[gnutls-devel] 3.2.2 breaks TLS sockets
Dan Winship
danw at gnome.org
Fri Jul 26 15:03:46 CEST 2013
On 07/26/2013 12:53 AM, Nikos Mavrogiannopoulos wrote:
> Thank you, From a quick glimpse it doesn't seem to be something obvious.
> May I ask how did you reproduce it? Did you connect to a server and
> downloaded data? Is it again with gio? What were the cipher and MAC
> being used?
Yes, with gio. I used the "get" test program from the libsoup sources
(basically wget implemented via libsoup). And yes, the error occurred
while reading the response. (So I guess you want to test against a large
resource.)
gio normally uses "NORMAL:%COMPAT", but I verified that the bug happens
without %COMPAT too, and I don't think there's anything else especially
unusual that gio does. So it *should* be possible to reproduce with
gnutls-cli, maybe doing something like:
(printf "GET / HTTP/1.1\r\nHost: $HOST:443\r\nConnection:
close\r\n\r\n"; cat) | gnutls-cli $HOST
I'm attaching a debug log of a failed connection (to trello.com, which
was one of the sites mentioned in one of the bugs).
-- Dan
-------------- next part --------------
GTLS: REC[0x6d4800]: Allocating epoch #0
GTLS: Note that the security level of the Diffie-Hellman key exchange has been lowered to 256 bits and this may allow decryption of the session data
GTLS: ASSERT: gnutls_constate.c:576
GTLS: REC[0x6d4800]: Allocating epoch #1
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_AES_128_GCM_SHA256 (00.9C)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 (00.2F)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256 (00.3C)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 (00.35)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256 (00.3D)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 (00.41)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 (00.84)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 (00.0A)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 (00.05)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_ARCFOUR_MD5 (00.04)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_AES_128_GCM_SHA256 (00.9E)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 (00.33)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA256 (00.67)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 (00.39)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA256 (00.6B)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_AES_128_GCM_SHA256 (00.A2)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 (00.32)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA256 (00.40)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 (00.38)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA256 (00.6A)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 (00.44)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 (00.87)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 (00.13)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 (00.66)
GTLS: EXT[0x6d4800]: Sending extension STATUS REQUEST (5 bytes)
GTLS: EXT[0x6d4800]: Sending extension SERVER NAME (15 bytes)
GTLS: EXT[0x6d4800]: Sending extension SAFE RENEGOTIATION (1 bytes)
GTLS: EXT[0x6d4800]: Sending extension SESSION TICKET (0 bytes)
GTLS: EXT[0x6d4800]: Sending extension SUPPORTED ECC (12 bytes)
