[gnutls-dev] dh_param's required in client for anonymous kx in 1.1?

Nikos Mavroyanopoulos nmav at gnutls.org
Sat Dec 20 19:09:46 CET 2003


On Sat, Dec 20, 2003 at 02:21:03PM +0100, Simon Josefsson wrote:

> I'm using the anonymous key exchange, and I generate dh_param's in the
> server, and it works fine with 1.0.  With 1.1 (from CVS) however, I
> get an error in the server:
> shishi: TLS handshake failed (-32): Insufficient credentials for that request.

gnutls-cli works fine in 1.1.0. Do you allocate and set the anon client
credentials? If yes, please enable debugging(with level 2) and send me the output. 

> Given the recent NEWS entry, I suspect gnutls might be removing the
> ANON kx from the list of valid kx's in the client, because the client
> hasn't any dh_param's.  But as far as I understand, only the server is
> required to generate the dh_param's.
Yes this is correct.

> Thanks.

-- 
Nikos Mavroyanopoulos



More information about the Gnutls-dev mailing list