[EMAIL PROTECTED] writes: > All, > > the gnutls server implementation (I am using gnutls 2.0.1) encounters a > problem when verifying a client certificate. I saw a strange log entry > saying " Possible PKCS #1 format attack ". What does this mean? Could > this be the reason for the failure? Does anyone know the root cause?
I think it is a false alarm. As far as I can tell, your debug log suggests the handshake is successful, but it fails with a MAC errors afterwards. Possibly you are seeing the record padding bug: http://www.gnu.org/software/gnutls/manual/html_node/On-Record-Padding.html If so, you'll need to use a modern version of gnutls and follow the hints in the link. Or do you see any client certificate related errors on the server side? /Simon > Thanks, > Kris > > Please find attached the handshake log: > > 0x574f76c (t2): IN.gnutls: READ: Got 5 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: READ: read 5 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: 0000 - 16 03 01 00 35 > 0x574f76c (t2): IN.gnutls: RB: Have 0 bytes into buffer. Adding 5 bytes. > 0x574f76c (t2): IN.gnutls: RB: Requested 5 bytes > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Expected Packet[0] > Handshake(22) with length: 1 > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Received Packet[0] > Handshake(22) with length: 53 > 0x574f76c (t2): IN.gnutls: READ: Got 53 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: READ: read 53 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: 0000 - 01 00 00 31 03 01 48 d9 49 3f f7 83 70 > f9 34 0a > 0x574f76c (t2): IN.gnutls: 0001 - c3 3f 94 57 65 47 85 12 e3 21 7e 56 da > 07 3c ca > 0x574f76c (t2): IN.gnutls: 0002 - 98 92 ee 83 94 be 00 00 0a 00 04 00 05 > 00 0a 00 > 0x574f76c (t2): IN.gnutls: 0003 - 2f 00 35 01 00 > 0x574f76c (t2): IN.gnutls: RB: Have 5 bytes into buffer. Adding 53 > bytes. > 0x574f76c (t2): IN.gnutls: RB: Requested 58 bytes > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Decrypted Packet[0] > Handshake(22) with length: 53 > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Inserted 53 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 1 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 3 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: CLIENT HELLO was received [53 > bytes] > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 49 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Peeked 0 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Emptied buffer > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Inserted 4 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Inserted 49 bytes of Data > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Client's version: 3.1 > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_db.c:239 > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_algorithms.c:1627 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Selected Compression Method: > NULL > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_extensions.c:162 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > PSK_SHA_ARCFOUR_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > PSK_SHA_3DES_EDE_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > PSK_SHA_AES_128_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > PSK_SHA_AES_256_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > DHE_PSK_SHA_ARCFOUR_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > DHE_PSK_SHA_3DES_EDE_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > DHE_PSK_SHA_AES_128_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > DHE_PSK_SHA_AES_256_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Removing ciphersuite: > DHE_DSS_ARCFOUR_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Removing ciphersuite: > DHE_DSS_3DES_EDE_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Removing ciphersuite: > DHE_DSS_AES_128_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Removing ciphersuite: > DHE_DSS_AES_256_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > DHE_RSA_3DES_EDE_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > DHE_RSA_AES_128_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > DHE_RSA_AES_256_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > RSA_ARCFOUR_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > RSA_ARCFOUR_MD5 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > RSA_3DES_EDE_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > RSA_AES_128_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Keeping ciphersuite: > RSA_AES_256_CBC_SHA1 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Selected cipher suite: > RSA_ARCFOUR_MD5 > 0x574f76c (t2): IN.gnutls: ASSERT: ext_authz.c:180 > 0x574f76c (t2): IN.gnutls: ASSERT: ext_authz.c:237 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: SessionID: > ef942f18006dd557b97a576e795123ee917aa9947461f0380ff19870338e7fe9 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: SERVER HELLO was send [74 > bytes] > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Peeked 53 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Emptied buffer > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Sending Packet[0] Handshake(22) > with length: 74 > 0x574f76c (t2): IN.gnutls: WRITE: Will write 79 bytes to 166892884. > 0x574f76c (t2): IN.gnutls: WRITE: wrote 79 bytes to 166892884. Left 0 > bytes. Total 79 bytes. > 0x574f76c (t2): IN.gnutls: 0000 - 16 03 01 00 4a 02 00 00 46 03 01 48 eb > 8c fa ef > 0x574f76c (t2): IN.gnutls: 0001 - 94 2f 18 00 6d d5 57 b9 7a 57 6e 79 51 > 23 ee 91 > 0x574f76c (t2): IN.gnutls: 0002 - 7a a9 94 74 61 f0 38 0f f1 98 70 20 ef > 94 2f 18 > 0x574f76c (t2): IN.gnutls: 0003 - 00 6d d5 57 b9 7a 57 6e 79 51 23 ee 91 > 7a a9 94 > 0x574f76c (t2): IN.gnutls: 0004 - 74 61 f0 38 0f f1 98 70 33 8e 7f e9 00 > 04 00 > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Sent Packet[1] Handshake(22) > with length: 79 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: CERTIFICATE was send [623 > bytes] > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Peeked 0 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Emptied buffer > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Sending Packet[1] Handshake(22) > with length: 623 > 0x574f76c (t2): IN.gnutls: WRITE: Will write 628 bytes to 166892884. > 0x574f76c (t2): IN.gnutls: WRITE: wrote 628 bytes to 166892884. Left 0 > bytes. Total 628 bytes. > 0x574f76c (t2): IN.gnutls: 0000 - 16 03 01 02 6f 0b 00 02 6b 00 02 68 00 > 02 65 30 > 0x574f76c (t2): IN.gnutls: 0001 - 82 02 61 30 82 01 cc a0 03 02 01 02 02 > 04 47 27 > 0x574f76c (t2): IN.gnutls: 0002 - 2d 2d 30 0b 06 09 2a 86 48 86 f7 0d 01 > 01 05 30 > 0x574f76c (t2): IN.gnutls: 0003 - 17 31 15 30 13 06 03 55 04 03 13 0c 54 > 65 6b 74 > 0x574f76c (t2): IN.gnutls: 0004 - 72 6f 6e 69 78 20 43 41 30 1e 17 0d 30 > 37 31 30 > 0x574f76c (t2): IN.gnutls: 0005 - 33 30 31 33 31 30 30 35 5a 17 0d 31 37 > 31 30 32 > 0x574f76c (t2): IN.gnutls: 0006 - 37 31 33 31 30 30 35 5a 30 42 31 0b 30 > 09 06 03 > 0x574f76c (t2): IN.gnutls: 0007 - 55 04 06 13 02 55 53 31 17 30 15 06 03 > 55 04 0a > 0x574f76c (t2): IN.gnutls: 0008 - 13 0e 54 65 6b 74 72 6f 6e 69 78 20 49 > 6e 63 2e > 0x574f76c (t2): IN.gnutls: 0009 - 31 1a 30 18 06 03 55 04 03 13 11 77 77 > 77 2e 74 > 0x574f76c (t2): IN.gnutls: 000a - 65 6b 74 72 6f 6e 69 78 2e 63 6f 6d 30 > 