There is no easy way to gracefully handle weak crypto. It has been known for more than five years that 1024 bit (or rather <2048 bit) DH primes need to be considered weak and should not be used - https://weakdh.org/ - GnuTLS > 3.2 does the right thing in having services which still have not taken action to use contemporary (non weak) crypto fail by default, so that users will become aware of the fact they are (were) connecting insecurely, and these services can be more easily identified and fixed.
In some cases, using clients (and software versions of client) which support higher TLS protocol versions can work around this problem (if remote servers support strong ciphers on higher TLS protocol versions; example: https://www.ssllabs.com/ssltest/analyze.html?d=mail.nhs.net&hideResults=on ). It *may* be possible to continue to allow for insecure connections by setting the GnuTLS priority string to include LEGACY as per https://gnutls.org/manual/html_node/Priority-Strings.html -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-online-accounts in Ubuntu. https://bugs.launchpad.net/bugs/1860461 Title: libgnutls30 3.6.11.1-2ubuntu2 (Ubuntu 20.04) breaks pulseui client with error "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not acceptable (not long enough)." Status in evolution package in Ubuntu: Confirmed Status in gnome-online-accounts package in Ubuntu: Confirmed Status in gnutls28 package in Ubuntu: Confirmed Bug description: After upgrade to 20.04 package libgnutls30 broke pulseUI VPN client with the following error: "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not acceptable (not long enough)." I had to revert the package to the 19.10 version (3.6.9-5ubuntu1) and to install 19.10 dependency libhogweed4 3.4.1-1 to fix it. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: libgnutls30 3.6.9-5ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-9.12-generic 5.4.3 Uname: Linux 5.4.0-9-generic x86_64 ApportVersion: 2.20.11-0ubuntu15 Architecture: amd64 Date: Tue Jan 21 17:48:39 2020 InstallationDate: Installed on 2017-06-21 (943 days ago) InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412) SourcePackage: gnutls28 UpgradeStatus: Upgraded to focal on 2020-01-10 (10 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evolution/+bug/1860461/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
