On Tue, Sep 22, 2020 at 08:36:21AM -0400, Maxim Cournoyer wrote:
> Tested on core-updates commit d08f5299e62ca8f5f36f4f6ddf3fcd739d157074.
> 
> =========================================
>    GnuTLS 3.6.12: tests/test-suite.log
> =========================================
> 
> # TOTAL: 411
> # PASS:  393
> # SKIP:  17
> # XFAIL: 0
> # FAIL:  1
> # XPASS: 0
> # ERROR: 0
> 
> [...]
> 
> FAIL: fastopen.sh
> =================
> 
> Checking Fast open
> Echo Server listening on IPv4 0.0.0.0 port 6169...done
> Echo Server listening on IPv6 :: port 6169...done
> *** Fatal error: Error in the push function.
> Could not connect to 127.0.0.1:6169: Transport endpoint is already connected
> Processed 1 CA certificate(s).
> Resolving 'localhost:6169'...
> Connecting to '127.0.0.1:6169' (TFO)...
> - Certificate type: X.509
> - Got a certificate list of 1 certificates.
> - Certificate[0] info:
>  - subject `CN=GnuTLS Test Server (RSA certificate)', issuer `CN=GnuTLS Test CA', serial 0x4de0b4ca, RSA key 2432 bits, signed using RSA-SHA256, activated `2011-05-28 08:39:39 UTC', expires `2038-10-12 08:39:40 UTC', pin-sha256="ZCnc2x+EUztg6ShnEvwtcHxusyXqJ5RJLNCDLc+lVNE="
>         Public Key ID:
>                 sha1:482334530a8931384a5aeacab6d2a6dece1d2b18
>                 sha256:6429dcdb1f84533b60e9286712fc2d707c6eb325ea2794492cd0832dcfa554d1
>         Public Key PIN:
>                 pin-sha256:ZCnc2x+EUztg6ShnEvwtcHxusyXqJ5RJLNCDLc+lVNE=
> 
> - Status: The certificate is trusted. 
> - Successfully sent 0 certificate(s) to server.
> Failure: 1. TLS1.2 handshake should have succeeded!
> Exiting via signal 15
> FAIL fastopen.sh (exit status: 1)

gnutls-3.6.14 also still fails after upgrading libgcrypt to 1.8.6.

-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted