<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style data-premailer="ignore" type="text/css">

a { color: #1068bf; }

</style>

<style>img {

max-width: 100%; height: auto;

}

body {

font-size: 0.875rem;

}

body {

-webkit-text-shadow: rgba(255,255,255,0.01) 0 0 1px;

}

body {

font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Noto Sans", Ubuntu, Cantarell, "Helvetica Neue", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji"; font-size: inherit;

}

</style>

</head>

<body style='font-size: inherit; -webkit-text-shadow: rgba(255,255,255,0.01) 0 0 1px; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Noto Sans", Ubuntu, Cantarell, "Helvetica Neue", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";'>

<div class="content">

<p class="details" style="font-style: italic; color: #666;">

<a href="https://gitlab.com/rwmjones" style="color: #1068bf;">Richard W.M. Jones</a> created an issue: <a href="https://gitlab.com/gnutls/gnutls/-/issues/1384" style="color: #1068bf;">#1384</a>

</p>

<div class="md" style="color: #303030; word-wrap: break-word;">

<p dir="auto" style="color: #303030; margin: 0 0 16px;" align="initial">For this you will need to enable kTLS in gnutls (an experimental feature), load the tls.ko kernel module, and maybe enable ktls in your security policy.  After doing that you can reproduce the bug using just gnutls-serv/gnutls-cli as follows:</p>

<div class="gl-relative markdown-code-block js-markdown-code">

<pre class="code highlight js-syntax-highlight language-plaintext" lang="plaintext" data-canonical-lang="" v-pre="true" style='display: block; font-size: 13px; color: #303030; line-height: 1.6em; overflow-x: auto; border-radius: 2px; position: relative; font-family: "Menlo", "DejaVu Sans Mono", "Liberation Mono", "Consolas", "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; word-break: break-all; word-wrap: break-word; background-color: #fafafa; margin: 0 0 16px; padding: 12px; border: 1px solid #dbdbdb;'><code style='font-size: inherit; color: inherit; word-wrap: normal; word-break: keep-all; background-color: inherit; border-radius: 4px; white-space: pre; margin-top: 0; font-family: "Menlo", "DejaVu Sans Mono", "Liberation Mono", "Consolas", "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; overflow-wrap: normal; padding: unset;'><span id="LC1" class="line" lang="plaintext" style="margin-top: 0;">$ cat keys.psk</span>

<span id="LC2" class="line" lang="plaintext">qemu:82b818aa2e9e5473567fa94e4eec4aa086bb839abbb26c378be7ace07d986cf4</span>

<span id="LC3" class="line" lang="plaintext"></span>

<span id="LC4" class="line" lang="plaintext">$ LD_LIBRARY_PATH=~/d/gnutls/lib/.libs gnutls-serv --priority</span>

<span id="LC5" class="line" lang="plaintext">NORMAL:+ECDHE-PSK:+PSK --pskpasswd keys.psk --pskhint qemu --http -d 99</span>

<span id="LC6" class="line" lang="plaintext"></span>

<span id="LC7" class="line" lang="plaintext">$ LD_LIBRARY_PATH=~/d/gnutls/lib/.libs gnutls-cli --pskusername qemu --pskkey</span>

<span id="LC8" class="line" lang="plaintext">82b818aa2e9e5473567fa94e4eec4aa086bb839abbb26c378be7ace07d986cf4 --priority</span>

<span id="LC9" class="line" lang="plaintext">NORMAL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK -p 5556 localhost</span></code></pre>

<copy-code></copy-code>

</div>

<p dir="auto" style="color: #303030; margin: 0 0 16px;" align="initial">Hit enter in CLI, and you will see the server failing with:</p>

<div class="gl-relative markdown-code-block js-markdown-code" style="margin-bottom: 0;">

<pre class="code highlight js-syntax-highlight language-plaintext" lang="plaintext" data-canonical-lang="" v-pre="true" style='display: block; font-size: 13px; color: #303030; line-height: 1.6em; overflow-x: auto; border-radius: 2px; position: relative; font-family: "Menlo", "DejaVu Sans Mono", "Liberation Mono", "Consolas", "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; word-break: break-all; word-wrap: break-word; background-color: #fafafa; margin: 0 0 16px; padding: 12px; border: 1px solid #dbdbdb;'><code style='font-size: inherit; color: inherit; word-wrap: normal; word-break: keep-all; background-color: inherit; border-radius: 4px; white-space: pre; margin-top: 0; font-family: "Menlo", "DejaVu Sans Mono", "Liberation Mono", "Consolas", "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; overflow-wrap: normal; padding: unset;'><span id="LC1" class="line" lang="plaintext" style="margin-top: 0;">|<5>| REC: Sending Alert[2|80] - Internal error</span>

<span id="LC2" class="line" lang="plaintext">Error: Error in the pull function.</span>

<span id="LC3" class="line" lang="plaintext">|<13>| BUF[HSK]: Emptied buffer</span>

<span id="LC4" class="line" lang="plaintext">|<5>| REC[0x5642b619cd00]: Start of epoch cleanup</span>

<span id="LC5" class="line" lang="plaintext">|<5>| REC[0x5642b619cd00]: End of epoch cleanup</span>

<span id="LC6" class="line" lang="plaintext">|<5>| REC[0x5642b619cd00]: Epoch #2 freed</span></code></pre>

<copy-code></copy-code>

</div>

</div>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #666;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/issues/1384" style="color: #1068bf;">view it on GitLab</a>.

<br>

You're receiving this email because of your account on <a target="_blank" rel="noopener noreferrer" href="https://gitlab.com" style="color: #1068bf;">gitlab.com</a>. <a href="https://gitlab.com/-/sent_notifications/51a61dc1b936ea72fac9d1b83ccf58cb/unsubscribe" target="_blank" rel="noopener noreferrer" style="color: #1068bf;">Unsubscribe</a> from this thread · <a href="https://gitlab.com/-/profile/notifications" target="_blank" rel="noopener noreferrer" class="mng-notif-link" style="color: #1068bf;">Manage all notifications</a> · <a href="https://gitlab.com/help" target="_blank" rel="noopener noreferrer" class="help-link" style="color: #1068bf;">Help</a>

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/-/issues/1384"}}</script>

</p>

</div>

</body>

</html>