[gnutls-help] error -24 GNUTLS_E_DECRYPTION_FAILED with two possible causes
michelbriand at free.fr
michelbriand at free.fr
Mon Jan 26 19:45:02 CET 2015
> On Mon, 2015-01-26 at 15:57 +0100, michelbriand at free.fr wrote:
>
> > > Based on the error you see, I'd bet that you either receive or
> > > send
> > > by
> > > the parent when the child already exists.
> > Yes. Indeed.
> > The parent process send a last message on the socket before it is
> > given to the child.
> > Is it the cause of the error ?
>
> Yes, TLS is a stateful protocol. In that case you modify the state
> and
> then you continue from a previous state in the child. You have to
> send
> your last message either from the child itself, or before it is
> created.
>
> > In that case, what could I do to prevent it ?
> > For example in the child I could use a gnutls "reset" function ?
>
> I was thinking to add a function to serialize the session data and
> deserialize them on a different process, but I never got to finish
> it;
> so the answer is there is no reset function.
>
> regards,
> Nikos
Nikos,
waiting for your answer, very quick BTW, I've modified the logic
in my program to create the child processes after all messages have
been exchanged by parents. It works nicely.
Anyway, I think about your idea above.
Serialize the session data would be nice, but the hard task would
be to synchronize it between processes : that would go against the
very advantage of creating a child process (to not bother about
synchronization).
Is it possible to improve the documentation to help people
not to fall into this pitfall in the future ?
Thank you very much !
Michel
More information about the Gnutls-help
mailing list