[gnutls-devel] GnuTLS | Session resumption fails against GCS after a few hours of inactivity (#822)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Aug 28 12:53:29 CEST 2019



Kostis Lolos created an issue:


  ## Description of problem:
After a few hours of session inactivity, requests towards the `Google Cloud Storage` using `libcurl` and `libgnutls` fail with the following error:
>  gnutls_handshake() failed: An unexpected TLS packet was received.

## Version of gnutls used:
3.3.30

## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
libgnutls-openssl27 3.3.30-0+deb8u1 (from Debian jessie/updates)

## How reproducible:

The problems seems to happen consistently when trying to resume a session that is more than a few hours old. In particular:

* Connect to GCS via libcurl+libgnutls from within a GKE container. Everything seems to be working as expected for a while, including session resumption.
* A few hours later, attempt to issue a request. Session resumption fails with the above error. Note that this seems to always happen after a few hours, and once it happens it never recovers.

## Actual results:
Here are the logs from a failed attempt to resume a session:

```
* Connection 0 seems to be dead!
* Closing connection 0
gnutls[3]: ASSERT: gnutls_buffers.c:679
gnutls[5]: REC: Sending Alert[1|0] - Close notify
gnutls[5]: REC[0x7f4430464870]: Preparing Packet Alert(21) with length: 2 and min pad: 0
gnutls[9]: ENC[0x7f4430464870]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
gnutls[5]: REC[0x7f4430464870]: Sent Packet[11] Alert(21) in epoch 1 and length: 31
gnutls[3]: ASSERT: gnutls_buffers.c:576
gnutls[3]: ASSERT: gnutls_record.c:1063
gnutls[3]: ASSERT: gnutls_record.c:1184
gnutls[3]: ASSERT: gnutls_record.c:1363
gnutls[5]: REC[0x7f4430464870]: Start of epoch cleanup
gnutls[5]: REC[0x7f4430464870]: End of epoch cleanup
gnutls[5]: REC[0x7f4430464870]: Epoch #1 freed
* Hostname was NOT found in DNS cache
*   Trying 74.125.71.128...
* TCP_NODELAY set
* Connected to storage.googleapis.com (74.125.71.128) port 443 (#1)
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1923
gnutls[3]: ASSERT: common.c:1923
gnutls[3]: ASSERT: common.c:1923
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
gnutls[3]: ASSERT: common.c:1106
* found 153 certificates in /etc/ssl/certs/ca-certificates.crt
gnutls[5]: REC[0x7f44184758a0]: Allocating epoch #0
gnutls[3]: ASSERT: gnutls_session_pack.c:875
gnutls[3]: ASSERT: gnutls_session_pack.c:254
gnutls[3]: ASSERT: gnutls_session.c:217
* SSL re-using session ID
gnutls[3]: ASSERT: gnutls_constate.c:586
gnutls[5]: REC[0x7f44184758a0]: Allocating epoch #1
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 (C0.86)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 (C0.87)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.8A)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.8B)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: RSA_AES_128_GCM_SHA256 (00.9C)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: RSA_AES_256_GCM_SHA384 (00.9D)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: RSA_CAMELLIA_128_GCM_SHA256 (C0.7A)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: RSA_CAMELLIA_256_GCM_SHA384 (C0.7B)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 (00.2F)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 (00.35)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 (00.41)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 (00.84)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 (00.0A)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_RSA_AES_128_GCM_SHA256 (00.9E)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_RSA_AES_256_GCM_SHA384 (00.9F)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.7C)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.7D)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 (00.33)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 (00.39)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_DSS_AES_128_GCM_SHA256 (00.A2)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_DSS_AES_256_GCM_SHA384 (00.A3)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_GCM_SHA256 (C0.80)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_GCM_SHA384 (C0.81)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 (00.32)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 (00.38)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 (00.44)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 (00.87)
