[gnutls-devel] GnuTLS | Connection problems with older servers (record packet with invalid length was received) (#811)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu Aug 1 11:59:57 CEST 2019




Hanno Stock commented:


The following is the debug output after installing libgnutls30_3.6.9-1 from experimental.

```
root at groupware-beta:~# pwgen 16383 | gnutls-cli -d 6 --no-ca-verification --port 5556 ldap.indurad.x
|<3>| ASSERT: ../../../lib/x509/common.c[_gnutls_x509_get_raw_field2]:1575
|<3>| ASSERT: ../../../lib/x509/x509.c[gnutls_x509_crt_get_subject_unique_id]:3902
|<3>| ASSERT: ../../../lib/x509/x509.c[gnutls_x509_crt_get_issuer_unique_id]:3952
|<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
|<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
|<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
|<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
Processed 130 CA certificate(s).
Resolving 'ldap.indurad.x:5556'...
Connecting to '10.144.8.33:5556'...
|<5>| REC[0x55fb29e95ff0]: Allocating epoch #0
|<2>| added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
|<5>| REC[0x55fb29e95ff0]: Allocating epoch #1
|<4>| HSK[0x55fb29e95ff0]: Adv. version: 3.3
|<2>| Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
|<2>| Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
|<2>| Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
|<2>| Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
|<2>| Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
|<2>| Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
|<2>| Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
|<2>| Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
|<2>| Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
|<2>| Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
|<2>| Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
|<2>| Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
|<2>| Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (OCSP Status Request/5) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Sending extension OCSP Status Request/5 (5 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Client Certificate Type/19) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Server Certificate Type/20) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Supported Groups/10) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Sent group SECP256R1 (0x17)
|<4>| EXT[0x55fb29e95ff0]: Sent group SECP384R1 (0x18)
|<4>| EXT[0x55fb29e95ff0]: Sent group SECP521R1 (0x19)
|<4>| EXT[0x55fb29e95ff0]: Sent group X25519 (0x1d)
|<4>| EXT[0x55fb29e95ff0]: Sent group FFDHE2048 (0x100)
|<4>| EXT[0x55fb29e95ff0]: Sent group FFDHE3072 (0x101)
|<4>| EXT[0x55fb29e95ff0]: Sent group FFDHE4096 (0x102)
|<4>| EXT[0x55fb29e95ff0]: Sent group FFDHE6144 (0x103)
|<4>| EXT[0x55fb29e95ff0]: Sent group FFDHE8192 (0x104)
|<4>| EXT[0x55fb29e95ff0]: Sending extension Supported Groups/10 (20 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Sending extension Supported EC Point Formats/11 (2 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (SRP/12) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Signature Algorithms/13) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (4.1) RSA-SHA256
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (8.9) RSA-PSS-SHA256
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (4.3) ECDSA-SHA256
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (8.7) EdDSA-Ed25519
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (5.1) RSA-SHA384
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (8.10) RSA-PSS-SHA384
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (5.3) ECDSA-SHA384
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (6.1) RSA-SHA512
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (8.11) RSA-PSS-SHA512
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (6.3) ECDSA-SHA512
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (2.1) RSA-SHA1
|<4>| EXT[0x55fb29e95ff0]: sent signature algo (2.3) ECDSA-SHA1
|<4>| EXT[0x55fb29e95ff0]: Sending extension Signature Algorithms/13 (32 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (SRTP/14) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Heartbeat/15) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (ALPN/16) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Sending extension Encrypt-then-MAC/22 (0 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Extended Master Secret/23) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Sending extension Extended Master Secret/23 (0 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Session Ticket/35) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Sending extension Session Ticket/35 (0 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Key Share/51) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: sending key share for SECP256R1