GTLS: EXT[0x6d4800]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes)
GTLS: EXT[0x6d4800]: sent signature algo (4.1) RSA-SHA256
GTLS: EXT[0x6d4800]: sent signature algo (4.2) DSA-SHA256
GTLS: EXT[0x6d4800]: sent signature algo (4.3) ECDSA-SHA256
GTLS: EXT[0x6d4800]: sent signature algo (5.1) RSA-SHA384
GTLS: EXT[0x6d4800]: sent signature algo (5.3) ECDSA-SHA384
GTLS: EXT[0x6d4800]: sent signature algo (6.1) RSA-SHA512
GTLS: EXT[0x6d4800]: sent signature algo (6.3) ECDSA-SHA512
GTLS: EXT[0x6d4800]: sent signature algo (3.1) RSA-SHA224
GTLS: EXT[0x6d4800]: sent signature algo (3.2) DSA-SHA224
GTLS: EXT[0x6d4800]: sent signature algo (3.3) ECDSA-SHA224
GTLS: EXT[0x6d4800]: sent signature algo (2.1) RSA-SHA1
GTLS: EXT[0x6d4800]: sent signature algo (2.2) DSA-SHA1
GTLS: EXT[0x6d4800]: sent signature algo (2.3) ECDSA-SHA1
GTLS: EXT[0x6d4800]: Sending extension SIGNATURE ALGORITHMS (28 bytes)
GTLS: HSK[0x6d4800]: CLIENT HELLO was queued [216 bytes]
GTLS: REC[0x6d4800]: Preparing Packet Handshake(22) with length: 216 and target length: 216
GTLS: ENC[0x6d4800]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
GTLS: REC[0x6d4800]: Sent Packet[1] Handshake(22) in epoch 0 and length: 221
GTLS: ASSERT: gnutls_buffers.c:1018
GTLS: REC[0x6d4800]: SSL 3.3 Handshake packet received. Epoch 0, length: 57
GTLS: REC[0x6d4800]: Expected Packet Handshake(22)
GTLS: REC[0x6d4800]: Received Packet Handshake(22) with length: 57
GTLS: REC[0x6d4800]: Decrypted Packet[0] Handshake(22) with length: 57
GTLS: HSK[0x6d4800]: SERVER HELLO (2) was received. Length 53[53], frag offset 0, frag length: 53, sequence: 0
GTLS: HSK[0x6d4800]: Server's version: 3.3
GTLS: HSK[0x6d4800]: SessionID length: 0
GTLS: HSK[0x6d4800]: SessionID: 00
GTLS: HSK[0x6d4800]: Selected cipher suite: RSA_ARCFOUR_SHA1
GTLS: HSK[0x6d4800]: Selected compression method: NULL (0)
GTLS: EXT[0x6d4800]: Parsing extension 'SERVER NAME/0' (0 bytes)
GTLS: EXT[0x6d4800]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes)
GTLS: EXT[0x6d4800]: Parsing extension 'SESSION TICKET/35' (0 bytes)
GTLS: HSK[0x6d4800]: Safe renegotiation succeeded
GTLS: ASSERT: gnutls_buffers.c:1018
GTLS: REC[0x6d4800]: SSL 3.3 Handshake packet received. Epoch 0, length: 5720
GTLS: REC[0x6d4800]: Expected Packet Handshake(22)
GTLS: REC[0x6d4800]: Received Packet Handshake(22) with length: 5720
GTLS: REC[0x6d4800]: Decrypted Packet[1] Handshake(22) with length: 5720
GTLS: HSK[0x6d4800]: CERTIFICATE (11) was received. Length 5716[5716], frag offset 0, frag length: 5716, sequence: 0
GTLS: ASSERT: gnutls_buffers.c:1018
GTLS: REC[0x6d4800]: SSL 3.3 Handshake packet received. Epoch 0, length: 4
GTLS: REC[0x6d4800]: Expected Packet Handshake(22)
GTLS: REC[0x6d4800]: Received Packet Handshake(22) with length: 4
GTLS: REC[0x6d4800]: Decrypted Packet[2] Handshake(22) with length: 4
GTLS: HSK[0x6d4800]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 1, sequence: 0
GTLS: ASSERT: gnutls_buffers.c:1010
GTLS: ASSERT: gnutls_buffers.c:1195
GTLS: HSK[0x6d4800]: CLIENT KEY EXCHANGE was queued [262 bytes]
GTLS: REC[0x6d4800]: Sent ChangeCipherSpec
GTLS: INT: PREMASTER SECRET[48]: 03039be426c089982f88291dfcb156b70118b617ed685d60458038d380beb39e24615f4182bc238b901596add70a41d8
GTLS: INT: CLIENT RANDOM[32]: 51f121d6a1df5bb393da7239e98ce45bfd8c153df0a457e1df35221bcbafa3d4
GTLS: INT: SERVER RANDOM[32]: 51f121d63a2ec60c58b52127776a30193a46dc54fbc9a29bf554f4d9a3c34c0e
GTLS: INT: MASTER SECRET: aef5ae11207a06a0235f09c0f681bc68ac90cdd9d5295809f7423bc256d19c2c4b14fb1914bf94b7ab0a9c35ce5c68ac
GTLS: REC[0x6d4800]: Initializing epoch #1
GTLS: INT: KEY BLOCK[72]: 7a99985c445ed056f87f8c9a882174301fe8ffbabb763579a721c101f0cc29d6
GTLS: INT: CLIENT WRITE KEY [16]: e17ed568834beb08e208f36159eac283
GTLS: INT: SERVER WRITE KEY [16]: 4da8c8858e34e1fd7a64a1fb3f8b8547
GTLS: REC[0x6d4800]: Epoch #1 ready
GTLS: HSK[0x6d4800]: Cipher Suite: RSA_ARCFOUR_SHA1
GTLS: HSK[0x6d4800]: Initializing internal [write] cipher sessions
GTLS: HSK[0x6d4800]: recording tls-unique CB (send)
GTLS: HSK[0x6d4800]: FINISHED was queued [16 bytes]
GTLS: REC[0x6d4800]: Preparing Packet Handshake(22) with length: 262 and target length: 262
GTLS: ENC[0x6d4800]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
GTLS: REC[0x6d4800]: Sent Packet[2] Handshake(22) in epoch 0 and length: 267
GTLS: REC[0x6d4800]: Preparing Packet ChangeCipherSpec(20) with length: 1 and target length: 1
GTLS: ENC[0x6d4800]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
GTLS: REC[0x6d4800]: Sent Packet[3] ChangeCipherSpec(20) in epoch 0 and length: 6
GTLS: REC[0x6d4800]: Preparing Packet Handshake(22) with length: 16 and target length: 16
GTLS: ENC[0x6d4800]: cipher: ARCFOUR-128, MAC: SHA1, Epoch: 1
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Sent Packet[1] Handshake(22) in epoch 1 and length: 41
GTLS: ASSERT: gnutls_buffers.c:1018
GTLS: REC[0x6d4800]: SSL 3.3 Handshake packet received. Epoch 0, length: 186
GTLS: REC[0x6d4800]: Expected Packet Handshake(22)
GTLS: REC[0x6d4800]: Received Packet Handshake(22) with length: 186
GTLS: REC[0x6d4800]: Decrypted Packet[3] Handshake(22) with length: 186
GTLS: HSK[0x6d4800]: NEW SESSION TICKET (4) was received. Length 182[182], frag offset 0, frag length: 182, sequence: 0
GTLS: REC[0x6d4800]: SSL 3.3 ChangeCipherSpec packet received. Epoch 0, length: 1
GTLS: REC[0x6d4800]: Expected Packet ChangeCipherSpec(20)
GTLS: REC[0x6d4800]: Received Packet ChangeCipherSpec(20) with length: 1
GTLS: REC[0x6d4800]: Decrypted Packet[4] ChangeCipherSpec(20) with length: 1
GTLS: HSK[0x6d4800]: Cipher Suite: RSA_ARCFOUR_SHA1
GTLS: ASSERT: gnutls_buffers.c:1018
GTLS: REC[0x6d4800]: SSL 3.3 Handshake packet received. Epoch 0, length: 36
GTLS: REC[0x6d4800]: Expected Packet Handshake(22)
GTLS: REC[0x6d4800]: Received Packet Handshake(22) with length: 36
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Decrypted Packet[0] Handshake(22) with length: 16
GTLS: HSK[0x6d4800]: FINISHED (20) was received. Length 12[12], frag offset 0, frag length: 12, sequence: 0
GTLS: REC[0x6d4800]: Start of epoch cleanup
GTLS: REC[0x6d4800]: Epoch #0 freed
GTLS: REC[0x6d4800]: End of epoch cleanup
GTLS: ASSERT: common.c:906
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: common.c:906
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: common.c:906
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: common.c:906
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: mpi.c:246
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: mpi.c:246
GTLS: ASSERT: dn.c:991
