[Help-gnutls] Re: GNUTLS ERROR: A TLS fatal alert

Simon Josefsson jas at extundo.com
Sat Mar 19 12:51:38 CET 2005

Daniel Stenberg <daniel at haxx.se> writes:

> Hi good people.

Hello!  Thanks for the report.  It is always useful to get first
reactions from new users, to help smooth the learning curve for

> 2. Edit code:
>  2a Fix the errors in the example (cut off _t from several variable type
>     names).

The _t are for 1.2.0; if you use the GnuTLS 1.2.0 header files it
should build without modifications.

For reference, I applied these changes:

    const char *PORT = "443";
    const char *SERVER = "";

> 5. Run the app:
>    $ ./a.out
>    gnutls: 1.2.0
>    *** Handshake failed
>    GNUTLS ERROR: A TLS fatal alert has been received.

This is not what I get, I get:

jas at latte:~/src/gnutls/doc/examples$ gcc -L/usr/local/lib -lgnutls ex-client1.c
jas at latte:~/src/gnutls/doc/examples$ ./a.out
- Handshake was completed
- Received 1024 bytes: HTTP/1.1 200 OK
Date: Sat, 19 Mar 2005 11:41:15 GMT
Server: Apache/1.3.33 (Debian GNU/Linux) PHP/4.3.10-8 mod_ssl/2.8.22 OpenSSL/0.9.7d
X-Powered-By: PHP/4.3.10-8
Set-Cookie: Horde2=acb24c193175d6e64d7935bf2f08af7e; path=/horde2; domain=mail.hellug.gr
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<!-- IMP: Copyright 2001-2004, The Horde Project. IMP is under the GPL. -->
<!--   Horde Project: http://horde.org/ | IMP: http://horde.org/imp/    -->
<!--      GNU Public License: http://www.fsf.org/copyleft/gpl.html      -->
<html lang="en-US"><head>
<title>Mail :: Welcome to Horde</title>
<link rel="SHORTCUT ICON" href="/horde2/imp/graphics/favicon.ico" type="image/x-icon" />
<link href="/horde2/css.php?app=imp" rel="stylesheet" type="text/css" />

jas at latte:~/src/gnutls/doc/examples$ ldd a.out

> 6. What does this mean? What should I do to track it down? Any pointers
>    or advice are appreciated.

Perhaps you were using GnuTLS 1.0 headers with the GnuTLS 1.2 library?

Perhaps you'll find 'src/gnutls-cli' more useful, it is also a simple
client, but can print debugging info if you specify the -d parameter.
The code is not very readable, though, IMHO.  Or you can add the debug
code to the example code, stolen from src/cli.c:

static void tls_log_func(int level, const char *str)
    fprintf(stderr, "|<%d>| %s", level, str);


> [*] = I find it very hard to find the most up-to-date docs on the site, but I 
> believe the one at
> http://josefsson.org/gnutls/manual/gnutls.html.gz#Simple-client-example-with-anonymous-authentication
> is the most recent one?


They are included in doc/examples in the source package as well.

What page could be improve to make it easier to find up-to-date docs?

The old manual is still available from the "Dcoumentation" page, but
labeled as such.  Is it too confusing?  Perhaps it serve no purpose
now, and should be removed.  OTOH, it applies to 1.0, which is still
widely used, and the current manual apply to 1.2.  I have now added
text that say the new manual is for 1.2 and the old for 1.0, perhaps
it help somewhat.


More information about the Gnutls-help mailing list