|<4>| EXT[0x55fb29e95ff0]: sending key share for X25519
|<4>| EXT[0x55fb29e95ff0]: Sending extension Key Share/51 (107 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Supported Versions/43) for 'client hello'
|<2>| Advertizing version 3.4
|<2>| Advertizing version 3.3
|<2>| Advertizing version 3.2
|<2>| Advertizing version 3.1
|<4>| EXT[0x55fb29e95ff0]: Sending extension Supported Versions/43 (9 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Post Handshake Auth/49) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Sending extension Safe Renegotiation/65281 (1 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Server Name Indication/0) for 'client hello'
|<2>| HSK[0x55fb29e95ff0]: sent server name: 'ldap.indurad.x'
|<4>| EXT[0x55fb29e95ff0]: Sending extension Server Name Indication/0 (19 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Cookie/44) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Early Data/42) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Record Size Limit/28) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Sending extension Record Size Limit/28 (2 bytes)
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Maximum Record Size/1) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (ClientHello Padding/21) for 'client hello'
|<4>| EXT[0x55fb29e95ff0]: Preparing extension (Pre Shared Key/41) for 'client hello'
|<4>| HSK[0x55fb29e95ff0]: CLIENT HELLO was queued [355 bytes]
|<5>| REC[0x55fb29e95ff0]: Preparing Packet Handshake(22) with length: 355 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 360
|<3>| ASSERT: ../../lib/buffers.c[get_last_packet]:1171
|<5>| REC[0x55fb29e95ff0]: SSL 3.3 Handshake packet received. Epoch 0, length: 85
|<5>| REC[0x55fb29e95ff0]: Expected Packet Handshake(22)
|<5>| REC[0x55fb29e95ff0]: Received Packet Handshake(22) with length: 85
|<5>| REC[0x55fb29e95ff0]: Decrypted Packet[0] Handshake(22) with length: 85
|<4>| HSK[0x55fb29e95ff0]: SERVER HELLO (2) was received. Length 81[81], frag offset 0, frag length: 81, sequence: 0
|<3>| ASSERT: ../../lib/buffers.c[get_last_packet]:1162
|<3>| ASSERT: ../../lib/buffers.c[_gnutls_handshake_io_recv_int]:1413
|<4>| HSK[0x55fb29e95ff0]: Server's version: 3.3
|<4>| HSK[0x55fb29e95ff0]: SessionID length: 32
|<4>| HSK[0x55fb29e95ff0]: SessionID: 98ee8cc8645ce0d3098030df1413871b0d5674ec4038e9a78880fb595c8f6d0a
|<4>| HSK[0x55fb29e95ff0]: Selected cipher suite: GNUTLS_RSA_AES_256_CBC_SHA1
|<4>| EXT[0x55fb29e95ff0]: Parsing extension 'Safe Renegotiation/65281' (1 bytes)
|<4>| EXT[0x55fb29e95ff0]: Parsing extension 'Session Ticket/35' (0 bytes)
|<4>| HSK[0x55fb29e95ff0]: Safe renegotiation succeeded
|<3>| ASSERT: ../../lib/buffers.c[get_last_packet]:1171
|<5>| REC[0x55fb29e95ff0]: SSL 3.3 Handshake packet received. Epoch 0, length: 714
|<5>| REC[0x55fb29e95ff0]: Expected Packet Handshake(22)
|<5>| REC[0x55fb29e95ff0]: Received Packet Handshake(22) with length: 714
|<5>| REC[0x55fb29e95ff0]: Decrypted Packet[1] Handshake(22) with length: 714
|<4>| HSK[0x55fb29e95ff0]: CERTIFICATE (11) was received. Length 710[710], frag offset 0, frag length: 710, sequence: 0
|<3>| ASSERT: ../../lib/ocsp-api.c[gnutls_ocsp_status_request_get2]:99
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
|<3>| ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
 - subject `CN=ldap-master', issuer `CN=ldap-master', serial 0x00e120b43d69e2e4d8, RSA key 2048 bits, signed using RSA-SHA256, activated `2017-07-06 10:03:48 UTC', expires `2027-07-04 10:03:48 UTC', pin-sha256="SxggXxyfEDi9fmVyLwzPN9yE5y69T92aF8CBdGMe9Rc="
	Public Key ID:
		sha1:21c8b2ecfc2b23da00de3371a4aa7bb8b8fc13bc
		sha256:4b18205f1c9f1038bd7e65722f0ccf37dc84e72ebd4fdd9a17c08174631ef517
	Public Key PIN:
		pin-sha256:SxggXxyfEDi9fmVyLwzPN9yE5y69T92aF8CBdGMe9Rc=

|<3>| ASSERT: ../../lib/buffers.c[get_last_packet]:1171
|<5>| REC[0x55fb29e95ff0]: SSL 3.3 Handshake packet received. Epoch 0, length: 19
|<5>| REC[0x55fb29e95ff0]: Expected Packet Handshake(22)
|<5>| REC[0x55fb29e95ff0]: Received Packet Handshake(22) with length: 19
|<5>| REC[0x55fb29e95ff0]: Decrypted Packet[2] Handshake(22) with length: 19
|<4>| HSK[0x55fb29e95ff0]: CERTIFICATE REQUEST (13) was received. Length 15[15], frag offset 0, frag length: 15, sequence: 0
|<4>| EXT[0x55fb29e95ff0]: rcvd signature algo (4.2) (null)
|<4>| EXT[0x55fb29e95ff0]: rcvd signature algo (4.1) RSA-SHA256
|<4>| EXT[0x55fb29e95ff0]: rcvd signature algo (2.1) RSA-SHA1
|<4>| EXT[0x55fb29e95ff0]: rcvd signature algo (2.2) DSA-SHA1
- Successfully sent 0 certificate(s) to server.
