From nilanjans at condornetworks.com Wed Aug 2 06:26:33 2006 From: nilanjans at condornetworks.com (nilanjans at condornetworks.com) Date: Tue, 1 Aug 2006 23:26:33 -0500 Subject: [Help-gnutls] Need help Message-ID: <1154492793.44d02979400cc@mail.opentransfer.com> Hi Rupert, Thank you for your help. Libgcrypt is installed. I am using POSIX threds, and followed the link for "Multi-threaded applications". Using "gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);", the SIGABRT (signal 6), is not coming in load condition(high TPS). But now I am getting differnt problem. In load(I am sending continuous packets from my simulator, in some moderate load), after some time, the gnuTLS session getting "INVALID". In sending time (I am using the gnuTLS api gnutls_record_send), it returns error code (-10) ="Socket operation on non-socket". If you have any hints for this problem, please write me. DO I need to enable (or set) some options for load? Thanks in advance. Regards, Nilanjan -----Original Message----- From: Rupert Kittinger-Sereinig [mailto:rks at mur.at] Sent: Tuesday, August 01, 2006 12:58 AM To: Nilanjan Sarkar Cc: help-gnutls at gnu.org Subject: Re: [Help-gnutls] Need help Nilanjan Sarkar schrieb: > Hi, > > We integrated our code with gnuTLS. In load, I am getting Signal 6 > from > gnuTLS, with error "_gcry_ath_mutex_lock: Assertion `*lock == > ((ath_mutex_t) 0)' failed." . > > Can anybody please help me? > > Thanks in advance. > Regards, > Nilanjan sounds like libgcrypt has not been initialized: http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded- applications.html#Multi_002dthreaded-applications regards, Rupert -- Rupert Kittinger-Sereinig Krenngasse 32 A-8010 Graz Austria From rks at mur.at Wed Aug 2 22:19:25 2006 From: rks at mur.at (Rupert Kittinger-Sereinig) Date: Wed, 02 Aug 2006 22:19:25 +0200 Subject: [Help-gnutls] Need help In-Reply-To: <1154492793.44d02979400cc@mail.opentransfer.com> References: <1154492793.44d02979400cc@mail.opentransfer.com> Message-ID: <44D108CD.9090602@mur.at> nilanjans at condornetworks.com schrieb: > Hi Rupert, > > Thank you for your help. > > Libgcrypt is installed. I am using POSIX threds, and followed the link > for "Multi-threaded applications". Using "gcry_control > (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);", the SIGABRT (signal 6), is > not coming in load condition(high TPS). > > But now I am getting differnt problem. > In load(I am sending continuous packets from my simulator, in some moderate > load), after some time, the gnuTLS session getting "INVALID". In sending time > (I am using the gnuTLS api gnutls_record_send), it returns error code (-10) > ="Socket operation on non-socket". > > If you have any hints for this problem, please write me. DO I need to enable > (or set) some options for load? > > Thanks in advance. > Regards, > Nilanjan > does not sound like a gnutls problem to me. Probably you messed up the file descriptors somewhere. If your are using linux, the easiest way to find out is probably to run the whole application with strace, which will show you all the system calls with parameters and results. good luck, Rupert -- Rupert Kittinger-Sereinig Krenngasse 32 A-8010 Graz Austria From kyle at pbx.org Thu Aug 3 03:28:55 2006 From: kyle at pbx.org (kyle cronan) Date: Wed, 2 Aug 2006 18:28:55 -0700 Subject: [Help-gnutls] statically linked libgnutls doesn't pull in zlib Message-ID: Hi everyone, This is really pretty minor, but when I tried to link my application statically I got some undefined symbols, such as deflate, that are part of zlib. So I had to add this to my application's dependencies even though I don't use zlib directly. I see that in the libgnutls.la file, it has dependency_libs=' -L/usr/lib -lz /usr/lib/libgcrypt.la -lnsl -lgpg-error ' So I don't know why those symbols don't end up in libgnutls.a. I just thought I'd post in case somebody knows an easy fix. Kyle Cronan From smurf