GnuTLS Re-Handshake Fails
Dash Shendy
admin at dash.za.net
Mon May 23 18:42:05 CEST 2011
I was just testing with gnu-cli using the -e flag, in my case the 2nd
handshake always fails (seems to result in a Record overflow).
Here's some debugging information:
$ gnutls-cli -d 11 -V -e dash.za.net
Resolving 'dash.za.net'...
Connecting to '192.168.0.254:443'...
|<4>| REC[0x9381858]: Allocating epoch #0
|<2>| ASSERT: gnutls_constate.c:695
|<4>| REC[0x9381858]: Allocating epoch #1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA256
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA256
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA256
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA256
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<2>| EXT[0x9381858]: Sending extension CERT TYPE (3 bytes)
|<2>| EXT[0x9381858]: Sending extension SERVER NAME (16 bytes)
|<2>| EXT[0x9381858]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<2>| EXT[0x9381858]: Sending extension SESSION TICKET (0 bytes)
|<2>| EXT[SIGA]: sent signature algo (4.2) DSA-SHA256
|<2>| EXT[SIGA]: sent signature algo (4.1) RSA-SHA256
|<2>| EXT[SIGA]: sent signature algo (2.1) RSA-SHA1
|<2>| EXT[SIGA]: sent signature algo (2.2) DSA-SHA1
|<2>| EXT[0x9381858]: Sending extension SIGNATURE ALGORITHMS (10 bytes)
|<3>| HSK[0x9381858]: CLIENT HELLO was sent [143 bytes]
|<6>| BUF[HSK]: Inserted 143 bytes of Data
|<7>| HWRITE: enqueued 143. Total 143 bytes.
|<7>| HWRITE FLUSH: 143 bytes in buffer.
|<4>| REC[0x9381858]: Sending Packet[0] Handshake(22) with length: 143
|<7>| WRITE: enqueued 148 bytes for 0x4. Total 148 bytes.
|<4>| REC[0x9381858]: Sent Packet[1] Handshake(22) with length: 148
|<7>| HWRITE: wrote 143 bytes, 0 bytes left.
|<7>| WRITE FLUSH: 148 bytes in buffer.
|<7>| WRITE: wrote 148 bytes, 0 bytes left.
|<7>| READ: Got 5 bytes from 0x4
|<7>| READ: read 5 bytes from 0x4
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[0x9381858]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[0x9381858]: Received Packet[0] Handshake(22) with length: 85
|<7>| READ: Got 85 bytes from 0x4
|<7>| READ: read 85 bytes from 0x4
|<7>| RB: Have 5 bytes into buffer. Adding 85 bytes.
|<7>| RB: Requested 90 bytes
|<4>| REC[0x9381858]: Decrypted Packet[0] Handshake(22) with length: 85
|<6>| BUF[HSK]: Inserted 85 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[0x9381858]: SERVER HELLO was received [85 bytes]
|<6>| BUF[REC][HD]: Read 81 bytes of Data(22)
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 81 bytes of Data
|<3>| HSK[0x9381858]: Server's version: 3.2
|<3>| HSK[0x9381858]: SessionID length: 32
|<3>| HSK[0x9381858]: SessionID:
68155d5cdde893492eccac47a3d4bd1edd7baf70e56e969eaf98fc7c79353230
|<3>| HSK[0x9381858]: Selected cipher suite: DHE_RSA_AES_128_CBC_SHA1
|<2>| EXT[0x9381858]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes)
|<2>| EXT[0x9381858]: Parsing extension 'SESSION TICKET/35' (0 bytes)
|<3>| HSK[0x9381858]: Safe renegotiation succeeded
|<7>| READ: Got 5 bytes from 0x4
|<7>| READ: read 5 bytes from 0x4
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[0x9381858]: Expected Packet[1] Handshake(22) with length: 1
|<4>| REC[0x9381858]: Received Packet[1] Handshake(22) with length: 1171
|<7>| READ: Got 1171 bytes from 0x4
|<7>| READ: read 1171 bytes from 0x4
|<7>| RB: Have 5 bytes into buffer. Adding 1171 bytes.