|<3>| ASSERT: ../../lib/buffers.c[get_last_packet]:1171
|<5>| REC[0x55fb29e95ff0]: SSL 3.3 Handshake packet received. Epoch 0, length: 4
|<5>| REC[0x55fb29e95ff0]: Expected Packet Handshake(22)
|<5>| REC[0x55fb29e95ff0]: Received Packet Handshake(22) with length: 4
|<5>| REC[0x55fb29e95ff0]: Decrypted Packet[3] Handshake(22) with length: 4
|<4>| HSK[0x55fb29e95ff0]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 0, sequence: 0
|<4>| HSK[0x55fb29e95ff0]: CERTIFICATE was queued [7 bytes]
|<3>| ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
|<4>| HSK[0x55fb29e95ff0]: CLIENT KEY EXCHANGE was queued [262 bytes]
|<4>| REC[0x55fb29e95ff0]: Sent ChangeCipherSpec
|<5>| REC[0x55fb29e95ff0]: Initializing epoch #1
|<5>| REC[0x55fb29e95ff0]: Epoch #1 ready
|<4>| HSK[0x55fb29e95ff0]: Cipher Suite: GNUTLS_RSA_AES_256_CBC_SHA1
|<4>| HSK[0x55fb29e95ff0]: Initializing internal [write] cipher sessions
|<4>| HSK[0x55fb29e95ff0]: recording tls-unique CB (send)
|<4>| HSK[0x55fb29e95ff0]: FINISHED was queued [16 bytes]
|<5>| REC[0x55fb29e95ff0]: Preparing Packet Handshake(22) with length: 7 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[2] Handshake(22) in epoch 0 and length: 12
|<5>| REC[0x55fb29e95ff0]: Preparing Packet Handshake(22) with length: 262 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[3] Handshake(22) in epoch 0 and length: 267
|<5>| REC[0x55fb29e95ff0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[4] ChangeCipherSpec(20) in epoch 0 and length: 6
|<5>| REC[0x55fb29e95ff0]: Preparing Packet Handshake(22) with length: 16 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[1] Handshake(22) in epoch 1 and length: 69
|<3>| ASSERT: ../../lib/buffers.c[get_last_packet]:1171
|<5>| REC[0x55fb29e95ff0]: SSL 3.3 Handshake packet received. Epoch 0, length: 444
|<5>| REC[0x55fb29e95ff0]: Expected Packet Handshake(22)
|<5>| REC[0x55fb29e95ff0]: Received Packet Handshake(22) with length: 444
|<5>| REC[0x55fb29e95ff0]: Decrypted Packet[4] Handshake(22) with length: 444
|<4>| HSK[0x55fb29e95ff0]: NEW SESSION TICKET (4) was received. Length 440[440], frag offset 0, frag length: 440, sequence: 0
|<4>| HSK[0x55fb29e95ff0]: received session ticket
|<5>| REC[0x55fb29e95ff0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 0, length: 1
|<5>| REC[0x55fb29e95ff0]: Expected Packet ChangeCipherSpec(20)
|<5>| REC[0x55fb29e95ff0]: Received Packet ChangeCipherSpec(20) with length: 1
|<5>| REC[0x55fb29e95ff0]: Decrypted Packet[5] ChangeCipherSpec(20) with length: 1
|<4>| HSK[0x55fb29e95ff0]: Cipher Suite: GNUTLS_RSA_AES_256_CBC_SHA1
|<3>| ASSERT: ../../lib/buffers.c[get_last_packet]:1171
|<5>| REC[0x55fb29e95ff0]: SSL 3.3 Handshake packet received. Epoch 1, length: 128
|<5>| REC[0x55fb29e95ff0]: Expected Packet Handshake(22)
|<5>| REC[0x55fb29e95ff0]: Received Packet Handshake(22) with length: 128
|<5>| REC[0x55fb29e95ff0]: Decrypted Packet[0] Handshake(22) with length: 16
