Deluge Forum

Support Forum for the Deluge BitTorrent Client
https://forum.deluge-torrent.org/

Broken compatability 1.3.9 <-> 1.3.10

https://forum.deluge-torrent.org/viewtopic.php?t=48797

Page 1 of 1

Broken compatability 1.3.9 <-> 1.3.10

Posted: Mon Oct 20, 2014 11:32 am
by jonasl
Hi,

I've been using deluge for some time and I am running it with the following setup:
deluged on my Raspberry PI running raspbian (which is based on Debian testing).
deluge-gtk on my desktop running debian unstable.

This worked fine until I updated both machines some days ago and deluged is now running 1.3.9 and deluge-gtk is 1.3.10.
Whenever I try to connect to deluged using deluge-gtk I get the following error:

Code: Select all

[INFO    ] 13:20:18 rpcserver:203 Deluge Client connection made from: 192.168.1.120:41509
[INFO    ] 13:20:18 rpcserver:223 Deluge client disconnected: [('SSL routines', 'SSL3_READ_BYTES', 'ssl handshake failure')]
I looked at the git log and noticed the following change in 1.3.10:
commit 26f5be17609a8312c4ba06aa120ed208cd7876f2
Author: Calum Lind <...>
Date: Wed Oct 15 18:44:02 2014 +0100

[WebUI] Security update for POODLE vulnerability

WebUI with HTTPS enabled is vulnerable to POODLE (CVE­-2014­-3566), so switch from
SSLv3 to TLSv1.
Is this related somehow? Or is it some kind of other bug I've encountered?

Also I wonder if there is any policy regarding compatability between versions? Should all users be forced to use the exact same revision (for instance 1.3.10) on the client+daemon or should the users only be forced to use the same minor version (i.e. 1.3.X)?

Re: Broken compatability 1.3.9 <-> 1.3.10

Posted: Sun Oct 26, 2014 3:51 am
by NuttBoxer
I think I'm also experiencing an issue from this change. I was previously on 1.3.7, WebUI through Firefox 33 for Ubuntu:

An error occurred during a connection to server:8112. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)

Re: Broken compatability 1.3.9 <-> 1.3.10

Posted: Sun Oct 26, 2014 4:04 am
by NuttBoxer
This may have been some sort of initial hiccup after install of 1.3.10 and reboot of server. Just tried again, and webui is back up. Sorry if my post detracts from Jonasi's original issue.

Re: Broken compatability 1.3.9 <-> 1.3.10

Posted: Mon Oct 27, 2014 12:57 am
by Sentinel
Probably fixed with this update: https://packages.qa.debian.org/d/deluge ... 0355Z.html

Re: Broken compatability 1.3.9 <-> 1.3.10

Posted: Mon Oct 27, 2014 2:31 pm
by jonasl
Sentinel wrote:Probably fixed with this update: https://packages.qa.debian.org/d/deluge ... 0355Z.html
Yes, it was solved with that package. Thanks.

Re: Broken compatability 1.3.9 <-> 1.3.10

Posted: Tue Mar 31, 2015 12:36 am
by auspex
Thanks so much for this. I was pulling out my hair trying to figure out why a Raspberry Pi (Raspbian) could connect to itself via either localhost or the external IP, but my Debian Sid system couldn't because of the SSLv3 error (both claiming to be using 1.3.10). Once I got both of them using the PPA version, the problem was fixed.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited