SSL handshake fails between libcurl and libgnutls/MHD
Daniel Stenberg
daniel at haxx.se
Thu Jan 19 23:40:44 CET 2012
On Thu, 19 Jan 2012, Christian Grothoff wrote:
> One of our tests also provokes a failure by selecting incompatible versions
> of the SSL protocol. With older versions, that test produces ONCE:
>
> curl version: libcurl/7.21.3 GnuTLS/2.8.6 zlib/1.2.3.4 libidn/1.18
> curl_easy_perform failed: `SSL connect error'
> Error: received handshake message out of context
>
> With the latest version, the two lines are repeated several times (and the
> test now fails).
Can you try with only changing libcurl OR gnutls to see which change that
introduces the problem?
> My guess right now is that there must have been some incompatible (!)
> protocol change in gnutls with itself (!?) or a significant change in how
> libcurl uses gnutls (i.e. change of supported ciphers, certificate checking,
> etc.).
I know GnuTLS has changed default crypto backend which probably implies some
amount of changes. libcurl has not changed the GnuTLS-layer code in any
significant way in a long time AFAICS. Although I don't think that a bug
necessarily needs a significant change to occur...
I've not seen or heard anyone else report about similar problems with
libcurl+gnutls...
--
/ daniel.haxx.se
More information about the Gnutls-devel
mailing list