at smurf.noris.de Thu Aug 3 08:49:16 2006 From: smurf at smurf.noris.de (Matthias Urlichs) Date: Thu, 3 Aug 2006 08:49:16 +0200 Subject: [Help-gnutls] statically linked libgnutls doesn't pull in zlib In-Reply-To: References: Message-ID: <20060803064916.GB14634@kiste.smurf.noris.de> Hi, kyle cronan: > dependency_libs=' -L/usr/lib -lz /usr/lib/libgcrypt.la -lnsl -lgpg-error ' > > So I don't know why those symbols don't end up in libgnutls.a. I just > thought I'd post in case somebody knows an easy fix. > The easy fix is to add -lz to that dependency_libs line. (You might want to submit a patch.) -- Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf at smurf.noris.de Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de - - ...it quickly becomes apparent that the world of our experience (which is all we can talk about) is made up of pairs of opposites and that, strictly speaking, any aspect of reality derives its substance or concreteness from the existence of its opposite. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: Digital signature URL: From mario.lenz at gmx.net Sat Aug 5 17:40:35 2006 From: mario.lenz at gmx.net (Mario Lenz) Date: Sat, 5 Aug 2006 15:40:35 +0000 (UTC) Subject: [Help-gnutls] Re: Client OpenPGP verification fails (update) References: <1153254133.13947.35.camel@mario> <200607251547.24345.nmav@gnutls.org> <1153850209.4355.22.camel@mario> <200607252017.38245.nmav@gnutls.org> Message-ID: Nikos Mavrogiannopoulos gnutls.org> writes: > > But then there's another problem in libextra/gnutls_openpgp.c. Please > > have a look at _gnutls_openpgp_key_to_gcert: > > > > ret = gnutls_openpgp_key_export (cert, GNUTLS_OPENPGP_FMT_RAW, NULL, > > &der_size); > > if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) > > { > > gnutls_assert (); > > return ret; > > } > > This should be correct since decoding should fail (check that the output > pointer is NULL so there is no place to copy the output). That call is > there to get the size of the exported key only. OK, I think now I've got it: You allocate the memory later on. But there's still a problem: Even with the third parameter set to NULL, gnutls_openpgp_key_export (in libextra/openpgp/pgp.c) doesn't return GNUTLS_E_SHORT_MEMORY_BUFFER because cdk_kbnode_write_to_mem (called from gnutls_openpgp_key_export) returns 0 if you give it a NULL pointer to write to. (This might be an OpenCDK problem, though.) Could anyone have a look at it, please? I just deleted the "if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)" clause, but I'm running into another problem now. I'll let you know if I found out more, but *please* have a look at the bug I've described here. greez Mario From jas at extundo.com Sun Aug 6 16:33:38 2006 From: jas at extundo.com (Simon Josefsson) Date: Sun, 06 Aug 2006 16:33:38 +0200 Subject: [Help-gnutls] OpenCDK 0.5.9 Message-ID: <87lkq2j5ml.fsf@latte.josefsson.org> The OpenCDK library provides basic parts of the OpenPGP message format. Due to some possible security problems, the library also implements parts of draft-ietf-openpgp-rfc2440bis-08.txt. The aim of the library is *not* to replace any available OpenPGP version. There will be no real support for key management (sign, revoke, alter preferences, ...) and some other parts are only rudimentary available. The main purpose is to handle and understand OpenPGP packets and to use basic operations. For example to encrypt/decrypt or to sign/verify and packet routines. Noteworthy changes in version 0.5.9 (2006-08-06) ------------------------------------------------ * Fix cdk_kbnode_write_to_mem to return CDK_Too_Short when buf is NULL, tiny patch from Mario Lenz. * Fixed opencdk-config script to include -lz, thanks to Weng Liong, Low. * Fix prototypes for AIX compiler, reported by John Heiden. * Don't use trailing comma in last enum constant, for IBM C v6. Tiny patch from Albert Chin. Commercial support contracts for OpenCDK are available, and