[Help-gnutls] Re: gnutls_certificate_verify_peers2() / GNUTLS_CERT_INVALID
Rainer Gerhards
rgerhards at gmail.com
Fri Jun 20 09:06:11 CEST 2008
I dug a bit deeper and the problem seems to manifest here:
5292.506957161:main queue:Reg/w0: GnuTLS handshake succeeded
5292.512077291:main queue:Reg/w0: nsd_gtls.c:1013: gtlsChkPeerAuth: enter
5292.514658306:main queue:Reg/w0: nsd_gtls.c:919: gtlsChkPeerCertValidity: enter
5292.629403970:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: mpi.c:587
5292.671502166:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT:
gnutls_pk.c:285
5292.672798260:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: verify.c:552
5292.673415581:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: verify.c:642
5292.675380113:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: verify.c:301
5292.741284540:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: dn.c:1212
5292.744965838:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: verify.c:395
5292.751276475:main queue:Reg/w0: GnuTLS returned no specific reason
for GNUTLS_CERT_INVALID, certificate status is 2
I used the code I just pulled from the git archive. So the assert in
mpi.c is this one here:
int
_gnutls_x509_read_uint (ASN1_TYPE node, const char *value, unsigned int *ret)
{
int len, result;
opaque *tmpstr;
len = 0;
result = asn1_read_value (node, value, NULL, &len);
if (result != ASN1_MEM_ERROR)
{
gnutls_assert ();
return _gnutls_asn2err (result);
}
... but I have to admit that I have no clue what this actually means ;)
Help is appreciated.
Rainer
On Fri, Jun 20, 2008 at 8:16 AM, Rainer Gerhards <rgerhards at gmail.com> wrote:
> Hi,
>
> I receive *just* GUTLS_CERT_INVALID after calling
> gnutls_certificate_verify_peers2(), no specific error state. Do you
> have any idea what may cause this?
>
> Thanks,
> Rainer
>
More information about the Gnutls-help
mailing list