|<4>| HSK[0x55fb29e95ff0]: FINISHED (20) was received. Length 12[12], frag offset 0, frag length: 12, sequence: 0
|<5>| REC[0x55fb29e95ff0]: Start of epoch cleanup
|<5>| REC[0x55fb29e95ff0]: Epoch #0 freed
|<5>| REC[0x55fb29e95ff0]: End of epoch cleanup
- Description: (TLS1.2)-(RSA)-(AES-256-CBC)-(SHA1)
- Session ID: BA:E6:B8:3D:69:59:FE:0E:75:A0:A3:0E:FC:D8:AD:B7:2C:85:74:7C:DC:85:FC:E1:E2:E4:4C:E6:51:2F:2E:5F
|<3>| ASSERT: ../../../lib/ext/server_name.c[gnutls_server_name_get]:229
|<3>| ASSERT: ../../lib/ocsp-api.c[gnutls_ocsp_status_request_get2]:99
|<3>| ASSERT: ../../lib/ocsp-api.c[gnutls_ocsp_status_request_is_checked]:626
- Options: safe renegotiation,
|<3>| ASSERT: ../../../lib/ext/srtp.c[gnutls_srtp_get_selected_profile]:320
|<3>| ASSERT: ../../../lib/ext/alpn.c[gnutls_alpn_get_selected_protocol]:246
- Handshake was completed
|<3>| ASSERT: ../../lib/ocsp-api.c[gnutls_ocsp_status_request_get2]:99

- Simple Client Mode:

|<5>| REC[0x55fb29e95ff0]: Preparing Packet Application Data(23) with length: 4095 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[2] Application Data(23) in epoch 1 and length: 4149
|<5>| REC[0x55fb29e95ff0]: Preparing Packet Application Data(23) with length: 4095 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[3] Application Data(23) in epoch 1 and length: 4149
|<5>| REC[0x55fb29e95ff0]: Preparing Packet Application Data(23) with length: 4095 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[4] Application Data(23) in epoch 1 and length: 4149
|<5>| REC[0x55fb29e95ff0]: Preparing Packet Application Data(23) with length: 4095 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[5] Application Data(23) in epoch 1 and length: 4149
|<5>| REC[0x55fb29e95ff0]: Preparing Packet Application Data(23) with length: 4 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[6] Application Data(23) in epoch 1 and length: 53
|<3>| ASSERT: ../../lib/buffers.c[_gnutls_io_write_flush]:696
|<5>| REC: Sending Alert[1|0] - Close notify
|<5>| REC[0x55fb29e95ff0]: Preparing Packet Alert(21) with length: 2 and min pad: 0
|<5>| REC[0x55fb29e95ff0]: Sent Packet[7] Alert(21) in epoch 1 and length: 53
|<5>| REC[0x55fb29e95ff0]: SSL 3.3 Application Data packet received. Epoch 1, length: 16448
|<1>| Received packet with illegal length: 16448
|<3>| ASSERT: ../../lib/record.c[recv_headers]:1235
|<3>| ASSERT: ../../lib/record.c[_gnutls_recv_in_buffers]:1304
|<3>| ASSERT: ../../lib/record.c[_gnutls_recv_int]:1777
*** Fatal error: A TLS record packet with invalid length was received.
*** Server has terminated the connection abnormally.
|<5>| REC[0x55fb29e95ff0]: Start of epoch cleanup
|<5>| REC[0x55fb29e95ff0]: End of epoch cleanup
|<5>| REC[0x55fb29e95ff0]: Epoch #1 freed
```

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/811#note_198654520
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190801/fc513d42/attachment-0001.html>


More information about the Gnutls-devel mailing list