they help finance continued maintenance. Simon Josefsson Datakonsult, a Stockholm based privately held company, is currently funding OpenCDK maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. If you need help to use OpenCDK, or want to help others, you are invited to join our help-gnutls mailing list, see: . Here are the compressed sources (1.2MB): http://josefsson.org/gnutls/releases/opencdk/opencdk-0.5.9.tar.gz Here are GPG detached signatures using key 0xB565716F: http://josefsson.org/gnutls/releases/opencdk/opencdk-0.5.9.tar.gz.sig The software is cryptographically signed by the author using an OpenPGP key identified by the following information: pub 1280R/B565716F 2002-05-05 [expires: 2006-08-14] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F uid Simon Josefsson uid Simon Josefsson sub 1280R/4D5D40AE 2002-05-05 [expires: 2006-08-14] sub 1024R/09CC4670 2006-03-18 [expires: 2007-04-22] sub 1024R/AABB1F7B 2006-03-18 [expires: 2007-04-22] sub 1024R/A14C401A 2006-03-18 [expires: 2007-04-22] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Here are the SHA-1 and SHA-224 checksums: 7b4375bf9326d77699687845c10589d409cbd7e3 opencdk-0.5.9.tar.gz 532446665a3f4be920f81b413a0d73e94c5173af opencdk-0.5.9.tar.gz.sig f75b6108eddd6db047ab61e834ba9289087150bbd053a7219e0a5d54 opencdk-0.5.9.tar.gz 99e00f8db5601ba67105744beb4c7b3775b50115b88461bdf9b29369 opencdk-0.5.9.tar.gz.sig Enjoy, Timo, Nikos, Simon From jas at extundo.com Sat Aug 12 01:28:28 2006 From: jas at extundo.com (Simon Josefsson) Date: Sat, 12 Aug 2006 01:28:28 +0200 Subject: [Help-gnutls] GnuTLS 1.4.2 Message-ID: <87ejvmx36r.fsf@latte.josefsson.org> I am happy to announce GnuTLS 1.4.2, a bugfix release on the stable 1.4 branch. This version is what we recommend for those who need a stable version of GnuTLS. GnuTLS is a modern C library that implement the standard network security protocol Transport Layer Security (TLS), for use by network applications. Noteworthy changes since 1.4.1: ** Fix a crash (strcmp() on a NULL value) in the certificate verification logic. This can happen if you call gnutls_certificate_verify_peers2 and have a certain mix of local CA certificates and the peer send special certificates, that together trigger certain behaviour. It is not known at this point whether the crash can be triggered without the special local CA certificate, and thus turn this into a remote crash of clients that verify server certificates when they talk to a server with the special server certificate. See GNUTLS-SA-2006-2 on http://www.gnu.org/software/gnutls/security.html for more up to date information. Reported by satyakumar . ** Change SRP and Cert-Type extensions to match IANA registry. ** OpenCDK updated to 0.5.9 to fix some problems with OpenPGP support. ** Make --without-included-libtasn1 work. Reported by Daniel Black . ** API and ABI modifications: No changes since last version. Improving GnuTLS is costly, but you can help! We are looking for organizations that find GnuTLS useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or donate money or equipment. Commercial support contracts for GnuTLS are available, and they help finance continued maintenance. Simon Josefsson Datakonsult, a Stockholm based privately held company, is currently funding GnuTLS maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. All manual formats are available from: http://www.gnutls.org/manual/ Direct link to the most popular formats: http://www.gnutls.org/manual/gnutls.html - HTML format http://www.gnutls.org/manual/gnutls.pdf - PDF format http://www.gnutls.org/reference/ch01.html - API Reference, GTK-DOC HTML If you need help to use GnuTLS, or want to help others, you are invited to join our help-gnutls mailing list, see: . The project page of the library is available at: http://www.gnutls.org/ http://www.gnu.org/software/gnutls/ http://josefsson.org/gnutls/ (updated fastest) Here are the compressed sources (3.9MB): http://josefsson.org/gnutls/releases/gnutls-1.4.2.tar.bz2 Here are GPG detached signatures signed using key 0xB565716F: http://josefsson.org/gnutls/releases/gnutls-1.4.2.tar.bz2.sig The software is cryptographically signed by the author using an OpenPGP key identified by the following information: pub 1280R/B565716F 2002-05-05 [expires: 2006-08-14] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F uid Simon Josefsson uid Simon Josefsson sub 1280R/4D5D40AE 2002-05-05 [expires: 2006-08-14] sub 1024R/09CC4670 2006-03-18 [expires: 2007-04-22] sub 1024R/AABB1F7B 2006-03-18 [expires: 2007-04-22] sub 1024R/A14C401A 2006-03-18 [expires: 2007-04-22] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Here are the SHA-1 and SHA-224 checksums: 671b10bca94fa441d0d1da29a7c52fed0b0c5ae7 gnutls-1.4.2.tar.bz2 01fea5a4e371e0a4300655af40b4a4fdf34f1eff gnutls-1.4.2.tar.bz2.sig 9492a46afbc9f850156dfe08ef6fef30f9cf914d7f106cc09270aeb8 gnutls-1.4.2.tar.bz2 5066dcd05d724140ae86b4b8d236cb151e0e58d6ab0daaffd7e0a40a gnutls-1.4.2.tar.bz2.sig Enjoy, Nikos and Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From jas at extundo.com Sun Aug 13 22:26:59 2006 From: jas at extundo.com (Simon Josefsson) Date: Sun, 13 Aug 2006 22:26:59 +0200 Subject: [Help-gnutls] GnuTLS 1.5.0 - experimental, with Windows installer Message-ID: <87y7tsv0to.fsf@latte.josefsson.org> I am happy to announce GnuTLS 1.5.0, the first release on the current experimental branch. We recommend the 1.4.x branch for those looking for a stable version. One goal with the 1.5.x branch is to make Windows x86 a supported platform for GnuTLS. We do this by providing a binary Windows installer of GnuTLS, cross-compiled from GNU/Linux using MinGW and NSIS, see below. The installer is (lightly) tested on Windows 2000 and Windows XP. It is possible to develop applications in Visual Studio or MinGW that links to the library. GnuTLS is a modern C library that implement the standard network security protocol Transport Layer Security (TLS), for use by network applications. * Version 1.5.0 (released 2006-08-13) ** Change SRP and Cert-Type extensions to match IANA registry. ** Fixed bug in OpenPGP authentication handshake. ** Improvements for building under MinGW. Provides internal inet_ntop and inet_pton functions and arpa/inet.h header. Calls WSAStartup and WSACleanup in gnutls_global_init and gnutls_global_deinit, respectively. Loads getaddrinfo and getnameinfo at run-time from ws2_32.dll, and falls back on a simple replacement if it is not available. Builds the library with -mms-bitfields -Wl,--enable-runtime-pseudo-reloc. Links with --output-def, to create *.def files, which are installed. ** The examples now (conditionally) include config.h and link to gnulib. No other source changes were necessary, so the examples should continue to be possible to use stand-alone without any autoconf or gnulib stuff. ** Added C++ header "gnutlsxx.h" and library "libgnutlsxx". You may unconditionally disable it with --disable-cxx. See includes/gnutls/gnutlsxx.h and lib/gnutlsxx.cpp for the implementation. ** Made command line tool '--version' behave according to GNU Standards. This enables 'make distcheck' to succeed. ** OpenCDK updated to 0.5.9 to fix some problems with OpenPGP support. ** Make --without-included-libtasn1 work. Reported by Daniel Black . ** Fix a crash (strcmp() on a NULL value) in the certificate verification logic. See http://www.gnu.org/software/gnutls/security.html regardging GNUTLS-SA-2006-2 for more up to date information. Reported by satyakumar . ** API and ABI modifications: No changes since last version. Improving GnuTLS is costly, but you can help! We are looking for organizations that find GnuTLS useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or donate money or equipment. Commercial support contracts for GnuTLS are available, and they help finance continued maintenance. Simon Josefsson Datakonsult, a Stockholm based