[gnutls-devel] GnuTLS | Regression in 3.6 when built with mingw (#751)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Apr 10 15:44:26 CEST 2019




J_ Ali Harlow commented on a discussion:

Yes, the pre-compiled binaries also fail. Output as follows:

|<3>| ASSERT: verify-high.c[gnutls_x509_trust_list_add_cas]:322
|<1>| There was a non-CA certificate in the trusted list: OU=Copyright (c) 1997 Microsoft Corp.,OU=Microsoft Corporation,CN=Microsoft Root Authority.
|<3>| ASSERT: verify-high.c[gnutls_x509_trust_list_add_cas]:322
|<1>| There was a non-CA certificate in the trusted list: C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority.
|<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3897
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3947
|<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3897
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3947
|<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3897
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3947
|<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3897
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3947
|<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3897
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3947
|<3>| ASSERT: verify-high.c[gnutls_x509_trust_list_add_cas]:322
|<1>| There was a non-CA certificate in the trusted list: CN=Root Agency.
|<5>| REC[0000000000592f00]: Allocating epoch #0
|<2>| added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
|<5>| REC[0000000000592f00]: Allocating epoch #1
|<4>| HSK[0000000000592f00]: Adv. version: 3.3
|<2>| Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
|<2>| Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
|<2>| Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
|<2>| Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
|<2>| Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
|<2>| Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
|<2>| Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
|<2>| Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
|<2>| Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
|<2>| Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
|<2>| Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
|<2>| Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
|<2>| Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
|<4>| EXT[0000000000592f00]: Preparing extension (OCSP Status Request/5) for 'client hello'
|<4>| EXT[0000000000592f00]: Sending extension OCSP Status Request/5 (5 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Client Certificate Type/19) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (Server Certificate Type/20) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (Supported Groups/10) for 'client hello'
|<4>| EXT[0000000000592f00]: Sent group SECP256R1 (0x17)
|<4>| EXT[0000000000592f00]: Sent group SECP384R1 (0x18)
|<4>| EXT[0000000000592f00]: Sent group SECP521R1 (0x19)
|<4>| EXT[0000000000592f00]: Sent group X25519 (0x1d)
|<4>| EXT[0000000000592f00]: Sent group FFDHE2048 (0x100)
|<4>| EXT[0000000000592f00]: Sent group FFDHE3072 (0x101)
|<4>| EXT[0000000000592f00]: Sent group FFDHE4096 (0x102)
|<4>| EXT[0000000000592f00]: Sent group FFDHE6144 (0x103)
|<4>| EXT[0000000000592f00]: Sent group FFDHE8192 (0x104)
|<4>| EXT[0000000000592f00]: Sending extension Supported Groups/10 (20 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
|<4>| EXT[0000000000592f00]: Sending extension Supported EC Point Formats/11 (2 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (SRP/12) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (Signature Algorithms/13) for 'client hello'
|<4>| EXT[0000000000592f00]: sent signature algo (4.1) RSA-SHA256
|<4>| EXT[0000000000592f00]: sent signature algo (8.9) RSA-PSS-SHA256
|<4>| EXT[0000000000592f00]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0000000000592f00]: sent signature algo (4.3) ECDSA-SHA256
|<4>| EXT[0000000000592f00]: sent signature algo (8.7) EdDSA-Ed25519
|<4>| EXT[0000000000592f00]: sent signature algo (5.1) RSA-SHA384
|<4>| EXT[0000000000592f00]: sent signature algo (8.10) RSA-PSS-SHA384
|<4>| EXT[0000000000592f00]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
|<4>| EXT[0000000000592f00]: sent signature algo (5.3) ECDSA-SHA384
