From linus at nordberg.se Thu May 2 17:50:11 2013 From: linus at nordberg.se (Linus Nordberg) Date: Thu, 02 May 2013 17:50:11 +0200 Subject: [gnutls-devel] Error linking eagain-cli when missing PKCS#11 support Message-ID: <87k3nh9ya4.fsf@nordberg.se> Hi, When configuring gnutls without PKCS#11 support I get the following error from the link editor in tests/suite: --8<---------------cut here---------------start------------->8--- mini-eagain2.o: In function `global_init': /u/src/gnutls/tests/suite/../utils.h:38: undefined reference to `gnutls_pkcs11_init' collect2: error: ld returned 1 exit status make[3]: *** [eagain-cli] Error 1 make[3]: Leaving directory `/home/u/src/gnutls/tests/suite' --8<---------------cut here---------------end--------------->8--- I don't know the appropriate way to handle this. Building eagain-cli within "if ENABLE_PKCS11" (tests/suite/Makefile.am) perhaps? Thanks, Linus From nmav at gnutls.org Thu May 2 19:38:13 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 2 May 2013 20:38:13 +0300 Subject: [gnutls-devel] Typo: _CONSTRAINS_ as used in DANE API should be _CONSTRAINTS_ In-Reply-To: References: Message-ID: On Wed, Feb 27, 2013 at 6:43 PM, Etan Reisner wrote: > Constrains is a verb and means to limit or hold-back. > Constraints is a noun and is a liimtation. > As such constrainTs constrain available choices/options and when one > violates something the thing which is being violated is a constrainT. It seems your mail was lost in the long list of held messages. Thanks for reporting that. It has now been corrected. regards, Nikos From nmav at gnutls.org Thu May 2 19:41:43 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 2 May 2013 20:41:43 +0300 Subject: [gnutls-devel] Error linking eagain-cli when missing PKCS#11 support In-Reply-To: <87k3nh9ya4.fsf@nordberg.se> References: <87k3nh9ya4.fsf@nordberg.se> Message-ID: On Thu, May 2, 2013 at 6:50 PM, Linus Nordberg wrote: > Hi, > When configuring gnutls without PKCS#11 support I get the following > error from the link editor in tests/suite: Thanks for reporting that. Should now be corrected. regards, Nikos From nmav at gnutls.org Thu May 2 19:44:46 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 2 May 2013 20:44:46 +0300 Subject: [gnutls-devel] SIGSEGV in _gnutls_ciphertext2compressed In-Reply-To: <51341D10.9010605@vee.net> References: <51341D10.9010605@vee.net> Message-ID: On Mon, Mar 4, 2013 at 6:03 AM, Michael Gratton wrote: > Using Epiphany, loading a HTTP URL that redirects to a HTTPS URL, > results in the attached stack trace. > Ubuntu 12.10 > libgnutls26:amd64 2.12.14-5ubuntu4.2 Hello, This is from an unsupported (by me at least) version of gnutls. You may want to contact your distribution directly about it or upgrade to the latest (and supported) gnutls releases. regards, Nikos From nmav at gnutls.org Thu May 2 19:49:25 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 2 May 2013 20:49:25 +0300 Subject: [gnutls-devel] gnutls 3.1.10 compile fails on OS X 10.5 Leopard because of invalid start-of-comment characters in macosx/appro-aes-x86-macosx.s In-Reply-To: <61182AAD-BFAC-4CF4-8A69-57FF3FD9DB3F@macports.org> References: <61182AAD-BFAC-4CF4-8A69-57FF3FD9DB3F@macports.org> Message-ID: On Tue, Apr 2, 2013 at 5:13 AM, Ryan Schmidt wrote: > Building gnutls 3.1.10 fails on OS X 10.5.8 Leopard i386 with Xcode 3.1.4: > macosx/appro-aes-x86-macosx.s:1:3: error: invalid preprocessing directive #Copyright > "#" appears not to be a valid start-of-comment character for this assembler (which is "Apple Inc version cctools-698.1~1, GNU assembler version 1.38"). Removing the lines that start with "#" fixes the problem. I don't know what the correct start-of-comment character should be; the documentation I found says it should be "#" on i386 and ";" on ppc. Hello, I am unfamiliar with the platform and I don't know how this can be fixed. Is that specific to leopard or assemblers in all macosx systems fail to compile it? Is there a comment symbol that can be used reliably there? regards, Nikos From nmav at gnutls.org Thu May 2 19:59:31 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 2 May 2013 20:59:31 +0300 Subject: [gnutls-devel] certtool bug: key_purpose_oids ignored when generating CSR In-Reply-To: <1367247590.4556.9.camel@azathoth.dev.smoothwall.net> References: <1367247590.4556.9.camel@azathoth.dev.smoothwall.net> Message-ID: On Mon, Apr 29, 2013 at 5:59 PM, Harry Mason wrote: > I'm using certtool to generate a certificate for EAP authentication. I > was trying to use the key_purpose_oids option to add the necessary OID > to the CSR, but the code in generate_request never checks the value of > this option. > If generating a certificate directly without an intermediate CSR it > works, because generate_certificate calls get_key_purpose_set; but there > is no corresponding function to add the OIDs to a gnutls_x509_crq_t. Hello, Could you try with the following patch applied? http://gitorious.org/gnutls/gnutls/commit/440462b981782c710827ebd3b4122647b87298e2/diffs/e644b7f471582a453c2c7fc39c575b14549531cf regards, Nikos From dkg at fifthhorseman.net Thu May 2 20:06:28 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 02 May 2013 14:06:28 -0400 Subject: [gnutls-devel] SIGSEGV in _gnutls_ciphertext2compressed In-Reply-To: References: <51341D10.9010605@vee.net> Message-ID: <5182AB24.1080206@fifthhorseman.net> On 05/02/2013 01:44 PM, Nikos Mavrogiannopoulos wrote: > On Mon, Mar 4, 2013 at 6:03 AM, Michael Gratton wrote: >> Using Epiphany, loading a HTTP URL that redirects to a HTTPS URL, >> results in the attached stack trace. >> Ubuntu 12.10 >> libgnutls26:amd64 2.12.14-5ubuntu4.2 > > Hello, > This is from an unsupported (by me at least) version of gnutls. You > may want to contact your distribution directly about it or upgrade to > the latest (and supported) gnutls releases. Hi, i'm a debian develper who wants to support debian gnutls packages at least, and we'll be (trying to) support some releases from the 2.12 branch (SONAME 26) for the lifetime of the upcoming wheezy release. I tried to replicate the bug report you describe using epiphany-browser 3.4.2-2.1 and libgnutls26 2.12.20-6 (the version in wheezy) but was unable to reproduce it. I tried it with: epiphany-browser http://mod.gnutls.org/ since i know that should redirect to https://mod.gnutls.org/ but i got no segfault. are you able to replicate the segfault using the command above? if so, please report it to your distro at https://bugs.launchpad.net/ubuntu/+source/gnutls26/+filebug and follow up on this list with the link to the report. thanks, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1027 bytes Desc: OpenPGP digital signature URL: From stefw at gnome.org Wed May 8 17:33:23 2013 From: stefw at gnome.org (Stef Walter) Date: Wed, 08 May 2013 17:33:23 +0200 Subject: [gnutls-devel] Various fixes for hex DN attributes In-Reply-To: References: <517BD651.9060006@gnome.org> Message-ID: <518A7043.7000704@gnome.org> On 27.04.2013 20:54, Nikos Mavrogiannopoulos wrote: > On Sat, Apr 27, 2013 at 4:44 PM, Stef Walter wrote: >> The encoding of unrecognized (or non-string) DN attributes via functions >> like gnutls_x509_crt_get_dn() doesn't work properly. The function >> returns GNUTLS_E_ASN1_DER_ERROR. Attached are a number of patches and >> some test code to demonstrate the problem and fix related things. > > Thank you for that patches and the report. I've committed a slightly > different fix for the first two as it uncovered some issues in the > code. > > Did you notice any such issues in the 3.0.x series? Sorry, I haven't been able to test that. But I did attach a simple test case to my original post which should make this pretty simple to verify. Cheers, Stef From nmav at gnutls.org Fri May 10 11:45:42 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 10 May 2013 11:45:42 +0200 Subject: [gnutls-devel] gnutls 3.1.11 Message-ID: <20130510114542.35c76788@aspire.lan> Hello, I've just released gnutls 3.1.11. This release adds new features and fixed bugs on the current stable branch. * Version 3.1.11 (released 2013-05-10) ** libgnutls: Added priority string VERS-DTLS-ALL. ** libgnutls: When in compatibility mode allow for a wrong version in the RSA PMS. ** libgnutls: Corrected issues in DTLS heartbeat parsing. Reported by Joke de Buhr. ** libgnutls: Heartbeat support is enabled by default. ** libgnutls: Added GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA which allows gnutls_privkey_sign_hash() to operate as with gnutls_privkey_sign_raw_data(). This makes it consistent with verification with GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA flag. ** libgnutls: Fixes in unknown DN string printing. Issues reported and patches by Stef Walter. ** certtool: When generating certificates the default answer for marking the key for signing and encryption is yes. ** API and ABI modifications: gnutls_certificate_set_x509_key_mem2: Added gnutls_certificate_set_x509_key_file2: Added gnutls_sign_algorithm_get_client: Added GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA: Added Getting the Software ==================== GnuTLS may be downloaded directly from . A list of GnuTLS mirrors can be found at . Here are the XZ and LZIP compressed sources: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.11.tar.xz ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.11.tar.lz Here are OpenPGP detached signatures signed using key 0x96865171: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.11.tar.xz.sig ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.11.tar.lz.sig Note that it has been signed with my openpgp key: pub 3104R/96865171 2008-05-04 [expires: 2028-04-29] uid Nikos Mavrogiannopoulos gnutls.org> uid Nikos Mavrogiannopoulos gmail.com> sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos From ametzler at downhill.at.eu.org Fri May 10 17:47:24 2013 From: ametzler at downhill.at.eu.org (Andreas Metzler) Date: Fri, 10 May 2013 17:47:24 +0200 Subject: [gnutls-devel] Typo fix overriden --> overridden Message-ID: <20130510154724.GA4564@downhill.g.la> Hello, find attached a trivial patch against GIT master for a typo fix. (Thanks, lintian.) cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -------------- next part -------------- A non-text attachment was scrubbed... Name: typo_overriden.diff Type: text/x-diff Size: 1048 bytes Desc: not available URL: From nmav at gnutls.org Fri May 10 18:38:45 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 10 May 2013 18:38:45 +0200 Subject: [gnutls-devel] gnutls 3.2.0 Message-ID: <20130510183845.222dd931@aspire.lan> Hello, I've just released gnutls 3.2.0. This release significantly improves the performance of gnutls in two ways. The new elliptic curve implementation of nettle 2.7 is used which improves performance by a factor of 2 (thanks to Niels Moeller), and on the ciphersuite level the (currently) private ciphersuites with Salsa20 and UMAC-96 are defined, giving a performance boost compared to any ARCFOUR or AES based ciphersuites. The new ciphersuites also provide a solution to the recent attacks in TLS that compromise the security of CBC-based ciphersuites and ARCFOUR. Note that since these are private --i.e., gnutls-specific-- ciphersuites they are not enabled by default. In addition on this release all support for the so-called EXPORT ciphersuites is dropped. * Version 3.2.0 (released 2013-05-10) ** libgnutls: Use nettle's elliptic curve implementation. ** libgnutls: Added Salsa20 cipher ** libgnutls: Added UMAC-96 and UMAC-128 ** libgnutls: Added ciphersuites involving Salsa20 and UMAC-96. As they are not standardized they are defined using private ciphersuite numbers. ** libgnutls: Added support for DTLS 1.2. ** libgnutls: Added support for the Application Layer Protocol Negotiation (ALPN) extension. ** libgnutls: Removed support for the RSA-EXPORT ciphersuites. ** libgnutls: Avoid linking to librt (that also avoids unnecessary linking to pthreads if p11-kit isn't used). ** API and ABI modifications: gnutls_cipher_get_iv_size: Added gnutls_hmac_set_nonce: Added gnutls_mac_get_nonce_size: Added Getting the Software ==================== GnuTLS may be downloaded directly from . A list of GnuTLS mirrors can be found at . Here are the XZ and LZIP compressed sources: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.0.tar.xz ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.0.tar.lz Here are OpenPGP detached signatures signed using key 0x96865171: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.0.tar.xz.sig ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.0.tar.lz.sig Note that it has been signed with my openpgp key: pub 3104R/96865171 2008-05-04 [expires: 2028-04-29] uid Nikos Mavrogiannopoulos gnutls.org> uid Nikos Mavrogiannopoulos gmail.com> sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos From nmav at gnutls.org Fri May 10 18:44:24 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 10 May 2013 18:44:24 +0200 Subject: [gnutls-devel] Typo fix overriden --> overridden In-Reply-To: <20130510154724.GA4564@downhill.g.la> References: <20130510154724.GA4564@downhill.g.la> Message-ID: <20130510184424.0fd04451@aspire.lan> On Fri, 10 May 2013 17:47:24 +0200 Andreas Metzler wrote: > Hello, > find attached a trivial patch against GIT master for a typo fix. > (Thanks, lintian.) Thank you. Unfortunately I didn't see it prior to release, but it will be included in the next one. best regards, Nikos From tim.kosse at filezilla-project.org Fri May 10 19:49:38 2013 From: tim.kosse at filezilla-project.org (Tim Kosse) Date: Fri, 10 May 2013 19:49:38 +0200 Subject: [gnutls-devel] [PATCH 2/2] If gnutls_record_send