[gnutls-dev] GNUTLS_E_INTERNAL_ERROR in _gnutls_ciphertext2compressed
nmav at gnutls.org
Sat Nov 17 11:26:52 CET 2007
On Friday 16 November 2007, Ludovic Courtès wrote:
> Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:
> > Then it might be another kind of bug. However I'd suggest that you try
> > connecting to the most recent server (2.1.6). If that fails too could you
> > try different protocols (TLS 1.0 - SSL 3.0) and different algorithms (AES
> > - ARCFOUR would be enough) at your connection and see which ones fail?
> It appears that `DHE_DSS_3DES_EDE_CBC_SHA1' works fine while
> `DHE_DSS_AES_128_CBC_SHA1' doesn't ("Decryption failed" on the server
> side right during handshake). In both cases, this is TLS 1.1 (I tried
> 1.0 earlier but didn't notice any difference).
> Unfortunately, I won't have time to investigate more for the time being.
These are very similar ciphersuites and they only differ on the choice of AES
instead of 3DES. I cannot imagine what this could cause the problem with the
provided information. (was compression used?)
More information about the Gnutls-devel