[gnutls-devel] GnuTLS | Malformed message in taskwarrior with gnutls 3.7.3 and KTLS (#1314)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Thu Jan 20 12:46:02 CET 2022



Jan Palus created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1314



## Description of problem:
`task sync` reports `Malformed message` after upgrade of gnutls with `ktls` support. Works fine after unloading `tls` module. The other side is `taskd` with gnutls 3.7.2. Debug output suggests EAGAIN might not be handled somewhere?
```
$ task sync
gnutls[2]: Enabled GnuTLS 3.7.3 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: unable to access: /etc/gnutls/config: 2
c: INFO Server certificate will be verified.
c: 2 added 6 protocols, 29 ciphersuites, 19 sig algos and 10 groups into priority list
c: 2 Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
c: 2 Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
c: 2 Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
c: 2 Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
c: 2 Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
c: 2 Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
c: 2 Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
c: 2 Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
c: 2 Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
c: 2 Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
c: 2 Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
c: 2 Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
c: 2 Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
c: 2 Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
c: 2 Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
c: 2 Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
c: 2 Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
c: 2 Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
c: 2 Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
c: 2 Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
c: 2 Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
c: 2 Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
c: 2 Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
c: 2 Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
c: 2 Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
c: 2 Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
c: 2 Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
c: 2 Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
c: 2 Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
c: 2 Advertizing version 3.4
c: 2 Advertizing version 3.3
c: 2 Advertizing version 3.2
c: 2 Advertizing version 3.1
c: 2 HSK[0x10463750]: sent server name: 'xxxxxxxxxxxx'
c: 2 EXT[0x10463750]: client generated SECP256R1 shared key
c: INFO Handshake was completed: (TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
c: INFO Sending 'XXXXclient: task 2.6.1
key: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
org: xxx
protocol: v1
type: sync
user: xxxxxxxxx

xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx


' (4294967268 bytes)
c: INFO expecting 0 bytes.
c: WARNING Resource temporarily unavailable, try again.
c: INFO Receiving 'XXXX' (-56 bytes)
Syncing with xxxxxxxxxxxx:xxxxx

Malformed message
Sync failed.  Could not connect to the Taskserver.
```

## Version of gnutls used:
3.7.3


## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
PLD

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1314
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220120/aaa56eec/attachment.html>


More information about the Gnutls-devel mailing list