81 9c 30 > 0x574f76c (t2): IN.gnutls: 000b - 0b 06 09 2a 86 48 86 f7 0d 01 01 01 03 > 81 8c 00 > 0x574f76c (t2): IN.gnutls: 000c - 30 81 88 02 81 80 ad a5 a5 12 74 ee 3d > a3 ad ee > 0x574f76c (t2): IN.gnutls: 000d - e7 00 40 c1 ad a2 7d 85 d8 e4 9f 68 9c > fd 3f c1 > 0x574f76c (t2): IN.gnutls: 000e - 57 f4 a8 21 2f 7c fc 43 12 41 ec d9 cb > f1 0e 10 > 0x574f76c (t2): IN.gnutls: 000f - fd b1 ca 9a af da 6c 69 1d 06 f2 7b 61 > 9c 26 23 > 0x574f76c (t2): IN.gnutls: 0010 - a7 dd 11 16 1f 93 2f b4 f5 a9 e2 a7 33 > 3d ea 81 > 0x574f76c (t2): IN.gnutls: 0011 - 44 b4 ef 26 35 46 62 b2 42 9b c3 f9 fd > f1 71 e0 > 0x574f76c (t2): IN.gnutls: 0012 - 31 2e 54 aa f8 7c bb 3a 1f 49 51 6e 29 > 93 27 bc > 0x574f76c (t2): IN.gnutls: 0013 - 40 9c f5 0a da 28 94 b8 06 33 61 ae 60 > 68 3d 52 > 0x574f76c (t2): IN.gnutls: 0014 - 85 da 09 fc 70 85 02 03 01 00 01 a3 81 > 95 30 81 > 0x574f76c (t2): IN.gnutls: 0015 - 92 30 0c 06 03 55 1d 13 01 01 ff 04 02 > 30 00 30 > 0x574f76c (t2): IN.gnutls: 0016 - 1c 06 03 55 1d 11 04 15 30 13 82 11 77 > 77 77 2e > 0x574f76c (t2): IN.gnutls: 0017 - 74 65 6b 74 72 6f 6e 69 78 2e 63 6f 6d > 30 13 06 > 0x574f76c (t2): IN.gnutls: 0018 - 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 > 05 05 07 > 0x574f76c (t2): IN.gnutls: 0019 - 03 01 30 0f 06 03 55 1d 0f 01 01 ff 04 > 05 03 03 > 0x574f76c (t2): IN.gnutls: 001a - 07 a0 00 30 1d 06 03 55 1d 0e 04 16 04 > 14 3b a3 > 0x574f76c (t2): IN.gnutls: 001b - 48 d6 06 19 dd 51 cf 77 4f dd ed 11 31 > a1 62 0c > 0x574f76c (t2): IN.gnutls: 001c - 68 dd 30 1f 06 03 55 1d 23 04 18 30 16 > 80 14 57 > 0x574f76c (t2): IN.gnutls: 001d - aa bc 0a b5 e1 f9 b9 11 76 21 35 6f fa > 77 4a ff > 0x574f76c (t2): IN.gnutls: 001e - a6 c6 a0 30 0b 06 09 2a 86 48 86 f7 0d > 01 01 05 > 0x574f76c (t2): IN.gnutls: 001f - 03 81 81 00 99 b1 37 f1 23 22 95 85 54 > aa 5b ad > 0x574f76c (t2): IN.gnutls: 0020 - d1 da 6d 77 71 c1 bb 32 a5 6f 6b 6e b3 > 33 39 0e > 0x574f76c (t2): IN.gnutls: 0021 - 06 73 ea e7 1a 13 05 01 8a 96 1f 73 4d > 3a 90 7a > 0x574f76c (t2): IN.gnutls: 0022 - 75 dd ec 12 54 86 cc 2d 36 eb f3 57 e9 > 83 64 fe > 0x574f76c (t2): IN.gnutls: 0023 - 8f 65 66 84 a9 d8 75 fc 45 b4 10 d5 74 > c2 b1 d3 > 0x574f76c (t2): IN.gnutls: 0024 - ec b8 78 bb 9b dc b7 bc 48 89 fc db 59 > 63 fa fa > 0x574f76c (t2): IN.gnutls: 0025 - fc 66 f6 46 c4 32 7a 2c 81 ac 93 41 ca > 24 43 17 > 0x574f76c (t2): IN.gnutls: 0026 - 12 81 93 0a 8b 0b 0c 78 a1 f1 a5 b3 93 > 62 8a cf > 0x574f76c (t2): IN.gnutls: 0027 - 53 82 5b 06 > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Sent Packet[2] Handshake(22) > with length: 628 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: CERTIFICATE REQUEST was send > [36 bytes] > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Peeked 0 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Emptied buffer > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Sending Packet[2] Handshake(22) > with length: 36 > 0x574f76c (t2): IN.gnutls: WRITE: Will write 41 bytes to 166892884. > 0x574f76c (t2): IN.gnutls: WRITE: wrote 41 bytes to 166892884. Left 0 > bytes. Total 41 bytes. > 0x574f76c (t2): IN.gnutls: 0000 - 16 03 01 00 24 0d 00 00 20 02 01 02 00 > 1b 00 19 > 0x574f76c (t2): IN.gnutls: 0001 - 30 17 31 15 30 13 06 03 55 04 03 13 0c > 54 65 6b > 0x574f76c (t2): IN.gnutls: 0002 - 74 72 6f 6e 69 78 20 43 41 > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Sent Packet[3] Handshake(22) > with length: 41 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: SERVER HELLO DONE was send [4 > bytes] > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Peeked 0 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Emptied buffer > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Sending Packet[3] Handshake(22) > with length: 4 > 0x574f76c (t2): IN.gnutls: WRITE: Will write 9 bytes to 166892884. > 0x574f76c (t2): IN.gnutls: WRITE: wrote 9 bytes to 166892884. Left 0 > bytes. Total 9 bytes. > 0x574f76c (t2): IN.gnutls: 0000 - 16 03 01 00 04 0e 00 00 00 > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Sent Packet[4] Handshake(22) > with length: 9 > 0x574f76c (t2): IN.gnutls: READ: Got 5 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: READ: read 5 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: 0000 - 16 03 01 02 f8 > 0x574f76c (t2): IN.gnutls: RB: Have 0 bytes into buffer. Adding 5 bytes. > 0x574f76c (t2): IN.gnutls: RB: Requested 5 bytes > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Expected Packet[1] > Handshake(22) with length: 1 > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Received Packet[1] > Handshake(22) with length: 760 > 0x574f76c (t2): IN.gnutls: READ: Got 760 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: READ: read 760 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: 0000 - 0b 00 01 e8 00 01 e5 00 01 e2 30 82 01 > de 30 82 > 0x574f76c (t2): IN.gnutls: 0001 - 01 47 a0 03 02 01 02 02 04 48 d9 4f 03 > 30 0d 06 > 0x574f76c (t2): IN.gnutls: 0002 - 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 > 17 31 15 > 0x574f76c (t2): IN.gnutls: 0003 - 30 13 06 03 55 04 03 13 0c 31 39 32 2e > 31 32 38 > 0x574f76c (t2): IN.gnutls: 0004 - 2e 31 30 2e 32 30 1e 17 0d 30 38 30 39 > 32 32 32 > 0x574f76c (t2): IN.gnutls: 0005 - 30 31 38 31 31 5a 17 0d 31 31 30 39 32 > 33 32 30 > 0x574f76c (t2): IN.gnutls: 0006 - 31 38 31 31 5a 30 17 31 15 30 13 06 03 > 55 04 03 > 0x574f76c (t2): IN.gnutls: 0007 - 13 0c 31 39 32 2e 31 32 38 2e 31 30 2e > 32 30 81 > 0x574f76c (t2): IN.gnutls: 0008 - 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 > 01 05 00 > 0x574f76c (t2): IN.gnutls: 0009 - 03 81 8d 00 30 81 89 02 81 81 00 e1 7b > 3d 35 49 > 0x574f76c (t2): IN.gnutls: 000a - b2 3b cf 22 16 fe ee 6f 6a 82 26 ce 25 > cc 63 bf > 0x574f76c (t2): IN.gnutls: 000b - b4 7a f2 70 75 dd 13 ed d4 aa 5b 25 91 > 22 fd 68 > 0x574f76c (t2): IN.gnutls: 000c - 1a ec 20 1a 44 10 59 86 0f 30 c8 6d 47 > 19 12 6e > 0x574f76c (t2): IN.gnutls: 000d - 4e a1 b4 f4 39 11 a8 5c 55 df 40 65 79 > 3a 29 4a > 0x574f76c (t2): IN.gnutls: 000e - 76 63 60 7b af 20 c8 e2 be af fc a2 17 > 08 1c 5e > 0x574f76c (t2): IN.gnutls: 000f - 1c 57 48 19 56 71 e3 db b6 a9 9e d3 d9 > ae 0d c7 > 0x574f76c (t2): IN.gnutls: 0010 - d4 06 d6 82 38 1a 10 9d 95 47 b4 61 d0 > 6a 76 0f > 0x574f76c (t2): IN.gnutls: 0011 - 1f 70 66 43 d0 f2 5c da 87 56 47 02 03 > 01 00 01 > 0x574f76c (t2): IN.gnutls: 0012 - a3 37 30 35 30 0e 06 03 55 1d 0f 01 01 > 00 04 04 > 0x574f76c (t2): IN.gnutls: 0013 - 03 02 02 a4 30 0f 06 03 55 1d 11 04 08 > 30 06 87 > 0x574f76c (t2): IN.gnutls: 0014 - 04 c0 80 0a 02 30 12 06 03 55 1d 13 01 > 01 00 04 > 0x574f76c (t2): IN.gnutls: 0015 - 08 30 06 01 01 ff 02 01 01 30 0d 06 09 > 2a 86 48 > 0x574f76c (t2): IN.gnutls: 0016 - 86 f7 0d 01 01 05 05 00 03 81 81 00 1b > df 75 87 > 0x574f76c (t2): IN.gnutls: 0017 - 1b 69 11 91 6a 69 a7 e1 f2 6c eb 3f 46 > 84 55 55 > 0x574f76c (t2): IN.gnutls: 0018 - b6 b9 a3 f5 8e 73 6d 9c ae 63 a1 f3 64 > f0 3a b2 > 0x574f76c (t2): IN.gnutls: 0019 - fd a7 bf c6 0f 46 17 02 f6 84 fe 1c 5e > f3 dd 87 > 0x574f76c (t2): IN.gnutls: 001a - 3e c4 3d f3 81 d4 ce 56 26 49 13 b1 ef > 56 c8 b4 > 0x574f76c (t2): IN.gnutls: 001b - 22 42 bb 09 83 62 0a e6 76 cd 6e 58 d3 > 09 30 8c > 0x574f76c (t2): IN.gnutls: 001c - cb 0b 17 a4 0e 75 ae e0 02 8f b0 ea 17 > 5a fc a9 > 0x574f76c (t2): IN.gnutls: 001d - df 3d 57 c4 3d 4f 2e 0f 87 b0 34 92 18 > 71 