fails with GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED, the documentation allows passing null for the data and size on retry. In-Reply-To: <1368208178-23201-1-git-send-email-tim.kosse@filezilla-project.org> References: <1368208178-23201-1-git-send-email-tim.kosse@filezilla-project.org> Message-ID: <1368208178-23201-3-git-send-email-tim.kosse@filezilla-project.org> Commit 2ec84d6 broke this usage of gnutls_record_send. This patch fixes the problem. --- lib/gnutls_record.c | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index eea9372..ca9376e 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -500,9 +500,6 @@ _gnutls_send_tlen_int (gnutls_session_t session, content_type_t type, else send_data_size = data_size; - if (unlikely(send_data_size == 0)) - return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - /* Only encrypt if we don't have data to send * from the previous run. - probably interrupted. */ @@ -518,6 +515,9 @@ _gnutls_send_tlen_int (gnutls_session_t session, content_type_t type, } else { + if (unlikely(send_data_size == 0)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + /* now proceed to packet encryption */ cipher_size = MAX_RECORD_SEND_SIZE(session); -- 1.7.2.5 From tim.kosse at filezilla-project.org Fri May 10 19:49:36 2013 From: tim.kosse at filezilla-project.org (Tim Kosse) Date: Fri, 10 May 2013 19:49:36 +0200 Subject: [gnutls-devel] Regression in gnutls_record_send Message-ID: <1368208178-23201-1-git-send-email-tim.kosse@filezilla-project.org> Hi, this patch series adds a testcase and a fix for a regression in gnutls_record_send if called with null data and size after GNUTLS_E_AGAIN. At least master and the 3.1.x branch are affected by this bug. Regards, Tim Kosse From tim.kosse at filezilla-project.org Fri May 10 19:49:37 2013 From: tim.kosse at filezilla-project.org (Tim Kosse) Date: Fri, 10 May 2013 19:49:37 +0200 Subject: [gnutls-devel] [PATCH 1/2] When retrying gnutls_record_send due to GNUTLS_E_AGAIN, also try passing null data and length. Tests will fail after this patch until next patch is applied that fixes a bug in gnutls_record_send. In-Reply-To: <1368208178-23201-1-git-send-email-tim.kosse@filezilla-project.org> References: <1368208178-23201-1-git-send-email-tim.kosse@filezilla-project.org> Message-ID: <1368208178-23201-2-git-send-email-tim.kosse@filezilla-project.org> --- tests/eagain-common.h | 53 +++++++++++++++++++++++++++++++----------------- 1 files changed, 34 insertions(+), 19 deletions(-) diff --git a/tests/eagain-common.h b/tests/eagain-common.h index c9aa032..dac712b 100644 --- a/tests/eagain-common.h +++ b/tests/eagain-common.h @@ -69,13 +69,9 @@ extern const char* side; #define HANDSHAKE(c, s) \ HANDSHAKE_EXPECT(c,s,0,0) -#define TRANSFER(c, s, msg, msglen, buf, buflen) \ - do \ - { \ - side = "client"; \ - ret = gnutls_record_send (c, msg, msglen); \ - } \ - while(ret == GNUTLS_E_AGAIN); \ +#define TRANSFER2(c, s, msg, msglen, buf, buflen, retry_send_with_null) \ + side = "client"; \ + ret = record_send_loop (c, msg, msglen, retry_send_with_null); \ \ if (ret < 0) fail ("client send error: %s\n", gnutls_strerror (ret)); \ \ @@ -97,12 +93,8 @@ extern const char* side; { \ transferred += ret; \ } \ - do \ - { \ - side = "server"; \ - ns = gnutls_record_send (server, msg, msglen); \ - } \ - while (ns == GNUTLS_E_AGAIN); \ + side = "server"; \ + ns = record_send_loop (server, msg, msglen, retry_send_with_null); \ if (ns < 0) fail ("server send error: %s\n", gnutls_strerror (ret)); \ do \ { \ @@ -127,12 +119,8 @@ extern const char* side; fail ("client: Transmitted data do not match\n"); \ } \ /* echo back */ \ - do \ - { \ - side = "client"; \ - ns = gnutls_record_send (client, buf, msglen); \ - } \ - while (ns == GNUTLS_E_AGAIN); \ + side = "client"; \ + ns = record_send_loop (client, buf, msglen, retry_send_with_null); \ if (ns < 0) fail ("client send error: %s\n", gnutls_strerror (ret)); \ transferred += ret; \ if (debug) \ @@ -141,6 +129,10 @@ extern const char* side; } \ while (transferred < 70000) +#define TRANSFER(c, s, msg, msglen, buf, buflen) \ + TRANSFER2(c, s, msg, msglen, buf, buflen, 0); \ + TRANSFER2(c, s, msg, msglen, buf, buflen, 1) + static char to_server[64*1024]; static size_t to_server_len = 0; @@ -293,3 +285,26 @@ inline static void reset_buffers(void) to_server_len = 0; to_client_len = 0; } + +inline static int record_send_loop(gnutls_session_t session, const void * data, size_t sizeofdata, int use_null_on_retry) +{ +int ret; +const void * retry_data; +size_t retry_sizeofdata; + + if( use_null_on_retry ) { + retry_data = 0; + retry_sizeofdata = 0; + } + else { + retry_data = data; + retry_sizeofdata = sizeofdata; + } + + ret = gnutls_record_send( session, data, sizeofdata ); + while( ret == GNUTLS_E_AGAIN ) { + ret = gnutls_record_send( session, retry_data, retry_sizeofdata ); + } + + return ret; +} -- 1.7.2.5 From a.radke at arcor.de Fri May 10 21:11:16 2013 From: a.radke at arcor.de (Andreas Radke) Date: Fri, 10 May 2013 21:11:16 +0200 Subject: [gnutls-devel] gnutls 3.2.0 In-Reply-To: <20130510183845.222dd931@aspire.lan> References: <20130510183845.222dd931@aspire.lan> Message-ID: <20130510211116.20e03f3c@laptop64.home> new test failure: make[3]: Leaving directory `/build/src/gnutls-3.2.0/tests/userid' make[2]: Leaving directory `/build/src/gnutls-3.2.0/tests/userid' Making check in cert-tests make[2]: Entering directory `/build/src/gnutls-3.2.0/tests/cert-tests' make pathlen aki template-test pem-decoding dane make[3]: Entering directory `/build/src/gnutls-3.2.0/tests/cert-tests' make[3]: Nothing to be done for `pathlen'. make[3]: Nothing to be done for `aki'. make[3]: Nothing to be done for `template-test'. make[3]: Nothing to be done for `pem-decoding'. make[3]: Nothing to be done for `dane'. make[3]: Leaving directory `/build/src/gnutls-3.2.0/tests/cert-tests' make check-TESTS make[3]: Entering directory `/build/src/gnutls-3.2.0/tests/cert-tests' PASS: pathlen PASS: aki PASS: template-test 7c7 < Not After: Tue Sep 11 19:04:49 UTC 2040 --- > Not After: Thu Dec 31 23:23:23 UTC 2037 FAIL: pem-decoding =================================== 1 of 4 tests failed Please report to bug-gnutls at gnu.org =================================== make[3]: *** [check-TESTS] Error 1 make[3]: Leaving directory `/build/src/gnutls-3.2.0/tests/cert-tests' make[2]: *** [check-am] Error 2 make[2]: Target `check' not remade because of errors. 3.1.11 had passed all tests. -Andy ArchLinux From nmav at gnutls.org Sat May 11 10:04:06 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sat, 11 May 2013 10:04:06 +0200 Subject: [gnutls-devel] Regression in gnutls_record_send In-Reply-To: <1368208178-23201-1-git-send-email-tim.kosse@filezilla-project.org> References: <1368208178-23201-1-git-send-email-tim.kosse@filezilla-project.org> Message-ID: <20130511100406.009465a3@aspire.lan> On Fri, 10 May 2013 19:49:36 +0200 Tim Kosse wrote: > this patch series adds a testcase and a fix for a regression in > gnutls_record_send if called with null data and size after > GNUTLS_E_AGAIN. Thank you. Applied. regards, Nikos From ametzler at downhill.at.eu.org Sat May 11 10:14:28 2013 From: ametzler at downhill.at.eu.org (Andreas Metzler) Date: Sat, 11 May 2013 10:14:28 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips Message-ID: <20130511081428.GA3378@downhill.g.la> Hello, the mini-xssl test does not succeed on mips: ------- (experimental_mips-dchroot)ametzler at gabrielli:~/GNUTLS/gnutls28-3.1.11/tests$ ./mini-xssl ; echo $? 141 ------- Find attached --verbose output for 3.1.11. This is no new issue, it was also present in 3.1.8. thanks, cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' From nmav at gnutls.org Sat May 11 19:23:52 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sat, 11 May 2013 19:23:52 +0200 Subject: [gnutls-devel] gnutls 3.2.0 In-Reply-To: <20130510211116.20e03f3c@laptop64.home> References: <20130510183845.222dd931@aspire.lan> <20130510211116.20e03f3c@laptop64.home> Message-ID: <20130511192352.621049ae@aspire.lan> On Fri, 10 May 2013 21:11:16 +0200 Andreas Radke wrote: > PASS: aki > PASS: template-test > 7c7 > < Not After: Tue Sep 11 19:04:49 UTC 2040 > --- > > Not After: Thu Dec 31 23:23:23 UTC 2037 > FAIL: pem-decoding Hello, That's pretty strange. Could you update the script from the address below and try again? https://www.gitorious.org/gnutls/gnutls/trees/master/tests/cert-tests regards, Nikos From nmav at gnutls.org Sat May 11 19:25:31 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sat, 11 May 2013 19:25:31 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <20130511081428.GA3378@downhill.g.la> References: <20130511081428.GA3378@downhill.g.la> Message-ID: <20130511192531.2da35662@aspire.lan> On Sat, 11 May 2013 10:14:28 +0200 Andreas Metzler wrote: > the mini-xssl test does not succeed on mips: > ------- > (experimental_mips-dchroot)ametzler at gabrielli:~/GNUTLS/gnutls28-3.1.11/tests$ ./mini-xssl ; > echo $? 141 > ------- > Find attached --verbose output for 3.1.11. > This is no new issue, it was also present in 3.1.8. Hello Andreas, It seems the attachment is missing. regards, Nikos From ametzler at downhill.at.eu.org Sat May 11 19:54:40 2013 From: ametzler at downhill.at.eu.org (Andreas Metzler) Date: Sat, 11 May 2013 19:54:40 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <20130511192531.2da35662@aspire.lan> References: <20130511081428.GA3378@downhill.g.la> <20130511192531.2da35662@aspire.lan> Message-ID: <20130511175440.GA3299@downhill.g.la> On 2013-05-11 Nikos Mavrogiannopoulos wrote: [...] > Hello Andreas, > It seems the attachment is missing. I had sent it in a followup message, but it is stuck in the list moderation queue. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' From ryandesign at macports.org Wed May 8 05:18:57 2013 From: ryandesign at macports.org (Ryan Schmidt) Date: Tue, 7 May 2013 22:18:57 -0500 Subject: [gnutls-devel] gnutls 3.1.10 compile fails on OS X 10.5 Leopard because of invalid start-of-comment characters in macosx/appro-aes-x86-macosx.s In-Reply-To: References: <61182AAD-BFAC-4CF4-8A69-57FF3FD9DB3F@macports.org> Message-ID: <13D50F03-E729-4302-B4A1-6A11F68D888C@macports.org> On May 2, 2013, at 12:49, Nikos Mavrogiannopoulos wrote: > On Tue, Apr 2, 2013 at 5:13 AM, Ryan Schmidt wrote: >> Building gnutls 3.1.10 fails on OS X 10.5.8 Leopard i386 with Xcode 3.1.4: >> macosx/appro-aes-x86-macosx.s:1:3: error: invalid preprocessing directive #Copyright >> "#" appears not to be a valid start-of-comment character for this assembler (which is "Apple Inc version cctools-698.1~1, GNU assembler version 1.38"). Removing the lines that start with "#" fixes the problem. I don't know what the correct start-of-comment character should be; the documentation I found says it should be "#" on i386 and ";" on ppc. > > Hello, > I am unfamiliar with the platform and I don't know how this can be > fixed. Is that specific to leopard or assemblers in all macosx > systems fail to compile it? Is there a comment symbol that can be used > reliably there? I should have mentioned it compiles fine on later OS X versions, including 10.6, 10.7 and 10.8. I only observed the failure on 10.5 on Intel. I did not test 10.4 on Intel. 10.4 and 10.5 on PowerPC are fine. It looks like /* C-style multiline comments */ should be accepted by all assemblers? It does seem to be acceptable to OS X 10.5's assembler and I've seen this used in other projects. From ametzler at downhill.at.eu.org Sat May 11 11:48:21 2013 From: ametzler at downhill.at.eu.org (Andreas Metzler) Date: Sat, 11 May 2013 11:48:21 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <20130511081428.GA3378@downhill.g.la> References: <20130511081428.GA3378@downhill.g.la> Message-ID: <20130511094821.GA3272@downhill.g.la> On 2013-05-11 Andreas Metzler wrote: > Find attached [...] you did not ;-) -------------- next part -------------- client|<2>| ASSERT: x509_b64.c:306 client|<2>| Could not find '-----BEGIN RSA PRIVATE KEY' client|<2>| ASSERT: x509_b64.c:306 client|<2>| Could not find '-----BEGIN DSA PRIVATE KEY' client|<4>| REC[0x7adc60]: Allocating epoch #0 client|<2>| ASSERT: gnutls_constate.c:715 client|<4>| REC[0x7adc60]: Allocating epoch #1 client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA1 (C0.13) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA256 (C0.27) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_AES_256_CBC_SHA1 (C0.14) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_AES_256_GCM_SHA384 (C0.30) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 (00.2F) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256 (00.3C) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 (00.41) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_AES_128_GCM_SHA256 (00.9C) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 (00.35) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256 (00.3D) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 (00.84) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 (00.0A) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 (00.05) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_ARCFOUR_MD5 (00.04) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 (00.33) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA256 (00.67) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_AES_128_GCM_SHA256 (00.9E) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 (00.39) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA256 (00.6B) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 (00.16) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 (00.32) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA256 (00.40) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 (00.44) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_AES_128_GCM_SHA256 (00.A2) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 (00.38) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA256 (00.6A) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 (00.87) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 (00.13) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 (00.66) client|<3>| EXT[0x7adc60]: Sending extension STATUS REQUEST (5 bytes) client|<3>| EXT[0x7adc60]: Sending extension SERVER NAME (14 bytes) client|<3>| EXT[0x7adc60]: Sending extension SAFE RENEGOTIATION (1 bytes) client|<3>| EXT[0x7adc60]: Sending extension SESSION TICKET (0 bytes) client|<3>| EXT[0x7adc60]: Sending extension SUPPORTED ECC (12 bytes) client|<3>| EXT[0x7adc60]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes) client|<3>| EXT[0x7adc60]: sent signature algo (4.1) RSA-SHA256 client|<3>| EXT[0x7adc60]: sent signature algo (4.2) DSA-SHA256 client|<3>| EXT[0x7adc60]: sent signature algo (4.3) ECDSA-SHA256 client|<3>| EXT[0x7adc60]: sent signature algo (5.1) RSA-SHA384 client|<3>| EXT[0x7adc60]: sent signature algo (5.3) ECDSA-SHA384 client|<3>| EXT[0x7adc60]: sent signature algo (6.1) RSA-SHA512 client|<3>| EXT[0x7adc60]: sent signature algo (6.3) ECDSA-SHA512 client|<3>| EXT[0x7adc60]: sent signature algo (3.1) RSA-SHA224 client|<3>| EXT[0x7adc60]: sent signature algo (3.2) DSA-SHA224 client|<3>| EXT[0x7adc60]: sent signature algo (3.3) ECDSA-SHA224 client|<3>| EXT[0x7adc60]: sent signature algo (2.1) RSA-SHA1 client|<3>| EXT[0x7adc60]: sent signature algo (2.2) DSA-SHA1 client|<3>| EXT[0x7adc60]: sent signature algo (2.3) ECDSA-SHA1 client|<3>| EXT[0x7adc60]: Sending extension SIGNATURE ALGORITHMS (28 bytes) client|<3>| HSK[0x7adc60]: CLIENT HELLO was queued [215 bytes] client|<7>| HWRITE: enqueued [CLIENT HELLO] 215. Total 215 bytes. client|<7>| HWRITE FLUSH: 215 bytes in buffer. client|<4>| REC[0x7adc60]: Preparing Packet Handshake(22) with length: 215 and target length: 215 client|<7>| WRITE: enqueued 220 bytes for 0x4. Total 220 bytes. client|<4>| REC[0x7adc60]: Sent Packet[1] Handshake(22) in epoch 0 and length: 220 client|<7>| HWRITE: wrote 1 bytes, 0 bytes left. client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| WRITE: wrote 220 bytes, 0 bytes left. client|<7>| READ: Got 5 bytes from 0x3 client|<7>| READ: read 5 bytes from 0x3 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7b0228]: SSL 3.0 Handshake packet received. Epoch 0, length: 215 client|<4>| REC[0x7b0228]: Expected Packet Handshake(22) client|<4>| REC[0x7b0228]: Received Packet Handshake(22) with length: 215 client|<7>| READ: Got 215 bytes from 0x3 client|<7>| READ: read 215 bytes from 0x3 client|<7>| RB: Have 5 bytes into buffer. Adding 215 bytes. client|<7>| RB: Requested 220 bytes client|<4>| REC[0x7b0228]: Decrypted Packet[0] Handshake(22) with length: 215 client|<3>| HSK[0x7b0228]: CLIENT HELLO (1) was received. Length 211[211], frag offset 0, frag length: 211, sequence: 0 client|<3>| HSK[0x7b0228]: Client's version: 3.3 client|<2>| ASSERT: gnutls_db.c:278 client|<3>| EXT[0x7b0228]: Found extension 'STATUS REQUEST/5' client|<3>| EXT[0x7b0228]: Parsing extension 'SERVER NAME/0' (14 bytes) client|<3>| EXT[0x7b0228]: Found extension 'SAFE RENEGOTIATION/65281' client|<3>| EXT[0x7b0228]: Found extension 'SESSION TICKET/35' client|<3>| EXT[0x7b0228]: Found extension 'SUPPORTED ECC/10' client|<3>| EXT[0x7b0228]: Found extension 'SUPPORTED ECC POINT FORMATS/11' client|<3>| EXT[0x7b0228]: Found extension 'SIGNATURE ALGORITHMS/13' client|<3>| EXT[0x7b0228]: Found extension 'STATUS REQUEST/5' client|<3>| EXT[0x7b0228]: Found extension 'SERVER NAME/0' client|<3>| EXT[0x7b0228]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes) client|<3>| EXT[0x7b0228]: Parsing extension 'SESSION TICKET/35' (0 bytes) client|<3>| EXT[0x7b0228]: Found extension 'SUPPORTED ECC/10' client|<3>| EXT[0x7b0228]: Found extension 'SUPPORTED ECC POINT FORMATS/11' client|<3>| EXT[0x7b0228]: Found extension 'SIGNATURE ALGORITHMS/13' client|<3>| EXT[0x7b0228]: Parsing extension 'STATUS REQUEST/5' (5 bytes) client|<3>| EXT[0x7b0228]: Found extension 'SERVER NAME/0' client|<3>| EXT[0x7b0228]: Found extension 'SAFE RENEGOTIATION/65281' client|<3>| EXT[0x7b0228]: Found extension 'SESSION TICKET/35' client|<3>| EXT[0x7b0228]: Parsing extension 'SUPPORTED ECC/10' (12 bytes) client|<3>| HSK[0x7b0228]: Selected ECC curve SECP192R1 (5) client|<3>| EXT[0x7b0228]: Parsing extension 'SUPPORTED ECC POINT FORMATS/11' (2 bytes) client|<3>| EXT[0x7b0228]: Parsing extension 'SIGNATURE ALGORITHMS/13' (28 bytes) client|<3>| EXT[0x7b0228]: rcvd signature algo (4.1) RSA-SHA256 client|<3>| EXT[0x7b0228]: rcvd signature algo (4.2) DSA-SHA256 client|<3>| EXT[0x7b0228]: rcvd signature algo (4.3) ECDSA-SHA256 client|<3>| EXT[0x7b0228]: rcvd signature algo (5.1) RSA-SHA384 client|<3>| EXT[0x7b0228]: rcvd signature algo (5.3) ECDSA-SHA384 client|<3>| EXT[0x7b0228]: rcvd signature algo (6.1) RSA-SHA512 client|<3>| EXT[0x7b0228]: rcvd signature algo (6.3) ECDSA-SHA512 client|<3>| EXT[0x7b0228]: rcvd signature algo (3.1) RSA-SHA224 client|<3>| EXT[0x7b0228]: rcvd signature algo (3.2) DSA-SHA224 client|<3>| EXT[0x7b0228]: rcvd signature algo (3.3) ECDSA-SHA224 client|<3>| EXT[0x7b0228]: rcvd signature algo (2.1) RSA-SHA1 client|<3>| EXT[0x7b0228]: rcvd signature algo (2.2) DSA-SHA1 client|<3>| EXT[0x7b0228]: rcvd signature algo (2.3) ECDSA-SHA1 client|<3>| HSK[0x7b0228]: Requested server name: 'localhost', ctype: X.509 (1)client|<3>| HSK[0x7b0228]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09) client|<3>| HSK[0x7b0228]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23) client|<3>| HSK[0x7b0228]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B) client|<3>| HSK[0x7b0228]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A) client|<3>| HSK[0x7b0228]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24) client|<3>| HSK[0x7b0228]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C) client|<3>| HSK[0x7b0228]: Keeping ciphersuite: ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08) client|<3>| HSK[0x7b0228]: Removing ciphersuite: ECDHE_RSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: ECDHE_RSA_AES_128_CBC_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: ECDHE_RSA_AES_128_GCM_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: ECDHE_RSA_AES_256_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: ECDHE_RSA_AES_256_GCM_SHA384 client|<3>| HSK[0x7b0228]: Removing ciphersuite: ECDHE_RSA_3DES_EDE_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: RSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: RSA_AES_128_CBC_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: RSA_AES_128_GCM_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: RSA_AES_256_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: RSA_AES_256_CBC_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: RSA_3DES_EDE_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: RSA_ARCFOUR_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: RSA_ARCFOUR_MD5 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_RSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_RSA_AES_128_CBC_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_RSA_AES_128_GCM_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_RSA_AES_256_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_RSA_AES_256_CBC_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_DSS_AES_128_GCM_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA256 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 client|<3>| HSK[0x7b0228]: Removing ciphersuite: DHE_DSS_ARCFOUR_SHA1 client|<3>| HSK[0x7b0228]: Requested cipher suites[size: 80]: client|<3>| 0xc0, 0x09 ECDHE_ECDSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7b0228]: Selected cipher suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7b0228]: Selected Compression Method: NULL client|<3>| HSK[0x7b0228]: Safe renegotiation succeeded client|<2>| ASSERT: status_request.c:197 client|<3>| EXT[0x7b0228]: Sending extension SAFE RENEGOTIATION (1 bytes) client|<3>| EXT[0x7b0228]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes) client|<3>| HSK[0x7b0228]: SessionID: 921713c8572e5a2533eabd89e90e989d613be91d310788023b1d5097f71444ca client|<3>| HSK[0x7b0228]: SERVER HELLO was queued [87 bytes] client|<7>| HWRITE: enqueued [SERVER HELLO] 87. Total 87 bytes. client|<3>| HSK[0x7b0228]: CERTIFICATE was queued [702 bytes] client|<7>| HWRITE: enqueued [CERTIFICATE] 702. Total 789 bytes. client|<3>| HSK[0x7b0228]: signing handshake data: using ECDSA-SHA256 client|<3>| HSK[0x7b0228]: SERVER KEY EXCHANGE was queued [125 bytes] client|<7>| HWRITE: enqueued [SERVER KEY EXCHANGE] 125. Total 914 bytes. client|<3>| HSK[0x7b0228]: SERVER HELLO DONE was queued [4 bytes] client|<7>| HWRITE: enqueued [SERVER HELLO DONE] 4. Total 918 bytes. client|<7>| HWRITE FLUSH: 918 bytes in buffer. client|<4>| REC[0x7b0228]: Preparing Packet Handshake(22) with length: 87 and target length: 87 client|<7>| WRITE: enqueued 92 bytes for 0x3. Total 92 bytes. client|<4>| REC[0x7b0228]: Sent Packet[1] Handshake(22) in epoch 0 and length: 92 client|<7>| HWRITE: wrote 1 bytes, 831 bytes left. client|<4>| REC[0x7b0228]: Preparing Packet Handshake(22) with length: 702 and target length: 702 client|<7>| WRITE: enqueued 707 bytes for 0x3. Total 799 bytes. client|<4>| REC[0x7b0228]: Sent Packet[2] Handshake(22) in epoch 0 and length: 707 client|<7>| HWRITE: wrote 1 bytes, 129 bytes left. client|<4>| REC[0x7b0228]: Preparing Packet Handshake(22) with length: 125 and target length: 125 client|<7>| WRITE: enqueued 130 bytes for 0x3. Total 929 bytes. client|<4>| REC[0x7b0228]: Sent Packet[3] Handshake(22) in epoch 0 and length: 130 client|<7>| HWRITE: wrote 1 bytes, 4 bytes left. client|<4>| REC[0x7b0228]: Preparing Packet Handshake(22) with length: 4 and target length: 4 client|<7>| WRITE: enqueued 9 bytes for 0x3. Total 938 bytes. client|<4>| REC[0x7b0228]: Sent Packet[4] Handshake(22) in epoch 0 and length: 9 client|<7>| HWRITE: wrote 1 bytes, 0 bytes left. client|<7>| WRITE FLUSH: 938 bytes in buffer. client|<7>| WRITE: wrote 938 bytes, 0 bytes left. client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Handshake packet received. Epoch 0, length: 87 client|<4>| REC[0x7adc60]: Expected Packet Handshake(22) client|<4>| REC[0x7adc60]: Received Packet Handshake(22) with length: 87 client|<7>| READ: Got 87 bytes from 0x4 client|<7>| READ: read 87 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 87 bytes. client|<7>| RB: Requested 92 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[0] Handshake(22) with length: 87 client|<3>| HSK[0x7adc60]: SERVER HELLO (2) was received. Length 83[83], frag offset 0, frag length: 83, sequence: 0 client|<3>| HSK[0x7adc60]: Server's version: 3.3 client|<3>| HSK[0x7adc60]: SessionID length: 32 client|<3>| HSK[0x7adc60]: SessionID: 921713c8572e5a2533eabd89e90e989d613be91d310788023b1d5097f71444ca client|<3>| HSK[0x7adc60]: Selected cipher suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7adc60]: Selected compression method: NULL (0) client|<3>| EXT[0x7adc60]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes) client|<3>| EXT[0x7adc60]: Parsing extension 'SUPPORTED ECC POINT FORMATS/11' (2 bytes) client|<3>| HSK[0x7adc60]: Safe renegotiation succeeded client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Handshake packet received. Epoch 0, length: 702 client|<4>| REC[0x7adc60]: Expected Packet Handshake(22) client|<4>| REC[0x7adc60]: Received Packet Handshake(22) with length: 702 client|<7>| READ: Got 702 bytes from 0x4 client|<7>| READ: read 702 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 702 bytes. client|<7>| RB: Requested 707 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[1] Handshake(22) with length: 702 client|<3>| HSK[0x7adc60]: CERTIFICATE (11) was received. Length 698[698], frag offset 0, frag length: 698, sequence: 0 client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Handshake packet received. Epoch 0, length: 125 client|<4>| REC[0x7adc60]: Expected Packet Handshake(22) client|<4>| REC[0x7adc60]: Received Packet Handshake(22) with length: 125 client|<7>| READ: Got 125 bytes from 0x4 client|<7>| READ: read 125 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 125 bytes. client|<7>| RB: Requested 130 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[2] Handshake(22) with length: 125 client|<3>| HSK[0x7adc60]: SERVER KEY EXCHANGE (12) was received. Length 121[121], frag offset 0, frag length: 121, sequence: 0 client|<3>| HSK[0x7adc60]: Selected ECC curve SECP192R1 (5) client|<3>| HSK[0x7adc60]: verify handshake data: using ECDSA-SHA256 client|<2>| ASSERT: signature.c:308 client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Handshake packet received. Epoch 0, length: 4 client|<4>| REC[0x7adc60]: Expected Packet Handshake(22) client|<4>| REC[0x7adc60]: Received Packet Handshake(22) with length: 4 client|<7>| READ: Got 4 bytes from 0x4 client|<7>| READ: read 4 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 4 bytes. client|<7>| RB: Requested 9 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[3] Handshake(22) with length: 4 client|<3>| HSK[0x7adc60]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 1, sequence: 0 client|<2>| ASSERT: gnutls_buffers.c:1007 client|<2>| ASSERT: gnutls_buffers.c:1192 client|<3>| HSK[0x7adc60]: CLIENT KEY EXCHANGE was queued [54 bytes] client|<7>| HWRITE: enqueued [CLIENT KEY EXCHANGE] 54. Total 54 bytes. client|<7>| HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 