From jonathan at dyalog.com Thu Mar 5 17:01:18 2009 From: jonathan at dyalog.com (Jonathan Manktelow) Date: Thu, 5 Mar 2009 16:01:18 -0000 Subject: [Help-gnutls] Gnutls Smartcard support? Message-ID: <000001c99dab$9fedf3b0$dfc9db10$@com> Hi, Is there any support for using certificates on smartcards with Gnutls? From dkg at fifthhorseman.net Thu Mar 5 17:14:07 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 05 Mar 2009 11:14:07 -0500 Subject: [Help-gnutls] Gnutls Smartcard support? In-Reply-To: <000001c99dab$9fedf3b0$dfc9db10$@com> References: <000001c99dab$9fedf3b0$dfc9db10$@com> Message-ID: <49AFFA4F.3010708@fifthhorseman.net> On 03/05/2009 11:01 AM, Jonathan Manktelow wrote: > Hi, Is there any support for using certificates on smartcards with Gnutls? No, there does not appear to be. I think it could be very useful to support private keys from smartcards in GnuTLS, but it would perhaps be even more useful to have generic out-of-process private key handling (like ssh-agent from OpenSSH does) so that developers could implement a smartcard-capable private key backend directly as a plugin. This is a counterpoint to the idea of an external certificate validation agent, which was at one point fleshed out here: http://redmine.josefsson.org/wiki/gnutls/GnuTLSExternalValidation but that page seems to currently give a 404 error (Simon, the whole redmine instance seems to be gone -- is this something you already know about?) Jonathan, do you have a specific smartcard that you would like to support? --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From simon at josefsson.org Thu Mar 5 20:01:48 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 05 Mar 2009 20:01:48 +0100 Subject: [Help-gnutls] Re: Gnutls Smartcard support? In-Reply-To: <000001c99dab$9fedf3b0$dfc9db10$@com> (Jonathan Manktelow's message of "Thu, 5 Mar 2009 16:01:18 -0000") References: <000001c99dab$9fedf3b0$dfc9db10$@com> Message-ID: <878wnjoktf.fsf@mocca.josefsson.org> "Jonathan Manktelow" writes: > Hi, Is there any support for using certificates on smartcards with Gnutls? You can set a callback used for signing using the API below. There is a branch in git, origin/gnutls_1_7_14_with_pkcs11, which uses the interface to talk to a PKCS#11 library. I tried it using Scute and my Swedish eID identity card some time ago, and it seemed to work. /Simon typedef int (*gnutls_sign_func) (gnutls_session_t session, void *userdata, gnutls_certificate_type_t cert_type, const gnutls_datum_t * cert, const gnutls_datum_t * hash, gnutls_datum_t * signature); void gnutls_sign_callback_set (gnutls_session_t session, gnutls_sign_func sign_func, void *userdata); From simon at josefsson.org Thu Mar 5 20:09:14 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 05 Mar 2009 20:09:14 +0100 Subject: [Help-gnutls] Re: Gnutls Smartcard support? In-Reply-To: <49AFFA4F.3010708@fifthhorseman.net> (Daniel Kahn Gillmor's message of "Thu, 05 Mar 2009 11:14:07 -0500") References: <000001c99dab$9fedf3b0$dfc9db10$@com> <49AFFA4F.3010708@fifthhorseman.net> Message-ID: <874oy7okh1.fsf@mocca.josefsson.org> Daniel Kahn Gillmor writes: > On 03/05/2009 11:01 AM, Jonathan Manktelow wrote: >> Hi, Is there any support for using certificates on smartcards with Gnutls? > > No, there does not appear to be. I think it could be very useful to > support private keys from smartcards in GnuTLS, but it would perhaps be > even more useful to have generic out-of-process private key handling > (like ssh-agent from OpenSSH does) so that developers could implement a > smartcard-capable private key backend directly as a plugin. Yes. Using the callback I mentioned, I think it should be possible to implement a small library that talks to SeaHorse or similar to provide this functionality. > This is a counterpoint to the idea of an external certificate validation > agent, which was at one point fleshed out here: > > http://redmine.josefsson.org/wiki/gnutls/GnuTLSExternalValidation > > but that page seems to currently give a 404 error (Simon, the whole > redmine instance seems to be gone -- is this something you already know > about?) Yes, for some reason the performance of ruby/redmine made the host really slow so I had to disable it. What we need is just some wiki space to work on ideas like this... I don't have sysadmin resources to keep redmine running, so help here would be appreciated. /Simon From bortzmeyer at nic.fr Mon Mar 9 15:22:51 2009 From: bortzmeyer at nic.fr (Stephane Bortzmeyer) Date: Mon, 9 Mar 2009 15:22:51 +0100 Subject: [Help-gnutls] [Python] Set a timeout on the connection? Message-ID: <20090309142251.GA21475@nic.fr> I use python-gnutls and it does not seem to have a dedicated mailing list, so I try here. The atatched code test1.py runs fine but a small modification, adding a timeout to the socket (test-timeout.py) crashes with: Traceback (most recent call last): File "test-timeout.py", line 20, in session.handshake() File "/var/lib/python-support/python2.5/gnutls/connection.py", line 370, in handshake gnutls_handshake(self._c_object) File "/var/lib/python-support/python2.5/gnutls/library/errors.py", line 44, in _check_status raise OperationWouldBlock(gnutls_strerror(retcode)) gnutls.errors.OperationWouldBlock: Function was interrupted. [Side note: I want to connect to TLS servers and ultimately retrieve info like the issuer of the certificate, things like that. Much more HTTP servers times out with TLS than without so it is absolutely necessary to set a maximum time to wait. The project is DNSwitness , end of advertisment. It needs to run with Python 2.5 so the new SSL module does not suit me. I gladly accept suggestions to use another module, if there is a better one, but I do not want just a TLS connection, I need to be able to access information about the server certificate.] From bortzmeyer at nic.fr Mon Mar 9 15:25:25 2009 From: bortzmeyer at nic.fr (Stephane Bortzmeyer) Date: Mon, 9 Mar 2009 15:25:25 +0100 Subject: [Help-gnutls] Re: [Python] Set a timeout on the connection? In-Reply-To: <20090309142251.GA21475@nic.fr> References: <20090309142251.GA21475@nic.fr> Message-ID: <20090309142525.GA22237@nic.fr> On Mon, Mar 09, 2009 at 03:22:51PM +0100, Stephane Bortzmeyer wrote a message of 25 lines which said: > The atatched code test1.py runs fine but a small modification, adding > a timeout to the socket (test-timeout.py) crashes with: And here is the promised code. -------------- next part -------------- A non-text attachment was scrubbed... Name: test1.py Type: text/x-python Size: 643 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: test-timeout.py Type: text/x-python Size: 662 bytes