e2 95 > 0x574f76c (t2): IN.gnutls: 001e - 7b db 8d 0d 89 f7 63 16 61 57 aa ad 10 > 00 00 82 > 0x574f76c (t2): IN.gnutls: 001f - 00 80 35 23 dd bc 98 7a f4 db 18 9a e8 > 33 37 fa > 0x574f76c (t2): IN.gnutls: 0020 - 66 30 f7 cf 26 e5 5e 3e 0c ae d2 59 2c > 9d 10 46 > 0x574f76c (t2): IN.gnutls: 0021 - 5b 9b 30 8e 2a de e6 fa 4a b2 8c 74 59 > ef b6 66 > 0x574f76c (t2): IN.gnutls: 0022 - e9 51 33 70 3f 45 b0 8b ad 60 07 59 ac > df d4 04 > 0x574f76c (t2): IN.gnutls: 0023 - 71 5c 0b 8f 90 25 6d 17 5b 84 d4 44 48 > 3c 25 0c > 0x574f76c (t2): IN.gnutls: 0024 - 56 6d 55 12 40 6b 9f 7f bc ac 26 4d 90 > eb 7f e9 > 0x574f76c (t2): IN.gnutls: 0025 - ee 43 96 11 1e aa 45 72 83 ff 11 1e ea > b5 fb e8 > 0x574f76c (t2): IN.gnutls: 0026 - 28 45 54 6c 65 7c c3 d7 04 84 46 d5 67 > 05 49 1f > 0x574f76c (t2): IN.gnutls: 0027 - fc 68 0f 00 00 82 00 80 03 ed 00 5d 86 > 09 69 30 > 0x574f76c (t2): IN.gnutls: 0028 - e4 c0 86 55 39 c5 08 55 32 54 5b 3d 07 > 25 09 83 > 0x574f76c (t2): IN.gnutls: 0029 - 29 62 29 d3 d2 ed b4 a6 7a ad 62 e3 c9 > 30 8e 6c > 0x574f76c (t2): IN.gnutls: 002a - 34 1e 1b e1 3a 54 a9 4d f0 9d b3 4a c9 > c9 1a 4f > 0x574f76c (t2): IN.gnutls: 002b - ef 92 32 47 ed c9 72 74 0a 71 45 05 46 > 13 11 42 > 0x574f76c (t2): IN.gnutls: 002c - 80 b1 49 8f db c0 35 5c bf d9 95 a1 46 > 77 71 67 > 0x574f76c (t2): IN.gnutls: 002d - 5c eb 20 99 76 45 1a 65 7a 30 a3 78 93 > ad 3b 9a > 0x574f76c (t2): IN.gnutls: 002e - 29 6f 14 80 44 cf 14 61 22 ec 97 ac 27 > cb 96 fd > 0x574f76c (t2): IN.gnutls: 002f - 55 92 2f 31 64 5c 82 ec > 0x574f76c (t2): IN.gnutls: RB: Have 5 bytes into buffer. Adding 760 > bytes. > 0x574f76c (t2): IN.gnutls: RB: Requested 765 bytes > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Decrypted Packet[1] > Handshake(22) with length: 760 > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Inserted 760 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 1 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 3 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: CERTIFICATE was received [492 > bytes] > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 488 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Peeked 0 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Emptied buffer > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Inserted 4 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Inserted 488 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 1 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 3 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: CLIENT KEY EXCHANGE was > received [134 bytes] > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 130 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Peeked 492 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Emptied buffer > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Inserted 4 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Inserted 130 bytes of Data > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_pk.c:283 > 0x574f76c (t2): IN.gnutls: ASSERT: auth_rsa.c:258 > 0x574f76c (t2): IN.gnutls: auth_rsa: Possible PKCS #1 format attack > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 1 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 3 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: CERTIFICATE VERIFY was received > [134 bytes] > 0x574f76c (t2): IN.gnutls: BUF[REC][HD]: Read 130 bytes of Data(22) > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Peeked 134 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Emptied buffer > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Inserted 4 bytes of Data > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Inserted 130 bytes of