55 bytes. client|<3>| REC[0x7adc60]: Sent ChangeCipherSpec client|<4>| REC[0x7adc60]: Initializing epoch #1 client|<4>| REC[0x7adc60]: Epoch #1 ready client|<3>| HSK[0x7adc60]: Cipher Suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7adc60]: Initializing internal [write] cipher sessions client|<3>| HSK[0x7adc60]: recording tls-unique CB (send) client|<3>| HSK[0x7adc60]: FINISHED was queued [16 bytes] client|<7>| HWRITE: enqueued [FINISHED] 16. Total 71 bytes. client|<7>| HWRITE FLUSH: 71 bytes in buffer. client|<4>| REC[0x7adc60]: Preparing Packet Handshake(22) with length: 54 and target length: 54 client|<7>| WRITE: enqueued 59 bytes for 0x4. Total 59 bytes. client|<4>| REC[0x7adc60]: Sent Packet[2] Handshake(22) in epoch 0 and length: 59 client|<7>| HWRITE: wrote 1 bytes, 17 bytes left. client|<4>| REC[0x7adc60]: Preparing Packet ChangeCipherSpec(20) with length: 1 and target length: 1 client|<7>| WRITE: enqueued 6 bytes for 0x4. Total 65 bytes. client|<4>| REC[0x7adc60]: Sent Packet[3] ChangeCipherSpec(20) in epoch 0 and length: 6 client|<7>| HWRITE: wrote 1 bytes, 16 bytes left. client|<4>| REC[0x7adc60]: Preparing Packet Handshake(22) with length: 16 and target length: 16 client|<7>| WRITE: enqueued 69 bytes for 0x4. Total 134 bytes. client|<4>| REC[0x7adc60]: Sent Packet[1] Handshake(22) in epoch 1 and length: 69 client|<7>| HWRITE: wrote 1 bytes, 0 bytes left. client|<7>| WRITE FLUSH: 134 bytes in buffer. client|<7>| READ: Got 5 bytes from 0x3 client|<7>| READ: read 5 bytes from 0x3 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7b0228]: SSL 3.3 Handshake packet received. Epoch 0, length: 54 client|<4>| REC[0x7b0228]: Expected Packet Handshake(22) client|<4>| REC[0x7b0228]: Received Packet Handshake(22) with length: 54 client|<7>| READ: Got 54 bytes from 0x3 client|<7>| READ: read 54 bytes from 0x3 client|<7>| RB: Have 5 bytes into buffer. Adding 54 bytes. client|<7>| RB: Requested 59 bytes client|<4>| REC[0x7b0228]: Decrypted Packet[1] Handshake(22) with length: 54 client|<3>| HSK[0x7b0228]: CLIENT KEY EXCHANGE (16) was received. Length 50[50], frag offset 0, frag length: 50, sequence: 0 client|<7>| WRITE: wrote 134 bytes, 0 bytes left. client|<7>| READ: Got 5 bytes from 0x3 client|<7>| READ: read 5 bytes from 0x3 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7b0228]: SSL 3.3 ChangeCipherSpec packet received. Epoch 0, length: 1 client|<4>| REC[0x7b0228]: Expected Packet ChangeCipherSpec(20) client|<4>| REC[0x7b0228]: Received Packet ChangeCipherSpec(20) with length: 1 client|<7>| READ: Got 1 bytes from 0x3 client|<7>| READ: read 1 bytes from 0x3 client|<7>| RB: Have 5 bytes into buffer. Adding 1 bytes. client|<7>| RB: Requested 6 bytes client|<4>| REC[0x7b0228]: Decrypted Packet[2] ChangeCipherSpec(20) with length: 1 client|<4>| REC[0x7b0228]: Initializing epoch #1 client|<4>| REC[0x7b0228]: Epoch #1 ready client|<3>| HSK[0x7b0228]: Cipher Suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x3 client|<7>| READ: read 5 bytes from 0x3 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7b0228]: SSL 3.3 Handshake packet received. Epoch 0, length: 64 client|<4>| REC[0x7b0228]: Expected Packet Handshake(22) client|<4>| REC[0x7b0228]: Received Packet Handshake(22) with length: 64 client|<7>| READ: Got 64 bytes from 0x3 client|<7>| READ: read 64 bytes from 0x3 client|<7>| RB: Have 5 bytes into buffer. Adding 64 bytes. client|<7>| RB: Requested 69 bytes client|<4>| REC[0x7b0228]: Decrypted Packet[0] Handshake(22) with length: 16 client|<3>| HSK[0x7b0228]: FINISHED (20) was received. Length 12[12], frag offset 0, frag length: 12, sequence: 0 client|<3>| HSK[0x7b0228]: recording tls-unique CB (recv) client|<7>| HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 1 bytes. client|<3>| REC[0x7b0228]: Sent ChangeCipherSpec client|<3>| HSK[0x7b0228]: Cipher Suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7b0228]: Initializing internal [write] cipher sessions client|<3>| HSK[0x7b0228]: FINISHED was queued [16 bytes] client|<7>| HWRITE: enqueued [FINISHED] 16. Total 17 bytes. client|<7>| HWRITE FLUSH: 17 bytes in buffer. client|<4>| REC[0x7b0228]: Preparing Packet ChangeCipherSpec(20) with length: 1 and target length: 1 client|<7>| WRITE: enqueued 6 bytes for 0x3. Total 6 bytes. client|<4>| REC[0x7b0228]: Sent Packet[5] ChangeCipherSpec(20) in epoch 0 and length: 6 client|<7>| HWRITE: wrote 1 bytes, 16 bytes left. client|<4>| REC[0x7b0228]: Preparing Packet Handshake(22) with length: 16 and target length: 16 client|<7>| WRITE: enqueued 69 bytes for 0x3. Total 75 bytes. client|<4>| REC[0x7b0228]: Sent Packet[1] Handshake(22) in epoch 1 and length: 69 client|<7>| HWRITE: wrote 1 bytes, 0 bytes left. client|<7>| WRITE FLUSH: 75 bytes in buffer. client|<7>| WRITE: wrote 75 bytes, 0 bytes left. client|<4>| REC[0x7b0228]: Start of epoch cleanup client|<4>| REC[0x7b0228]: Epoch #0 freed client|<4>| REC[0x7b0228]: End of epoch cleanup client|<4>| REC[0x7b0228]: Preparing Packet Application Data(23) with length: 54 and target length: 54 client|<7>| WRITE: enqueued 101 bytes for 0x3. Total 101 bytes. client|<7>| WRITE FLUSH: 101 bytes in buffer. client|<7>| WRITE: wrote 101 bytes, 0 bytes left. client|<4>| REC[0x7b0228]: Sent Packet[2] Application Data(23) in epoch 1 and length: 101 client|<7>| WRITE FLUSH: 0 bytes in buffer. client|<2>| ASSERT: gnutls_buffers.c:610 client|<4>| REC: Sending Alert[1|0] - Close notify client|<4>| REC[0x7b0228]: Preparing Packet Alert(21) with length: 2 and target length: 2 client|<7>| WRITE: enqueued 53 bytes for 0x3. Total 53 bytes. client|<7>| WRITE FLUSH: 53 bytes in buffer. client|<7>| WRITE: wrote 53 bytes, 0 bytes left. client|<4>| REC[0x7b0228]: Sent Packet[3] Alert(21) in epoch 1 and length: 53 client|<4>| REC[0x7b0228]: Start of epoch cleanup client|<4>| REC[0x7b0228]: End of epoch cleanup client|<4>| REC[0x7b0228]: Epoch #1 freed client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 ChangeCipherSpec packet received. Epoch 0, length: 1 client|<4>| REC[0x7adc60]: Expected Packet ChangeCipherSpec(20) client|<4>| REC[0x7adc60]: Received Packet ChangeCipherSpec(20) with length: 1 client|<7>| READ: Got 1 bytes from 0x4 client|<7>| READ: read 1 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 1 bytes. client|<7>| RB: Requested 6 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[4] ChangeCipherSpec(20) with length: 1 client|<3>| HSK[0x7adc60]: Cipher Suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Handshake packet received. Epoch 0, length: 64 client|<4>| REC[0x7adc60]: Expected Packet Handshake(22) client|<4>| REC[0x7adc60]: Received Packet Handshake(22) with length: 64 client|<7>| READ: Got 64 bytes from 0x4 client|<7>| READ: read 64 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 64 bytes. client|<7>| RB: Requested 69 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[0] Handshake(22) with length: 16 client|<3>| HSK[0x7adc60]: FINISHED (20) was received. Length 12[12], frag offset 0, frag length: 12, sequence: 0 client|<4>| REC[0x7adc60]: Start of epoch cleanup client|<4>| REC[0x7adc60]: Epoch #0 freed client|<4>| REC[0x7adc60]: End of epoch cleanup client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Application Data packet received. Epoch 0, length: 96 client|<4>| REC[0x7adc60]: Expected Packet Application Data(23) client|<4>| REC[0x7adc60]: Received Packet Application Data(23) with length: 96 client|<7>| READ: Got 96 bytes from 0x4 client|<7>| READ: read 96 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 96 bytes. client|<7>| RB: Requested 101 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[1] Application Data(23) with length: 54 client|<7>| WRITE FLUSH: 0 bytes in buffer. client|<2>| ASSERT: gnutls_buffers.c:610 client|<4>| REC: Sending Alert[1|0] - Close notify client|<4>| REC[0x7adc60]: Preparing Packet Alert(21) with length: 2 and target length: 2 client|<7>| WRITE: enqueued 53 bytes for 0x4. Total 53 bytes. client|<7>| WRITE FLUSH: 53 bytes in buffer. client|<2>| ASSERT: x509_b64.c:306 client|<2>| Could not find '-----BEGIN RSA PRIVATE KEY' client|<2>| ASSERT: x509_b64.c:306 client|<2>| Could not find '-----BEGIN DSA PRIVATE KEY' client|<4>| REC[0x7adc60]: Allocating epoch #0 client|<2>| ASSERT: x509.c:1381 client|<2>| ASSERT: gnutls_constate.c:715 client|<4>| REC[0x7adc60]: Allocating epoch #1 client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA1 (C0.13) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA256 (C0.27) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_AES_256_CBC_SHA1 (C0.14) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_AES_256_GCM_SHA384 (C0.30) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 (00.2F) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256 (00.3C) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 (00.41) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_AES_128_GCM_SHA256 (00.9C) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 (00.35) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256 (00.3D) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 (00.84) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 (00.0A) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 (00.05) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: RSA_ARCFOUR_MD5 (00.04) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 (00.33) client|<2>| ASSERT: gnutls_constate.c:715 client|<4>| REC[0x7ae878]: Allocating epoch #1 client|<2>| ASSERT: gnutls_buffers.c:1015 client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 (00.39) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA256 (00.6B) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 (00.16) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 (00.32) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA256 (00.40) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 (00.44) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_AES_128_GCM_SHA256 (00.A2) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 (00.38) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA256 (00.6A) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 (00.87) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 (00.13) client|<3>| HSK[0x7adc60]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 (00.66) client|<3>| EXT[0x7adc60]: Sending extension STATUS REQUEST (5 bytes) client|<3>| EXT[0x7adc60]: Sending extension SERVER NAME (14 bytes) client|<3>| EXT[0x7adc60]: Sending extension SAFE RENEGOTIATION (1 bytes) client|<3>| EXT[0x7adc60]: Sending extension SESSION TICKET (0 bytes) client|<3>| EXT[0x7adc60]: Sending extension SUPPORTED ECC (12 bytes) client|<3>| EXT[0x7adc60]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes) client|<3>| EXT[0x7adc60]: sent signature algo (4.1) RSA-SHA256 client|<3>| EXT[0x7adc60]: sent signature algo (4.2) DSA-SHA256 client|<3>| EXT[0x7adc60]: sent signature algo (4.3) ECDSA-SHA256 client|<3>| EXT[0x7adc60]: sent signature algo (5.1) RSA-SHA384 client|<3>| EXT[0x7adc60]: sent signature algo (5.3) ECDSA-SHA384 client|<3>| EXT[0x7adc60]: sent signature algo (6.1) RSA-SHA512 client|<3>| EXT[0x7adc60]: sent signature algo (6.3) ECDSA-SHA512 client|<3>| EXT[0x7adc60]: sent signature algo (3.1) RSA-SHA224 client|<3>| EXT[0x7adc60]: sent signature algo (3.2) DSA-SHA224 client|<3>| EXT[0x7adc60]: sent signature algo (3.3) ECDSA-SHA224 client|<3>| EXT[0x7adc60]: sent signature algo (2.1) RSA-SHA1 client|<3>| EXT[0x7adc60]: sent signature algo (2.2) DSA-SHA1 client|<3>| EXT[0x7adc60]: sent signature algo (2.3) ECDSA-SHA1 client|<3>| EXT[0x7adc60]: Sending extension SIGNATURE ALGORITHMS (28 bytes) client|<3>| HSK[0x7adc60]: CLIENT HELLO was queued [215 bytes] client|<7>| HWRITE: enqueued [CLIENT HELLO] 215. Total 215 bytes. client|<7>| HWRITE FLUSH: 215 bytes in buffer. client|<4>| REC[0x7adc60]: Preparing Packet Handshake(22) with length: 215 and target length: 215 client|<7>| WRITE: enqueued 220 bytes for 0x4. Total 220 bytes. client|<4>| REC[0x7adc60]: Sent Packet[1] Handshake(22) in epoch 0 and length: 220 client|<7>| HWRITE: wrote 1 bytes, 0 bytes left. client|<7>| WRITE FLUSH: 220 bytes in buffer. client|<7>| WRITE: wrote 220 bytes, 0 bytes left. client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x3 client|<7>| READ: read 5 bytes from 0x3 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7ae878]: SSL 3.0 Handshake packet received. Epoch 0, length: 215 client|<4>| REC[0x7ae878]: Expected Packet Handshake(22) client|<4>| REC[0x7ae878]: Received Packet Handshake(22) with length: 215 client|<7>| READ: Got 215 bytes from 0x3 client|<7>| READ: read 215 bytes from 0x3 client|<7>| RB: Have 5 bytes into buffer. Adding 215 bytes. client|<7>| RB: Requested 220 bytes client|<4>| REC[0x7ae878]: Decrypted Packet[0] Handshake(22) with length: 215 client|<3>| HSK[0x7ae878]: CLIENT HELLO (1) was received. Length 211[211], frag offset 0, frag length: 211, sequence: 0 client|<3>| HSK[0x7ae878]: Client's version: 3.3 client|<2>| ASSERT: gnutls_db.c:278 client|<3>| EXT[0x7ae878]: Found extension 'STATUS REQUEST/5' client|<3>| EXT[0x7ae878]: Parsing extension 'SERVER NAME/0' (14 bytes) client|<3>| EXT[0x7ae878]: Found extension 'SAFE RENEGOTIATION/65281' client|<3>| EXT[0x7ae878]: Found extension 'SESSION TICKET/35' client|<3>| EXT[0x7ae878]: Found extension 'SUPPORTED ECC/10' client|<3>| EXT[0x7ae878]: Found extension 'SUPPORTED ECC POINT FORMATS/11' client|<3>| EXT[0x7ae878]: Found extension 'SIGNATURE ALGORITHMS/13' client|<3>| EXT[0x7ae878]: Found extension 'STATUS REQUEST/5' client|<3>| EXT[0x7ae878]: Found extension 'SERVER