|<7>| RB: Requested 1176 bytes
|<4>| REC[0x9381858]: Decrypted Packet[1] Handshake(22) with length: 1171
|<6>| BUF[HSK]: Inserted 1171 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[0x9381858]: CERTIFICATE was received [1171 bytes]
|<6>| BUF[REC][HD]: Read 1167 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 228 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 1167 bytes of Data
|<2>| ASSERT: ext_signature.c:386
|<7>| READ: Got 5 bytes from 0x4
|<7>| READ: read 5 bytes from 0x4
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[0x9381858]: Expected Packet[2] Handshake(22) with length: 1
|<4>| REC[0x9381858]: Received Packet[2] Handshake(22) with length: 829
|<7>| READ: Got 829 bytes from 0x4
|<7>| READ: read 829 bytes from 0x4
|<7>| RB: Have 5 bytes into buffer. Adding 829 bytes.
|<7>| RB: Requested 834 bytes
|<4>| REC[0x9381858]: Decrypted Packet[2] Handshake(22) with length: 829
|<6>| BUF[HSK]: Inserted 829 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[0x9381858]: SERVER KEY EXCHANGE was received [829 bytes]
|<6>| BUF[REC][HD]: Read 825 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 1171 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 825 bytes of Data
|<7>| READ: Got 5 bytes from 0x4
|<7>| READ: read 5 bytes from 0x4
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[0x9381858]: Expected Packet[3] Handshake(22) with length: 1
|<4>| REC[0x9381858]: Received Packet[3] Handshake(22) with length: 4
|<7>| READ: Got 4 bytes from 0x4
|<7>| READ: read 4 bytes from 0x4
|<7>| RB: Have 5 bytes into buffer. Adding 4 bytes.
|<7>| RB: Requested 9 bytes
|<4>| REC[0x9381858]: Decrypted Packet[3] Handshake(22) with length: 4
|<6>| BUF[HSK]: Inserted 4 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[0x9381858]: SERVER HELLO DONE was received [4 bytes]
|<2>| ASSERT: gnutls_handshake.c:1368
|<6>| BUF[HSK]: Peeked 829 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<3>| HSK[0x9381858]: CLIENT KEY EXCHANGE was sent [262 bytes]
|<6>| BUF[HSK]: Peeked 4 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<7>| HWRITE: enqueued 262. Total 262 bytes.
|<7>| HWRITE FLUSH: 262 bytes in buffer.
|<4>| REC[0x9381858]: Sending Packet[1] Handshake(22) with length: 262
|<7>| WRITE: enqueued 267 bytes for 0x4. Total 267 bytes.
|<4>| REC[0x9381858]: Sent Packet[2] Handshake(22) with length: 267
|<7>| HWRITE: wrote 262 bytes, 0 bytes left.
|<7>| WRITE FLUSH: 267 bytes in buffer.
|<7>| WRITE: wrote 267 bytes, 0 bytes left.
|<3>| REC[0x9381858]: Sent ChangeCipherSpec
|<4>| REC[0x9381858]: Sending Packet[2] Change Cipher Spec(20) with
length: 1
|<7>| WRITE: enqueued 6 bytes for 0x4. Total 6 bytes.
|<7>| WRITE FLUSH: 6 bytes in buffer.
|<7>| WRITE: wrote 6 bytes, 0 bytes left.
|<4>| REC[0x9381858]: Sent Packet[3] Change Cipher Spec(20) with length: 6
|<9>| INT: PREMASTER SECRET[256]:
5548178270322700eb7f6b0eb3fdc1ff7506526cefc38c4eda3a0caec8d8f5c17233de35097629b6952de4aeaac823ce0978c9373ca12c9ad37c9c341726f93bd62521a33f330e82acb83298674bd425ab8cc634d15957db85db46acb1fa516ee79ddbb0e3bc2b5dd907bc2b729bd6c0494a0e6e2abc4f292e20051c04f5ef7258efb1219a25f5b36a95f6b40a9070382afbc0778cb338a477adf844f6dec1013bf6390add96211cc9aa6348b0cb01b278ba3cb27c1a4122f3f31389f86cf59a3c7226c221a67848c748d55737c61af7b5af07472013504f5a99c109cf77e9eab0c8908292b5de7d82631b78ef750110e55b78f9531c25f044896af6eeb241
|<9>| INT: CLIENT RANDOM[32]:
4dda89d842131c80d7528f0f7d71fd3e8668365f56bdb183b8f1ff18e425c5e5
|<9>| INT: SERVER RANDOM[32]:
4dda89d815dd318cf051de63dd404e95bb1b822f6c7f5cfbc992226d362fa9d6
|<9>| INT: MASTER SECRET:
11f0c744f7759588483dfc1354d3224dba491329f5f2ea60221218f9fc2d95a96fbe2ed9897de125defa4a730dc8d60a
|<4>| REC[0x9381858]: Initializing epoch #1
|<9>| INT: KEY BLOCK[104]:
598c4669b59fea02459caa89228da3aa3dca8bfd25489e0e5f4b89a127e1a404
|<9>| INT: CLIENT WRITE KEY [16]: dba23bd53ee772bb199133b0604090cc
|<9>| INT: SERVER WRITE KEY [16]: 11762639065158692b78425a70dc906b
|<4>| REC[0x9381858]: Epoch #1 ready
|<3>| HSK[0x9381858]: Cipher Suite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[0x9381858]: Initializing internal [write] cipher sessions
|<4>| REC[0x9381858]: Start of epoch cleanup
|<4>| REC[0x9381858]: End of epoch cleanup
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<3>| HSK[0x9381858]: recording tls-unique CB (send)
|<3>| HSK[0x9381858]: FINISHED was sent [16 bytes]
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<7>| HWRITE: enqueued 16. Total 16 bytes.
