bug in 3.0.18: gnutls-cli fails to transfer data to gnutls-serv --echo

[Alexandre Bique]

On Thu, Apr 19, 2012 at 09:06, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> On 04/18/2012 11:06 PM, Alexandre Bique wrote:
>
>> I reported the bug first to archlinux, but I forward it here:
>> https://bugs.archlinux.org/task/29531
>> I have a bug with GnuTLS-3.0.18, which is that my httpd server (custom
>> implementation) fails to serve pages to chromium and firefox goes into
>> an infinite loop. But in the other hand, wget (which is linked against
>> openssl) succeed in getting files from my server.
>
> Hello,
>  why you think this is a gnutls error? There are other web servers like
> libmicrohttpd, nxweb or apache's mod_gnutls that as far as I know they
> have no such issues with firefox or chromium.

Yep I had a bug in my code, but for the firefox part, it look like you
can take it down by sending an infinite text file over http, because
it is keeping every thing in memory.

>> There is an easy thing to do to reproduce the bug:
>> - start a gnutls echo server: gnutls-serv --x509keyfile=key.pem
>> --x509certfile=cert.pem -p 4242 --disable-client-cert --nodb --generate
>> --echo
>
>> - start a client, and copy a big file: cat /usr/include/*.h >test-file;
>
>> gnutls-cli --insecure 0.0.0.0 -p 4242 <test-file
>> Then it doesn't work :^)
>
>
> What doesn't work? gnutls-serv is a test server and many things might
> not work. However this seems unrelated to the above where you mention
> incompatibility with chromium and firefox. Does gnutls-serv --http
> work with the browsers you mention?

I'm digging and you may be right, but I still have an error when
"cating" a file through openssl s_client  to gnutls-serv --echo:

openssl s_client ....

RENEGOTIATING
140361428772520:error:140940F5:SSL routines:SSL3_READ_BYTES:unexpected
record:s3_pkt.c:1393:

So do you know why is this happening ? Is it expected ?

And I wonder if it is possible to serve large content-length with
gnutls-serv --http ?

Thanks,
-- 
Alexandre Bique