NAME/0' client|<3>| EXT[0x7ae878]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes) client|<3>| EXT[0x7ae878]: Parsing extension 'SESSION TICKET/35' (0 bytes) client|<3>| EXT[0x7ae878]: Found extension 'SUPPORTED ECC/10' client|<3>| EXT[0x7ae878]: Found extension 'SUPPORTED ECC POINT FORMATS/11' client|<3>| EXT[0x7ae878]: Found extension 'SIGNATURE ALGORITHMS/13' client|<3>| EXT[0x7ae878]: Parsing extension 'STATUS REQUEST/5' (5 bytes) client|<3>| EXT[0x7ae878]: Found extension 'SERVER NAME/0' client|<3>| EXT[0x7ae878]: Found extension 'SAFE RENEGOTIATION/65281' client|<3>| EXT[0x7ae878]: Found extension 'SESSION TICKET/35' client|<3>| EXT[0x7ae878]: Parsing extension 'SUPPORTED ECC/10' (12 bytes) client|<3>| HSK[0x7ae878]: Selected ECC curve SECP192R1 (5) client|<3>| EXT[0x7ae878]: Parsing extension 'SUPPORTED ECC POINT FORMATS/11' (2 bytes) client|<3>| EXT[0x7ae878]: Parsing extension 'SIGNATURE ALGORITHMS/13' (28 bytes) client|<3>| EXT[0x7ae878]: rcvd signature algo (4.1) RSA-SHA256 client|<3>| EXT[0x7ae878]: rcvd signature algo (4.2) DSA-SHA256 client|<3>| EXT[0x7ae878]: rcvd signature algo (4.3) ECDSA-SHA256 client|<3>| EXT[0x7ae878]: rcvd signature algo (5.1) RSA-SHA384 client|<3>| EXT[0x7ae878]: rcvd signature algo (5.3) ECDSA-SHA384 client|<3>| EXT[0x7ae878]: rcvd signature algo (6.1) RSA-SHA512 client|<3>| EXT[0x7ae878]: rcvd signature algo (6.3) ECDSA-SHA512 client|<3>| EXT[0x7ae878]: rcvd signature algo (3.1) RSA-SHA224 client|<3>| EXT[0x7ae878]: rcvd signature algo (3.2) DSA-SHA224 client|<3>| EXT[0x7ae878]: rcvd signature algo (3.3) ECDSA-SHA224 client|<3>| EXT[0x7ae878]: rcvd signature algo (2.1) RSA-SHA1 client|<3>| EXT[0x7ae878]: rcvd signature algo (2.2) DSA-SHA1 client|<3>| EXT[0x7ae878]: rcvd signature algo (2.3) ECDSA-SHA1 client|<3>| HSK[0x7ae878]: Requested server name: 'localhost', ctype: X.509 (1)client|<3>| HSK[0x7ae878]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09) client|<3>| HSK[0x7ae878]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23) client|<3>| HSK[0x7ae878]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B) client|<3>| HSK[0x7ae878]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A) client|<3>| HSK[0x7ae878]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24) client|<3>| HSK[0x7ae878]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C) client|<3>| HSK[0x7ae878]: Keeping ciphersuite: ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08) client|<3>| HSK[0x7ae878]: Removing ciphersuite: ECDHE_RSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: ECDHE_RSA_AES_128_CBC_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: ECDHE_RSA_AES_128_GCM_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: ECDHE_RSA_AES_256_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: ECDHE_RSA_AES_256_GCM_SHA384 client|<3>| HSK[0x7ae878]: Removing ciphersuite: ECDHE_RSA_3DES_EDE_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: RSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: RSA_AES_128_CBC_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: RSA_AES_128_GCM_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: RSA_AES_256_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: RSA_AES_256_CBC_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: RSA_3DES_EDE_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: RSA_ARCFOUR_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: RSA_ARCFOUR_MD5 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_RSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_RSA_AES_128_CBC_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_RSA_AES_128_GCM_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_RSA_AES_256_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_RSA_AES_256_CBC_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_DSS_AES_128_GCM_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA256 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 client|<3>| HSK[0x7ae878]: Removing ciphersuite: DHE_DSS_ARCFOUR_SHA1 client|<3>| HSK[0x7ae878]: Requested cipher suites[size: 80]: client|<3>| 0xc0, 0x09 ECDHE_ECDSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7ae878]: Selected cipher suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7ae878]: Selected Compression Method: NULL client|<3>| HSK[0x7ae878]: Safe renegotiation succeeded client|<2>| ASSERT: status_request.c:197 client|<3>| EXT[0x7ae878]: Sending extension SAFE RENEGOTIATION (1 bytes) client|<3>| EXT[0x7ae878]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes) client|<3>| HSK[0x7ae878]: SessionID: 6e31e9c40b26357f8a9e3aac1ed8a5ed07476ae724e3d4f01680a20baa1aab39 client|<3>| HSK[0x7ae878]: SERVER HELLO was queued [87 bytes] client|<7>| HWRITE: enqueued [SERVER HELLO] 87. Total 87 bytes. client|<3>| HSK[0x7ae878]: CERTIFICATE was queued [702 bytes] client|<7>| HWRITE: enqueued [CERTIFICATE] 702. Total 789 bytes. client|<3>| HSK[0x7ae878]: signing handshake data: using ECDSA-SHA256 client|<3>| HSK[0x7ae878]: SERVER KEY EXCHANGE was queued [123 bytes] client|<7>| HWRITE: enqueued [SERVER KEY EXCHANGE] 123. Total 912 bytes. client|<3>| HSK[0x7ae878]: SERVER HELLO DONE was queued [4 bytes] client|<7>| HWRITE: enqueued [SERVER HELLO DONE] 4. Total 916 bytes. client|<7>| HWRITE FLUSH: 916 bytes in buffer. client|<4>| REC[0x7ae878]: Preparing Packet Handshake(22) with length: 87 and target length: 87 client|<7>| WRITE: enqueued 92 bytes for 0x3. Total 92 bytes. client|<4>| REC[0x7ae878]: Sent Packet[1] Handshake(22) in epoch 0 and length: 92 client|<7>| HWRITE: wrote 1 bytes, 829 bytes left. client|<4>| REC[0x7ae878]: Preparing Packet Handshake(22) with length: 702 and target length: 702 client|<7>| WRITE: enqueued 707 bytes for 0x3. Total 799 bytes. client|<4>| REC[0x7ae878]: Sent Packet[2] Handshake(22) in epoch 0 and length: 707 client|<7>| HWRITE: wrote 1 bytes, 127 bytes left. client|<4>| REC[0x7ae878]: Preparing Packet Handshake(22) with length: 123 and target length: 123 client|<7>| WRITE: enqueued 128 bytes for 0x3. Total 927 bytes. client|<4>| REC[0x7ae878]: Sent Packet[3] Handshake(22) in epoch 0 and length: 128 client|<7>| HWRITE: wrote 1 bytes, 4 bytes left. client|<4>| REC[0x7ae878]: Preparing Packet Handshake(22) with length: 4 and target length: 4 client|<7>| WRITE: enqueued 9 bytes for 0x3. Total 936 bytes. client|<4>| REC[0x7ae878]: Sent Packet[4] Handshake(22) in epoch 0 and length: 9 client|<7>| HWRITE: wrote 1 bytes, 0 bytes left. client|<7>| WRITE FLUSH: 936 bytes in buffer. client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Handshake packet received. Epoch 0, length: 87 client|<4>| REC[0x7adc60]: Expected Packet Handshake(22) client|<4>| REC[0x7adc60]: Received Packet Handshake(22) with length: 87 client|<7>| READ: Got 87 bytes from 0x4 client|<7>| READ: read 87 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 87 bytes. client|<7>| RB: Requested 92 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[0] Handshake(22) with length: 87 client|<3>| HSK[0x7adc60]: SERVER HELLO (2) was received. Length 83[83], frag offset 0, frag length: 83, sequence: 0 client|<3>| HSK[0x7adc60]: Server's version: 3.3 client|<3>| HSK[0x7adc60]: SessionID length: 32 client|<3>| HSK[0x7adc60]: SessionID: 6e31e9c40b26357f8a9e3aac1ed8a5ed07476ae724e3d4f01680a20baa1aab39 client|<7>| WRITE: wrote 936 bytes, 0 bytes left. client|<2>| ASSERT: gnutls_buffers.c:1015 client|<3>| HSK[0x7adc60]: Selected cipher suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7adc60]: Selected compression method: NULL (0) client|<3>| EXT[0x7adc60]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes) client|<3>| EXT[0x7adc60]: Parsing extension 'SUPPORTED ECC POINT FORMATS/11' (2 bytes) client|<3>| HSK[0x7adc60]: Safe renegotiation succeeded client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Handshake packet received. Epoch 0, length: 702 client|<4>| REC[0x7adc60]: Expected Packet Handshake(22) client|<4>| REC[0x7adc60]: Received Packet Handshake(22) with length: 702 client|<7>| READ: Got 702 bytes from 0x4 client|<7>| READ: read 702 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 702 bytes. client|<7>| RB: Requested 707 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[1] Handshake(22) with length: 702 client|<3>| HSK[0x7adc60]: CERTIFICATE (11) was received. Length 698[698], frag offset 0, frag length: 698, sequence: 0 client|<2>| ASSERT: status_request.c:363 client|<2>| ASSERT: dn.c:991 client|<2>| ASSERT: mpi.c:246 client|<2>| ASSERT: dn.c:991 client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Handshake packet received. Epoch 0, length: 123 client|<4>| REC[0x7adc60]: Expected Packet Handshake(22) client|<4>| REC[0x7adc60]: Received Packet Handshake(22) with length: 123 client|<7>| READ: Got 123 bytes from 0x4 client|<7>| READ: read 123 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 123 bytes. client|<7>| RB: Requested 128 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[2] Handshake(22) with length: 123 client|<3>| HSK[0x7adc60]: SERVER KEY EXCHANGE (12) was received. Length 119[119], frag offset 0, frag length: 119, sequence: 0 client|<3>| HSK[0x7adc60]: Selected ECC curve SECP192R1 (5) client|<3>| HSK[0x7adc60]: verify handshake data: using ECDSA-SHA256 client|<2>| ASSERT: signature.c:308 client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Handshake packet received. Epoch 0, length: 4 client|<4>| REC[0x7adc60]: Expected Packet Handshake(22) client|<4>| REC[0x7adc60]: Received Packet Handshake(22) with length: 4 client|<7>| READ: Got 4 bytes from 0x4 client|<7>| READ: read 4 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 4 bytes. client|<7>| RB: Requested 9 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[3] Handshake(22) with length: 4 client|<3>| HSK[0x7adc60]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 1, sequence: 0 client|<2>| ASSERT: gnutls_buffers.c:1007 client|<2>| ASSERT: gnutls_buffers.c:1192 client|<3>| HSK[0x7adc60]: CLIENT KEY EXCHANGE was queued [54 bytes] client|<7>| HWRITE: enqueued [CLIENT KEY EXCHANGE] 54. Total 54 bytes. client|<7>| HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 55 bytes. client|<3>| REC[0x7adc60]: Sent ChangeCipherSpec client|<4>| REC[0x7adc60]: Initializing epoch #1 client|<4>| REC[0x7adc60]: Epoch #1 ready client|<3>| HSK[0x7adc60]: Cipher Suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7adc60]: Initializing internal [write] cipher sessions client|<3>| HSK[0x7adc60]: recording tls-unique CB (send) client|<3>| HSK[0x7adc60]: FINISHED was queued [16 bytes] client|<7>| HWRITE: enqueued [FINISHED] 16. Total 71 bytes. client|<7>| HWRITE FLUSH: 71 bytes in buffer. client|<4>| REC[0x7adc60]: Preparing Packet Handshake(22) with length: 54 and target length: 54 client|<7>| WRITE: enqueued 59 bytes for 0x4. Total 59 bytes. client|<4>| REC[0x7adc60]: Sent Packet[2] Handshake(22) in epoch 0 and length: 59 client|<7>| HWRITE: wrote 1 bytes, 17 bytes left. client|<4>| REC[0x7adc60]: Preparing Packet ChangeCipherSpec(20) with length: 1 and target length: 1 client|<7>| WRITE: enqueued 6 bytes for 0x4. Total 65 bytes. client|<4>| REC[0x7adc60]: Sent Packet[3] ChangeCipherSpec(20) in epoch 0 and length: 6 client|<7>| HWRITE: wrote 1 bytes, 16 bytes left. client|<4>| REC[0x7adc60]: Preparing Packet Handshake(22) with length: 16 and target length: 16 client|<7>| WRITE: enqueued 69 bytes for 0x4. Total 134 bytes. client|<4>| REC[0x7adc60]: Sent Packet[1] Handshake(22) in epoch 1 and length: 69 client|<7>| HWRITE: wrote 1 bytes, 0 bytes left. client|<7>| WRITE FLUSH: 134 bytes in buffer. client|<7>| WRITE: wrote 134 bytes, 0 bytes left. client|<7>| READ: Got 5 bytes from 0x3 client|<7>| READ: read 5 bytes from 0x3 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7ae878]: SSL 3.3 Handshake packet received. Epoch 0, length: 54 client|<4>| REC[0x7ae878]: Expected Packet Handshake(22) client|<4>| REC[0x7ae878]: Received Packet Handshake(22) with length: 54 client|<7>| READ: Got 54 bytes from 0x3 client|<7>| READ: read 54 bytes from 0x3 client|<7>| RB: Have 5 bytes into buffer. Adding 54 bytes. client|<7>| RB: Requested 59 bytes client|<4>| REC[0x7ae878]: Decrypted Packet[1] Handshake(22) with length: 54 client|<3>| HSK[0x7ae878]: CLIENT KEY EXCHANGE (16) was received. Length 50[50], frag offset 0, frag length: 50, sequence: 0 client|<7>| READ: Got 5 bytes from 0x3 client|<7>| READ: read 5 bytes from 0x3 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7ae878]: SSL 3.3 ChangeCipherSpec packet received. Epoch 0, length: 1 client|<4>| REC[0x7ae878]: Expected Packet ChangeCipherSpec(20) client|<4>| REC[0x7ae878]: Received Packet ChangeCipherSpec(20) with length: 1 client|<7>| READ: Got 1 bytes from 0x3 client|<7>| READ: read 1 bytes from 0x3 client|<7>| RB: Have 5 bytes into buffer. Adding 1 bytes. client|<7>| RB: Requested 6 bytes client|<4>| REC[0x7ae878]: Decrypted Packet[2] ChangeCipherSpec(20) with length: 1 client|<4>| REC[0x7ae878]: Initializing epoch #1 client|<4>| REC[0x7ae878]: Epoch #1 ready client|<3>| HSK[0x7ae878]: Cipher Suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x3 client|<7>| READ: read 5 bytes from 0x3 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7ae878]: SSL 3.3 Handshake packet received. Epoch 0, length: 64 client|<4>| REC[0x7ae878]: Expected Packet Handshake(22) client|<4>| REC[0x7ae878]: Received Packet Handshake(22) with length: 64 client|<7>| READ: Got 64 bytes from 0x3 client|<7>| READ: read 64 bytes from 0x3 client|<7>| RB: Have 5 bytes into buffer. Adding 64 bytes. client|<7>| RB: Requested 69 bytes client|<4>| REC[0x7ae878]: Decrypted Packet[0] Handshake(22) with length: 16 client|<3>| HSK[0x7ae878]: FINISHED (20) was received. Length 12[12], frag offset 0, frag