aria2c 必須使用未知的 TLS 協議連接到另一端，為什麼？

當我跑

aria2c https://www.example.com

我明白了

02/24 15:33:38 [WARN] aria2c had to connect to the other side using an unknown TLS protocol. The integrity and confidentiality of the connection might be compromised.

為什麼是這樣？請注意，這不是特定於www.example.com; 它發生在許多（如果不是全部）主機上。

作為參考，這是（編輯的）日誌：

[INFO] [Context.cc:182] aria2 1.34.0
[INFO] [Context.cc:183] gcc 8.2.1 20181127
 built by  x86_64-pc-linux-gnu
 on        Feb  8 2019 09:32:06
[INFO] [Context.cc:185] zlib/1.2.11 libxml2/2.9.9 sqlite3/3.26.0 GnuTLS/3.6.6 nettle GMP/6.1.2 c-ares/1.15.0 libssh2/1.8.0
[INFO] [Context.cc:186] Logging started.
[DEBUG] [Context.cc:216] Not setting rlimit NO_FILE: 1024 >= 1024
[NOTICE] [Context.cc:311] Downloading 1 item(s)
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3902
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3952
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:990
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:990
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:990
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:990
[INFO] [LibgnutlsTLSContext.cc:158] 135 certificate(s) were imported.
[DEBUG] [RequestGroupMan.cc:591] 1 RequestGroup(s) added.
[DEBUG] [AbstractCommand.cc:184] CUID#7 - socket: read:0, write:0, hup:0, err:0
[DEBUG] [FeedbackURISelector.cc:162] Selected from normCands
[DEBUG] [FeedbackURISelector.cc:84] FeedbackURISelector selected https://www.example.com
[DEBUG] [AbstractCommand.cc:184] CUID#7 - socket: read:0, write:0, hup:0, err:0
[INFO] [AsyncNameResolverMan.cc:83] CUID#7 - Resolving hostname www.example.com
[DEBUG] [EpollEventPoll.cc:260] Failed to delete socket event:Bad file descriptor
[DEBUG] [AbstractCommand.cc:184] CUID#7 - socket: read:0, write:0, hup:0, err:0
[INFO] [AbstractCommand.cc:817] CUID#7 - Name resolution complete: www.example.com -> 93.184.216.34
[INFO] [HttpInitiateConnectionCommand.cc:123] CUID#7 - Connecting to 93.184.216.34:443
[DEBUG] [AbstractCommand.cc:184] CUID#7 - socket: read:0, write:0, hup:0, err:0
[DEBUG] [AbstractCommand.cc:184] CUID#7 - socket: read:0, write:1, hup:0, err:0
[DEBUG] [AbstractCommand.cc:184] CUID#7 - socket: read:0, write:1, hup:0, err:0
[DEBUG] [SocketCore.cc:926] Creating TLS session
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Allocating epoch #0
[DEBUG] [Platform.cc:86] GnuTLS: <2> added 6 protocols, 29 ciphersuites, 17 sig algos and 9 groups into priority list
[DEBUG] [SocketCore.cc:946] TLS Handshaking
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Allocating epoch #1
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: Adv. version: 3.3
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
[DEBUG] [Platform.cc:86] GnuTLS: <2> Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Maximum Record Size/1) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (OCSP Status Request/5) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension OCSP Status Request/5 (5 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Client Certificate Type/19) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Server Certificate Type/20) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Supported Groups/10) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sent group SECP256R1 (0x17)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sent group SECP384R1 (0x18)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sent group SECP521R1 (0x19)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sent group X25519 (0x1d)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sent group FFDHE2048 (0x100)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sent group FFDHE3072 (0x101)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sent group FFDHE4096 (0x102)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sent group FFDHE6144 (0x103)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sent group FFDHE8192 (0x104)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Supported Groups/10 (20 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Supported EC Point Formats/11 (2 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (SRP/12) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Signature Algorithms/13) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (4.1) RSA-SHA256
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (8.9) RSA-PSS-SHA256
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (4.3) ECDSA-SHA256
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (8.7) EdDSA-Ed25519
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (5.1) RSA-SHA384
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (8.10) RSA-PSS-SHA384
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (5.3) ECDSA-SHA384
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (6.1) RSA-SHA512
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (8.11) RSA-PSS-SHA512
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (6.3) ECDSA-SHA512
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sent signature algo (2.1) RSA-SHA1
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Signature Algorithms/13 (30 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (SRTP/14) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Heartbeat/15) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (ALPN/16) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Encrypt-then-MAC/22 (0 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Extended Master Secret/23) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Extended Master Secret/23 (0 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Session Ticket/35) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Session Ticket/35 (0 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Key Share/51) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sending key share for SECP256R1
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: sending key share for X25519
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Key Share/51 (107 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Supported Versions/43) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <2> Advertizing version 3.4
[DEBUG] [Platform.cc:86] GnuTLS: <2> Advertizing version 3.3
[DEBUG] [Platform.cc:86] GnuTLS: <2> Advertizing version 3.2
[DEBUG] [Platform.cc:86] GnuTLS: <2> Advertizing version 3.1
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Supported Versions/43 (9 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Post Handshake Auth/49) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Safe Renegotiation/65281 (1 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Server Name Indication/0) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <2> HSK[0x7fffd8c6c880]: sent server name: 'www.example.com'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Server Name Indication/0 (20 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Cookie/44) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Early Data/42) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Record Size Limit/28) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Sending extension Record Size Limit/28 (2 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (ClientHello Padding/21) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Preparing extension (Pre Shared Key/41) for 'client hello'
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: CLIENT HELLO was queued [354 bytes]
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Preparing Packet Handshake(22) with length: 354 and min pad: 0
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Sent Packet[1] Handshake(22) in epoch 0 and length: 359
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[get_last_packet]:1171
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[_gnutls_io_read_buffered]:589
[DEBUG] [AbstractCommand.cc:184] CUID#7 - socket: read:1, write:0, hup:0, err:0
