Bug#623001: libgnutls26: fails to handshake on a number of sites (firefox works)

Andreas Metzler ametzler at downhill.at.eu.org
Sat Apr 16 17:54:55 CEST 2011 

On 2011-04-16 Gustavo Noronha Silva <kov at debian.org> wrote:
> Package: libgnutls26
> Version: 2.12.2-1
[...]
> I've been seeing this problem mostly in Epiphany - the web page
> renders with the layout totally broken because the CSS failed to
> download because of this issue. Some big sites like github.com are
> affected.
[...]
> The reason reported is 'Peer failed to perform TLS handshake'. Here's
> a test with gnutls-cli:

> 	kov at goiaba:~$ gnutls-cli d3nwyuy0nl342s.cloudfront.net
> 	Resolving 'd3nwyuy0nl342s.cloudfront.net'...
> 	Connecting to '204.246.175.60:443'...
> 	*** Fatal error: A TLS fatal alert has been received.
> 	*** Received alert [40]: Handshake failed
> 	*** Handshake has failed
> 	GnuTLS error: A TLS fatal alert has been received.
[...]
> ii  libgcrypt11               1.5.0~beta1-1  LGPL Crypto library - runtime libr
[...]

Hello,

thank you for taking the time to test the packages in experimental. I
can reproduce the bug.

For clarification it is not caused by libgcrypt11 from experimental,
libgnutls26 2.12.2-1 with stable libgcrypt11 also fails.  Attached
verbose log is not a lot more enlightening.

cu andreas
-------------- next part --------------
|<4>| REC[0x9ddaf60]: Allocating epoch #0
|<2>| ASSERT: gnutls_constate.c:695
|<4>| REC[0x9ddaf60]: Allocating epoch #1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA256
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA256
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA256
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA256
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x9ddaf60]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<2>| EXT[0x9ddaf60]: Sending extension CERT TYPE (3 bytes)
|<2>| EXT[0x9ddaf60]: Sending extension SERVER NAME (34 bytes)
|<2>| EXT[0x9ddaf60]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<2>| EXT[0x9ddaf60]: Sending extension SESSION TICKET (0 bytes)
|<2>| EXT[SIGA]: sent signature algo (4.2) DSA-SHA256
|<2>| EXT[SIGA]: sent signature algo (4.1) RSA-SHA256
|<2>| EXT[SIGA]: sent signature algo (2.1) RSA-SHA1
|<2>| EXT[SIGA]: sent signature algo (2.2) DSA-SHA1
|<2>| EXT[0x9ddaf60]: Sending extension SIGNATURE ALGORITHMS (10 bytes)
|<3>| HSK[0x9ddaf60]: CLIENT HELLO was sent [159 bytes]
|<6>| BUF[HSK]: Inserted 159 bytes of Data
|<7>| HWRITE: enqueued 159. Total 159 bytes.
|<7>| HWRITE FLUSH: 159 bytes in buffer.
|<4>| REC[0x9ddaf60]: Sending Packet[0] Handshake(22) with length: 159
|<7>| WRITE: enqueued 164 bytes for 0x4. Total 164 bytes.
|<4>| REC[0x9ddaf60]: Sent Packet[1] Handshake(22) with length: 164
|<7>| HWRITE: wrote 159 bytes, 0 bytes left.
|<7>| WRITE FLUSH: 164 bytes in buffer.
|<7>| WRITE: wrote 164 bytes, 0 bytes left.
|<7>| READ: Got 5 bytes from 0x4
|<7>| READ: read 5 bytes from 0x4
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[0x9ddaf60]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[0x9ddaf60]: Received Packet[0] Alert(21) with length: 2
|<7>| READ: Got 2 bytes from 0x4
|<7>| READ: read 2 bytes from 0x4
|<7>| RB: Have 5 bytes into buffer. Adding 2 bytes.
|<7>| RB: Requested 7 bytes
|<4>| REC[0x9ddaf60]: Decrypted Packet[0] Alert(21) with length: 2
|<4>| REC[0x9ddaf60]: Alert[2|40] - Handshake failed - was received
|<2>| ASSERT: gnutls_record.c:726
|<2>| ASSERT: gnutls_record.c:1122
|<2>| ASSERT: gnutls_handshake.c:2761
|<6>| BUF[HSK]: Cleared Data from buffer
*** Fatal error: A TLS fatal alert has been received.
|<4>| REC: Sending Alert[2|80] - Internal error
|<4>| REC[0x9ddaf60]: Sending Packet[1] Alert(21) with length: 2
|<7>| WRITE: enqueued 7 bytes for 0x4. Total 7 bytes.
|<7>| WRITE FLUSH: 7 bytes in buffer.
|<7>| WRITE: wrote 7 bytes, 0 bytes left.
|<4>| REC[0x9ddaf60]: Sent Packet[2] Alert(21) with length: 7
*** Handshake has failed
GnuTLS error: A TLS fatal alert has been received.
|<6>| BUF[HSK]: Cleared Data from buffer
|<4>| REC[0x9ddaf60]: Epoch #0 freed
|<4>| REC[0x9ddaf60]: Epoch #1 freed
Resolving 'd3nwyuy0nl342s.cloudfront.net'...
Connecting to '216.137.61.145:443'...
*** Received alert [40]: Handshake failed

More information about the Gnutls-devel mailing list