|<7>| HWRITE FLUSH: 16 bytes in buffer.
|<4>| REC[0x9381858]: Sending Packet[0] Handshake(22) with length: 16
|<7>| WRITE: enqueued 85 bytes for 0x4. Total 85 bytes.
|<4>| REC[0x9381858]: Sent Packet[1] Handshake(22) with length: 85
|<7>| HWRITE: wrote 16 bytes, 0 bytes left.
|<7>| WRITE FLUSH: 85 bytes in buffer.
|<7>| WRITE: wrote 85 bytes, 0 bytes left.
|<7>| READ: Got 5 bytes from 0x4
|<7>| READ: read 5 bytes from 0x4
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[0x9381858]: Expected Packet[4] Handshake(22) with length: 1
|<4>| REC[0x9381858]: Received Packet[4] Handshake(22) with length: 892
|<7>| READ: Got 892 bytes from 0x4
|<7>| READ: read 892 bytes from 0x4
|<7>| RB: Have 5 bytes into buffer. Adding 892 bytes.
|<7>| RB: Requested 897 bytes
|<4>| REC[0x9381858]: Decrypted Packet[4] Handshake(22) with length: 892
|<6>| BUF[HSK]: Inserted 892 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[0x9381858]: NEW SESSION TICKET was received [892 bytes]
|<6>| BUF[REC][HD]: Read 888 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 888 bytes of Data
|<7>| READ: Got 5 bytes from 0x4
|<7>| READ: read 5 bytes from 0x4
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[0x9381858]: Expected Packet[5] Change Cipher Spec(20) with
length: 1
|<4>| REC[0x9381858]: Received Packet[5] Change Cipher Spec(20) with
length: 1
|<7>| READ: Got 1 bytes from 0x4
|<7>| READ: read 1 bytes from 0x4
|<7>| RB: Have 5 bytes into buffer. Adding 1 bytes.
|<7>| RB: Requested 6 bytes
|<4>| REC[0x9381858]: ChangeCipherSpec Packet was received
|<3>| HSK[0x9381858]: Cipher Suite: DHE_RSA_AES_128_CBC_SHA1
|<4>| REC[0x9381858]: Start of epoch cleanup
|<4>| REC[0x9381858]: Epoch #0 freed
|<4>| REC[0x9381858]: End of epoch cleanup
|<7>| READ: Got 5 bytes from 0x4
|<7>| READ: read 5 bytes from 0x4
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[0x9381858]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[0x9381858]: Received Packet[0] Handshake(22) with length: 112
|<7>| READ: Got 112 bytes from 0x4
|<7>| READ: read 112 bytes from 0x4
|<7>| RB: Have 5 bytes into buffer. Adding 112 bytes.
