TLS 1.2 server

Simon Josefsson simon at josefsson.org
Wed Sep 30 16:04:51 CEST 2009


Daiki Ueno <ueno at unixuser.org> writes:

>>>>>> In <87ske44pfy.fsf at mocca.josefsson.org> 
>>>>>>	Simon Josefsson <simon at josefsson.org> wrote:
>> The x509self self-test started failing, and it may be TLS 1.2 related.
>> Can you take a look?
>
> Sure, but I couldn't reproduce the failure.  What architecture did you
> run the test on?

Debian x86.

>> ==12233== Invalid read of size 4
>> ==12233==    at 0x40479CC: _gnutls_hash_deinit (gnutls_hash_int.c:172)
>> ==12233==    by 0x4058683: _gnutls_tls_sign_hdata (gnutls_sig.c:157)
>> ==12233==    by 0x4055197: _gnutls_gen_cert_client_cert_vrfy (auth_cert.c:1419)
>> ==12233==    by 0x40458BD: _gnutls_send_client_certificate_verify (gnutls_kx.c:352)
>
> Hmm, I haven't touched any of those functions, anyway I will look into
> it further tomorrow.  Sorry if it is by my mistake (probably so...)

The error happened when I made TLS 1.2 the default, so if you didn't
pull you might not see it.  It could be something else, although the
auth_cert.c stuff did change which may have caused this -- I'll look
into it further as well when I get time.

/Simon





More information about the Gnutls-devel mailing list