TLS 1.2 server

Daiki Ueno ueno at unixuser.org
Wed Sep 30 22:37:55 CEST 2009


>>>>> In <87eipo4jgc.fsf at mocca.josefsson.org> 
>>>>>	Simon Josefsson <simon at josefsson.org> wrote:
> >> The x509self self-test started failing, and it may be TLS 1.2 related.
> >> Can you take a look?
> >
> > Sure, but I couldn't reproduce the failure.  What architecture did you
> > run the test on?

> Debian x86.

I'm now able to reproduce it on x86.  I wonder why this is not the case
on amd64.

> >> ==12233== Invalid read of size 4
> >> ==12233==    at 0x40479CC: _gnutls_hash_deinit (gnutls_hash_int.c:172)
> >> ==12233==    by 0x4058683: _gnutls_tls_sign_hdata (gnutls_sig.c:157)

It should be fixed with:
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=01c50c13f7e7a1d676451015ef66c95511d1d734

That was actually my mistake - when I changed the underlying hash
function from SHA-1 to SHA256, I forgot to increase the buffer size of
internal hash values.

Regards,
-- 
Daiki Ueno





More information about the Gnutls-devel mailing list