gnutls[4]: HSK[0x7f44184758a0]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 (00.13)
gnutls[4]: HSK[0x7f44184758a0]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1
gnutls[4]: HSK[0x7f44184758a0]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1
gnutls[4]: HSK[0x7f44184758a0]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1
gnutls[4]: EXT[0x7f44184758a0]: Sending extension STATUS REQUEST (5 bytes)
gnutls[4]: EXT[0x7f44184758a0]: Sending extension SERVER NAME (27 bytes)
gnutls[4]: EXT[0x7f44184758a0]: Sending extension SAFE RENEGOTIATION (1 bytes)
gnutls[4]: EXT[0x7f44184758a0]: Sending extension SESSION TICKET (0 bytes)
gnutls[4]: EXT[0x7f44184758a0]: Sending extension SUPPORTED ECC (12 bytes)
gnutls[4]: EXT[0x7f44184758a0]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes)
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (4.1) RSA-SHA256
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (4.2) DSA-SHA256
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (4.3) ECDSA-SHA256
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (5.1) RSA-SHA384
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (5.3) ECDSA-SHA384
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (6.1) RSA-SHA512
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (6.3) ECDSA-SHA512
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (3.1) RSA-SHA224
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (3.2) DSA-SHA224
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (3.3) ECDSA-SHA224
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (2.1) RSA-SHA1
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (2.2) DSA-SHA1
gnutls[4]: EXT[0x7f44184758a0]: sent signature algo (2.3) ECDSA-SHA1
gnutls[4]: EXT[0x7f44184758a0]: Sending extension SIGNATURE ALGORITHMS (28 bytes)
gnutls[4]: HSK[0x7f44184758a0]: CLIENT HELLO was queued [262 bytes]
gnutls[5]: REC[0x7f44184758a0]: Preparing Packet Handshake(22) with length: 262 and min pad: 0
gnutls[9]: ENC[0x7f44184758a0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls[5]: REC[0x7f44184758a0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 267
gnutls[3]: ASSERT: gnutls_buffers.c:1139
gnutls[3]: ASSERT: gnutls_buffers.c:572
gnutls[3]: ASSERT: gnutls_buffers.c:1139
gnutls[5]: REC[0x7f44184758a0]: SSL 3.3 Handshake packet received. Epoch 0, length: 87
gnutls[5]: REC[0x7f44184758a0]: Expected Packet Handshake(22)
gnutls[5]: REC[0x7f44184758a0]: Received Packet Handshake(22) with length: 87
gnutls[5]: REC[0x7f44184758a0]: Decrypted Packet[0] Handshake(22) with length: 87
gnutls[4]: HSK[0x7f44184758a0]: SERVER HELLO (2) was received. Length 83[83], frag offset 0, frag length: 83, sequence: 0
gnutls[4]: HSK[0x7f44184758a0]: Server's version: 3.3
gnutls[4]: HSK[0x7f44184758a0]: SessionID length: 32
gnutls[4]: HSK[0x7f44184758a0]: SessionID: a19f24559997b30f74681ade21bea07216b8c9f465045160fd899b4e9e5b6260
gnutls[4]: HSK[0x7f44184758a0]: Selected cipher suite: ECDHE_RSA_AES_128_GCM_SHA256
gnutls[4]: HSK[0x7f44184758a0]: Selected compression method: NULL (0)
gnutls[4]: EXT[0x7f44184758a0]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes)
gnutls[4]: EXT[0x7f44184758a0]: Parsing extension 'SUPPORTED ECC POINT FORMATS/11' (2 bytes)
gnutls[4]: HSK[0x7f44184758a0]: Safe renegotiation succeeded
gnutls[3]: ASSERT: gnutls_buffers.c:1139
gnutls[5]: REC[0x7f44184758a0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 0, length: 1
gnutls[5]: REC[0x7f44184758a0]: Expected Packet Handshake(22)
gnutls[5]: REC[0x7f44184758a0]: Received Packet ChangeCipherSpec(20) with length: 1
gnutls[5]: REC[0x7f44184758a0]: Decrypted Packet[1] ChangeCipherSpec(20) with length: 1
gnutls[3]: ASSERT: gnutls_record.c:815
gnutls[3]: ASSERT: gnutls_record.c:1327
gnutls[3]: ASSERT: gnutls_buffers.c:1393
gnutls[3]: ASSERT: gnutls_handshake.c:1440
gnutls[3]: ASSERT: gnutls_kx.c:630
gnutls[3]: ASSERT: gnutls_handshake.c:2757
* gnutls_handshake() failed: An unexpected TLS packet was received.
* Closing connection 1
gnutls[3]: ASSERT: gnutls_record.c:342
gnutls[5]: REC[0x7f44184758a0]: Start of epoch cleanup
gnutls[5]: REC[0x7f44184758a0]: End of epoch cleanup
gnutls[5]: REC[0x7f44184758a0]: Epoch #0 freed
gnutls[5]: REC[0x7f44184758a0]: Epoch #1 freed
```

