Date: Mon, 24 Aug 2020 05:36:44 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 248867] net/syncthing: SSL errors due to Go 1.15 behaviour change Message-ID: <bug-248867-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D248867 Bug ID: 248867 Summary: net/syncthing: SSL errors due to Go 1.15 behaviour change Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: swills@FreeBSD.org Reporter: james@french.id.au Flags: maintainer-feedback?(swills@FreeBSD.org) Assignee: swills@FreeBSD.org Created attachment 217476 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D217476&action= =3Dedit Backported patch from 1.9 development Go 1.15 has changed certificate handling which has broken the certificates syncthing self-generates for each host. Clients running Go 1.15 & Syncthing 1.8.0 will now error for every connecting host: Bad certificate from <client> at [<client-v6-ip>]:22000-[<client-v6-ip>]:22000/tcp-client/TLS1.3-TLS_AES_128= _GCM_SHA256: x509: certificate relies on legacy Common Name field, use SANs or temporari= ly enable Common Name matching with GODEBUG=3Dx509ignoreCN=3D0 Upstream have fixed this bug in this issue: https://github.com/syncthing/syncthing/issues/6867 The fix will be a part of the upcoming 1.90 release but in the interim 1.80= is currently broken with Go 1.15 (which are both the current versions in the p= orts tree). I have backported the fix and it does apply and build cleanly on 1.8= 0. Build log to follow. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-248867-7788>