gnutls-3.0.3 testdsa problems, patch

Somchai Smythe buraphalinuxserver at gmail.com
Thu Sep 22 12:10:44 CEST 2011


Hello,

    Some processes were holding the sockets open.  These processes
were from pervious crashes from my early patch attempts that were bad.
  After I did 'kill -9' on all of those, then with my patch all tests
pass and the build appears to work fine.  Without the patch I get
this:

$./testdsa
Checking various DSA key sizes
Checking DSA-1024 with TLS 1.0
Failed to launch a gnutls-serv server !
Failure:
../scripts/common.sh: line 25: kill: Failed: arguments must be process
or job IDs
../scripts/common.sh: line 25: kill: to: arguments must be process or job IDs
../scripts/common.sh: line 25: kill: launch: arguments must be process
or job IDs
../scripts/common.sh: line 25: kill: a: arguments must be process or job IDs
../scripts/common.sh: line 25: kill: gnutls-serv: arguments must be
process or job IDs
../scripts/common.sh: line 25: kill: server,: arguments must be
process or job IDs
../scripts/common.sh: line 25: kill: aborting: arguments must be
process or job IDs
../scripts/common.sh: line 25: kill: test...: arguments must be
process or job IDs
$

I did modify the testdsa (attached) to remove the redirections of
output to /dev/null, but it did not change the output of the test in
the case where the patch was not applied.  With the patch applied and
the modified testdsa, I get a lot of output I don't really understand
(attached).

JGH


On 9/20/11, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> On Tue, Sep 20, 2011 at 4:17 PM, Nikos Mavrogiannopoulos
> <nmav at gnutls.org> wrote:
>
>>> *** Fatal error: The given DSA key is incompatible with the selected
>>> TLS protocol.
>>> *** Handshake has failed
>>> GnuTLS error: The given DSA key is incompatible with the selected TLS
>>> protocol.
>>> Failure: Failed connection to a server with a client DSA 2048 key and TLS
>>> 1.2!
>> That's pretty strange because the code isn't system specific and I
>> cannot reproduce it. What is the system you're using?
>
> Could you try removing the /dev/null redirections for the failed test
> and add a "-d 6" parameter to the client and server?
>
> regards,
> Nikos
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rezz
Type: application/octet-stream
Size: 117052 bytes
Desc: not available
URL: </pipermail/attachments/20110922/0ac4110c/attachment.obj>


More information about the Gnutls-devel mailing list