GTLS: REC[0x6d4800]: Preparing Packet Application Data(23) with length: 158 and target length: 158
GTLS: ENC[0x6d4800]: cipher: ARCFOUR-128, MAC: SHA1, Epoch: 1
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Sent Packet[2] Application Data(23) in epoch 1 and length: 183
GTLS: REC[0x6d4800]: SSL 3.3 Application Data packet received. Epoch 0, length: 1449
GTLS: REC[0x6d4800]: Expected Packet Application Data(23)
GTLS: REC[0x6d4800]: Received Packet Application Data(23) with length: 1449
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Decrypted Packet[1] Application Data(23) with length: 1429
GTLS: REC[0x6d4800]: SSL 3.3 Application Data packet received. Epoch 0, length: 13052
GTLS: REC[0x6d4800]: Expected Packet Application Data(23)
GTLS: REC[0x6d4800]: Received Packet Application Data(23) with length: 13052
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Decrypted Packet[2] Application Data(23) with length: 13032
GTLS: REC[0x6d4800]: SSL 3.3 Application Data packet received. Epoch 0, length: 11604
GTLS: REC[0x6d4800]: Expected Packet Application Data(23)
GTLS: REC[0x6d4800]: Received Packet Application Data(23) with length: 11604
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Decrypted Packet[3] Application Data(23) with length: 11584
GTLS: REC[0x6d4800]: SSL 3.3 Application Data packet received. Epoch 0, length: 16404
GTLS: REC[0x6d4800]: Expected Packet Application Data(23)
GTLS: REC[0x6d4800]: Received Packet Application Data(23) with length: 16404
GTLS: ASSERT: mac.c:253
GTLS: ASSERT: gnutls_cipher.c:713
GTLS: ASSERT: gnutls_cipher.c:188
GTLS: ASSERT: gnutls_record.c:1217
GTLS: Discarded message[4] due to invalid decryption
GTLS: ASSERT: gnutls_record.c:1393
GTLS: ASSERT: gnutls_buffers.c:613
GTLS: REC: Sending Alert[1|0] - Close notify
GTLS: REC[0x6d4800]: Preparing Packet Alert(21) with length: 2 and target length: 2
GTLS: ENC[0x6d4800]: cipher: ARCFOUR-128, MAC: SHA1, Epoch: 1
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Sent Packet[3] Alert(21) in epoch 1 and length: 27
GTLS: REC[0x6d4800]: Start of epoch cleanup
GTLS: REC[0x6d4800]: End of epoch cleanup
GTLS: REC[0x6d4800]: Epoch #1 freed
GTLS: REC[0x6d4800]: Allocating epoch #0
GTLS: Note that the security level of the Diffie-Hellman key exchange has been lowered to 256 bits and this may allow decryption of the session data
GTLS: ASSERT: gnutls_constate.c:576
GTLS: REC[0x6d4800]: Allocating epoch #1
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_AES_128_GCM_SHA256 (00.9C)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 (00.2F)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256 (00.3C)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 (00.35)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256 (00.3D)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 (00.41)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 (00.84)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 (00.0A)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 (00.05)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: RSA_ARCFOUR_MD5 (00.04)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_AES_128_GCM_SHA256 (00.9E)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 (00.33)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA256 (00.67)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 (00.39)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA256 (00.6B)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_AES_128_GCM_SHA256 (00.A2)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 (00.32)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA256 (00.40)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 (00.38)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA256 (00.6A)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 (00.44)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 (00.87)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 (00.13)
GTLS: HSK[0x6d4800]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 (00.66)
GTLS: EXT[0x6d4800]: Sending extension STATUS REQUEST (5 bytes)
GTLS: EXT[0x6d4800]: Sending extension SERVER NAME (15 bytes)
GTLS: EXT[0x6d4800]: Sending extension SAFE RENEGOTIATION (1 bytes)
GTLS: EXT[0x6d4800]: Sending extension SESSION TICKET (0 bytes)
GTLS: EXT[0x6d4800]: Sending extension SUPPORTED ECC (12 bytes)
GTLS: EXT[0x6d4800]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes)
GTLS: EXT[0x6d4800]: sent signature algo (4.1) RSA-SHA256
GTLS: EXT[0x6d4800]: sent signature algo (4.2) DSA-SHA256
GTLS: EXT[0x6d4800]: sent signature algo (4.3) ECDSA-SHA256
GTLS: EXT[0x6d4800]: sent signature algo (5.1) RSA-SHA384
GTLS: EXT[0x6d4800]: sent signature algo (5.3) ECDSA-SHA384
GTLS: EXT[0x6d4800]: sent signature algo (6.1) RSA-SHA512
GTLS: EXT[0x6d4800]: sent signature algo (6.3) ECDSA-SHA512
GTLS: EXT[0x6d4800]: sent signature algo (3.1) RSA-SHA224
GTLS: EXT[0x6d4800]: sent signature algo (3.2) DSA-SHA224
GTLS: EXT[0x6d4800]: sent signature algo (3.3) ECDSA-SHA224
GTLS: EXT[0x6d4800]: sent signature algo (2.1) RSA-SHA1
GTLS: EXT[0x6d4800]: sent signature algo (2.2) DSA-SHA1
GTLS: EXT[0x6d4800]: sent signature algo (2.3) ECDSA-SHA1
GTLS: EXT[0x6d4800]: Sending extension SIGNATURE ALGORITHMS (28 bytes)
GTLS: HSK[0x6d4800]: CLIENT HELLO was queued [216 bytes]
GTLS: REC[0x6d4800]: Preparing Packet Handshake(22) with length: 216 and target length: 216
GTLS: ENC[0x6d4800]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
GTLS: REC[0x6d4800]: Sent Packet[1] Handshake(22) in epoch 0 and length: 221
GTLS: ASSERT: gnutls_buffers.c:1018
GTLS: REC[0x6d4800]: SSL 3.3 Handshake packet received. Epoch 0, length: 57
GTLS: REC[0x6d4800]: Expected Packet Handshake(22)
GTLS: REC[0x6d4800]: Received Packet Handshake(22) with length: 57
GTLS: REC[0x6d4800]: Decrypted Packet[0] Handshake(22) with length: 57
GTLS: HSK[0x6d4800]: SERVER HELLO (2) was received. Length 53[53], frag offset 0, frag length: 53, sequence: 0
GTLS: HSK[0x6d4800]: Server's version: 3.3
GTLS: HSK[0x6d4800]: SessionID length: 0
GTLS: HSK[0x6d4800]: SessionID: 00
GTLS: HSK[0x6d4800]: Selected cipher suite: RSA_ARCFOUR_SHA1
GTLS: HSK[0x6d4800]: Selected compression method: NULL (0)
GTLS: EXT[0x6d4800]: Parsing extension 'SERVER NAME/0' (0 bytes)
GTLS: EXT[0x6d4800]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes)
GTLS: EXT[0x6d4800]: Parsing extension 'SESSION TICKET/35' (0 bytes)
GTLS: HSK[0x6d4800]: Safe renegotiation succeeded
GTLS: ASSERT: gnutls_buffers.c:1018
GTLS: REC[0x6d4800]: SSL 3.3 Handshake packet received. Epoch 0, length: 5720
GTLS: REC[0x6d4800]: Expected Packet Handshake(22)