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[get_last_packet]:1171
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: SSL 3.3 Handshake packet received. Epoch 0, length: 123
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Expected Packet Handshake(22)
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Received Packet Handshake(22) with length: 123
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Decrypted Packet[0] Handshake(22) with length: 123
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: SERVER HELLO (2) was received. Length 119[119], frag offset 0, frag length: 119, sequence: 0
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[get_last_packet]:1162
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1413
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: Server's version: 3.3
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Parsing extension 'Supported Versions/43' (2 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Negotiated version: 3.4
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: Selected cipher suite: GNUTLS_AES_256_GCM_SHA384
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Parsing extension 'Key Share/51' (69 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: Selected group SECP256R1 (2)
[DEBUG] [Platform.cc:86] GnuTLS: <2> EXT[0x7fffd8c6c880]: client generated SECP256R1 shared key
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
[DEBUG] [Platform.cc:86] GnuTLS: <4> REC[0x7fffd8c6c880]: Sent ChangeCipherSpec
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Initializing epoch #1
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Epoch #1 ready
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[get_last_packet]:1171
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Expected Packet Handshake(22)
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Received Packet ChangeCipherSpec(20) with length: 1
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: SSL 3.3 Application Data packet received. Epoch 1, length: 27
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Expected Packet Handshake(22)
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Received Packet Application Data(23) with length: 27
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Decrypted Packet[0] Handshake(22) with length: 10
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: ENCRYPTED EXTENSIONS (8) was received. Length 6[6], frag offset 0, frag length: 6, sequence: 0
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: parsing encrypted extensions
[DEBUG] [Platform.cc:86] GnuTLS: <4> EXT[0x7fffd8c6c880]: Parsing extension 'Server Name Indication/0' (0 bytes)
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[get_last_packet]:1171
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: SSL 3.3 Application Data packet received. Epoch 1, length: 4502
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Expected Packet Handshake(22)
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Received Packet Application Data(23) with length: 4502
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Decrypted Packet[1] Handshake(22) with length: 4485
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: CERTIFICATE (11) was received. Length 4481[4481], frag offset 0, frag length: 4481, sequence: 0
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[get_last_packet]:1162
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1413
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: parsing certificate message
[DEBUG] [Platform.cc:86] GnuTLS: <4> Found OCSP response on cert 0
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[get_last_packet]:1171
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: SSL 3.3 Application Data packet received. Epoch 1, length: 281
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Expected Packet Handshake(22)
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Received Packet Application Data(23) with length: 281
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Decrypted Packet[2] Handshake(22) with length: 264
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: CERTIFICATE VERIFY (15) was received. Length 260[260], frag offset 0, frag length: 260, sequence: 0
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: Parsing certificate verify
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: buffers.c[get_last_packet]:1171
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: SSL 3.3 Application Data packet received. Epoch 1, length: 69
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Expected Packet Handshake(22)
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Received Packet Application Data(23) with length: 69
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Decrypted Packet[3] Handshake(22) with length: 52
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: FINISHED (20) was received. Length 48[48], frag offset 0, frag length: 48, sequence: 0
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: parsing finished
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: sending finished
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: FINISHED was queued [52 bytes]
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Preparing Packet Handshake(22) with length: 52 and min pad: 0
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Sent Packet[1] Handshake(22) in epoch 1 and length: 74
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: constate.c[_gnutls_epoch_get]:901
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Allocating epoch #2
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Initializing epoch #2
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Epoch #2 ready
[DEBUG] [Platform.cc:86] GnuTLS: <4> HSK[0x7fffd8c6c880]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Start of epoch cleanup
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Epoch #0 freed
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: Epoch #1 freed
[DEBUG] [Platform.cc:86] GnuTLS: <5> REC[0x7fffd8c6c880]: End of epoch cleanup
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: ocsp.c[find_signercert]:1996
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: common.c[_gnutls_x509_der_encode]:876
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: ocsp.c[find_signercert]:2091
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: ocsp.c[gnutls_ocsp_resp_verify]:2352
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: ocsp.c[find_signercert]:1996
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: common.c[_gnutls_x509_der_encode]:876
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: ocsp.c[find_signercert]:2091
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: mpi.c[wrap_nettle_mpi_print]:60
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: mpi.c[wrap_nettle_mpi_print]:60
[DEBUG] [Platform.cc:86] GnuTLS: <3> ocsp signer: subject `CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US', issuer `CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US', serial 0x01fda3eb6eca75c888438b724bcfbc91, RSA key 2048 bits, signed using RSA-SHA256, activated `2013-03-08 12:00:00 UTC', expires `2023-03-08 12:00:00 UTC', pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: ocsp.c[gnutls_ocsp_resp_get_single]:1649
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: name_constraints.c[gnutls_x509_crt_get_name_constraints]:470
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: name_constraints.c[gnutls_x509_crt_get_name_constraints]:470
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110
[DEBUG] [Platform.cc:86] GnuTLS: <3> ASSERT: x509.c[get_alt_name]:1815
[WARN] [SocketCore.cc:979] aria2c had to connect to the other side using an unknown TLS protocol. The integrity and confidentiality of the connection might be compromised.
Peer: www.example.com (93.184.216.34:443)

02/24 15:38:26 [WARN] aria2c had to connect to the other side using an unknown TLS protocol. The integrity and confidentiality of the connection might be compromised.
...

您的日誌表明aria2c正在使用 GnuTLS 庫，該庫選擇 TLS 1.3，因為 GnuTLS 庫和伺服器都支持它。

但是根據這個更新檔，aria2c直到 2019 年 4 月 7 日才知道 TLS 1.3 的存在。而且由於您的問題是 2 月 24 日，因此您的日誌片段顯然比該更新檔更舊。

因此，這只是 GnuTLS 庫報告它正在使用 TLS 1.3 並且aria2c不了解“TLS 1.3”是什麼。

一旦您更新aria2c到包含該更新檔的版本，aria2c就會了解 GnuTLS 在報告使用 TLS 1.3 的連接時所說的內容，並且能夠正確地向使用者報告，因此問題就會消失。

不幸的是，在撰寫本文時，最新版本是 1.34.0，它於 2018 年 5 月發布，因此它太舊，無法包含 TLS 1.3 更新檔。在創建新的發布版本之前，獲得支持 TLS 1.3 的版本而沒有那些煩人的消息aria2c的唯一方法是從 GitHub 獲取最新的原始碼並自己編譯，或者找人分發1.34的修改版本.0 與此更新檔向後移植。aria2c``aria2c

---

aria2c1.35.0 版本於 2019 年 10 月 6 日發布，該版本最終包含 TLS 1.3 支持。

引用自：https://unix.stackexchange.com/questions/502763