|<4>| EXT[0000000000592f00]: sent signature algo (6.1) RSA-SHA512
|<4>| EXT[0000000000592f00]: sent signature algo (8.11) RSA-PSS-SHA512
|<4>| EXT[0000000000592f00]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
|<4>| EXT[0000000000592f00]: sent signature algo (6.3) ECDSA-SHA512
|<4>| EXT[0000000000592f00]: sent signature algo (2.1) RSA-SHA1
|<4>| EXT[0000000000592f00]: sent signature algo (2.3) ECDSA-SHA1
|<4>| EXT[0000000000592f00]: Sending extension Signature Algorithms/13 (32 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (SRTP/14) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (Heartbeat/15) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (ALPN/16) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
|<4>| EXT[0000000000592f00]: Sending extension Encrypt-then-MAC/22 (0 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Extended Master Secret/23) for 'client hello'
|<4>| EXT[0000000000592f00]: Sending extension Extended Master Secret/23 (0 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Session Ticket/35) for 'client hello'
|<4>| EXT[0000000000592f00]: Sending extension Session Ticket/35 (0 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Key Share/51) for 'client hello'
|<4>| EXT[0000000000592f00]: sending key share for SECP256R1
|<4>| EXT[0000000000592f00]: sending key share for X25519
|<4>| EXT[0000000000592f00]: Sending extension Key Share/51 (107 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Supported Versions/43) for 'client hello'
|<2>| Advertizing version 3.4
|<2>| Advertizing version 3.3
|<2>| Advertizing version 3.2
|<2>| Advertizing version 3.1
|<4>| EXT[0000000000592f00]: Sending extension Supported Versions/43 (9 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Post Handshake Auth/49) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
|<4>| EXT[0000000000592f00]: Sending extension Safe Renegotiation/65281 (1 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Server Name Indication/0) for 'client hello'
|<2>| HSK[0000000000592f00]: sent server name: 'www.google.co.uk'
|<4>| EXT[0000000000592f00]: Sending extension Server Name Indication/0 (21 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Cookie/44) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (Early Data/42) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (PSK Key Exchange Modes/45) for 'Processed 28 CA certificate(s).
Resolving 'www.google.co.uk:443'...
Connecting to '216.58.212.99:443'...
client hello'
|<4>| EXT[0000000000592f00]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Record Size Limit/28) for 'client hello'
|<4>| EXT[0000000000592f00]: Sending extension Record Size Limit/28 (2 bytes)
|<4>| EXT[0000000000592f00]: Preparing extension (Maximum Record Size/1) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (ClientHello Padding/21) for 'client hello'
|<4>| EXT[0000000000592f00]: Preparing extension (Pre Shared Key/41) for 'client hello'
|<4>| HSK[0000000000592f00]: CLIENT HELLO was queued [357 bytes]
|<5>| REC[0000000000592f00]: Preparing Packet Handshake(22) with length: 357 and min pad: 0
|<5>| REC[0000000000592f00]: Sent Packet[1] Handshake(22) in epoch 0 and length: 362
|<3>| ASSERT: buffers.c[_gnutls_writev_emu]:464
|<2>| WRITE: -1 returned from 000000000022eae0, errno: 0
|<3>| ASSERT: buffers.c[errno_to_gerr]:230
|<3>| ASSERT: buffers.c[_gnutls_io_write_flush]:722
|<3>| ASSERT: handshake.c[handshake_client]:2973
*** Fatal error: Error in the push function.
|<5>| REC: Sending Alert[2|80] - Internal error
|<3>| ASSERT: buffers.c[_gnutls_writev_emu]:464
|<2>| WRITE: -1 returned from 000000000022eae0, errno: 0
|<3>| ASSERT: buffers.c[errno_to_gerr]:230
|<3>| ASSERT: buffers.c[_gnutls_io_write_flush]:722
|<3>| ASSERT: record.c[_gnutls_send_tlen_int]:574
|<5>| REC[0000000000592f00]: Start of epoch cleanup
|<5>| REC[0000000000592f00]: End of epoch cleanup
|<5>| REC[0000000000592f00]: Epoch #0 freed
|<5>| REC[0000000000592f00]: Epoch #1 freed
Could not connect to 216.58.212.99:443: Bad file descriptor

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/751#note_159410866
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190410/13674ae2/attachment.html>


More information about the Gnutls-devel mailing list