GTLS: REC[0x6d4800]: Received Packet Handshake(22) with length: 5720
GTLS: REC[0x6d4800]: Decrypted Packet[1] Handshake(22) with length: 5720
GTLS: HSK[0x6d4800]: CERTIFICATE (11) was received. Length 5716[5716], frag offset 0, frag length: 5716, sequence: 0
GTLS: ASSERT: gnutls_buffers.c:1018
GTLS: REC[0x6d4800]: SSL 3.3 Handshake packet received. Epoch 0, length: 4
GTLS: REC[0x6d4800]: Expected Packet Handshake(22)
GTLS: REC[0x6d4800]: Received Packet Handshake(22) with length: 4
GTLS: REC[0x6d4800]: Decrypted Packet[2] Handshake(22) with length: 4
GTLS: HSK[0x6d4800]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 1, sequence: 0
GTLS: ASSERT: gnutls_buffers.c:1010
GTLS: ASSERT: gnutls_buffers.c:1195
GTLS: HSK[0x6d4800]: CLIENT KEY EXCHANGE was queued [262 bytes]
GTLS: REC[0x6d4800]: Sent ChangeCipherSpec
GTLS: INT: PREMASTER SECRET[48]: 0303df46651a2a972ad4a012d71b8be7a9ac44afa562f846481dc23d787ff4ad8e2a165eb5ef037a02a553acf1821f03
GTLS: INT: CLIENT RANDOM[32]: 51f121d6883b8172a35b4e0085010878a218159e4f3f7df3c699c227fb6d3e8a
GTLS: INT: SERVER RANDOM[32]: 51f121d6ad79d869887e333d72fa64737fbd4695c9e7b565c2b073475703d78e
GTLS: INT: MASTER SECRET: 29c5115dee9c934495f19582a1c1f0d96ad1cc66763e2389f7e65060e936bffbbd92c9feb0fa63192d90cffd8c0bb64f
GTLS: REC[0x6d4800]: Initializing epoch #1
GTLS: INT: KEY BLOCK[72]: 65706fd236bb7aef09c5ce34c45931e58bea83aad123c4c4c4cbf745da0731e0
GTLS: INT: CLIENT WRITE KEY [16]: 61eec43c50d834e8765f5f2e67175e2f
GTLS: INT: SERVER WRITE KEY [16]: bf1aac66bfe1aafcca28e9214c447df0
GTLS: REC[0x6d4800]: Epoch #1 ready
GTLS: HSK[0x6d4800]: Cipher Suite: RSA_ARCFOUR_SHA1
GTLS: HSK[0x6d4800]: Initializing internal [write] cipher sessions
GTLS: HSK[0x6d4800]: recording tls-unique CB (send)
GTLS: HSK[0x6d4800]: FINISHED was queued [16 bytes]
GTLS: REC[0x6d4800]: Preparing Packet Handshake(22) with length: 262 and target length: 262
GTLS: ENC[0x6d4800]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
GTLS: REC[0x6d4800]: Sent Packet[2] Handshake(22) in epoch 0 and length: 267
GTLS: REC[0x6d4800]: Preparing Packet ChangeCipherSpec(20) with length: 1 and target length: 1
GTLS: ENC[0x6d4800]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
GTLS: REC[0x6d4800]: Sent Packet[3] ChangeCipherSpec(20) in epoch 0 and length: 6
GTLS: REC[0x6d4800]: Preparing Packet Handshake(22) with length: 16 and target length: 16
GTLS: ENC[0x6d4800]: cipher: ARCFOUR-128, MAC: SHA1, Epoch: 1
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Sent Packet[1] Handshake(22) in epoch 1 and length: 41
GTLS: ASSERT: gnutls_buffers.c:1018
GTLS: REC[0x6d4800]: SSL 3.3 Handshake packet received. Epoch 0, length: 186
GTLS: REC[0x6d4800]: Expected Packet Handshake(22)
GTLS: REC[0x6d4800]: Received Packet Handshake(22) with length: 186
GTLS: REC[0x6d4800]: Decrypted Packet[3] Handshake(22) with length: 186
GTLS: HSK[0x6d4800]: NEW SESSION TICKET (4) was received. Length 182[182], frag offset 0, frag length: 182, sequence: 0
GTLS: REC[0x6d4800]: SSL 3.3 ChangeCipherSpec packet received. Epoch 0, length: 1
GTLS: REC[0x6d4800]: Expected Packet ChangeCipherSpec(20)
GTLS: REC[0x6d4800]: Received Packet ChangeCipherSpec(20) with length: 1
GTLS: REC[0x6d4800]: Decrypted Packet[4] ChangeCipherSpec(20) with length: 1