Desc: not available URL: From simon at josefsson.org Mon Mar 9 22:13:31 2009 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 09 Mar 2009 22:13:31 +0100 Subject: [Help-gnutls] Re: [Python] Set a timeout on the connection? In-Reply-To: <20090309142251.GA21475@nic.fr> (Stephane Bortzmeyer's message of "Mon, 9 Mar 2009 15:22:51 +0100") References: <20090309142251.GA21475@nic.fr> Message-ID: <87ocwajt6s.fsf@mocca.josefsson.org> Stephane Bortzmeyer writes: > I use python-gnutls and it > does not seem to have a dedicated mailing list, so I try here. > > The atatched code test1.py runs fine but a small modification, adding > a timeout to the socket (test-timeout.py) crashes with: > > Traceback (most recent call last): > File "test-timeout.py", line 20, in > session.handshake() > File "/var/lib/python-support/python2.5/gnutls/connection.py", line 370, in handshake > gnutls_handshake(self._c_object) > File "/var/lib/python-support/python2.5/gnutls/library/errors.py", line 44, in _check_status > raise OperationWouldBlock(gnutls_strerror(retcode)) > gnutls.errors.OperationWouldBlock: Function was interrupted. I suspect this means one of two things: 1) The timeout was reached. 2) The socket is in non-blocking mode, and then you need to call the gnutls_handshake function repeatedly until it either returns successfully, or fails, or the timeout is reached. I dont know whether the python-gnutls wrapper is expected to do this or whether your python application code is expected to do it. /Simon From bortzmeyer at nic.fr Tue Mar 10 08:57:48 2009 From: bortzmeyer at nic.fr (Stephane Bortzmeyer) Date: Tue, 10 Mar 2009 08:57:48 +0100 Subject: [Help-gnutls] Re: [Python] Set a timeout on the connection? In-Reply-To: <87ocwajt6s.fsf@mocca.josefsson.org> References: <20090309142251.GA21475@nic.fr> <87ocwajt6s.fsf@mocca.josefsson.org> Message-ID: <20090310075748.GA18496@nic.fr> On Mon, Mar 09, 2009 at 10:13:31PM +0100, Simon Josefsson wrote a message of 28 lines which said: > 1) The timeout was reached. No. It crashes immediately, even when the timeout is 60 s. > I dont know whether the python-gnutls wrapper is expected to do this > or whether your python application code is expected to do it. python-gnutls does not seem documented a lot (there are only a few examples in the distribution) and I'm not sure it is maintained (it is no longer mentioned on the author's Web page). May be there is a better Python wrapper for TLS/SSL? From iverodin at gmail.com Sun Mar 22 01:06:34 2009 From: iverodin at gmail.com (Iver Odin Kvello) Date: Sun, 22 Mar 2009 01:06:34 +0100 Subject: [Help-gnutls] Odd issue with gnu-tls 2.6.4 running as a subprocess of emacs-23 on Windows XP Message-ID: Hi, I'm trying to connect to google talk on windows using the emacs jabber client (latest version, on a CVS emacs 23) and gnutls-cli 2.6.4 (precompiled binaries), and I'm basically experiencing the same issue described in http://article.gmane.org/gmane.emacs.jabber.general/842 (which references a possibly related issue with imap.el on a similar configuration: http://www.archivum.info/gnu.emacs.help/2008-04/msg00372.html) - emacs waits indefinitely when some data ought to be received. As the article states, it *looks like* some sort of problem with output buffering in gnutls, but as I understand gnutsl-cli already does turn off buffering on stdout, which should rule out that explanation. I've tested with versions 2.4.2 and 2.2.5 also; they have the same issue. It is interesting that doing "jabber-whitespace-ping-start" seems to fix the issue (at least most of the time - some times the connection drops). This just sends whitespace over the channel repeatedly, which I guess might indicate that this has something to do with stdin or something. After building gnu-tsl locally (with msys and mingw), I edited cli.c to ensure stdin also was unbuffered; but there was no change. I'm not sure how to proceed with this - any clues? Regards, Iver Odin Kvello From lethalman88 at gmail.com Sun Mar 22 01:31:56 2009 From: lethalman88 at gmail.com (Luca Bruno) Date: Sun, 22 Mar 2009 01:31:56 +0100 Subject: [Help-gnutls] set_openpgp_key error The request is invalid Message-ID: <20090322003156.GB5395@debian> Hello, I'm trying to use openpgp with no luck, I can't either realize what I'm doing wrong or if my keys are exported the wrong way. gpg -a --export mykey > pub.asc gpg -a --export-secret-keys mykey > sec.asc gnutls-serv --pgpkeyfile sec.asc --pgpcertfile pub.asc Set static Diffie Hellman parameters, consider --dhparams. Error[-50] while reading the OpenPGP key pair ('pub.asc', 'sec.asc') Error: The request is invalid. Echo Server ready. Listening to port '5556'. -- http://syx.googlecode.com - Smalltalk YX http://lethalman.blogspot.com - Thoughts about computer technologies http://www.debian.org - The Universal Operating System -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: From dkg at fifthhorseman.net Sun Mar 22 08:12:12 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sun, 22 Mar 2009 03:12:12 -0400 Subject: [Help-gnutls] set_openpgp_key error The request is invalid In-Reply-To: <20090322003156.GB5395@debian> References: <20090322003156.GB5395@debian> Message-ID: <49C5E4CC.6010507@fifthhorseman.net> Hi Luca-- On 03/21/2009 08:31 PM, Luca Bruno wrote: > gpg -a --export mykey > pub.asc > gpg -a --export-secret-keys mykey > sec.asc > gnutls-serv --pgpkeyfile sec.asc --pgpcertfile pub.asc > Set static Diffie Hellman parameters, consider --dhparams. > Error[-50] while reading the OpenPGP key pair ('pub.asc', 'sec.asc') > Error: The request is invalid. > Echo Server ready. Listening to port '5556'. Does your secret key have a passphrase? What version of GnuTLS are you running? On what platform? What sort of key are you using? --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From lethalman88 at gmail.com Sun Mar 22 11:41:34 2009 From: lethalman88 at gmail.com (Luca Bruno) Date: Sun, 22 Mar 2009 11:41:34 +0100 Subject: [Help-gnutls] set_openpgp_key error The request is invalid In-Reply-To: <49C5E4CC.6010507@fifthhorseman.net> References: <20090322003156.GB5395@debian> <49C5E4CC.6010507@fifthhorseman.net> Message-ID: <20090322104134.GA3035@debian> On Sun, Mar 22, 2009 at 03:12:12AM -0400, Daniel Kahn Gillmor wrote: > Hi Luca-- Hi, thanks for your reply. > Does your secret key have a passphrase? Yes > What version of GnuTLS are you running? On what platform? 