The relevant strace is the following:
```
3520963 sendto(21, "\26\3\1\1\6\1\0\1\2\3\3]f at k\227\237\201\236}\30m\240Y\207\315C\205%Vb\340 \346|\301\206\320EV\271\202I \241\237$U\231\227\263\17th\32\336!\276\240r\26\270\311\364e\4Q`\375\211\233N\236[b`\0R\300+\300,\300\206\300\207\300\t\300\n\300\10\300/\3000\300\212\300\213\300\23\300\24\300\22\0\234\0\235\300z\300{\0/\0005\0A\0\204\0\n\0\236\0\237\300|\300}\0003\0009\0E\0\210\0\26\0\242\0\243\300\200\300\201\0002\0008\0D\0\207\0\23\1\0\0g\0\5\0\5\1\0\0\0\0\0\0\0\33\0\31\0\0\26storage.googleapis.com\377\1\0\1\0\0#\0\0\0\n\0\f\0\n\0\27\0\30\0\31\0\25\0\23\0\v\0\2\1\0\0\r\0\34\0\32\4\1\4\2\4\3\5\1\5\3\6\1\6\3\3\1\3\2\3\3\2\1\2\2\2\3", 267, MSG_NOSIGNAL, NULL, 0) = 267
3520963 write(2, "gnutls[3]: ASSERT: gnutls_buffers.c:1139\n", 41) = 41
3520963 recvfrom(21, 0x7f441802b0d0, 5, 0, NULL, NULL) = -1 EAGAIN (Resource temporarily unavailable)
3520963 write(2, "gnutls[3]: ASSERT: gnutls_buffers.c:572\n", 40) = 40
3520963 poll([{fd=21, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 0) = 0 (Timeout)
3520963 poll([{fd=21, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 0) = 0 (Timeout)
3520963 poll([{fd=21, events=POLLIN}], 1, 186) = 1 ([{fd=21, revents=POLLIN}])
3520963 poll([{fd=21, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 0) = 1 ([{fd=21, revents=POLLIN|POLLRDNORM}])
3520963 write(2, "gnutls[3]: ASSERT: gnutls_buffers.c:1139\n", 41) = 41
3520963 recvfrom(21, "\26\3\3\0W", 5, 0, NULL, NULL) = 5
3520963 write(2, "gnutls[5]: REC[0x7f44184758a0]: SSL 3.3 Handshake packet received. Epoch 0, length: 87\n", 87) = 87
3520963 write(2, "gnutls[5]: REC[0x7f44184758a0]: Expected Packet Handshake(22)\n", 62) = 62
3520963 write(2, "gnutls[5]: REC[0x7f44184758a0]: Received Packet Handshake(22) with length: 87\n", 78) = 78
3520963 recvfrom(21, "\2\0\0S\3\3]f at 5,g|\224\\\f'N\217\240\0\232\265\221V\1\3755]5DOWNGRD\1 \241\237$U\231\227\263\17th\32\336!\276\240r\26\270\311\364e\4Q`\375\211\233N\236[b`\300/\0\0\v\377\1\0\1\0\0\v\0\2\1\0", 87, 0, NULL, NULL) = 87
3520963 write(2, "gnutls[5]: REC[0x7f44184758a0]: Decrypted Packet[0] Handshake(22) with length: 87\n", 82) = 82
3520963 write(2, "gnutls[4]: HSK[0x7f44184758a0]: SERVER HELLO (2) was received. Length 83[83], frag offset 0, frag length: 83, sequence: 0\n", 122) = 122
3520963 write(2, "gnutls[4]: HSK[0x7f44184758a0]: Server's version: 3.3\n", 54) = 54
3520963 write(2, "gnutls[4]: HSK[0x7f44184758a0]: SessionID length: 32\n", 53) = 53
3520963 write(2, "gnutls[4]: HSK[0x7f44184758a0]: SessionID: a19f24559997b30f74681ade21bea07216b8c9f465045160fd899b4e9e5b6260\n", 108) = 108
3520963 write(2, "gnutls[4]: HSK[0x7f44184758a0]: Selected cipher suite: ECDHE_RSA_AES_128_GCM_SHA256\n", 84) = 84
3520963 write(2, "gnutls[4]: HSK[0x7f44184758a0]: Selected compression method: NULL (0)\n", 70) = 70
3520963 write(2, "gnutls[4]: EXT[0x7f44184758a0]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes)\n", 87) = 87
3520963 write(2, "gnutls[4]: EXT[0x7f44184758a0]: Parsing extension 'SUPPORTED ECC POINT FORMATS/11' (2 bytes)\n", 93) = 93
3520963 write(2, "gnutls[4]: HSK[0x7f44184758a0]: Safe renegotiation succeeded\n", 61) = 61
3520963 write(2, "gnutls[3]: ASSERT: gnutls_buffers.c:1139\n", 41) = 41
3520963 recvfrom(21, "\24\3\3\0\1", 5, 0, NULL, NULL) = 5
3520963 write(2, "gnutls[5]: REC[0x7f44184758a0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 0, length: 1\n", 93) = 93
3520963 write(2, "gnutls[5]: REC[0x7f44184758a0]: Expected Packet Handshake(22)\n", 62) = 62
3520963 write(2, "gnutls[5]: REC[0x7f44184758a0]: Received Packet ChangeCipherSpec(20) with length: 1\n", 84) = 84
3520963 recvfrom(21, "\1", 1, 0, NULL, NULL) = 1
3520963 write(2, "gnutls[5]: REC[0x7f44184758a0]: Decrypted Packet[1] ChangeCipherSpec(20) with length: 1\n", 88) = 88
3520963 write(2, "gnutls[3]: ASSERT: gnutls_record.c:815\n", 39) = 39
3520963 write(2, "gnutls[3]: ASSERT: gnutls_record.c:1327\n", 40) = 40
3520963 write(2, "gnutls[3]: ASSERT: gnutls_buffers.c:1393\n", 41) = 41
3520963 write(2, "gnutls[3]: ASSERT: gnutls_handshake.c:1440\n", 43) = 43
3520963 write(2, "gnutls[3]: ASSERT: gnutls_kx.c:630\n", 35) = 35
3520963 write(2, "gnutls[3]: ASSERT: gnutls_handshake.c:2757\n", 43) = 43
3520963 write(2, "* ", 2)               = 2
3520963 write(2, "gnutls_handshake() failed: An unexpected TLS packet was received.\n", 66) = 66
```

