Uploaded image for project: 'Bitbucket Cloud'
  1. Bitbucket Cloud
  2. BCLOUD-18846

bitbucket servers require rsa_pkcs1_sha1 even for tlsv1.2 connections

    XMLWordPrintable

    Details

      Description

       $ hg clone https://bitbucket.org/pypy/pypy
      
       destination directory: pypy
       applying clone bundle from https://api.media.atlassian.com/file/ade8a479-34db-4526-9823-6bd33d7703fa/binary?client=b64ca8e6-e703-4cb9-8f30-cae44f70ea24&token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2Nlc3MiOnsidXJuOmZpbGVzdG9yZTpmaWxlOmFkZThhNDc5LTM0ZGItNDUyNi05ODIzLTZiZDMzZDc3MDNmYSI6WyJyZWFkIl19LCJleHAiOjE1NDY3Nzg3NDAsImlzcyI6ImI2NGNhOGU2LWU3MDMtNGNiOS04ZjMwLWNhZTQ0ZjcwZWEyNCIsIm5iZiI6MTU0Njc3ODMyMH0.DyHo3Ft-mk_ixHgL1Q6LXGJ1grzALRLarTtXJKD91rk
       error fetching bundle: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:727)
       abort: error applying bundle
      

      This is Debian Bug BCLOUD-918475.

      It seems that if the rsa_pkcs1_sha1 signature algorithm is not present in the client hello, the server rejects the connection, even though this algorithm is never used.

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            fa0c5f7d67b3 bjmgeek
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: