[gnutls-dev] Bad record MAC with a Nokia E90

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Aug 19 01:12:56 CEST 2007


On Wednesday 15 August 2007, Andreas Metzler wrote:
> Hello,
> this is http://bugs.debian.org/438137 submitted by Marc Haber for
> gnutls 1.7.16:
>
> When a Nokia E90 connects to a gnutls-serv, then connection is not
> established and it aborts with "Bad record MAC".
> [...]
>
> gnutls-serv output is attached an Marc will surely be available to add
> additional info if necessary.

I glimpsed on the trace and saw that it selects this ciphersuite:
<3>| HSK[8077a48]: Selected cipher suite: RSA_AES_256_CBC_SHA1

Something that might help in debugging without much fuss, would be
to test handshake by enabling other ciphersuites.
That would be for gnutls-serv to only enable:
a. key exchage: DHE-RSA  cipher: 3DES
b. key exchange: DHE-RSA cipher: AES_256_CBC
c. key exchange: RSA cipher ARCFOUR

and return the traces if possible.

best regards,
Nikos




More information about the Gnutls-devel mailing list