Hi, I do not know if this is right place to ask about source code but I found something that may cause this problem:
This message is printed to the log: 531 [2017-Aug-24 10:13:38.768832] [7f9cf8ff9700] [ML_LoadB23] [trace] GnuTLS -- [level:3]: ASSERT: buffers.c[parse_handshake_header]:961 532 [2017-Aug-24 10:13:38.768852] [7f9cf8ff9700] [ML_LoadB23] [trace] GnuTLS -- [level:3]: ASSERT: buffers.c[_gnutls_parse_record_buffered_msgs]:1292 533 [2017-Aug-24 10:13:38.768873] [7f9cf8ff9700] [ML_LoadB23] [trace] GnuTLS -- [level:1]: Invalid handshake packet headers. Discarding. The check at buffers.c:956 fails (condition becomes true) if the hsk->start_offset == hsk->end_offset which is the case here (fragment length is 1). By the way, a part of the condition that is checked at lines 956 to 959 is checked just before (lines 951-952). Balazs Keri 2017-08-29 11:40 GMT+02:00 Balázs Kéri <[email protected]>: > Hi, > > Here is more data included: > sequence numbers in format [epoch.sequence] > The client sends more ClientHello (these are discarded) before the server > is connected and ready to receive messages. > The client and server are started cleanly (no message exchange happens > before). > The message with epoch 1 is detected as duplicate but I do not see > messages with epoch 1 before it. > Fragment offsets and fragment lengths looks OK. > > client->server: > ClientHello[0.0] (total 164 bytes) > client->server: > ClientHello[0.1] (total 164 bytes) > client->server: > ClientHello[0.2] (total 164 bytes) > > client->server: > ClientHello[0.3] (total 164 bytes) > > server->client: > ServerHello[0.0],Certificate[0.1],CertificateRequest[0.2], > ServerHelloDone[0.3] (total 1159 bytes) > > client->server: > Certificate(Fragment)(243)[0.4],Certificate(Fragment)(243)[0.5], > Certificate(Fragment)(243)[0.6],Certificate(Fragment)(243)[0.7],Certificat > e(Fragment)(13)[0.8],ClientKeyExchange(142)[0.9],CertificateVerify(62) > [0.10],CertificateVerify(92)[0.11] (total 1427 bytes) > > client->server: > ChangeCipherSpec(1)[0.12],EncryptedHandshakeMessage(64)[1.0] (total 133 > bytes) > > Balázs Kéri > > 2017-08-29 11:06 GMT+02:00 Nikos Mavrogiannopoulos < > [email protected]>: > >> On Mon, 2017-08-28 at 10:08 +0200, Balázs Kéri wrote: >> > Hi! >> >> > 533 [2017-Aug-24 10:13:38.768873] GnuTLS -- [level:1]: Invalid >> > handshake packet headers. Discarding. >> > 569 [2017-Aug-24 10:13:38.770813] GnuTLS -- [level:5]: >> > REC[0x7f9ce0013ea0]: Discarded duplicate message[1.0]: Handshake >> >> Check what the sent client record numbers are. That message was >> detected as duplicate. >> >> regards, >> Nikos >> >> >
_______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