2.6.4-2 debian testing amd64 gpg version 1.4.9 > What sort of key are you using? What you mean? Maybe 1024D for pub and 2048g for sub? (I don't have much knowledge of gpg keys) -- http://syx.googlecode.com - Smalltalk YX http://lethalman.blogspot.com - Thoughts about computer technologies http://www.debian.org - The Universal Operating System -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: From dkg at fifthhorseman.net Sun Mar 22 16:17:27 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sun, 22 Mar 2009 11:17:27 -0400 Subject: [Help-gnutls] set_openpgp_key error The request is invalid In-Reply-To: <20090322104134.GA3035@debian> References: <20090322003156.GB5395@debian> <49C5E4CC.6010507@fifthhorseman.net> <20090322104134.GA3035@debian> Message-ID: <49C65687.8040902@fifthhorseman.net> On 03/22/2009 06:41 AM, Luca Bruno wrote: > On Sun, Mar 22, 2009 at 03:12:12AM -0400, Daniel Kahn Gillmor wrote: >> Does your secret key have a passphrase? > Yes This may be the problem. I don't believe that GnuTLS is currently capable of dealing with passphrase-locked OpenPGP secret key material. Could you try generating a test key with GPG (using the same parameters as your main key), but leave it without a passphrase, and try the process again? That would help confirm this theory. >> What sort of key are you using? > What you mean? Maybe 1024D for pub and 2048g for sub? (I don't have much > knowledge of gpg keys) This is exactly what i meant, thanks. I don't think this is a problem, but it's good background to have for the issue. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From lethalman88 at gmail.com Sun Mar 22 16:23:34 2009 From: lethalman88 at gmail.com (Luca Bruno) Date: Sun, 22 Mar 2009 16:23:34 +0100 Subject: [Help-gnutls] set_openpgp_key error The request is invalid In-Reply-To: <49C65687.8040902@fifthhorseman.net> References: <20090322003156.GB5395@debian> <49C5E4CC.6010507@fifthhorseman.net> <20090322104134.GA3035@debian> <49C65687.8040902@fifthhorseman.net> Message-ID: <20090322152334.GA20879@debian> On Sun, Mar 22, 2009 at 11:17:27AM -0400, Daniel Kahn Gillmor wrote: > This may be the problem. I don't believe that GnuTLS is currently > capable of dealing with passphrase-locked OpenPGP secret key material. > > Could you try generating a test key with GPG (using the same parameters > as your main key), but leave it without a passphrase, and try the > process again? That would help confirm this theory. > That's right. Stting the passphrase after that would lead to having that error. Will the passphrase be supported in next gnutls versions soon? -- http://syx.googlecode.com - Smalltalk YX http://lethalman.blogspot.com - Thoughts about computer technologies http://www.debian.org - The Universal Operating System -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: From dkg at fifthhorseman.net Sun Mar 22 22:08:56 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sun, 22 Mar 2009 17:08:56 -0400 Subject: [Help-gnutls] set_openpgp_key error The request is invalid In-Reply-To: <20090322152334.GA20879@debian> References: <20090322003156.GB5395@debian> <49C5E4CC.6010507@fifthhorseman.net> <20090322104134.GA3035@debian> <49C65687.8040902@fifthhorseman.net> <20090322152334.GA20879@debian> Message-ID: <49C6A8E8.6010703@fifthhorseman.net> On 03/22/2009 11:23 AM, Luca Bruno wrote: > That's right. Stting the passphrase after that would lead to having that > error. Will the passphrase be supported in next gnutls versions soon? I'd love to see that supported, but i don't think that anyone has done the work to handle passphrase-locked secret keys, or even mapped out what the work would be. I think we would all welcome patches, if you're interested in working on it, as this would be a good feature to support. If you do, you'll probably want to read up on the S2K (string-to-key) section [0] and secret key packet formats [1] in the OpenPGP RFC. --dkg [0] http://tools.ietf.org/html/rfc4880#section-3.7 [1] http://tools.ietf.org/html/rfc4880#section-5.5.3 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From simon at josefsson.org Mon Mar 23 15:17:27 2009 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 23 Mar 2009 15:17:27 +0100 Subject: [Help-gnutls] Libtasn1 2.0 release candidate Message-ID: <87prg81fyg.fsf@mocca.josefsson.org> I'm going to release libtasn1 v2.0 in a week or so, please test the following archive to make sure the official release will work fine. http://daily.josefsson.org/libtasn1/libtasn1-20090323.tar.gz /Simon From brad-gnutls at fritzfam.com Mon Mar 23 16:38:52 2009 From: brad-gnutls at fritzfam.com (Brad Fritz) Date: Mon, 23 Mar 2009 11:38:52 -0400 Subject: [Help-gnutls] help troubleshooting "TLS packet with unexpected length was received" error Message-ID: <20090323153852.GA15450@t61.fewerhassles.com> I am having a GnuTLS connection problem that I could use some help troubleshooting. When using the Debian pycurl package compiled against GnuTLS to connect to api.smugmug.com (which uses a GoDaddy wildcard cert), I get the error: GnuTLS recv error (-9): A TLS packet with unexpected length was received. I am able to reproduce the problem using gnutls-cli v2.6.4 built from source: ./src/gnutls-cli -d 4711 --x509cafile /usr/share/ca-certificates/mozilla/ValiCert_Class_2_VA.crt api.smugmug.com [.. inline snip, output from "-d 4711" attached ..] - Peer's certificate is trusted - Version: TLS1.0 - Key Exchange: RSA - Cipher: 3DES-CBC - MAC: SHA1 - Compression: NULL - Handshake was completed - Simple Client Mode: GET / HTTP/1.0 *** Fatal error: A TLS packet with unexpected length was received. *** Server has terminated the connection abnormally. If I use OpenSSL's s_client[1], I get the expected response from the web server. I am not sure how to interpret the debug output or what to try next. Any help would be appreciated. Thank you. --Brad [1] using the command "openssl s_client -connect api.smugmug.com:443" -------------- next part -------------- |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1 |<3>| HSK[10e6f40]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1 |<3>| HSK[10e6f40]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1 |<3>| HSK[10e6f40]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[10e6f40]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1 |<3>| HSK[10e6f40]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1 |<3>| HSK[10e6f40]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: RSA_ARCFOUR_MD5 |<3>| HSK[10e6f40]: Keeping ciphersuite: PSK_SHA_AES_128_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: PSK_SHA_AES_256_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1 |<3>| HSK[10e6f40]: Keeping ciphersuite: PSK_SHA_ARCFOUR_SHA1 |<3>| HSK[10e6f40]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1 |<3>| HSK[10e6f40]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1 |<3>| HSK[10e6f40]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1 |<2>| EXT[10e6f40]: Sending extension CERT_TYPE |<2>| EXT[10e6f40]: Sending extension SERVER_NAME |<3>| HSK[10e6f40]: CLIENT HELLO was send [128 bytes] |<6>| BUF[HSK]: Peeked 0 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<4>| REC[10e6f40]: Sending Packet[0] Handshake(22) with length: 128 |<2>| ASSERT: gnutls_cipher.c:204 |<7>| WRITE: Will write 133 bytes to 4. |<7>| WRITE: wrote 133 bytes to 4. Left 0 bytes. Total 133 bytes. |<7>| 0000 - 16 03 02 00 80 01 00 00 7c 03 02 49 c7 a8 1d fd |<7>| 0001 - db 9c 4f 22 e6 4e 5e 4a aa 39 84 04 48 20 aa ae |<7>| 0002 - 04 79 d2 a5 1a 15 35 8e 92 95 d6 00 00 34 00 33 |<7>| 0003 - 00 45 00 39 00 88 00 16 00 32 00 44 00 38 00 87 |<7>| 0004 - 00 13 00 66 00 90 00 91 00 8f 00 8e 00 2f 00 41 |<7>| 0005 - 00 35 00 84 00 0a 00 05 00 04 00 8c 00 8d 00 8b |<7>| 0006 - 00 8a 01 00 00 1f 00 09 00 03 02 00 01 00 00 00 |<7>| 0007 - 14 00 12 00 00 0f 61 70 69 2e 73 6d 75 67 6d 75 |<7>| 0008 - 67 2e 63 6f 6d |<4>| REC[10e6f40]: Sent Packet[1] Handshake(22) with length: 133 |<7>| READ: Got 5 bytes from 4 |<7>| READ: read 5 bytes from 4 |<7>| 0000 - 16 03 01 00 4a |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[10e6f40]: Expected Packet[0] Handshake(22) with length: 1 |<4>| REC[10e6f40]: Received Packet[0] Handshake(22) with length: 74 |<7>| READ: Got 74 bytes from 4 |<7>| READ: read 74 bytes from 4 |<7>| 0000 - 02 00 00 46 03 01 44 e7 28 d6 dc b2 37 14 d0 dc |<7>| 0001 - 2a df e8 45 f8 f1 49 b4 84 e1 66 bd 95 4a 4e 23 |<7>| 0002 - 33 ff d0 1a 20 02 20 aa d3 35 c2 6f 5c 31 5e 15 |<7>| 0003 - 46 23 c1 99 a1 8b 23 78 f2 5f ab d9 2b f4 53 25 |<7>| 0004 - 05 af bd b2 2b f9 90 00 0a 00 |<7>| RB: Have 5 bytes into buffer. Adding 74 bytes. |<7>| RB: Requested 79 bytes |<2>| ASSERT: gnutls_cipher.c:204 |<4>| REC[10e6f40]: Decrypted Packet[0] Handshake(22) with length: 74 |<6>| BUF[HSK]: Inserted 74 bytes of Data(22) |<6>| BUF[REC][HD]: Read 1 bytes of Data(22) |<6>| BUF[REC][HD]: Read 3 bytes of Data(22) |<3>| HSK[10e6f40]: SERVER HELLO was received [74 bytes] |<6>| BUF[REC][HD]: Read 70 bytes of Data(22) |<6>| BUF[HSK]: Peeked 0 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<6>| BUF[HSK]: Inserted 4 bytes of Data |<6>| BUF[HSK]: Inserted 70 bytes of Data |<3>| HSK[10e6f40]: Server's version: 3.1 |<3>| HSK[10e6f40]: SessionID length: 32 |<3>| HSK[10e6f40]: SessionID: aad335c26f5c315e154623c199a18b2378f25fabd92bf4532505afbdb22bf990 |<3>| HSK[10e6f40]: Selected cipher suite: RSA_3DES_EDE_CBC_SHA1 |<2>| ASSERT: gnutls_extensions.c:124 |<7>| READ: Got 5 bytes from 4 |<7>| READ: read 5 bytes from 4 |<7>| 0000 - 16 03 01 12 01 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[10e6f40]: Expected Packet[1] Handshake(22) with length: 1 |<4>| REC[10e6f40]: Received Packet[1] Handshake(22) with length: 4609 |<7>| READ: Got 4609 bytes from 4 |<7>| READ: read 4609 bytes from 4 |<7>| 0000 - 0b 00 11 fd 00 11 fa 00 05 22 30 82 05 1e 30 82 |<7>| 0001 - 04 06 a0 03 02 01 02 02 03 44 e6 b3 30 0d 06 09 |<7>| 0002 - 2a 86 48 86 f7 0d 01 01 05 05 00 30 81 ca 31 0b |<7>| 0003 - 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 |<7>| 0004 - 03 55 04 08 13 07 41 72 69 7a 6f 6e 61 31 13 30 |<7>| 0005 - 11 06 03 55 04 07 13 0a 53 63 6f 74 74 73 64 61 |<7>| 0006 - 6c 65 31 1a 30 18 06 03 55 04 0a 13 11 47 6f 44 |<7>| 0007 - 61 64 64 79 2e 63 6f 6d 2c 20 49 6e 63 2e 31 33 |<7>| 0008 - 30 31 06 03 55 04 0b 13 2a 68 74 74 70 3a 2f 2f |<7>| 0009 - 63 65 72 74 69 66 69 63 61 74 65 73 2e 67 6f 64 |<7>| 000a - 61 64 64 79 2e 63 6f 6d 2f 72 65 70 6f 73 69 74 |<7>| 000b - 6f 72 79 31 30 30 2e 06 03 55 04 03 13 27 47 6f |<7>| 000c - 20 44 61 64 64 79 20 53 65 63 75 72 65 20 43 65 |<7>| 000d - 72 74 69 66 69 63 61 74 69 6f 6e 20 41 75 74 68 |<7>| 000e - 6f 72 69 74 79 31 11 30 0f 06 03 55 04 05 13 08 |<7>| 000f - 30 37 39 36 39 32 38 37 30 1e 17 0d 30 38 30 35 |<7>| 0010 - 31 37 30 30 34 36 31 34 5a 17 0d 30 39 30 35 31 |<7>| 0011 - 37 30 30 34 36 31 34 5a 30 81 87 31 0b 30 09 06 |<7>| 0012 - 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 |<7>| 0013 - 08 13 0a 43 61 6c 69 66 6f 72 6e 69 61 31 16 30 |<7>| 0014 - 14 06 03 55 04 07 13 0d 4d 6f 75 6e 74 61 69 6e |<7>| 0015 - 20 56 69 65 77 31 16 30 14 06 03 55 04 0a 13 0d |<7>| 0016 - 53 6d 75 67 4d 75 67 2c 20 49 6e 63 2e 31 1b 30 |<7>| 0017 - 19 06 03 55 04 0b 13 12 4e 65 74 77 6f 72 6b 20 |<7>| 0018 - 4f 70 65 72 61 74 69 6f 6e 73 31 16 30 14 06 03 |<7>| 0019 - 55 04 03 13 0d 2a 2e 73 6d 75 67 6d 75 67 2e 63 |<7>| 001a - 6f 6d 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 |<7>| 001b - 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 d6 |<7>| 001c - 1a 76 47 8e fa 56 da 90 ac 68 fb aa 34 fc d4 16 |<7>| 001d - 35 06 d3 9a bb c7 24 1c 4d 30 3f a9 ab 4d 68 2e |<7>| 001e - 64 bb 47 af 6c d9 7d 7f 4e a4 33 a0 b1 0a 6e d9 |<7>| 001f - db f0 d2 ed 72 46 77 63 79 15 93 57 79 77 db 80 |<7>| 0020 - 18 3c fd 8c 51 af 30 ac 2e 98 22 5d 41 3f b4 89 |<7>| 0021 - e5 55 71 bb 44 a9 cf 7a c6 23 fd 53 b3 c7 9d 35 |<7>| 0022 - 3d 1b 38 24 97 f3 cb 98 54 73 33 e7 05 0e 9e c9 |<7>| 0023 - 0c 38 a0 0a 1e c4 e1 1d ac 14 c8 7a 41 f1 f7 02 |<7>| 0024 - 03 01 00 01 a3 82 01 d0 30 82 01 cc 30 09 06 03 |<7>| 0025 - 55 1d 13 04 02 30 00 30 0b 06 03 55 1d 0f 04 04 |<7>| 0026 - 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 |<7>| 0027 - 08 2b 06 01 05 05 07 03 01 06 08 2b 06 01 05 05 |<7>| 0028 - 07 03 02 30 57 06 03 55 1d 1f 04 50 30 4e 30 4c |<7>| 0029 - a0 4a a0 48 86 46 68 74 74 70 3a 2f 2f 63 65 72 |<7>| 002a - 74 69 66 69 63 61 74 65 73 2e 67 6f 64 61 64 64 |<7>| 002b - 79 2e 63 6f 6d 2f 72 65 70 6f 73 69 74 6f 72 79 |<7>| 002c - 2f 67 6f 64 61 64 64 79 65 78 74 65 6e 64 65 64 |<7>| 002d - 69 73 73 75 69 6e 67 33 2e 63 72 6c 30 52 06 03 |<7>| 002e - 55 1d 20 04 4b 30 49 30 47 06 0b 60 86 48 01 86 |<7>| 002f - fd 6d 01 07 17 02 30 38 30 36 06 08 2b 06 01 05 |<7>| 0030 - 05 07 02 01 16 2a 68 74 74 70 3a 2f 2f 63 65 72 |<7>| 0031 - 74 69 66 69 63 61 74 65 73 2e 67 6f 64 61 64 64 |<7>| 0032 - 79 2e 63 6f 6d 2f 72 65 70 6f 73 69 74 6f 72 79 |<7>| 0033 - 30 7f 06 08 2b 06 01 05 05 07 01 01 04 73 30 71 |<7>| 0034 - 30 23 06 08 2b 06 01 05 05 07 30 01 86 17 68 74 |<7>| 0035 - 74 70 3a 2f 2f 6f 63 73 70 2e 67 6f 64 61 64 64 |<7>| 0036 - 79 2e 63 6f 6d 30 4a 06 08 2b 06 01 05 05 07 30 |<7>| 0037 - 02 86 3e 68 74 74 70 3a 2f 2f 63 65 72 74 69 66 |<7>| 0038 - 69 63 61 74 65 73 2e 67 6f 64 61 64 64 79 2e 63 |<7>| 0039 - 6f 6d 2f 72 65 70 6f 73 69 74 6f 72 79 2f 67 64 |<7>| 003a - 5f 69 6e 74 65 72 6d 65 64 69 61 74 65 2e 63 72 |<7>| 003b - 74 30 1d 06 03 55 1d 0e 04 16 04 14 04 5b 92 f9 |<7>| 003c - 45 28 a4 42 dd 30 0e 