length: 12, sequence: 0 client|<3>| HSK[0x7ae878]: recording tls-unique CB (recv) client|<7>| HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 1 bytes. client|<3>| REC[0x7ae878]: Sent ChangeCipherSpec client|<3>| HSK[0x7ae878]: Cipher Suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<3>| HSK[0x7ae878]: Initializing internal [write] cipher sessions client|<3>| HSK[0x7ae878]: FINISHED was queued [16 bytes] client|<7>| HWRITE: enqueued [FINISHED] 16. Total 17 bytes. client|<7>| HWRITE FLUSH: 17 bytes in buffer. client|<4>| REC[0x7ae878]: Preparing Packet ChangeCipherSpec(20) with length: 1 and target length: 1 client|<7>| WRITE: enqueued 6 bytes for 0x3. Total 6 bytes. client|<4>| REC[0x7ae878]: Sent Packet[5] ChangeCipherSpec(20) in epoch 0 and length: 6 client|<7>| HWRITE: wrote 1 bytes, 16 bytes left. client|<4>| REC[0x7ae878]: Preparing Packet Handshake(22) with length: 16 and target length: 16 client|<7>| WRITE: enqueued 69 bytes for 0x3. Total 75 bytes. client|<4>| REC[0x7ae878]: Sent Packet[1] Handshake(22) in epoch 1 and length: 69 client|<7>| HWRITE: wrote 1 bytes, 0 bytes left. client|<7>| WRITE FLUSH: 75 bytes in buffer. client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 ChangeCipherSpec packet received. Epoch 0, length: 1 client|<4>| REC[0x7adc60]: Expected Packet ChangeCipherSpec(20) client|<4>| REC[0x7adc60]: Received Packet ChangeCipherSpec(20) with length: 1 client|<7>| READ: Got 1 bytes from 0x4 client|<7>| READ: read 1 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 1 bytes. client|<7>| RB: Requested 6 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[4] ChangeCipherSpec(20) with length: 1 client|<3>| HSK[0x7adc60]: Cipher Suite: ECDHE_ECDSA_AES_128_CBC_SHA1 client|<2>| ASSERT: gnutls_buffers.c:1015 client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Handshake packet received. Epoch 0, length: 64 client|<4>| REC[0x7adc60]: Expected Packet Handshake(22) client|<4>| REC[0x7adc60]: Received Packet Handshake(22) with length: 64 client|<7>| READ: Got 64 bytes from 0x4 client|<7>| READ: read 64 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 64 bytes. client|<7>| RB: Requested 69 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[0] Handshake(22) with length: 16 client|<3>| HSK[0x7adc60]: FINISHED (20) was received. Length 12[12], frag offset 0, frag length: 12, sequence: 0 client|<4>| REC[0x7adc60]: Start of epoch cleanup client|<4>| REC[0x7adc60]: Epoch #0 freed client|<4>| REC[0x7adc60]: End of epoch cleanup client|<7>| WRITE: wrote 75 bytes, 0 bytes left. client|<4>| REC[0x7ae878]: Start of epoch cleanup client|<4>| REC[0x7ae878]: Epoch #0 freed client|<4>| REC[0x7ae878]: End of epoch cleanup client|<4>| REC[0x7ae878]: Preparing Packet Application Data(23) with length: 54 and target length: 54 client|<7>| WRITE: enqueued 101 bytes for 0x3. Total 101 bytes. client|<7>| WRITE FLUSH: 101 bytes in buffer. client|<7>| READ: Got 5 bytes from 0x4 client|<7>| READ: read 5 bytes from 0x4 client|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. client|<7>| RB: Requested 5 bytes client|<4>| REC[0x7adc60]: SSL 3.3 Application Data packet received. Epoch 0, length: 96 client|<4>| REC[0x7adc60]: Expected Packet Application Data(23) client|<4>| REC[0x7adc60]: Received Packet Application Data(23) with length: 96 client|<7>| READ: Got 96 bytes from 0x4 client|<7>| READ: read 96 bytes from 0x4 client|<7>| RB: Have 5 bytes into buffer. Adding 96 bytes. client|<7>| RB: Requested 101 bytes client|<4>| REC[0x7adc60]: Decrypted Packet[1] Application Data(23) with length: 54 client|<7>| WRITE FLUSH: 0 bytes in buffer. client|<2>| ASSERT: gnutls_buffers.c:610 client|<4>| REC: Sending Alert[1|0] - Close notify client|<4>| REC[0x7adc60]: Preparing Packet Alert(21) with length: 2 and target length: 2 client|<7>| WRITE: enqueued 53 bytes for 0x4. Total 53 bytes. client|<7>| WRITE FLUSH: 53 bytes in buffer. client|<7>| WRITE: wrote 53 bytes, 0 bytes left. client|<4>| REC[0x7adc60]: Sent Packet[2] Alert(21) in epoch 1 and length: 53 client|<4>| REC[0x7adc60]: Start of epoch cleanup client|<4>| REC[0x7adc60]: End of epoch cleanup client|<4>| REC[0x7adc60]: Epoch #1 freed client|<7>| WRITE: wrote 101 bytes, 0 bytes left. client|<4>| REC[0x7ae878]: Sent Packet[2] Application Data(23) in epoch 1 and length: 101 client|<7>| WRITE FLUSH: 0 bytes in buffer. client|<2>| ASSERT: gnutls_buffers.c:610 client|<4>| REC: Sending Alert[1|0] - Close notify client|<4>| REC[0x7ae878]: Preparing Packet Alert(21) with length: 2 and target length: 2 client|<7>| WRITE: enqueued 53 bytes for 0x3. Total 53 bytes. client|<7>| WRITE FLUSH: 53 bytes in buffer. From dkg at fifthhorseman.net Wed May 15 05:12:02 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 14 May 2013 23:12:02 -0400 Subject: [gnutls-devel] online gnutls 3.2.0 documentation truncated at section 3.6.5 Message-ID: <877gj1q6m5.fsf@alice.fifthhorseman.net> hi folks-- looking at http://gnutls.org/manual/gnutls.html it appears to terminate at section 3.6.5, even though the ToC suggests appendices A-F should follow section 10. the one-page-per-node documentation doesn't appear to be truncated. Regards, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 965 bytes Desc: not available URL: From nmav at gnutls.org Wed May 15 20:14:41 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 15 May 2013 20:14:41 +0200 Subject: [gnutls-devel] online gnutls 3.2.0 documentation truncated at section 3.6.5 In-Reply-To: <877gj1q6m5.fsf@alice.fifthhorseman.net> References: <877gj1q6m5.fsf@alice.fifthhorseman.net> Message-ID: <20130515201441.601cf908@aspire.lan> On Tue, 14 May 2013 23:12:02 -0400 Daniel Kahn Gillmor wrote: > hi folks-- > > looking at http://gnutls.org/manual/gnutls.html it appears to > terminate at section 3.6.5, even though the ToC suggests appendices > A-F should follow section 10. Thanks for noticing. Generation must have been interrupted. I've regenerated it and re-upload it. regards. Nikos From fujieda at acm.org Sun May 12 15:09:53 2013 From: fujieda at acm.org (Kazuhiro Fujieda) Date: Sun, 12 May 2013 22:09:53 +0900 Subject: [gnutls-devel] gnutls-cli can't start a TLS session with a SIGALRM Message-ID: Hi, The gnutls-cli program can't start a TLS session with a SIGALRM since the following commit: https://gitorious.org/gnutls/gnutls/commit/20e0e448a2f3685cc6244f7c052b32f3f0719f73 The check_net_or_keyboard_input() doesn't return the control when it catches the signal and the select() returns -1. The surrounding loop causes this problem. The attached patch can fix it. Regards, -- Kazuhiro Fujieda fujieda at acm.org -------------- next part -------------- A non-text attachment was scrubbed... Name: cli.c.diff Type: text/x-patch Size: 1696 bytes Desc: not available URL: From mike at vee.net Thu May 16 05:05:41 2013 From: mike at vee.net (Michael Gratton) Date: Thu, 16 May 2013 13:05:41 +1000 Subject: [gnutls-devel] SIGSEGV in _gnutls_ciphertext2compressed In-Reply-To: <5182AB24.1080206@fifthhorseman.net> References: <51341D10.9010605@vee.net> <5182AB24.1080206@fifthhorseman.net> Message-ID: <51944D05.1040502@vee.net> On 03/05/13 04:06, Daniel Kahn Gillmor wrote: > I tried to replicate the bug report you describe using epiphany-browser > 3.4.2-2.1 and libgnutls26 2.12.20-6 (the version in wheezy) but was > unable to reproduce it. > > I tried it with: > > epiphany-browser http://mod.gnutls.org/ > > since i know that should redirect to https://mod.gnutls.org/ > > but i got no segfault. are you able to replicate the segfault using the > command above? if so, please report it to your distro at > https://bugs.launchpad.net/ubuntu/+source/gnutls26/+filebug and follow > up on this list with the link to the report. Sorry, I can't seem to reproduce it either. I'm sure there was a specific example of a web site that does cause it, since I would have had to installed the relevant -dbg packages and restarted to get the trace, but I'm not sure what that is now. From memory, it may have something to do with specific TLS features the site was using? //Mike -- ? Michael Gratton, Percept Wrangler. ? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: From nmav at gnutls.org Thu May 16 13:38:40 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 16 May 2013 13:38:40 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <20130511094821.GA3272@downhill.g.la> References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> Message-ID: On Sat, May 11, 2013 at 11:48 AM, Andreas Metzler wrote: > On 2013-05-11 Andreas Metzler wrote: >> Find attached > [...] > you did not ;-) Hello, I could not really figure out the reason of failure. I've found some issues though. Would the patch below fix the issue? https://www.gitorious.org/gnutls/gnutls/commit/773d19dece7b3ece770004513af04016df9a46e6 regards, Nikos From nmav at gnutls.org Sat May 18 16:30:45 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sat, 18 May 2013 16:30:45 +0200 Subject: [gnutls-devel] gnutls-cli can't start a TLS session with a SIGALRM In-Reply-To: References: Message-ID: <51979095.5030105@gnutls.org> On 05/12/2013 03:09 PM, Kazuhiro Fujieda wrote: > Hi, > > The gnutls-cli program can't start a TLS session with a SIGALRM > since the following commit: > https://gitorious.org/gnutls/gnutls/commit/20e0e448a2f3685cc6244f7c052b32f3f0719f73 Thanks for reporting that, Is that a BSD-type operating system you are using? Could you try the patch below? https://gitorious.org/gnutls/gnutls/commit/449a7a2fffe4dd20aa453f42928925c728067d8d/diffs/c3b3a0c6bd14a542e11873ebe0975a5ddd0ab46b regards, Nikos From ametzler at downhill.at.eu.org Mon May 20 08:06:59 2013 From: ametzler at downhill.at.eu.org (Andreas Metzler) Date: Mon, 20 May 2013 08:06:59 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> Message-ID: <20130520060659.GA3325@downhill.g.la> On 2013-05-16 Nikos Mavrogiannopoulos wrote: > On Sat, May 11, 2013 at 11:48 AM, Andreas Metzler > wrote: > > On 2013-05-11 Andreas Metzler wrote: > >> Find attached > > [...] > > you did not ;-) > I could not really figure out the reason of failure. I've found some > issues though. Would the patch below fix the issue? > https://www.gitorious.org/gnutls/gnutls/commit/773d19dece7b3ece770004513af04016df9a46e6 It does not seem to make a difference. :-( cu Andreas From nmav at gnutls.org Tue May 21 12:57:08 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Tue, 21 May 2013 12:57:08 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <20130520060659.GA3325@downhill.g.la> References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> <20130520060659.GA3325@downhill.g.la> Message-ID: On Mon, May 20, 2013 at 8:06 AM, Andreas Metzler wrote: >> I could not really figure out the reason of failure. I've found some >> issues though. Would the patch below fix the issue? >> https://www.gitorious.org/gnutls/gnutls/commit/773d19dece7b3ece770004513af04016df9a46e6 > It does not seem to make a difference. :-( If valgrind is available on this platform would it be possible to run the program with it and send me the output? regards, Nikos From bry8star at yahoo.com Tue May 21 13:16:17 2013 From: bry8star at yahoo.com (Bry8 Star) Date: Tue, 21 May 2013 04:16:17 -0700 Subject: [gnutls-devel] GnuTLS based gnoMint, a CA Mgmt software Message-ID: <519B5781.6020309@yahoo.com> Very likely this is not the right place to post this, but hoping it may come into attention to GnuTLS related developers & users. gnoMint was last updated on August, 2010. Can GnuTLS related developers update it, if possible ? or, instruction on how to effectively use last GnuTLS libs in gnoMint ? gnoMint http://gnomint.sf.net/ Thanks in advance, -- Bright Star (Bry8Star). -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 195 bytes Desc: OpenPGP digital signature URL: From mabrand at mabrand.nl Tue May 21 14:01:08 2013 From: mabrand at mabrand.nl (Mark Brand) Date: Tue, 21 May 2013 14:01:08 +0200 Subject: [gnutls-devel] gnutls 3.2.0 build fixes for mingw Message-ID: <6584649.Y5HyC9bZqh@hitch> Nikos, Just ran into 2 little problems building gnutls 3.2.0 for mingw. First is that configure fails upon not finding sys/mman.h and sys/wait.h. A workaround hack, suggested by https://lists.gnu.org/archive/html/bug-gnulib/2013-04/msg00026.html seems to be: diff --git a/src/libopts/m4/libopts.m4 b/src/libopts/m4/libopts.m4 index 9d0c6de..1c33afa 100644 --- a/src/libopts/m4/libopts.m4 +++ b/src/libopts/m4/libopts.m4 @@ -72,7 +72,7 @@ AC_DEFUN([INVOKE_LIBOPTS_MACROS_FIRST],[ ${lo_have_typ_hdr} || \ ]AC_MSG_ERROR([you must have inttypes.h or stdint.h on your system])[ - for f in sys_types sys_mman sys_param sys_stat sys_wait \ + for f in sys_types sys_param sys_stat \ string errno stdlib memory setjmp do eval as_ac_var=\${ac_cv_header_${f}_h} test "X${as_ac_var}" = Xyes || { Would updating autgen solve this? The second is undefined @LIB_CLOCK_GETTIME@ left behind in gnutls.pc. This is fixed by 863d07ef48b5b4f6d2e206e37bece4656c44ef92 in the master branch. regards, Mark From fujieda at acm.org Tue May 21 15:28:20 2013 From: fujieda at acm.org (Kazuhiro Fujieda) Date: Tue, 21 May 2013 22:28:20 +0900 Subject: [gnutls-devel] gnutls-cli can't start a TLS session with a SIGALRM In-Reply-To: <51979095.5030105@gnutls.org> (Nikos Mavrogiannopoulos's message of "Sat\, 18 May 2013 16\:30\:45 +0200") References: <51979095.5030105@gnutls.org> Message-ID: Hi, >>> On Sat, 18 May 2013 16:30:45 +0200 >>> Nikos Mavrogiannopoulos said: > Thanks for reporting that, > Is that a BSD-type operating system you are using? > > Could you try the patch below? > https://gitorious.org/gnutls/gnutls/commit/449a7a2fffe4dd20aa453f42928925c728067d8d/diffs/c3b3a0c6bd14a542e11873ebe0975a5ddd0ab46b