On 2016-09-19 "marcelomen...@gmail.com" <marcelomen...@gmail.com> wrote: > 2016-09-17 12:15 GMT-04:00 Andreas Metzler <ametz...@bebt.de>: [...] > > | Then click capture -> Stop, In "apply display filter", type ssl, then > > | File -> Export specified packets and send the saved pcap file.
> This link has two files: > pcap_gnutls.pcapng (Fail, libgnutls30:amd64 3.5.4-2) > pcap_gnutls_v352.pcapng (Working version, libgnutls30:amd64 3.5.2-3) > https://drive.google.com/drive/folders/0B3_AQUiHn1qMcEVjdVpNeHBJUHc Hello Marcelo, this seems to be hard to debug/reproduce, Nikos (upstream) writes: ======================================================================= I do not see anything wrong in the capture. I even created a small program to replay the connection locally (I have a debian installation on x86_64 with the same packages available), and the connection continued past the failure point on that system. I'm searching in the dark here, but the following info could help: 1. run gnutls-cli www.server-that-failsĀ -d 9 2. run valgrind gnutls-cli www.server-that-fails 3. compile the attached program as "gcc -O2 -g sim.c -lgmp -lhogweed && ./a.out", and also run valgrind ./a.out [...] One 4th item suggested by Niels Moeller: 4. run ldd /usr/bin/gnutls-cli # (that way we can see whether the client is linked to the expected nettle library) ======================================================================= cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'
#include <gmp.h> #include <stdio.h> #include <stdlib.h> #include <assert.h> #include <string.h> #include <nettle/bignum.h> #include <nettle/rsa.h> const char strn[] = "00f245c2bcfff8646f8a440e6e543c75d56ff21f876e9a9f5998c01a75101aae" "1ee673662ce125a8536f92f252275e0074419b050e2fcd731f1dcae54302fdd0" "9c033a8f1ea2a7b9b5fc3c219f5adf2274c19f7b121b85ab2cd49768f7178930" "5e14b15be50ebcda847bcce2d55e27da451728c99e7e3a211d49a62789a6a19f" "9b22ad3f38cf5c5c331381755ac99c4fa6f636b4d41f9c24e12da36d350fd9f2" "2f620904c7a62bbbe3e45e41b9c8ec634eee8f83156006291d2e8f9d8020722d" "7ea5c505092165803b5289555ab5b53cb82006b2e1e15fc487d30a69f028ee79" "ee427b974add98d742c16d527d92101522599dc44c2026a5dbf3d343b91efba2f9"; const char stre[] = "010001"; #define SIZEOF_MPZT sizeof(__mpz_struct) #define TOMPZ(x) ((__mpz_struct*)(x)) int main() { void *e, *n; struct rsa_public_key pub; e = malloc(SIZEOF_MPZT); assert(e!=NULL); n = malloc(SIZEOF_MPZT); assert(n!=NULL); mpz_init(TOMPZ(e)); mpz_init(TOMPZ(n)); assert(gmp_sscanf(stre, "%Zx", TOMPZ(e)) > 0); assert(gmp_sscanf(strn, "%Zx", TOMPZ(n)) > 0); fprintf(stderr, "size: %u\n", (unsigned)nettle_mpz_sizeinbase_256_u(TOMPZ(n))); memcpy(pub.n, n, SIZEOF_MPZT); memcpy(pub.e, e, SIZEOF_MPZT); assert(rsa_public_key_prepare(&pub) > 0); fprintf(stderr, "size: %u\n", (unsigned)pub.size); mpz_clear(TOMPZ(e)); mpz_clear(TOMPZ(n)); free(e); free(n); return 0; }