92 45 2e b8 74 37 d8 21 0e |<7>| 003d - 30 1f 06 03 55 1d 23 04 18 30 16 80 14 fd ac 61 |<7>| 003e - 32 93 6c 45 d6 e2 ee 85 5f 9a ba e7 76 99 68 cc |<7>| 003f - e7 30 25 06 03 55 1d 11 04 1e 30 1c 82 0d 2a 2e |<7>| 0040 - 73 6d 75 67 6d 75 67 2e 63 6f 6d 82 0b 73 6d 75 |<7>| 0041 - 67 6d 75 67 2e 63 6f 6d 30 0d 06 09 2a 86 48 86 |<7>| 0042 - f7 0d 01 01 05 05 00 03 82 01 01 00 6f d0 3a 29 |<7>| 0043 - 48 28 61 45 3e 15 36 cd 45 cc 57 21 d4 d0 9f 9f |<7>| 0044 - 12 17 41 7e e2 fc 7a 32 2b 7a e6 6e a2 25 a6 42 |<7>| 0045 - e7 41 65 00 22 2c 99 5c 40 b0 1d b3 3c 95 b5 b6 |<7>| 0046 - 10 14 a1 ae e6 51 8c bf fa 29 d9 ad 64 76 3c 1c |<7>| 0047 - bd db a7 68 8a 6c 6b 82 ce 36 fc 1f 88 be ee 5c |<7>| 0048 - ed 61 bd 1d 32 f8 49 c0 e6 f0 18 6d 9b 5e 3a c7 |<7>| 0049 - b5 19 a1 c8 84 df 97 4a 97 81 ff 70 e5 ba 38 3c |<7>| 004a - f0 55 e8 0b d2 f9 8f 38 34 d6 6e 93 5f da 9c 3b |<7>| 004b - 7a 00 e7 98 f6 19 d1 22 28 3c c4 c1 10 d3 f1 b7 |<7>| 004c - 95 3c 53 ea d2 3d 92 e5 99 5e e4 fb 9d 99 d8 39 |<7>| 004d - ad 00 3e 94 64 16 14 70 ee 8a d5 f8 b5 7a 65 75 |<7>| 004e - 75 cb dd 63 3c c0 36 36 6d 6e 09 d8 c7 55 48 da |<7>| 004f - 70 20 5b 18 a4 79 ed d9 7b 13 a1 f8 26 bc 92 0d |<7>| 0050 - af f0 2a 06 92 57 6e ec ce b7 a1 8b 97 00 9c 85 |<7>| 0051 - 4f 30 7e 82 53 42 da b2 8a e4 b7 a2 3f d8 2c 37 |<7>| 0052 - 8f c8 87 35 2e 53 34 14 92 c8 7e bb 00 04 e2 30 |<7>| 0053 - 82 04 de 30 82 03 c6 a0 03 02 01 02 02 02 03 01 |<7>| 0054 - 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 |<7>| 0055 - 63 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 21 |<7>| 0056 - 30 1f 06 03 55 04 0a 13 18 54 68 65 20 47 6f 20 |<7>| 0057 - 44 61 64 64 79 20 47 72 6f 75 70 2c 20 49 6e 63 |<7>| 0058 - 2e 31 31 30 2f 06 03 55 04 0b 13 28 47 6f 20 44 |<7>| 0059 - 61 64 64 79 20 43 6c 61 73 73 20 32 20 43 65 72 |<7>| 005a - 74 69 66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f |<7>| 005b - 72 69 74 79 30 1e 17 0d 30 36 31 31 31 36 30 31 |<7>| 005c - 35 34 33 37 5a 17 0d 32 36 31 31 31 36 30 31 35 |<7>| 005d - 34 33 37 5a 30 81 ca 31 0b 30 09 06 03 55 04 06 |<7>| 005e - 13 02 55 53 31 10 30 0e 06 03 55 04 08 13 07 41 |<7>| 005f - 72 69 7a 6f 6e 61 31 13 30 11 06 03 55 04 07 13 |<7>| 0060 - 0a 53 63 6f 74 74 73 64 61 6c 65 31 1a 30 18 06 |<7>| 0061 - 03 55 04 0a 13 11 47 6f 44 61 64 64 79 2e 63 6f |<7>| 0062 - 6d 2c 20 49 6e 63 2e 31 33 30 31 06 03 55 04 0b |<7>| 0063 - 13 2a 68 74 74 70 3a 2f 2f 63 65 72 74 69 66 69 |<7>| 0064 - 63 61 74 65 73 2e 67 6f 64 61 64 64 79 2e 63 6f |<7>| 0065 - 6d 2f 72 65 70 6f 73 69 74 6f 72 79 31 30 30 2e |<7>| 0066 - 06 03 55 04 03 13 27 47 6f 20 44 61 64 64 79 20 |<7>| 0067 - 53 65 63 75 72 65 20 43 65 72 74 69 66 69 63 61 |<7>| 0068 - 74 69 6f 6e 20 41 75 74 68 6f 72 69 74 79 31 11 |<7>| 0069 - 30 0f 06 03 55 04 05 13 08 30 37 39 36 39 32 38 |<7>| 006a - 37 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 |<7>| 006b - 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 |<7>| 006c - 01 00 c4 2d d5 15 8c 9c 26 4c ec 32 35 eb 5f b8 |<7>| 006d - 59 01 5a a6 61 81 59 3b 70 63 ab e3 dc 3d c7 2a |<7>| 006e - b8 c9 33 d3 79 e4 3a ed 3c 30 23 84 8e b3 30 14 |<7>| 006f - b6 b2 87 c3 3d 95 54 04 9e df 99 dd 0b 25 1e 21 |<7>| 0070 - de 65 29 7e 35 a8 a9 54 eb f6 f7 32 39 d4 26 55 |<7>| 0071 - 95 ad ef fb fe 58 86 d7 9e f4 00 8d 8c 2a 0c bd |<7>| 0072 - 42 04 ce a7 3f 04 f6 ee 80 f2 aa ef 52 a1 69 66 |<7>| 0073 - da be 1a ad 5d da 2c 66 ea 1a 6b bb e5 1a 51 4a |<7>| 0074 - 00 2f 48 c7 98 75 d8 b9 29 c8 ee f8 66 6d 0a 9c |<7>| 0075 - b3 f3 fc 78 7c a2 f8 a3 f2 b5 c3 f3 b9 7a 91 c1 |<7>| 0076 - a7 e6 25 2e 9c a8 ed 12 65 6e 6a f6 12 44 53 70 |<7>| 0077 - 30 95 c3 9c 2b 58 2b 3d 08 74 4a f2 be 51 b0 bf |<7>| 0078 - 87 d0 4c 27 58 6b b5 35 c5 9d af 17 31 f8 0b 8f |<7>| 0079 - ee ad 81 36 05 89 08 98 cf 3a af 25 87 c0 49 ea |<7>| 007a - a7 fd 67 f7 45 8e 97 cc 14 39 e2 36 85 b5 7e 1a |<7>| 007b - 37 fd 16 f6 71 11 9a 74 30 16 fe 13 94 a3 3f 84 |<7>| 007c - 0d 4f 02 03 01 00 01 a3 82 01 32 30 82 01 2e 30 |<7>| 007d - 1d 06 03 55 1d 0e 04 16 04 14 fd ac 61 32 93 6c |<7>| 007e - 45 d6 e2 ee 85 5f 9a ba e7 76 99 68 cc e7 30 1f |<7>| 007f - 06 03 55 1d 23 04 18 30 16 80 14 d2 c4 b0 d2 91 |<7>| 0080 - d4 4c 11 71 b3 61 cb 3d a1 fe dd a8 6a d4 e3 30 |<7>| 0081 - 12 06 03 55 1d 13 01 01 ff 04 08 30 06 01 01 ff |<7>| 0082 - 02 01 00 30 33 06 08 2b 06 01 05 05 07 01 01 04 |<7>| 0083 - 27 30 25 30 23 06 08 2b 06 01 05 05 07 30 01 86 |<7>| 0084 - 17 68 74 74 70 3a 2f 2f 6f 63 73 70 2e 67 6f 64 |<7>| 0085 - 61 64 64 79 2e 63 6f 6d 30 46 06 03 55 1d 1f 04 |<7>| 0086 - 3f 30 3d 30 3b a0 39 a0 37 86 35 68 74 74 70 3a |<7>| 0087 - 2f 2f 63 65 72 74 69 66 69 63 61 74 65 73 2e 67 |<7>| 0088 - 6f 64 61 64 64 79 2e 63 6f 6d 2f 72 65 70 6f 73 |<7>| 0089 - 69 74 6f 72 79 2f 67 64 72 6f 6f 74 2e 63 72 6c |<7>| 008a - 30 4b 06 03 55 1d 20 04 44 30 42 30 40 06 04 55 |<7>| 008b - 1d 20 00 30 38 30 36 06 08 2b 06 01 05 05 07 02 |<7>| 008c - 01 16 2a 68 74 74 70 3a 2f 2f 63 65 72 74 69 66 |<7>| 008d - 69 63 61 74 65 73 2e 67 6f 64 61 64 64 79 2e 63 |<7>| 008e - 6f 6d 2f 72 65 70 6f 73 69 74 6f 72 79 30 0e 06 |<7>| 008f - 03 55 1d 0f 01 01 ff 04 04 03 02 01 06 30 0d 06 |<7>| 0090 - 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 |<7>| 0091 - 00 d2 86 c0 ec bd f9 a1 b6 67 ee 66 0b a2 06 3a |<7>| 0092 - 04 50 8e 15 72 ac 4a 74 95 53 cb 37 cb 44 49 ef |<7>| 0093 - 07 90 6b 33 d9 96 f0 94 56 a5 13 30 05 3c 85 32 |<7>| 0094 - 21 7b c9 c7 0a a8 24 a4 90 de 46 d3 25 23 14 03 |<7>| 0095 - 67 c2 10 d6 6f 0f 5d 7b 7a cc 9f c5 58 2a c1 c4 |<7>| 0096 - 9e 21 a8 5a f3 ac a4 46 f3 9e e4 63 cb 2f 90 a4 |<7>| 0097 - 29 29 01 d9 72 2c 29 df 37 01 27 bc 4f ee 68 d3 |<7>| 0098 - 21 8f c0 b3 e4 f5 09 ed d2 10 aa 53 b4 be f0 cc |<7>| 0099 - 59 0b d6 3b 96 1c 95 24 49 df ce ec fd a7 48 91 |<7>| 009a - 14 45 0e 3a 36 6f da 45 b3 45 a2 41 c9 d4 d7 44 |<7>| 009b - 4e 3e b9 74 76 d5 a2 13 55 2c c6 87 a3 b5 99 ac |<7>| 009c - 06 84 87 7f 75 06 fc bf 14 4c 0e cc 6e c4 df 3d |<7>| 009d - b7 12 71 f4 e8 f1 51 40 22 28 49 e0 1d 4b 87 a8 |<7>| 009e - 34 cc 06 a2 dd 12 5a d1 86 36 64 03 35 6f 6f 77 |<7>| 009f - 6e eb f2 85 50 98 5e ab 03 53 ad 91 23 63 1f 16 |<7>| 00a0 - 9c cd b9 b2 05 63 3a e1 f4 68 1b 17 05 35 95 53 |<7>| 00a1 - ee 00 04 ff 30 82 04 fb 30 82 04 64 a0 03 02 01 |<7>| 00a2 - 02 02 02 01 0d 30 0d 06 09 2a 86 48 86 f7 0d 01 |<7>| 00a3 - 01 05 05 00 30 81 bb 31 24 30 22 06 03 55 04 07 |<7>| 00a4 - 13 1b 56 61 6c 69 43 65 72 74 20 56 61 6c 69 64 |<7>| 00a5 - 61 74 69 6f 6e 20 4e 65 74 77 6f 72 6b 31 17 30 |<7>| 00a6 - 15 06 03 55 04 0a 13 0e 56 61 6c 69 43 65 72 74 |<7>| 00a7 - 2c 20 49 6e 63 2e 31 35 30 33 06 03 55 04 0b 13 |<7>| 00a8 - 2c 56 61 6c 69 43 65 72 74 