I've completely misunderstood the cause of my problem. The gnutls-cli program doesn't have the bug. It actually starts a TLS session with a SIGALRM. I'm sorry for the mishap. -- Kazuhiro Fujieda fujieda at acm.org From dkg at fifthhorseman.net Tue May 21 17:26:10 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 21 May 2013 11:26:10 -0400 Subject: [gnutls-devel] GnuTLS based gnoMint, a CA Mgmt software In-Reply-To: <519B5781.6020309@yahoo.com> References: <519B5781.6020309@yahoo.com> Message-ID: <519B9212.9020909@fifthhorseman.net> On 05/21/2013 07:16 AM, Bry8 Star wrote: > Very likely this is not the right place to post this, but hoping it > may come into attention to GnuTLS related developers & users. > > gnoMint was last updated on August, 2010. > Can GnuTLS related developers update it, if possible ? > > or, instruction on how to effectively use last GnuTLS libs in gnoMint ? > > gnoMint http://gnomint.sf.net/ hi bry8 star-- Sorry, i don't think this list is the right place to ask about updates. their web site suggests that they have 3 mailing lists: http://gnomint.sourceforge.net/?q=node/5 of those, only the users list appears to have had any traffic since 2012, and that was only a single unanswered question. the package in debian has also been orphaned: http://packages.qa.debian.org/g/gnomint.html so the project doesn't look too lively -- perhaps you want to try contacting its upstream developer directly? there appears to be four people listed in the AUTHORS file in the source tarball. Have you tried compiling it yourself against the latest gnutls libraries? if so, are there errors or problems? if you want to ask about those specific errors or problems, this is probably a reasonable list to ask about them. Regards, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1027 bytes Desc: OpenPGP digital signature URL: From nmav at gnutls.org Tue May 21 20:18:50 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Tue, 21 May 2013 20:18:50 +0200 Subject: [gnutls-devel] gnutls 3.2.0 build fixes for mingw In-Reply-To: <6584649.Y5HyC9bZqh@hitch> References: <6584649.Y5HyC9bZqh@hitch> Message-ID: <519BBA8A.3040808@gnutls.org> On 05/21/2013 02:01 PM, Mark Brand wrote: > Nikos, > Just ran into 2 little problems building gnutls 3.2.0 for mingw. > First is that configure fails upon not finding sys/mman.h and sys/wait.h. A > workaround hack, suggested by > https://lists.gnu.org/archive/html/bug-gnulib/2013-04/msg00026.html > seems to be: > > diff --git a/src/libopts/m4/libopts.m4 b/src/libopts/m4/libopts.m4 > index 9d0c6de..1c33afa 100644 > --- a/src/libopts/m4/libopts.m4 > +++ b/src/libopts/m4/libopts.m4 > @@ -72,7 +72,7 @@ AC_DEFUN([INVOKE_LIBOPTS_MACROS_FIRST],[ > ${lo_have_typ_hdr} || \ > ]AC_MSG_ERROR([you must have inttypes.h or stdint.h on your system])[ > > - for f in sys_types sys_mman sys_param sys_stat sys_wait \ > + for f in sys_types sys_param sys_stat \ > string errno stdlib memory setjmp > do eval as_ac_var=\${ac_cv_header_${f}_h} > test "X${as_ac_var}" = Xyes || { > > Would updating autgen solve this? Hello Mark, Has this been reported to upstream autogen? I do not see any relevant entry in the changelog [0] so I'll apply the patch as is for now (and CC Bruce). [0]. http://git.savannah.gnu.org/cgit/autogen.git/tree/ChangeLog regards, Nikos From eliz at gnu.org Tue May 21 21:03:34 2013 From: eliz at gnu.org (Eli Zaretskii) Date: Tue, 21 May 2013 22:03:34 +0300 Subject: [gnutls-devel] gnutls 3.2.0 build fixes for mingw In-Reply-To: <519BBA8A.3040808@gnutls.org> References: <6584649.Y5HyC9bZqh@hitch> <519BBA8A.3040808@gnutls.org> Message-ID: <83y5b8tat5.fsf@gnu.org> > Date: Tue, 21 May 2013 20:18:50 +0200 > From: Nikos Mavrogiannopoulos > > > diff --git a/src/libopts/m4/libopts.m4 b/src/libopts/m4/libopts.m4 > > index 9d0c6de..1c33afa 100644 > > --- a/src/libopts/m4/libopts.m4 > > +++ b/src/libopts/m4/libopts.m4 > > @@ -72,7 +72,7 @@ AC_DEFUN([INVOKE_LIBOPTS_MACROS_FIRST],[ > > ${lo_have_typ_hdr} || \ > > ]AC_MSG_ERROR([you must have inttypes.h or stdint.h on your system])[ > > > > - for f in sys_types sys_mman sys_param sys_stat sys_wait \ > > + for f in sys_types sys_param sys_stat \ > > string errno stdlib memory setjmp > > do eval as_ac_var=\${ac_cv_header_${f}_h} > > test "X${as_ac_var}" = Xyes || { > > > > Would updating autgen solve this? > > > Hello Mark, > Has this been reported to upstream autogen? I do not see any relevant > entry in the changelog [0] so I'll apply the patch as is for now (and CC > Bruce). Bruce heard this from me in http://lists.gnu.org/archive/html/bug-gnu-utils/2013-04/msg00009.html From bkorb at gnu.org Wed May 22 00:11:08 2013 From: bkorb at gnu.org (Bruce Korb) Date: Tue, 21 May 2013 15:11:08 -0700 Subject: [gnutls-devel] gnutls 3.2.0 build fixes for mingw In-Reply-To: <6584649.Y5HyC9bZqh@hitch> References: <6584649.Y5HyC9bZqh@hitch> Message-ID: <519BF0FC.1090805@gnu.org> On 05/21/13 05:01, Mark Brand wrote: > - for f in sys_types sys_mman sys_param sys_stat sys_wait \ > + for f in sys_types sys_param sys_stat \ > string errno stdlib memory setjmp > do eval as_ac_var=\${ac_cv_header_${f}_h} > test "X${as_ac_var}" = Xyes || { > > Would updating autgen solve this? Only partially. Current autogen dropped the insistence on sys_mman, but not the insistence one sys_wait. part of autogen requires it, but not the libopts library which is what is at issue here. "next time" (already fixed in source). Sorry. From ametzler at downhill.at.eu.org Wed May 22 19:29:44 2013 From: ametzler at downhill.at.eu.org (Andreas Metzler) Date: Wed, 22 May 2013 19:29:44 +0200 Subject: [gnutls-devel] gnutls-cli 2.x segfault Message-ID: <20130522172944.GA3332@downhill.g.la> On 2013-05-22 Alessandro Ghedini wrote: [...] Hello, gnutls-cli 2.12.23 segfaults on amd64 when conecting to a specific host: ------------------------------------------------------------ (sid-AMD64)ametzler at argenau:/tmp$ gdb /usr/lib/x86_64-linux-gnu/libgnutls26/gnu tls-cli GNU gdb (GDB) 7.6-debian Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /usr/lib/x86_64-linux-gnu/libgnutls26/gnutls-cli...done. (gdb) run sede.dgt.gob.es -p 443 Starting program: /usr/lib/x86_64-linux-gnu/libgnutls26/gnutls-cli sede.dgt.gob.es -p 443 warning: Could not load shared library symbols for linux-vdso.so.1. Do you need "set solib-search-path" or "set sysroot"? [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Resolving 'sede.dgt.gob.es'... Connecting to '213.4.59.219:443'... Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7b3908e in _gnutls_ciphertext2compressed ( session=session at entry=0x6214c0, compress_data=compress_data at entry=0x624e30 "\001", compress_size=compress_size at entry=16384, ciphertext=..., type=21 '\025', params=params at entry=0x622600) at gnutls_cipher.c:572 572 gnutls_cipher.c: No such file or directory. (gdb) bt #0 0x00007ffff7b3908e in _gnutls_ciphertext2compressed ( session=session at entry=0x6214c0, compress_data=compress_data at entry=0x624e30 "\001", compress_size=compress_size at entry=16384, ciphertext=..., type=21 '\025', params=params at entry=0x622600) at gnutls_cipher.c:572 #1 0x00007ffff7b392a3 in _gnutls_decrypt (session=session at entry=0x6214c0, ciphertext=ciphertext at entry=0x622285 "P\301=\347\030\201\357K\353\312\270\306O\n\202)\255\341\327\323\031\004,Y\325C\343y\361_l\367", ciphertext_size=ciphertext_size at entry=32, data=data at entry=0x624e30 "\001", max_data_size=16384, type=type at entry=GNUTLS_ALERT, params=0x622600) at gnutls_cipher.c:148 #2 0x00007ffff7b36cd1 in _gnutls_recv_int (session=session at entry=0x6214c0, type=type at entry=GNUTLS_HANDSHAKE, htype=htype at entry=GNUTLS_HANDSHAKE_FINISHED, data=data at entry=0x621aa0 "\016", sizeofdata=sizeofdata at entry=1) at gnutls_record.c:1068 #3 0x00007ffff7b3aa0c in _gnutls_handshake_io_recv_int ( session=session at entry=0x6214c0, type=type at entry=GNUTLS_HANDSHAKE, htype=htype at entry=GNUTLS_HANDSHAKE_FINISHED, iptr=iptr at entry=0x621aa0, sizeOfPtr=sizeOfPtr at entry=1) at gnutls_buffers.c:893 #4 0x00007ffff7b3db1d in _gnutls_recv_handshake_header ( recv_type=, type=type at entry=GNUTLS_HANDSHAKE_FINISHED, session=session at entry=0x6214c0) at gnutls_handshake.c:1285 #5 _gnutls_recv_handshake (session=session at entry=0x6214c0, data=data at entry=0x7fffffffd388, datalen=datalen at entry=0x7fffffffd384, type=type at entry=GNUTLS_HANDSHAKE_FINISHED, optional=optional at entry=MANDATORY_PACKET) at gnutls_handshake.c:1447 #6 0x00007ffff7b3e55c in _gnutls_recv_finished (session=0x6214c0) at gnutls_handshake.c:748 #7 _gnutls_recv_handshake_final (session=session at entry=0x6214c0, init=init at entry=0) at gnutls_handshake.c:2956 #8 0x00007ffff7b3e954 in _gnutls_handshake_common ( session=session at entry=0x6214c0) at gnutls_handshake.c:3138 #9 0x00007ffff7b400ba in gnutls_handshake (session=0x6214c0) at gnutls_handshake.c:2690 #10 0x00000000004069be in do_handshake (socket=0x7fffffffd4c0) at cli.c:1108 #11 0x00000000004056b4 in main (argc=, argv=) at cli.c:793 ------------------------------------------------------------ Strangely I don't see this on ix86. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' From nmav at gnutls.org Thu May 23 09:56:29 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 23 May 2013 09:56:29 +0200 Subject: [gnutls-devel] gnutls-cli 2.x segfault In-Reply-To: <20130522172944.GA3332@downhill.g.la> References: <20130522172944.GA3332@downhill.g.la> Message-ID: <519DCBAD.7040404@gnutls.org> On 05/22/2013 07:29 PM, Andreas Metzler wrote: > On 2013-05-22 Alessandro Ghedini wrote: > [...] > Hello, > > gnutls-cli 2.12.23 segfaults on amd64 when conecting to a specific > host: Hello Andreas, It looks like an out of bounds data access introduced on the fix for the Lucky-13 attack. I've committed the following fix in the repository. No bug-fix release planned though. https://gitorious.org/gnutls/gnutls/commit/5164d5a1d57cd0372a5dd074382ca960ca18b27d regards, Nikos From mann.ern.kang at gmail.com Fri May 24 12:29:38 2013 From: mann.ern.kang at gmail.com (Mann Ern Kang) Date: Fri, 24 May 2013 18:29:38 +0800 Subject: [gnutls-devel] gnutls_handshake_get_last_in not working Message-ID: Hi, gnutls_handshake_get_last_in does not seem to work. The variable it returns, last_handshake_in, is not updated anywhere as far as I can tell. It appears that the code for updating that variable was removed in this revision: http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=b6b52f6c19ef13337892be120d29f62526fbb15d Regards, Mann Ern -------------- next part -------------- An HTML attachment was scrubbed... URL: From nmav at gnutls.org Sat May 25 20:48:33 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sat, 25 May 2013 20:48:33 +0200 Subject: [gnutls-devel] gnutls_handshake_get_last_in not working In-Reply-To: References: Message-ID: <51A10781.2000503@gnutls.org> On 05/24/2013 12:29 PM, Mann Ern Kang wrote: > Hi, > > gnutls_handshake_get_last_in does not seem to work. The variable it > returns, last_handshake_in, is not updated anywhere as far as I can tell. > It appears that the code for updating that variable was removed in this > revision: > http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=b6b52f6c19ef13337892be120d29f62526fbb15d Thanks. It seems this function was pretty defunc for some time. I've committed a fix on that. regards, Nikos From thoger at redhat.com Wed May 29 19:26:54 2013 From: thoger at redhat.com (Tomas Hoger) Date: Wed, 29 May 2013 19:26:54 +0200 Subject: [gnutls-devel] gnutls-cli 2.x segfault In-Reply-To: <519DCBAD.7040404@gnutls.org> References: <20130522172944.GA3332@downhill.g.la> <519DCBAD.7040404@gnutls.org> Message-ID: <20130529192654.0ad4e363@redhat.com> On Thu, 23 May 2013 09:56:29 +0200 Nikos Mavrogiannopoulos wrote: > It looks like an out of bounds data access introduced on the fix for > the Lucky-13 attack. I've committed the following fix in the > repository. No bug-fix release planned though. > > https://gitorious.org/gnutls/gnutls/commit/5164d5a1d57cd0372a5dd074382ca960ca18b27d This problem is not limited to clients, servers are affected by this as well and can be crashed remotely using this flaw. This issue got CVE-2013-2116 assigned. -- Tomas Hoger / Red Hat Security Response Team From nils at nilsschneider.net Thu May 23 21:20:39 2013 From: nils at nilsschneider.net (Nils Schneider) Date: Thu, 23 May 2013 21:20:39 +0200 Subject: [gnutls-devel] [PATCH] Fix typo in German translation Message-ID: <1369336839-2576-1-git-send-email-nils@nilsschneider.net> --- po/de.po.