|<7>| RB: Requested 117 bytes
|<4>| REC[0x9381858]: Decrypted Packet[0] Handshake(22) with length: 16
|<6>| BUF[HSK]: Inserted 16 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[0x9381858]: FINISHED was received [16 bytes]
|<6>| BUF[REC][HD]: Read 12 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 892 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 12 bytes of Data
|<6>| BUF[HSK]: Cleared Data from buffer
|<6>| BUF[HSK]: Cleared Data from buffer
|<2>| ASSERT: ext_server_name.c:300
- Ephemeral Diffie-Hellman parameters
- Using prime: 2048 bits
- Secret key: 2047 bits
- Peer's public key: 2045 bits
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
|<2>| ASSERT: dn.c:305
|<2>| ASSERT: dn.c:305
|<2>| ASSERT: common.c:921
|<2>| ASSERT: common.c:921
|<2>| ASSERT: mpi.c:609
|<2>| ASSERT: x509.c:2895
- X.509 Certificate Information:
Version: 3
Serial Number (hex): 07
Issuer: C=ZA,O=Technical Advisory Group,OU=Certificate
Authority,CN=TAG Certificate Authority,UID=0
Validity:
Not Before: Sun Apr 24 11:07:01 UTC 2011
Not After: Mon Apr 23 11:07:04 UTC 2012
Subject: C=ZA,O=Dash Shendy,OU=Curriculum Vitae,L=Cape
Town,ST=WP,CN=dash.za.net,UID=7
Subject Public Key Algorithm: RSA
Certificate Security Level: Normal
Modulus (bits 2432):
00:c4:fd:51:16:52:62:27:c1:71:3c:06:ee:22:a0:25
fc:d7:73:9e:af:dd:e5:e8:8f:0a:d3:18:93:dd:54:e3
a7:39:9e:87:84:44:f8:cf:12:db:dc:d1:58:de:de:dd
23:15:0e:81:ca:e6:f1:82:1f:ea:f7:31:bf:8a:de:24
33:4c:d2:79:83:9f:9f:1c:25:57:48:33:a6:de:99:b0
b0:b9:44:53:70:ee:bc:1d:0b:de:ee:6d:2a:06:1c:d9
d7:9e:01:04:bd:96:4e:1a:03:07:e8:21:3e:4e:d8:62
83:ea:d8:04:f2:ef:6f:b6:d2:bc:bf:cc:68:19:b5:74
78:82:b3:52:96:9d:e6:ef:f6:6e:c8:77:b4:5a:e9:04
47:55:03:b7:e8:a8:e1:41:a9:58:48:70:40:d6:76:62
10:41:b8:7d:d9:28:24:4b:05:16:1c:4a:0c:b0:37:2c
e0:d9:e5:a3:3f:5f:37:a1:30:7b:b3:3d:d0:75:3e:db
fa:b8:4c:17:30:62:52:a0:07:0f:4c:4c:ce:bc:2f:52
38:b6:d6:4e:b3:ef:ad:88:9a:41:6c:d4:01:1a:89:a8
d8:a0:a5:c1:98:b6:77:53:6c:c9:24:bd:0f:d2:0e:c4
16:19:ec:73:e8:85:97:88:a7:52:09:53:3b:83:b3:a3
af:42:0a:6c:ce:09:cf:b7:75:51:15:68:9c:1a:11:ea
8c:d4:26:38:e5:53:4d:8c:21:2d:a8:84:90:c7:72:eb
81:dc:69:04:06:9d:1c:94:a2:bd:9c:40:9e:87:44:09
97
Exponent (bits 24):
01:00:01
Extensions:
Basic Constraints (critical):
Certificate Authority (CA): FALSE
Key Purpose (not critical):
TLS WWW Server.
Key Usage (critical):
Digital signature.
Key encipherment.
Subject Key Identifier (not critical):
e3fc11752c6e51303b269e36d283c5aadc33a5cc
Authority Key Identifier (not critical):
af16d0a14f4cf894f51e7ed33cfa3b369de65223
CRL Distribution points (not critical):
URI: tag.za.net/crl
Signature Algorithm: RSA-SHA256
Signature:
30:03:1d:ed:05:96:b7:70:71:95:57:b1:d6:98:fc:3a
a8:08:a6:be:97:20:dd:38:61:f7:ea:46:2f:4c:92:d3
a2:44:e1:02:6a:6c:15:ff:2a:1f:2e:44:b6:96:5a:61
3d:8f:a9:86:c9:48:4b:ad:6c:d7:1e:88:a8:50:9c:38
0c:6a:96:1f:d9:df:55:cb:92:34:20:d3:52:af:50:f8
96:49:68:16:f7:19:d3:f3:ce:20:fd:7d:4b:6d:0f:88
3f:dc:8d:5d:b4:66:08:bf:41:84:e2:45:e6:7b:fe:08
93:85:62:ed:55:ab:7e:df:ec:95:61:c1:bb:c1:8e:40
9f:d0:63:01:aa:d0:bf:40:c2:5c:5e:49:06:ab:39:c8
1b:b8:fc:07:89:a9:b8:7a:d5:3e:68:9d:99:5f:05:c7
04:c9:44:34:74:51:e7:cb:d3:4f:81:aa:ba:ac:51:39
46:6e:7f:75:e4:09:af:50:e1:0e:42:0f:b6:0d:e0:fe
45:fd:46:b9:3f:0f:ea:e3:5c:35:c6:f6:58:0b:9e:56
b2:95:78:13:63:dc:16:5c:c5:71:d3:86:ad:1d:8e:14
ae:0f:56:54:13:60:c5:c4:f0:29:eb:69:a4:91:4b:79
45:5b:9a:9d:54:8c:26:3c:18:69:b8:2c:01:4d:fa:ec
fa:17:5e:fa:c7:0c:de:68:59:33:07:3a:c4:41:80:91
3f:f4:d0:d7:f1:9f:5d:f3:f2:e2:3c:c3:c5:b4:62:0c
66:58:67:21:b3:e0:5d:81:f4:70:b4:f7:b1:6b:27:58
Other Information:
MD5 fingerprint:
c9b7fe299eda11755b7d398aeed16013
SHA-1 fingerprint:
70c40367368fd39f3b0b0f5fa519f8d2e9bda22d
Public Key Id:
e3fc11752c6e51303b269e36d283c5aadc33a5cc
- The hostname in the certificate matches 'dash.za.net'.