privately held company, is currently funding GnuTLS maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. All manual formats are available from: http://www.gnutls.org/manual/ Direct link to the most popular formats: http://www.gnutls.org/manual/gnutls.html - HTML format http://www.gnutls.org/manual/gnutls.pdf - PDF format http://www.gnutls.org/reference/ch01.html - API Reference, GTK-DOC HTML If you need help to use GnuTLS, or want to help others, you are invited to join our help-gnutls mailing list, see: . The project page of the library is available at: http://www.gnutls.org/ http://www.gnu.org/software/gnutls/ http://josefsson.org/gnutls/ (updated fastest) Here are the compressed sources (3.9MB): http://josefsson.org/gnutls/releases/gnutls-1.4.2.tar.bz2 Here are GPG detached signatures signed using key 0xB565716F: http://josefsson.org/gnutls/releases/gnutls-1.4.2.tar.bz2.sig Here is the Windows installer (14MB): http://josefsson.org/gnutls4win/gnutls-1.5.0.exe http://josefsson.org/gnutls4win/gnutls-1.5.0.exe.sig More information about the Windows installer: http://josefsson.org/gnutls4win/ The software is cryptographically signed by the author using an OpenPGP key identified by the following information: pub 1280R/B565716F 2002-05-05 [expires: 2006-08-14] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F uid Simon Josefsson uid Simon Josefsson sub 1280R/4D5D40AE 2002-05-05 [expires: 2006-08-14] sub 1024R/09CC4670 2006-03-18 [expires: 2007-04-22] sub 1024R/AABB1F7B 2006-03-18 [expires: 2007-04-22] sub 1024R/A14C401A 2006-03-18 [expires: 2007-04-22] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Here are the SHA-1 and SHA-224 checksums: cf20e68fde70ffc12c7859ebc0787417eac57b45 gnutls-1.5.0.tar.bz2 84d498f3962c116f71db34285a7e0a66a427dac2 gnutls-1.5.0.tar.bz2.sig 3881082cb42c1a921c9f654a5b2ae89c197688041f59251deac47047 gnutls-1.5.0.tar.bz2 4cd713a295016049e6f5fd49bb21b35c47108f85033fad5ab36af3f2 gnutls-1.5.0.tar.bz2.sig e4c463c72959f2a0a4aa1e4f14ca856d847ce9c5 gnutls-1.5.0.exe e0b93c63600d19c76a92ab860ba0435779bc6715 gnutls-1.5.0.exe.sig 7364ca23de0bdea9f5597018c4d9f95afe81557a3246eb981befc479 gnutls-1.5.0.exe 483ca0d7b290a1cc4fa8a4d3028d695e9dd843bb2227a74d58b9b27e gnutls-1.5.0.exe.sig Enjoy, Nikos and Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From jas at extundo.com Fri Aug 18 10:42:32 2006 From: jas at extundo.com (Simon Josefsson) Date: Fri, 18 Aug 2006 10:42:32 +0200 Subject: [Help-gnutls] Re: Need help In-Reply-To: <44D108CD.9090602@mur.at> (Rupert Kittinger-Sereinig's message of "Wed, 02 Aug 2006 22:19:25 +0200") References: <1154492793.44d02979400cc@mail.opentransfer.com> <44D108CD.9090602@mur.at> Message-ID: <87r6zecu4n.fsf@latte.josefsson.org> Rupert Kittinger-Sereinig writes: > nilanjans at condornetworks.com schrieb: >> Hi Rupert, >> >> Thank you for your help. >> >> Libgcrypt is installed. I am using POSIX threds, and followed the >> link for "Multi-threaded applications". Using "gcry_control >> (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);", the SIGABRT >> (signal 6), is not coming in load condition(high TPS). >> >> But now I am getting differnt problem. >> In load(I am sending continuous packets from my simulator, in some >> moderate load), after some time, the gnuTLS session getting >> "INVALID". In sending time (I am using the gnuTLS api >> gnutls_record_send), it returns error code (-10) >> ="Socket operation on non-socket". >> >> If you have any hints for this problem, please write me. DO I need >> to enable (or set) some options for load? >> >> Thanks in advance. >> Regards, >> Nilanjan >> > > does not sound like a gnutls problem to me. Probably you messed up the > file descriptors somewhere. I agree this is the most likely explanation. > If your are using linux, the easiest way to find out is probably to > run the whole application with strace, which will show you all the > system calls with parameters and results. Valgrind