Since libgnutls does not log the session ID sent via the `ClientHello` packet, here is the corresponding hexdump of the packet from the above strace. The packet seems to include the same session ID as the one in the `ServerHello` packet, i.e., `a19f24559997b30f74681ade21bea07216b8c9f465045160fd899b4e9e5b6260`:

```
$ printf "%b" '\26\3\1\1\6\1\0\1\2\3\3]f at k\227\237\201\236}\30m\240Y\207\315C\205%Vb\340 \346|\301\206\320EV\271\202I \241\237$U\231\227\263\17th\32\336!\276\240r\26\270\311\364e\4Q`\375\211\233N\236[b`\0R\300+\300,\300\206\300\207\300\t\300\n\300\10\300/\3000\300\212\300\213\300\23\300\24\300\22\0\234\0\235\300z\300{\0/\0005\0A\0\204\0\n\0\236\0\237\300|\300}\0003\0009\0E\0\210\0\26\0\242\0\243\300\200\300\201\0002\0008\0D\0\207\0\23\1\0\0g\0\5\0\5\1\0\0\0\0\0\0\0\33\0\31\0\0\26storage.googleapis.com\377\1\0\1\0\0#\0\0\0\n\0\f\0\n\0\27\0\30\0\31\0\25\0\23\0\v\0\2\1\0\0\r\0\34\0\32\4\1\4\2\4\3\5\1\5\3\6\1\6\3\3\1\3\2\3\3\2\1\2\2\2\3' | hexdump -C
00000000  16 03 01 01 06 01 00 01  02 03 03 5d 66 40 6b 97  |...........]f at k.|
00000010  9f 81 9e 7d 18 6d a0 59  87 cd 43 85 25 56 62 e0  |...}.m.Y..C.%Vb.|
00000020  20 e6 7c c1 86 d0 45 56  b9 82 49 20 a1 9f 24 55  | .|...EV..I ..$U|
00000030  99 97 b3 0f 74 68 1a de  21 be a0 72 16 b8 c9 f4  |....th..!..r....|
00000040  65 04 51 60 fd 89 9b 4e  9e 5b 62 60 00 52 c0 2b  |e.Q`...N.[b`.R.+|
00000050  c0 2c c0 86 c0 87 c0 09  c0 0a c0 08 c0 2f c0 30  |.,.........../.0|
00000060  c0 8a c0 8b c0 13 c0 14  c0 12 00 9c 00 9d c0 7a  |...............z|
00000070  c0 7b 00 2f 05 00 41 00  84 00 0a 00 9e 00 9f c0  |.{./..A.........|
00000080  7c c0 7d 03 00 39 00 45  00 88 00 16 00 a2 00 a3  ||.}..9.E........|
00000090  c0 80 c0 81 02 00 38 00  44 00 87 00 13 01 00 00  |......8.D.......|
000000a0  67 00 05 00 05 01 00 00  00 00 00 00 00 1b 00 19  |g...............|
000000b0  00 00 16 73 74 6f 72 61  67 65 2e 67 6f 6f 67 6c  |...storage.googl|
000000c0  65 61 70 69 73 2e 63 6f  6d ff 01 00 01 00 00 23  |eapis.com......#|
000000d0  00 00 00 0a 00 0c 00 0a  00 17 00 18 00 19 00 15  |................|
000000e0  00 13 00 0b 00 02 01 00  00 0d 00 1c 00 1a 04 01  |................|
000000f0  04 02 04 03 05 01 05 03  06 01 06 03 03 01 03 02  |................|
00000100  03 03 02 01 02 02 02 03                           |........|
00000108
```

So, if I understand correctly, the server accepted the resumption and responded with a `ChangeCipherSpec`, as expected. However, the client was expecting another `Handshake` packet.

Any clues as to what may be causing this?

## Expected results:
Expected to successfully resume the session.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/822
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190828/cd37283b/attachment-0001.html>


More information about the Gnutls-devel mailing list