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/po/de.po.in b/po/de.po.in index d89d194..d8583cc 100644 --- a/po/de.po.in +++ b/po/de.po.in @@ -183,7 +183,7 @@ msgstr "Ein TLS-Paket mit unerwarteter L?nge wurde empfangen." #: lib/gnutls_errors.c:76 msgid "The TLS connection was non-properly terminated." -msgstr "Die TLS-Verbindung wurde nicht sauber beeendet." +msgstr "Die TLS-Verbindung wurde nicht sauber beendet." #: lib/gnutls_errors.c:79 msgid "The specified session has been invalidated for some reason." -- 1.8.2.3 From dkg at fifthhorseman.net Wed May 29 20:21:42 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 29 May 2013 14:21:42 -0400 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> <20130520060659.GA3325@downhill.g.la> Message-ID: <51A64736.7070804@fifthhorseman.net> On 05/21/2013 06:57 AM, Nikos Mavrogiannopoulos wrote: > If valgrind is available on this platform would it be possible to run > the program with it and send me the output? i tried to do this, but i'm seeing valgrind errors on mipsel that prevent me from getting anywhere, sorry: http://bugs.debian.org/710307 --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1027 bytes Desc: OpenPGP digital signature URL: From nmav at gnutls.org Wed May 29 20:40:59 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 29 May 2013 20:40:59 +0200 Subject: [gnutls-devel] [PATCH] Fix typo in German translation In-Reply-To: <1369336839-2576-1-git-send-email-nils@nilsschneider.net> References: <1369336839-2576-1-git-send-email-nils@nilsschneider.net> Message-ID: <51A64BBB.90901@gnutls.org> On 05/23/2013 09:20 PM, Nils Schneider wrote: > --- > po/de.po.in | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/po/de.po.in b/po/de.po.in > index d89d194..d8583cc 100644 > --- a/po/de.po.in > +++ b/po/de.po.in > @@ -183,7 +183,7 @@ msgstr "Ein TLS-Paket mit unerwarteter L?nge wurde empfangen." > #: lib/gnutls_errors.c:76 > msgid "The TLS connection was non-properly terminated." > -msgstr "Die TLS-Verbindung wurde nicht sauber beeendet." > +msgstr "Die TLS-Verbindung wurde nicht sauber beendet." Hello Niels, Thanks for sending this patch. However, I use the translation project to update the translations and it seems that if I apply the patch it would be overwritten on the next update. Could you submit the fix via http://translationproject.org/html/translators.html ? regards, Nikos From nmav at gnutls.org Wed May 29 20:42:43 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 29 May 2013 20:42:43 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <51A64736.7070804@fifthhorseman.net> References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> <20130520060659.GA3325@downhill.g.la> <51A64736.7070804@fifthhorseman.net> Message-ID: <51A64C23.3080801@gnutls.org> On 05/29/2013 08:21 PM, Daniel Kahn Gillmor wrote: >> If valgrind is available on this platform would it be possible to run >> the program with it and send me the output? > > i tried to do this, but i'm seeing valgrind errors on mipsel that > prevent me from getting anywhere, sorry: > > http://bugs.debian.org/710307 I think I've found the issue. It's a crash on the mini-xssl test itself. A fix should be: https://gitorious.org/gnutls/gnutls/commit/0ff6b5afae291027c18a43c7d079f3685295fbc4 regards, Nikos From nmav at gnutls.org Wed May 29 21:07:16 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 29 May 2013 21:07:16 +0200 Subject: [gnutls-devel] gnutls-cli 2.x segfault In-Reply-To: <20130529192654.0ad4e363@redhat.com> References: <20130522172944.GA3332@downhill.g.la> <519DCBAD.7040404@gnutls.org> <20130529192654.0ad4e363@redhat.com> Message-ID: <51A651E4.9020704@gnutls.org> On 05/29/2013 07:26 PM, Tomas Hoger wrote: >> It looks like an out of bounds data access introduced on the fix for >> the Lucky-13 attack. I've committed the following fix in the >> repository. No bug-fix release planned though. >> https://gitorious.org/gnutls/gnutls/commit/5164d5a1d57cd0372a5dd074382ca960ca18b27d > This problem is not limited to clients, servers are affected by this as > well and can be crashed remotely using this flaw. This issue got > CVE-2013-2116 assigned. Thanks. I've added a security advisory as well. http://www.gnutls.org/security.html#GNUTLS-SA-2013-2 regards, Nikos From dkg at fifthhorseman.net Wed May 29 22:55:20 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 29 May 2013 16:55:20 -0400 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <51A64C23.3080801@gnutls.org> References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> <20130520060659.GA3325@downhill.g.la> <51A64736.7070804@fifthhorseman.net> <51A64C23.3080801@gnutls.org> Message-ID: <51A66B38.3030003@fifthhorseman.net> On 05/29/2013 02:42 PM, Nikos Mavrogiannopoulos wrote: > On 05/29/2013 08:21 PM, Daniel Kahn Gillmor wrote: > >>> If valgrind is available on this platform would it be possible to run >>> the program with it and send me the output? >> >> i tried to do this, but i'm seeing valgrind errors on mipsel that >> prevent me from getting anywhere, sorry: >> >> http://bugs.debian.org/710307 > > I think I've found the issue. It's a crash on the mini-xssl test itself. > A fix should be: > https://gitorious.org/gnutls/gnutls/commit/0ff6b5afae291027c18a43c7d079f3685295fbc4 I tried applying 0ff6b5afae291027c18a43c7d079f3685295fbc4 to 3.1.11 and it did not fix this failure. this changeset seems to only change the size of two variables (from 2 to 6 elements of "aux" in both client() and server(), and add a bunch of verbose output. Interestingly, running "./mini-xssl --verbose 2>&1 | grep -C3 running" produces non-deterministic output. Sometimes, it shows just "running test1:" and associated code, and other times it shows test1 and test2, and occasionally i can get it to show test3. Do you want me to test some other patch? --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1027 bytes Desc: OpenPGP digital signature URL: From nmav at gnutls.org Wed May 29 23:22:34 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 29 May 2013 23:22:34 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <51A66B38.3030003@fifthhorseman.net> References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> <20130520060659.GA3325@downhill.g.la> <51A64736.7070804@fifthhorseman.net> <51A64C23.3080801@gnutls.org> <51A66B38.3030003@fifthhorseman.net> Message-ID: <51A6719A.5020008@gnutls.org> On 05/29/2013 10:55 PM, Daniel Kahn Gillmor wrote: > this changeset seems to only change the size of two variables (from 2 to > 6 elements of "aux" in both client() and server(), and add a bunch of > verbose output. Yes, there was an overflow there. > produces non-deterministic output. Sometimes, it shows just "running > test1:" and associated code, and other times it shows test1 and test2, > and occasionally i can get it to show test3. It seems there is a crash. Could you check with a debugger? regards, Nikos From dkg at fifthhorseman.net Wed May 29 23:33:36 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 29 May 2013 17:33:36 -0400 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <51A6719A.5020008@gnutls.org> References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> <20130520060659.GA3325@downhill.g.la> <51A64736.7070804@fifthhorseman.net> <51A64C23.3080801@gnutls.org> <51A66B38.3030003@fifthhorseman.net> <51A6719A.5020008@gnutls.org> Message-ID: <878v2x8o9b.fsf@alice.fifthhorseman.net> On Wed 2013-05-29 17:22:34 -0400, Nikos Mavrogiannopoulos wrote: > It seems there is a crash. Could you check with a debugger? not sure if this is useful: 1 (experimental_mipsel-dchroot)dkg at eder:~/src/gnutls28/gnutls28-3.1.11/tests$ gdb ./mini-xssl GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "mipsel-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /home/dkg/src/gnutls28/gnutls28-3.1.11/tests/mini-xssl...done. (gdb) run Starting program: /home/dkg/src/gnutls28/gnutls28-3.1.11/tests/mini-xssl [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/mipsel-linux-gnu/libthread_db.so.1". Program received signal SIGPIPE, Broken pipe. 0x77d64470 in __libc_writev (fd=7, vector=0x7fff3220, count=1) at ../sysdeps/unix/sysv/linux/writev.c:50 50 ../sysdeps/unix/sysv/linux/writev.c: No such file or directory. (gdb) bt #0 0x77d64470 in __libc_writev (fd=7, vector=0x7fff3220, count=1) at ../sysdeps/unix/sysv/linux/writev.c:50 #1 0x77ec617c in _gnutls_writev (giovec_cnt=1, giovec=0x7fff3220, session=0x42f1b0) at gnutls_buffers.c:422 #2 _gnutls_io_write_flush (session=0x42f1b0) at gnutls_buffers.c:614 #3 0x77ebf960 in _gnutls_send_tlen_int (session=0x42f1b0, type=GNUTLS_ALERT, htype=, epoch_rel=, _data=0x7fff33f0, data_size=2, target_length=2, mflags=1) at gnutls_record.c:556 #4 0x77ee7abc in _gnutls_send_int (mflags=1, data_size=2, _data=0x7fff33f0, epoch_rel=70001, htype=4294967295, type=GNUTLS_ALERT, session=0x42f1b0) at ./gnutls_record.h:42 #5 gnutls_alert_send (session=0x42f1b0, level=, desc=) at gnutls_alert.c:156 #6 0x77ec1a2c in gnutls_bye (session=0x42f1b0, how=GNUTLS_SHUT_WR) at gnutls_record.c:313 #7 0x77dff534 in xssl_deinit (sb=0x4331a8) at xssl.c:557 #8 0x0040176c in server (fd=7, vmethod=0) at mini-xssl.c:319 #9 0x004018f0 in start (vc=2, vs=0, ccert=0) at mini-xssl.c:353 #10 0x00401a80 in doit () at mini-xssl.c:395 #11 0x0040138c in main (argc=0, argv=0x7fff3774) at utils.c:155 (gdb) the SIGPIPE makes me think that something is going wrong in a subprocess, but i'm not sure how to ensure that gdb follows the subprocess. if there are specific things you'd like me to try within the debugger, please let me know. sorry to not be resolving this myself -- i'm juggling several tasks right now so i haven't been able to give this as much attention as i'd like. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 965 bytes Desc: not available URL: From nmav at gnutls.org Thu May 30 08:52:07 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 30 May 2013 08:52:07 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <878v2x8o9b.fsf@alice.fifthhorseman.net> References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> <20130520060659.GA3325@downhill.g.la> <51A64736.7070804@fifthhorseman.net> <51A64C23.3080801@gnutls.org> <51A66B38.3030003@fifthhorseman.net> <51A6719A.5020008@gnutls.org> <878v2x8o9b.fsf@alice.fifthhorseman.net> Message-ID: <51A6F717.4050808@gnutls.org> On 05/29/2013 11:33 PM, Daniel Kahn Gillmor wrote: > This GDB was configured as "mipsel-linux-gnu". > For bug reporting instructions, please see: > ... > Reading symbols from /home/dkg/src/gnutls28/gnutls28-3.1.11/tests/mini-xssl...done. > (gdb) run > Starting program: /home/dkg/src/gnutls28/gnutls28-3.1.11/tests/mini-xssl > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib/mipsel-linux-gnu/libthread_db.so.1". > > Program received signal SIGPIPE, Broken pipe. [...] > the SIGPIPE makes me think that something is going wrong in a > subprocess, but i'm not sure how to ensure that gdb follows the > subprocess. Could you try with the sigpipe ignored? https://gitorious.org/gnutls/gnutls/commit/f88de256cef90e780f75c4ac6ccc9c8090aef9da/diffs/69c404b62fd8ea185e22ba34d3bf815db33a8243 regards, Nikos From dkg at fifthhorseman.net Thu May 30 17:30:40 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 30 May 2013 11:30:40 -0400 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <51A6F717.4050808@gnutls.org> References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> <20130520060659.GA3325@downhill.g.la> <51A64736.7070804@fifthhorseman.net> <51A64C23.3080801@gnutls.org> <51A66B38.3030003@fifthhorseman.net> <51A6719A.5020008@gnutls.org> <878v2x8o9b.fsf@alice.fifthhorseman.net> <51A6F717.4050808@gnutls.org> Message-ID: <51A770A0.1070702@fifthhorseman.net> On 05/30/2013 02:52 AM, Nikos Mavrogiannopoulos wrote: >> the SIGPIPE makes me think that something is going wrong in a >> subprocess, but i'm not sure how to ensure that gdb follows the > >> subprocess. > > Could you try with the sigpipe ignored? > https://gitorious.org/gnutls/gnutls/commit/f88de256cef90e780f75c4ac6ccc9c8090aef9da/diffs/69c404b62fd8ea185e22ba34d3bf815db33a8243 with sigpipe ignored, ./mini-xssl produces a return code of 0 on mipsel: ... PASS: mini-xssl ... so i think that did it. any idea why it was getting a SIGPIPE on mipsel but not on other architectures? --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1027 bytes Desc: OpenPGP digital signature URL: From nmav at gnutls.org Fri May 31 10:21:16 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 31 May 2013 10:21:16 +0200 Subject: [gnutls-devel] mini-xssl test fails on mips In-Reply-To: <51A770A0.1070702@fifthhorseman.net> References: <20130511081428.GA3378@downhill.g.la> <20130511094821.GA3272@downhill.g.la> <20130520060659.GA3325@downhill.g.la> <51A64736.7070804@fifthhorseman.net> <51A64C23.3080801@gnutls.org> <51A66B38.3030003@fifthhorseman.net> <51A6719A.5020008@gnutls.org> <878v2x8o9b.fsf@alice.fifthhorseman.net> <51A6F717.4050808@gnutls.org> <51A770A0.1070702@fifthhorseman.net> Message-ID: On Thu, May 30, 2013 at 5:30 PM, Daniel Kahn Gillmor wrote: >>> subprocess. >> Could you try with the sigpipe ignored? >> https://gitorious.org/gnutls/gnutls/commit/f88de256cef90e780f75c4ac6ccc9c8090aef9da/diffs/69c404b62fd8ea185e22ba34d3bf815db33a8243 > with sigpipe ignored, ./mini-xssl produces a return code of 0 on mipsel: > ... > PASS: mini-xssl > ... > so i think that did it. any idea why it was getting a SIGPIPE on mipsel > but not on other architectures? No idea. From nmav at gnutls.org Fri May 31 10:50:52 2013 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 31 May 2013 10:50:52 +0200 Subject: [gnutls-devel] gnutls for win32 In-Reply-To: <87sj147cjc.fsf@lifelogs.com> References: <87aa68dfao.fsf@lifelogs.com> <87k44949nj.fsf@lifelogs.com> <4F270761.1000709@gnutls.org> <87sj147cjc.fsf@lifelogs.com> Message-ID: On Thu, May 30, 2013 at 4:44 PM, Ted Zlatanov wrote: > I see that you now have ftp://ftp.gnutls.org/gcrypt/gnutls/w32/ with > automated builds. Is that going to be sustained long-term? Should we > consider linking to your page and save the effort of producing our own > GnuTLS binaries? Hello Ted, There is no problem to link to that page. The binaries are often up-to date (no automated process exists), and I try to have at least binaries for the major releases. However, as mentioned before these binary releases are compiled but untested. > I'm also planning to allow Emacs to update its own GnuTLS libraries on > W32 and Mac OS X by using an ELPA package. This does not involve GnuTLS > developers' time, but I wanted to mention it in case you have any > opinions or comments, especially on any potential security issues with > doing it from inside Emacs itself. You may want to check the signatures prior to downloading. Other than that I cannot think of other issue. regards, Nikos