is another good recommendation, if some memory related error caused this problem. /Simon From jas at extundo.com Fri Aug 18 10:47:07 2006 From: jas at extundo.com (Simon Josefsson) Date: Fri, 18 Aug 2006 10:47:07 +0200 Subject: [Help-gnutls] Re: statically linked libgnutls doesn't pull in zlib In-Reply-To: (kyle cronan's message of "Wed, 2 Aug 2006 18:28:55 -0700") References: Message-ID: <87mza2ctx0.fsf@latte.josefsson.org> "kyle cronan" writes: > Hi everyone, > > This is really pretty minor, but when I tried to link my application > statically I got some undefined symbols, such as deflate, that are > part of zlib. So I had to add this to my application's dependencies > even though I don't use zlib directly. > > I see that in the libgnutls.la file, it has > > dependency_libs=' -L/usr/lib -lz /usr/lib/libgcrypt.la -lnsl -lgpg-error ' > > So I don't know why those symbols don't end up in libgnutls.a. I just > thought I'd post in case somebody knows an easy fix. Hi! Looking at the libgnutls.a installed on my system, it doesn't have libz symbols either: jas at mocca:~/src/gnutls$ nm -B ~/lib/libgnutls.a |grep deflate U deflate U deflateEnd U deflateInit2_ jas at mocca:~/src/gnutls$ Isn't the normal procedure that, if you use static linking, you have to link directly to a library, and all its dependencies? I think that if you use libtool to link your static application, it should have taken care of this. /Simon From smurf at smurf.noris.de Fri Aug 18 11:28:06 2006 From: smurf at smurf.noris.de (Matthias Urlichs) Date: Fri, 18 Aug 2006 11:28:06 +0200 Subject: [Help-gnutls] Re: statically linked libgnutls doesn't pull in zlib In-Reply-To: <87mza2ctx0.fsf@latte.josefsson.org> References: <87mza2ctx0.fsf@latte.josefsson.org> Message-ID: <20060818092806.GF5397@kiste.smurf.noris.de> Hi, Simon Josefsson: > Hi! Looking at the libgnutls.a installed on my system, it doesn't > have libz symbols either: > That's normal behavior. > jas at mocca:~/src/gnutls$ nm -B ~/lib/libgnutls.a |grep deflate > U deflate > U deflateEnd > U deflateInit2_ > jas at mocca:~/src/gnutls$ > > Isn't the normal procedure that, if you use static linking, you have > to link directly to a library, and all its dependencies? > Correct. > I think that if you use libtool to link your static application, it > should have taken care of this. In fact, the .la file (which libtool generates if you use it to build a static library) lists those dependent libraries. (Shared libraries note their dependencies in a separate section, but the .a file format has no backwards-compatible way to do that.) -- Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf at smurf.noris.de Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de - - When you need towns, they are very far apart. -- John Steinbeck -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: Digital signature URL: From ludovic.courtes at laas.fr Wed Aug 23 16:02:11 2006 From: ludovic.courtes at laas.fr (Ludovic =?iso-8859-1?Q?Court=E8s?=) Date: Wed, 23 Aug 2006 16:02:11 +0200 Subject: [Help-gnutls] GnuTLS and OpenPGP: "Could not get OpenPGP key" Message-ID: <87r6z7mty4.fsf@laas.fr> Hi, I noticed the following weird client failure when playing with `gnutls-serv' and `gnutls-cli' to perform OpenPGP authentication (I'm using the ASCII-armored key pair found under the `src/openpgp' directory of GnuTLS): $ gnutls-serv --echo --pgpkeyfile sec.asc --pgpcertfile pub.asc & Echo Server ready. Listening to port '5556'. $ gnutls-cli -p 5556 --pgpkeyfile sec.asc --pgpcertfile pub.asc localhost *** Error loading PGP key file: Could not get OpenPGP key. This error is `GNUTLS_E_OPENPGP_GETKEY_FAILED', apparently returned by `gnutls_openpgp_privkey_import ()'. I'm unable to understand the meaning of this error in this context. Does it have something to do with key lookup on a remote server or something? I'm using GnuTLS 1.4.2 as currently found in Debian unstable. Thanks, Ludovic.