `2019-06-11 12:43:45 UTC', expires `2019-09-03 12:21:00 UTC', pin-sha256="iR3ZwB//XAM33O7Yb+YXyBtIN6HSukyBlwQG7wALDYY="
Public Key ID:
sha1:7a12154d06db62488031a7bc23a25d0983521f10
sha256:891dd9c01fff5c0337dceed86fe617c81b4837a1d2b a4c81970406ef000b0d86
Public Key PIN:
pin-sha256:iR3ZwB//XAM33O7Yb+YXyBtIN6HSukyBlwQG7wALDYY=

- Certificate[1] info:
- subject `CN=Google Internet Authority G3,O=Google Trust Services,C=US', issuer `CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R2', serial 0x01e3a9301cfc7206383f9a531d, RSA key 2048 bits, signed using RSA-SHA256, activated `2017-06-15 00:00:42 UTC', expires `2021-12-15 00:00:42 UTC', pin-sha256="f8NnEFZxQ4ExFOhSN7EiFWtiudZQVD2oY60uauV/n78="
- Status: The certificate is trusted.
- Description: (TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
- Options:
- Handshake was completed

- Simple Client Mode:

* OK Gimap ready for requests from 78.70.163.37 t26mb75031058ltd
^C

AndreasMeyer
27-Jun-2019, 21:30
You can open a Service Request with SUSE:
https://forums.suse.com/showthread.php?13364-Suse-15-nslookup-NXDOMAIN-and-wicked-issue&p=57213#post57213