|<2>| ASSERT: verify.c:311
|<2>| ASSERT: verify.c:552
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.1
- Key Exchange: DHE-RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: NULL
- Session ID:
59:54:32:2E:AF:50:65:E9:3A:FF:96:7A:AC:A5:20:05:60:70:C9:5A:CA:1C:EF:13:7A:F4:30:13:D1:57:7F:F1
- Channel binding 'tls-unique': 93209a06329df4e7f829c218
- Handshake was completed
- Simple Client Mode:
|<2>| ASSERT: gnutls_constate.c:695
|<4>| REC[0x9381858]: Allocating epoch #2
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x9381858]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<2>| EXT[0x9381858]: Sending extension CERT TYPE (3 bytes)
|<2>| EXT[0x9381858]: Sending extension SERVER NAME (16 bytes)
|<2>| EXT[0x9381858]: Sending extension SAFE RENEGOTIATION (13 bytes)
|<2>| EXT[0x9381858]: Sending extension SESSION TICKET (0 bytes)
|<3>| HSK[0x9381858]: CLIENT HELLO was sent [129 bytes]
|<6>| BUF[HSK]: Inserted 129 bytes of Data
|<7>| HWRITE: enqueued 129. Total 129 bytes.
|<7>| HWRITE FLUSH: 129 bytes in buffer.
|<4>| REC[0x9381858]: Sending Packet[1] Handshake(22) with length: 129
|<7>| WRITE: enqueued 261 bytes for 0x4. Total 261 bytes.
|<4>| REC[0x9381858]: Sent Packet[2] Handshake(22) with length: 261
|<7>| HWRITE: wrote 129 bytes, 0 bytes left.
|<7>| WRITE FLUSH: 261 bytes in buffer.
|<7>| WRITE: wrote 261 bytes, 0 bytes left.
|<7>| READ: Got 5 bytes from 0x4
|<7>| READ: read 5 bytes from 0x4
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[0x9381858]: Expected Packet[1] Handshake(22) with length: 1
|<4>| REC[0x9381858]: Received Packet[1] Alert(21) with length: 192
|<7>| READ: Got 192 bytes from 0x4
|<7>| READ: read 192 bytes from 0x4
|<7>| RB: Have 5 bytes into buffer. Adding 192 bytes.
|<7>| RB: Requested 197 bytes
|<4>| REC[0x9381858]: Decrypted Packet[1] Alert(21) with length: 2
|<4>| REC[0x9381858]: Alert[1|0] - Close notify - was received
|<2>| ASSERT: gnutls_handshake.c:1296
|<2>| ASSERT: gnutls_handshake.c:2761
|<6>| BUF[HSK]: Cleared Data from buffer
*** Fatal error: A TLS packet with unexpected length was received.
|<4>| REC: Sending Alert[2|22] - Record overflow
|<4>| REC[0x9381858]: Sending Packet[2] Alert(21) with length: 2
|<7>| WRITE: enqueued 85 bytes for 0x4. Total 85 bytes.
|<7>| WRITE FLUSH: 85 bytes in buffer.
|<7>| WRITE: wrote 85 bytes, 0 bytes left.
|<4>| REC[0x9381858]: Sent Packet[3] Alert(21) with length: 85
*** ReHandshake has failed
GnuTLS error: A TLS packet with unexpected length was received.
|<6>| BUF[HSK]: Cleared Data from buffer
|<4>| REC[0x9381858]: Epoch #1 freed
|<4>| REC[0x9381858]: Epoch #2 freed
More information about the Gnutls-help
mailing list