[gnutls-help] failing DTLS handshake

Balázs Kéri 1.int32 at gmail.com
Thu Sep 14 15:09:26 CEST 2017


Hi,

I can reproduce the problem with the attached test programs. It is a
primitive server and client put together from the example code and removed
unneeded things. It can be compiled with gnutls-3.5.15 (or older versions,
earliest tested is 3.3.19). It is important to use the provided .pem files.
After starting server and client the handshake times out.

Balázs Kéri

2017-09-06 13:34 GMT+02:00 Nikos Mavrogiannopoulos <nmav at gnutls.org>:

> On Fri, Sep 1, 2017 at 9:49 AM, Balázs Kéri <1.int32 at gmail.com> wrote:
> > Hi,
> >
> > I do not know if this is right place to ask about source code but I found
> > something that may cause this problem:
> >
> > This message is printed to the log:
> > 531 [2017-Aug-24 10:13:38.768832] [7f9cf8ff9700] [ML_LoadB23] [trace]
> GnuTLS
> > -- [level:3]: ASSERT: buffers.c[parse_handshake_header]:961
> > 532 [2017-Aug-24 10:13:38.768852] [7f9cf8ff9700] [ML_LoadB23] [trace]
> GnuTLS
> > -- [level:3]: ASSERT: buffers.c[_gnutls_parse_record_buffered_msgs]:1292
> > 533 [2017-Aug-24 10:13:38.768873] [7f9cf8ff9700] [ML_LoadB23] [trace]
> GnuTLS
> > -- [level:1]: Invalid handshake packet headers. Discarding.
> >
> > The check at buffers.c:956 fails (condition becomes true) if the
> > hsk->start_offset == hsk->end_offset which is the case here (fragment
> length
> > is 1).
>
> Hi,
>  If fragment length is 1, shouldn't start_offset be 0 and end_offset
> be 1? Do you have some reproducer for that?
>
> regards,
> Nikos
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20170914/334b2175/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dtls-fraglen-1.tar.gz
Type: application/x-gzip
Size: 20891 bytes
Desc: not available
URL: </pipermail/attachments/20170914/334b2175/attachment-0001.bin>


More information about the Gnutls-help mailing list