20 43 6c 61 73 73 20 |<7>| 00a9 - 32 20 50 6f 6c 69 63 79 20 56 61 6c 69 64 61 74 |<7>| 00aa - 69 6f 6e 20 41 75 74 68 6f 72 69 74 79 31 21 30 |<7>| 00ab - 1f 06 03 55 04 03 13 18 68 74 74 70 3a 2f 2f 77 |<7>| 00ac - 77 77 2e 76 61 6c 69 63 65 72 74 2e 63 6f 6d 2f |<7>| 00ad - 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 |<7>| 00ae - 11 69 6e 66 6f 40 76 61 6c 69 63 65 72 74 2e 63 |<7>| 00af - 6f 6d 30 1e 17 0d 30 34 30 36 32 39 31 37 30 36 |<7>| 00b0 - 32 30 5a 17 0d 32 34 30 36 32 39 31 37 30 36 32 |<7>| 00b1 - 30 5a 30 63 31 0b 30 09 06 03 55 04 06 13 02 55 |<7>| 00b2 - 53 31 21 30 1f 06 03 55 04 0a 13 18 54 68 65 20 |<7>| 00b3 - 47 6f 20 44 61 64 64 79 20 47 72 6f 75 70 2c 20 |<7>| 00b4 - 49 6e 63 2e 31 31 30 2f 06 03 55 04 0b 13 28 47 |<7>| 00b5 - 6f 20 44 61 64 64 79 20 43 6c 61 73 73 20 32 20 |<7>| 00b6 - 43 65 72 74 69 66 69 63 61 74 69 6f 6e 20 41 75 |<7>| 00b7 - 74 68 6f 72 69 74 79 30 82 01 20 30 0d 06 09 2a |<7>| 00b8 - 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0d 00 30 |<7>| 00b9 - 82 01 08 02 82 01 01 00 de 9d d7 ea 57 18 49 a1 |<7>| 00ba - 5b eb d7 5f 48 86 ea be dd ff e4 ef 67 1c f4 65 |<7>| 00bb - 68 b3 57 71 a0 5e 77 bb ed 9b 49 e9 70 80 3d 56 |<7>| 00bc - 18 63 08 6f da f2 cc d0 3f 7f 02 54 22 54 10 d8 |<7>| 00bd - b2 81 d4 c0 75 3d 4b 7f c7 77 c3 3e 78 ab 1a 03 |<7>| 00be - b5 20 6b 2f 6a 2b b1 c5 88 7e c4 bb 1e b0 c1 d8 |<7>| 00bf - 45 27 6f aa 37 58 f7 87 26 d7 d8 2d f6 a9 17 b7 |<7>| 00c0 - 1f 72 36 4e a6 17 3f 65 98 92 db 2a 6e 5d a2 fe |<7>| 00c1 - 88 e0 0b de 7f e5 8d 15 e1 eb cb 3a d5 e2 12 a2 |<7>| 00c2 - 13 2d d8 8e af 5f 12 3d a0 08 05 08 b6 5c a5 65 |<7>| 00c3 - 38 04 45 99 1e a3 60 60 74 c5 41 a5 72 62 1b 62 |<7>| 00c4 - c5 1f 6f 5f 1a 42 be 02 51 65 a8 ae 23 18 6a fc |<7>| 00c5 - 78 03 a9 4d 7f 80 c3 fa ab 5a fc a1 40 a4 ca 19 |<7>| 00c6 - 16 fe b2 c8 ef 5e 73 0d ee 77 bd 9a f6 79 98 bc |<7>| 00c7 - b1 07 67 a2 15 0d dd a0 58 c6 44 7b 0a 3e 62 28 |<7>| 00c8 - 5f ba 41 07 53 58 cf 11 7e 38 74 c5 f8 ff b5 69 |<7>| 00c9 - 90 8f 84 74 ea 97 1b af 02 01 03 a3 82 01 e1 30 |<7>| 00ca - 82 01 dd 30 1d 06 03 55 1d 0e 04 16 04 14 d2 c4 |<7>| 00cb - b0 d2 91 d4 4c 11 71 b3 61 cb 3d a1 fe dd a8 6a |<7>| 00cc - d4 e3 30 81 d2 06 03 55 1d 23 04 81 ca 30 81 c7 |<7>| 00cd - a1 81 c1 a4 81 be 30 81 bb 31 24 30 22 06 03 55 |<7>| 00ce - 04 07 13 1b 56 61 6c 69 43 65 72 74 20 56 61 6c |<7>| 00cf - 69 64 61 74 69 6f 6e 20 4e 65 74 77 6f 72 6b 31 |<7>| 00d0 - 17 30 15 06 03 55 04 0a 13 0e 56 61 6c 69 43 65 |<7>| 00d1 - 72 74 2c 20 49 6e 63 2e 31 35 30 33 06 03 55 04 |<7>| 00d2 - 0b 13 2c 56 61 6c 69 43 65 72 74 20 43 6c 61 73 |<7>| 00d3 - 73 20 32 20 50 6f 6c 69 63 79 20 56 61 6c 69 64 |<7>| 00d4 - 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74 79 31 |<7>| 00d5 - 21 30 1f 06 03 55 04 03 13 18 68 74 74 70 3a 2f |<7>| 00d6 - 2f 77 77 77 2e 76 61 6c 69 63 65 72 74 2e 63 6f |<7>| 00d7 - 6d 2f 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 |<7>| 00d8 - 01 16 11 69 6e 66 6f 40 76 61 6c 69 63 65 72 74 |<7>| 00d9 - 2e 63 6f 6d 82 01 01 30 0f 06 03 55 1d 13 01 01 |<7>| 00da - ff 04 05 30 03 01 01 ff 30 33 06 08 2b 06 01 05 |<7>| 00db - 05 07 01 01 04 27 30 25 30 23 06 08 2b 06 01 05 |<7>| 00dc - 05 07 30 01 86 17 68 74 74 70 3a 2f 2f 6f 63 73 |<7>| 00dd - 70 2e 67 6f 64 61 64 64 79 2e 63 6f 6d 30 44 06 |<7>| 00de - 03 55 1d 1f 04 3d 30 3b 30 39 a0 37 a0 35 86 33 |<7>| 00df - 68 74 74 70 3a 2f 2f 63 65 72 74 69 66 69 63 61 |<7>| 00e0 - 74 65 73 2e 67 6f 64 61 64 64 79 2e 63 6f 6d 2f |<7>| 00e1 - 72 65 70 6f 73 69 74 6f 72 79 2f 72 6f 6f 74 2e |<7>| 00e2 - 63 72 6c 30 4b 06 03 55 1d 20 04 44 30 42 30 40 |<7>| 00e3 - 06 04 55 1d 20 00 30 38 30 36 06 08 2b 06 01 05 |<7>| 00e4 - 05 07 02 01 16 2a 68 74 74 70 3a 2f 2f 63 65 72 |<7>| 00e5 - 74 69 66 69 63 61 74 65 73 2e 67 6f 64 61 64 64 |<7>| 00e6 - 79 2e 63 6f 6d 2f 72 65 70 6f 73 69 74 6f 72 79 |<7>| 00e7 - 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 01 06 |<7>| 00e8 - 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 |<7>| 00e9 - 81 81 00 b5 40 f9 a7 1d f6 ea fe a4 1a 42 5a 44 |<7>| 00ea - f7 15 d4 85 46 89 c0 be 9e e3 e3 eb c5 e3 58 89 |<7>| 00eb - 8f 92 9f 57 a8 71 2c 48 d1 81 b2 79 1f ac 06 35 |<7>| 00ec - 19 b0 4e 0e 58 1b 14 b3 98 81 d1 04 1e c8 07 c9 |<7>| 00ed - 83 9f 78 44 0a 18 0b 98 dc 76 7a 65 0d 0d 6d 80 |<7>| 00ee - c4 0b 01 1c cb ad 47 3e 71 be 77 4b cc 06 77 d0 |<7>| 00ef - f4 56 6b 1f 4b 13 9a 14 8a 88 23 a8 51 f0 83 4c |<7>| 00f0 - ab 35 bf 46 7e 39 dc 75 a4 ae e8 29 fb ef 39 8f |<7>| 00f1 - 4f 55 67 00 02 eb 30 82 02 e7 30 82 02 50 02 01 |<7>| 00f2 - 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 |<7>| 00f3 - 30 81 bb 31 24 30 22 06 03 55 04 07 13 1b 56 61 |<7>| 00f4 - 6c 69 43 65 72 74 20 56 61 6c 69 64 61 74 69 6f |<7>| 00f5 - 6e 20 4e 65 74 77 6f 72 6b 31 17 30 15 06 03 55 |<7>| 00f6 - 04 0a 13 0e 56 61 6c 69 43 65 72 74 2c 20 49 6e |<7>| 00f7 - 63 2e 31 35 30 33 06 03 55 04 0b 13 2c 56 61 6c |<7>| 00f8 - 69 43 65 72 74 20 43 6c 61 73 73 20 32 20 50 6f |<7>| 00f9 - 6c 69 63 79 20 56 61 6c 69 64 61 74 69 6f 6e 20 |<7>| 00fa - 41 75 74 68 6f 72 69 74 79 31 21 30 1f 06 03 55 |<7>| 00fb - 04 03 13 18 68 74 74 70 3a 2f 2f 77 77 77 2e 76 |<7>| 00fc - 61 6c 69 63 65 72 74 2e 63 6f 6d 2f 31 20 30 1e |<7>| 00fd - 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 69 6e 66 |<7>| 00fe - 6f 40 76 61 6c 69 63 65 72 74 2e 63 6f 6d 30 1e |<7>| 00ff - 17 0d 39 39 30 36 32 36 30 30 31 39 35 34 5a 17 |<7>| 0100 - 0d 31 39 30 36 32 36 30 30 31 39 35 34 5a 30 81 |<7>| 0101 - bb 31 24 30 22 06 03 55 04 07 13 1b 56 61 6c 69 |<7>| 0102 - 43 65 72 74 20 56 61 6c 69 64 61 74 69 6f 6e 20 |<7>| 0103 - 4e 65 74 77 6f 72 6b 31 17 30 15 06 03 55 04 0a |<7>| 0104 - 13 0e 56 61 6c 69 43 65 72 74 2c 20 49 6e 63 2e |<7>| 0105 - 31 35 30 33 06 03 55 04 0b 13 2c 56 61 6c 69 43 |<7>| 0106 - 65 72 74 20 43 6c 61 73 73 20 32 20 50 6f 6c 69 |<7>| 0107 - 63 79 20 56 61 6c 69 64 61 74 69 6f 6e 20 41 75 |<7>| 0108 - 74 68 6f 72 69 74 79 31 21 30 1f 06 03 55 04 03 |<7>| 0109 - 13 18 68 74 74 70 3a 2f 2f 77 77 77 2e 76 61 6c |<7>| 010a - 69 63 65 72 74 2e 63 6f 6d 2f 31 20 30 1e 06 09 |<7>| 010b - 2a 86 48 86 f7 0d 01 09 01 16 11 69 6e 66 6f 40 |<7>| 010c - 76 61 6c 69 63 65 72 74 2e 63 6f 6d 30 81 9f 30 |<7>| 010d - 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 |<7>| 010e - 8d 00 30 81 89 02 81 81 00 ce 3a 71 ca e5 ab c8 |<7>| 010f - 59 92 55 d7 ab d8 74 0e f9 ee d9 f6 55 47 59 65 |<7>| 0110 - 47 0e 05 55 dc eb 98 36 3c 5c 53 5d d3 30 cf 38 |<7>| 0111 - ec bd 41 89 ed 25 42 09 24 6b 0a 5e b3 7c dd 52 |<7>| 0112 - 2d 4c e6 d4 d6 7d 5a 59 a9 65 d4 49 13 2d 24 4d |<7>| 0113 - 1c 50 6f b5 c1 85 54 3b fe 71 e4 d3 5c 42 f9 80 |<7>| 0114 - e0 91 1a 0a 5b 39 36 67 f3 3f 55 7c 1b 3f b4 5f |<7>| 0115 - 64 73 34 e3 b4 12 bf 87 64 f8 da 12 ff 37 27 c1 |<7>| 0116 - b3 43 bb ef 7b 6e 2e 69 f7 02 03 01 00 01 30 0d |<7>| 0117 - 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 |<7>| 0118 - 00 3b 7f 50 6f 6f 50 94 99 49 62 38 38 1f 4b f8 |<7>| 0119 - a5 c8 3e a7 82 81 f6 2b c7 e8 c5 ce e8 3a 10 82 |<7>| 011a - cb 18 00 8e 4d bd a8 58 7f a1 79 00 b5 bb e9 8d |<7>| 011b - af 41 d9 0f 34 ee 21 81 19 a0 32 49 28 f4 c4 8e |<7>| 011c - 56 d5 52 33 fd 50 d5 7e 99 6c 03 e4 c9 4c fc cb |<7>| 011d - 6c ab 66 b3 4a 21 8c e5 b5 0c 32 3e 10 b2 cc 6c |<7>| 011e - a1 dc 9a 98 4c 02 5b f3 ce b9 9e a5 72 0e 4a b7 |<7>| 011f - 3f 3c e6 16 68 f8 be ed 74 4c bc 5b d5 62 1f 43 |<7>| 0120 - dd |<7>| RB: Have 5 bytes into buffer. Adding 4609 bytes. |<7>| RB: Requested 4614 bytes |<2>| ASSERT: gnutls_cipher.c:204 |<4>| REC[10e6f40]: Decrypted Packet[1] Handshake(22) with length: 4609 |<6>| BUF[HSK]: Inserted 4609 bytes of Data(22) |<6>| BUF[REC][HD]: Read 1 bytes of Data(22) |<6>| BUF[REC][HD]: Read 3 bytes of Data(22) |<3>| HSK[10e6f40]: CERTIFICATE was received [4609 bytes] |<6>| BUF[REC][HD]: Read 4605 bytes of Data(22) |<6>| BUF[HSK]: Peeked 74 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<6>| BUF[HSK]: Inserted 4 bytes of Data |<6>| BUF[HSK]: Inserted 4605 bytes of Data |<7>| READ: Got 5 bytes from 4 |<7>| READ: read 5 bytes from 4 |<7>| 0000 - 16 03 01 00 04 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[10e6f40]: Expected Packet[2] Handshake(22) with length: 1 |<4>| REC[10e6f40]: Received Packet[2] Handshake(22) with length: 4 |<7>| READ: Got 4 bytes from 4 |<7>| READ: read 4 bytes from 4 |<7>| 0000 - 0e 00 00 00 |<7>| RB: Have 5 bytes into buffer. Adding 4 bytes. |<7>| RB: Requested 9 bytes |<2>| ASSERT: gnutls_cipher.c:204 |<4>| REC[10e6f40]: Decrypted Packet[2] Handshake(22) with length: 4 |<6>| BUF[HSK]: Inserted 4 bytes of Data(22) |<6>| BUF[REC][HD]: Read 1 bytes of Data(22) |<6>| BUF[REC][HD]: Read 3 bytes of Data(22) |<3>| HSK[10e6f40]: SERVER HELLO DONE was received [4 bytes] |<2>| ASSERT: gnutls_handshake.c:1123 |<6>| BUF[HSK]: Peeked 4609 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<6>| BUF[HSK]: Inserted 4 bytes of Data |<3>| HSK[10e6f40]: CLIENT KEY EXCHANGE was send [134 bytes] |<6>| BUF[HSK]: Peeked 4 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<4>| REC[10e6f40]: Sending Packet[1] Handshake(22) with length: 134 |<2>| ASSERT: gnutls_cipher.c:204 |<7>| WRITE: Will write 139 bytes to 4. |<7>| WRITE: wrote 139 bytes to 4. Left 0 bytes. Total 139 bytes. |<7>| 0000 - 16 03 01 00 86 10 00 00 82 00 80 3d 5d f0 69 d9 |<7>| 0001 - 54 89 c6 f7 3e e7 ea 59 1e 87 4a 9d ac 29 63 7f |<7>| 0002 - 60 ca 5a 7e d7 a7 df 2e 6e d1 cf ce 80 8c e7 f0 |<7>| 0003 - b9 46 59 c1 87 11 6f 4e af 51 a6 56 32 54 c6 d6 |<7>| 0004 - e0 d7 69 0c 94 f1 d5 4f fb ee df 98 99 ee 7d fc |<7>| 0005 - 06 dc 6d 69 ed 02 10 7c 8d cc 9f 8a e0 07 a5 93 |<7>| 0006 - 84 7d d1 94 83 01 d1 4b a4 fb 3f 2b c9 05 28 e3 |<7>| 0007 - 5a 1a 3e a6 34 c9 2e 5e 64 5f 51 c6 2d 07 eb c3 |<7>| 0008 - cf 88 86 ab f6 3f ed 70 36 3f 09 |<4>| REC[10e6f40]: Sent Packet[2] Handshake(22) with length: 139 |<3>| REC[10e6f40]: Sent ChangeCipherSpec |<4>| REC[10e6f40]: Sending Packet[2] Change Cipher Spec(20) with length: 1 |<2>| ASSERT: gnutls_cipher.c:204 |<7>| WRITE: Will write 6 bytes to 4. |<7>| WRITE: wrote 6 bytes to 4. Left 0 bytes. Total 6 bytes. |<7>| 0000 - 14 03 01 00 01 01 |<4>| REC[10e6f40]: Sent Packet[3] Change Cipher Spec(20) with length: 6 |<9>| INT: PREMASTER SECRET[48]: 0302652cba782bf5b28dd4f0d7be9056c636fdcffe4290e0f032b01cd6cb76e38698cd6290d5b84c9630b95b0b3d0f66 |<9>| INT: CLIENT RANDOM[32]: 49c7a81dfddb9c4f22e64e5e4aaa3984044820aaae0479d2a51a15358e9295d6 |<9>| INT: SERVER RANDOM[32]: 44e728d6dcb23714d0dc2adfe845f8f149b484e166bd954a4e2333ffd01a2002 |<9>| INT: MASTER SECRET: e1013259c96ab1c0c3e8b35ff36a40f70238edab78f0f9baa3d48f9fa1ca14d470ed4527785688c3dc9d44000c3b8174 |<9>| INT: KEY BLOCK[104]: cad54bb324eea9c006f53601eb7f70e44ead3cdab09419dd84954073f9e307cc |<9>| INT: CLIENT WRITE KEY [24]: 0a04a81d2ffc628308646965b128e4daa8169975663e8bab |<9>| INT: SERVER WRITE KEY [24]: 4cd8844a905a7e3167d5376dc9103c2f06ed6a323c3d9ebb |<3>| HSK[10e6f40]: Cipher Suite: RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[10e6f40]: Initializing internal [write] cipher sessions |<6>| BUF[HSK]: Peeked 0 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<3>| HSK[10e6f40]: FINISHED was send [16 bytes] |<6>| BUF[HSK]: Peeked 0 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<4>| REC[10e6f40]: Sending Packet[0] Handshake(22) with length: 16 |<7>| WRITE: Will write 69 bytes to 4. |<7>| WRITE: wrote 69 bytes to 4. Left 0 bytes. Total 69 bytes. |<7>| 0000 - 16 03 01 00 40 ce b5 aa ed 99 87 c2 1f 12 7c 69 |<7>| 0001 - a2 68 9c 67 60 d8 c7 dc 8f 5a 12 42 1f cf cb e3 |<7>| 0002 - dd be 8c 11 0e ba c0 28 fa f5 e4 7f e7 94 29 1e |<7>| 0003 - 7b 04 78 fb a4 d6 f5 be 3d 5a 39 e1 67 a8 b7 39 |<7>| 0004 - 65 06 48 c3 70 |<4>| REC[10e6f40]: Sent Packet[1] Handshake(22) with length: 69 |<7>| READ: Got 5 bytes from 4 |<7>| READ: read 5 bytes from 4 |<7>| 0000 - 14 03 01 00 01 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[10e6f40]: Expected Packet[3] Change Cipher Spec(20) with length: 1 |<4>| REC[10e6f40]: Received Packet[3] Change Cipher Spec(20) with length: 1 |<7>| READ: Got 1 bytes from 4 |<7>| READ: read 1 bytes from 4 |<7>| 0000 - 01 |<7>| RB: Have 5 bytes into buffer. Adding 1 bytes. |<7>| RB: Requested 6 bytes |<2>| ASSERT: gnutls_cipher.c:204 |<4>| REC[10e6f40]: ChangeCipherSpec Packet was received |<3>| HSK[10e6f40]: Cipher Suite: RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[10e6f40]: Initializing internal [read] cipher sessions |<7>| READ: Got 5 bytes from 4 |<7>| READ: read 5 bytes from 4 |<7>| 0000 - 16 03 01 00 28 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[10e6f40]: Expected Packet[0] Handshake(22) with length: 1 |<4>| REC[10e6f40]: Received Packet[0] Handshake(22) with length: 40 |<7>| READ: Got 40 bytes from 4 |<7>| READ: read 40 bytes from 4 |<7>| 0000 - a1 90 9e 04 f4 98 7d 07 33 42 07 55 14 a5 01 da |<7>| 0001 - f2 87 04 06 17 7f 92 83 43 e1 a1 15 6b 60 f8 2f |<7>| 0002 - 98 15 f5 89 57 fa 9a 7d |<7>| RB: Have 5 bytes into buffer. Adding 40 bytes. |<7>| RB: Requested 45 bytes |<4>| REC[10e6f40]: Decrypted Packet[0] Handshake(22) with length: 16 |<6>| BUF[HSK]: Inserted 16 bytes of Data(22) |<6>| BUF[REC][HD]: Read 1 bytes of Data(22) |<6>| BUF[REC][HD]: Read 3 bytes of Data(22) |<3>| HSK[10e6f40]: FINISHED was received [16 bytes] |<6>| BUF[REC][HD]: Read 12 bytes