GTLS: HSK[0x6d4800]: Cipher Suite: RSA_ARCFOUR_SHA1
GTLS: ASSERT: gnutls_buffers.c:1018
GTLS: REC[0x6d4800]: SSL 3.3 Handshake packet received. Epoch 0, length: 36
GTLS: REC[0x6d4800]: Expected Packet Handshake(22)
GTLS: REC[0x6d4800]: Received Packet Handshake(22) with length: 36
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Decrypted Packet[0] Handshake(22) with length: 16
GTLS: HSK[0x6d4800]: FINISHED (20) was received. Length 12[12], frag offset 0, frag length: 12, sequence: 0
GTLS: REC[0x6d4800]: Start of epoch cleanup
GTLS: REC[0x6d4800]: Epoch #0 freed
GTLS: REC[0x6d4800]: End of epoch cleanup
GTLS: ASSERT: common.c:906
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: common.c:906
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: common.c:906
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: common.c:906
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: mpi.c:246
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: dn.c:991
GTLS: ASSERT: mpi.c:246
GTLS: ASSERT: dn.c:991
GTLS: REC[0x6d4800]: Preparing Packet Application Data(23) with length: 173 and target length: 173
GTLS: ENC[0x6d4800]: cipher: ARCFOUR-128, MAC: SHA1, Epoch: 1
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Sent Packet[2] Application Data(23) in epoch 1 and length: 198
GTLS: REC[0x6d4800]: SSL 3.3 Application Data packet received. Epoch 0, length: 2897
GTLS: REC[0x6d4800]: Expected Packet Application Data(23)
GTLS: REC[0x6d4800]: Received Packet Application Data(23) with length: 2897
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Decrypted Packet[1] Application Data(23) with length: 2877
GTLS: REC[0x6d4800]: SSL 3.3 Application Data packet received. Epoch 0, length: 11604
GTLS: REC[0x6d4800]: Expected Packet Application Data(23)
GTLS: REC[0x6d4800]: Received Packet Application Data(23) with length: 11604
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Decrypted Packet[2] Application Data(23) with length: 11584
GTLS: REC[0x6d4800]: SSL 3.3 Application Data packet received. Epoch 0, length: 1468
GTLS: REC[0x6d4800]: Expected Packet Application Data(23)
GTLS: REC[0x6d4800]: Received Packet Application Data(23) with length: 1468
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Decrypted Packet[3] Application Data(23) with length: 1448
GTLS: REC[0x6d4800]: SSL 3.3 Application Data packet received. Epoch 0, length: 16404
GTLS: REC[0x6d4800]: Expected Packet Application Data(23)
GTLS: REC[0x6d4800]: Received Packet Application Data(23) with length: 16404
GTLS: ASSERT: mac.c:253
GTLS: ASSERT: gnutls_cipher.c:713
GTLS: ASSERT: gnutls_cipher.c:188
GTLS: ASSERT: gnutls_record.c:1217
GTLS: Discarded message[4] due to invalid decryption
GTLS: ASSERT: gnutls_record.c:1393
GTLS: ASSERT: gnutls_buffers.c:613
GTLS: REC: Sending Alert[1|0] - Close notify
GTLS: REC[0x6d4800]: Preparing Packet Alert(21) with length: 2 and target length: 2
GTLS: ENC[0x6d4800]: cipher: ARCFOUR-128, MAC: SHA1, Epoch: 1
GTLS: ASSERT: mac.c:253
GTLS: REC[0x6d4800]: Sent Packet[3] Alert(21) in epoch 1 and length: 27
GTLS: REC[0x6d4800]: Start of epoch cleanup
GTLS: REC[0x6d4800]: End of epoch cleanup
GTLS: REC[0x6d4800]: Epoch #1 freed
/: 6 Error reading data from TLS socket: Decryption has failed. (0x0)
More information about the Gnutls-devel
mailing list