[gnutls-dev] patches

Jon Nelson jnelson@securepipe.com
Thu Nov 1 18:25:01 2001


On Thu, 1 Nov 2001 09:11:48 -0600
"Jon Nelson" <jnelson@securepipe.com> wrote:

> I will continue to make the diff available at 
> http://jamponi.net/gnutls.patch

I have fixed some more bugs (in the patch), and made the
library noiser as well.  Patch weighs in at around 18KB.
Apply to current cvs with "patch -p0 -l < gnutls.diff"
if you are in the toplevel gnutls directory.

41b8101611b8c1fdb8118c7fa71fa4a8  gnutls.diff

I still have some trouble.

Apply the patch, make, and Run with:
[jnelson@hostname src]$ GNUTLS_EAGAIN_MODNUM=4 ./serv -h
...

Use stunnel as a bridge
/usr/sbin/stunnel -c -f -P none -d hostname:8000 -r
localhost:5556 -D 7 

And use netscape or something to connect to localhost:8000
(plaintext).

I get:

...
2001.11.01 11:23:21 LOG6[8405:1026]: localhost.5556 opened with
SSLv3, 
  cipher EDH-RSA-DES-CBC3-SHA (168 bits)
2001.11.01 11:23:21 LOG7[8405:1026]: SSL alert (write): fatal:
bad record mac
2001.11.01 11:23:21 LOG3[8405:1026]: SSL_read: error:1408F071:SSL

  routines:SSL3_GET_RECORD:bad mac decode
2001.11.01 11:23:21 LOG5[8405:1026]: Connection reset: 298 bytes
sent 
  to SSL, 0 bytes sent to socket
2001.11.01 11:23:21 LOG7[8405:1026]: localhost.5556 finished (0
left)

What does it mean? Specifically, where might I start looking?

serv outputs quite a bit more noise, not suitable for posting
here.

-- 
Jon Nelson                \|/ ____ \|/   Gort,
jnelson@securepipe.com    "@'/ ,. \`@"   Klaatu
C and Python Programmer   /_| \__/ |_\   barada
Motorcycle Enthusiast        \__U_/      nikto.