of Data(22) |<6>| BUF[HSK]: Peeked 0 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<6>| BUF[HSK]: Inserted 4 bytes of Data |<6>| BUF[HSK]: Inserted 12 bytes of Data |<6>| BUF[HSK]: Cleared Data from buffer |<2>| ASSERT: ext_server_name.c:257 |<2>| ASSERT: dn.c:1210 |<2>| ASSERT: mpi.c:591 |<2>| ASSERT: dn.c:1210 |<2>| ASSERT: dn.c:1210 Processed 1 CA certificate(s). Resolving 'api.smugmug.com'... Connecting to '208.79.45.23:443'... - Certificate type: X.509 - Got a certificate list of 4 certificates. - Certificate[0] info: # The hostname in the certificate matches 'api.smugmug.com'. # valid since: Fri May 16 20:46:14 EDT 2008 # expires at: Sat May 16 20:46:14 EDT 2009 # fingerprint: 84:45:8C:99:AE:60:FE:49:34:F4:97:64:0A:44:58:CB # Subject's DN: C=US,ST=California,L=Mountain View,O=SmugMug\, Inc.,OU=Network Operations,CN=*.smugmug.com # Issuer's DN: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure Certification Authority,serialNumber=07969287 - Certificate[1] info: # valid since: Wed Nov 15 20:54:37 EST 2006 # expires at: Sun Nov 15 20:54:37 EST 2026 # fingerprint: D5:DF:85:B7:9A:52:87:D1:8C:D5:0F:90:23:2D:B5:34 # Subject's DN: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure Certification Authority,serialNumber=07969287 # Issuer's DN: C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 Certification Authority - Certificate[2] info: # valid since: Tue Jun 29 12:06:20 EST 2004 # expires at: Sat Jun 29 13:06:20 EDT 2024 # fingerprint: 82:BD:9A:0B:82:6A:0E:3E:91:AD:3E:27:04:2B:3F:45 # Subject's DN: C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 Certification Authority # Issuer's DN: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info at valicert.com - Certificate[3] info: # valid since: Fri Jun 25 19:19:54 EST 1999 # expires at: Tue Jun 25 20:19:54 EDT 2019 # fingerprint: A9:23:75:9B:BA:49:36:6E:31:C2:DB:F2:E7:66:BA:87 # Subject's DN: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info at valicert.com # Issuer's DN: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info at valicert.com - Peer's certificate is trusted - Version: TLS1.0 - Key Exchange: RSA - Cipher: 3DES-CBC - MAC: SHA1 - Compression: NULL |<2>| ASSERT: dn.c:1210 |<2>| ASSERT: mpi.c:591 |<2>| ASSERT: dn.c:1210 |<2>| ASSERT: dn.c:1210 - Handshake was completed - Simple Client Mode: |<4>| REC[10e6f40]: Sending Packet[1] Application Data(23) with length: 15 |<7>| WRITE: Will write 237 bytes to 4. |<7>| WRITE: wrote 237 bytes to 4. Left 0 bytes. Total 237 bytes. |<7>| 0000 - 17 03 01 00 e8 39 b4 0d 8e 1d 5d a7 3f 76 69 d5 |<7>| 0001 - 46 f8 fb 53 3a 24 29 52 ae d9 f4 b0 b3 af 0d c9 |<7>| 0002 - 56 a1 a8 8e cf 75 49 be 68 26 6e a8 e8 48 a8 17 |<7>| 0003 - d7 bb 94 9f 93 d1 a4 71 59 c3 da 98 b1 f0 67 4e |<7>| 0004 - e3 9a 03 2b 34 65 d0 c4 b2 bf 90 60 66 cc 3b aa |<7>| 0005 - 15 06 ce a3 d3 00 07 89 2c 5d 53 c0 2b d1 34 07 |<7>| 0006 - 2d d7 1e 18 89 e0 12 8b 3c d7 b1 10 11 84 ce ea |<7>| 0007 - 77 6b af 80 87 1c 40 c3 83 5f 8d d5 2d 53 80 dc |<7>| 0008 - 00 c8 c9 f6 36 88 f3 1f ed f4 38 cd 6b dc ac 3c |<7>| 0009 - ea 0b 51 99 81 7b db 46 3e 6a 2d 7d 14 e8 dc b5 |<7>| 000a - 61 a5 3a 9e 8d 3d b7 3a b5 90 1d 8f 4a d6 70 80 |<7>| 000b - 0c 48 5f a9 e2 3e 59 50 d5 f2 7a d7 77 6c 96 c3 |<7>| 000c - bb 51 63 37 38 84 4f 17 eb 81 d1 86 a4 74 1f a4 |<7>| 000d - 87 30 09 51 79 fe eb 34 95 e4 eb 0b 63 13 be f2 |<7>| 000e - 79 33 24 cc 3d 83 b0 67 13 d1 1d 0c 21 |<4>| REC[10e6f40]: Sent Packet[2] Application Data(23) with length: 237 |<7>| READ: Got 0 bytes from 4 |<7>| READ: read 0 bytes from 4 |<7>| 0000 - |<2>| ASSERT: gnutls_buffers.c:638 |<2>| ASSERT: gnutls_record.c:909 *** Fatal error: A TLS packet with unexpected length was received. *** Server has terminated the connection abnormally. random usage: poolsize=600 mixed=45 polls=25/117 added=614/23608 outmix=4 getlvl1=4/134 getlvl2=0/0 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: From simon at josefsson.org Mon Mar 23 17:09:58 2009 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 23 Mar 2009 17:09:58 +0100 Subject: [Help-gnutls] Re: help troubleshooting "TLS packet with unexpected length was received" error In-Reply-To: <20090323153852.GA15450@t61.fewerhassles.com> (Brad Fritz's message of "Mon, 23 Mar 2009 11:38:52 -0400") References: <20090323153852.GA15450@t61.fewerhassles.com> Message-ID: <87mybcz0dl.fsf@mocca.josefsson.org> Brad Fritz writes: > I am able to reproduce the problem using gnutls-cli v2.6.4 built from > source: > > ./src/gnutls-cli -d 4711 --x509cafile /usr/share/ca-certificates/mozilla/ValiCert_Class_2_VA.crt api.smugmug.com The server is buggy, it does not handle MAC padding correctly, since this appears to work: gnutls-cli -d 4711 --x509cafile /usr/share/ca-certificates/mozilla/ValiCert_Class_2_VA.crt api.smugmug.com --priority NORMAL:%COMPAT The %COMPAT keyword disables MAC padding. You can read about it here: http://www.gnu.org/software/gnutls/manual/html_node/On-Record-Padding.html /Simon From iverodin at gmail.com Thu Mar 26 23:38:31 2009 From: iverodin at gmail.com (Iver Odin Kvello) Date: Thu, 26 Mar 2009 23:38:31 +0100 Subject: [Help-gnutls] Re: Odd issue with gnu-tls 2.6.4 running as a subprocess of emacs-23 on Windows XP In-Reply-To: References: Message-ID: Hi, I've continued debugging this problem somewhat more, getting somewhat confusing results. The first thing I tried was to remove stdin from the call to select in cli.c line 735, instead just reading from stdin unconditionally after each select timeouts. This actually helped, a bit - earlier, jabber would hang waiting for the server to indicate that authentication succeeded, but this change fixed that. It now started hanging a bit later on, waiting for session initiation to succeed. After diverse experiments, I thought of adding a linefeed to each message sent. In jabber-conn.el I found that this was already done -- so I just added *another* linefeed, sending two after each message. With my modified copy of cli.c, this actually fixed things, and everything worked as it should. I then tried doing this with an unmodified cli.c, and to my surprise found that that *didn't* work, instead hanging at the session-initiation stage - that is, it actually got a bit further than before, but not all the way through. Obviously the next step would then be to have jabber.el add *five* line-feeds after each message. And of course, that works with the standard unmodified gnutls-cli.exe. So I think that there is *some* kind of bug going on with reading from stdin when run as a subprocess under windows; not entirely connected to but not unaffected by the select()-emulation. Regards, Iver Odin Kvello