Data > 0x574f76c (t2): IN.gnutls: READ: Got 5 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: READ: read 5 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: 0000 - 14 03 01 00 01 > 0x574f76c (t2): IN.gnutls: RB: Have 0 bytes into buffer. Adding 5 bytes. > 0x574f76c (t2): IN.gnutls: RB: Requested 5 bytes > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Expected Packet[2] Change > Cipher Spec(20) with length: 1 > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Received Packet[2] Change > Cipher Spec(20) with length: 1 > 0x574f76c (t2): IN.gnutls: READ: Got 1 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: READ: read 1 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: 0000 - 01 > 0x574f76c (t2): IN.gnutls: RB: Have 5 bytes into buffer. Adding 1 bytes. > 0x574f76c (t2): IN.gnutls: RB: Requested 6 bytes > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: ChangeCipherSpec Packet was > received > 0x574f76c (t2): IN.gnutls: INT: PREMASTER SECRET[48]: > 03012b011acc7633cd91bce5d45ffd177adf0193b22ec981f99b30f9fb805d5c409d50cdd8ec5008c058d9 > e108bbedce > 0x574f76c (t2): IN.gnutls: INT: CLIENT RANDOM[32]: > 48d9493ff78370f9340ac33f945765478512e3217e56da073cca9892ee8394be > 0x574f76c (t2): IN.gnutls: INT: SERVER RANDOM[32]: > 48eb8cfaef942f18006dd557b97a576e795123ee917aa9947461f0380ff19870 > 0x574f76c (t2): IN.gnutls: INT: MASTER SECRET: > 0d454d81f4f5c85b0998c77cb1b469400380d2a613344d089c2646f44c4b341cdf78a3d15d4d87167b8d5385337fa > efb > 0x574f76c (t2): IN.gnutls: INT: KEY BLOCK[64]: > d920b45221630b466eab7cba7ae58a86c401e3f8e6ed0fb1db35f6ae0e930cb6 > 0x574f76c (t2): IN.gnutls: INT: CLIENT WRITE KEY [16]: > 41ff237870ee3017051853a568387b63 > 0x574f76c (t2): IN.gnutls: INT: SERVER WRITE KEY [16]: > d4a51c4e92c663ab205cb8d5ab3eb827 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Cipher Suite: RSA_ARCFOUR_MD5 > 0x574f76c (t2): IN.gnutls: HSK[a1407c0]: Initializing internal [read] > cipher sessions > 0x574f76c (t2): IN.gnutls: READ: Got 5 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: READ: read 5 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: 0000 - 16 03 01 00 20 > 0x574f76c (t2): IN.gnutls: RB: Have 0 bytes into buffer. Adding 5 bytes. > 0x574f76c (t2): IN.gnutls: RB: Requested 5 bytes > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Expected Packet[0] > Handshake(22) with length: 1 > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Received Packet[0] > Handshake(22) with length: 32 > 0x574f76c (t2): IN.gnutls: READ: Got 32 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: READ: read 32 bytes from 166892884 > 0x574f76c (t2): IN.gnutls: 0000 - 50 7d ba 69 15 22 e9 23 c7 e0 69 d7 8e > a5 c7 21 > 0x574f76c (t2): IN.gnutls: 0001 - 6d 0c 23 17 8b 32 61 2a 5e f4 f7 34 a1 > 3f e7 0e > 0x574f76c (t2): IN.gnutls: 0002 - > 0x574f76c (t2): IN.gnutls: RB: Have 5 bytes into buffer. Adding 32 > bytes. > 0x574f76c (t2): IN.gnutls: RB: Requested 37 bytes > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_cipher.c:562 > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_record.c:982 > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_buffers.c:1188 > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_handshake.c:962 > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_handshake.c:525 > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_handshake.c:2472 > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_handshake.c:2608 > 0x574f76c (t2): IN.gnutls: BUF[HSK]: Cleared Data from buffer > 0x574f76c (t2): IN.gnutls: REC: Sending Alert[2|20] - Bad record MAC > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Sending Packet[4] with length: > 2 > 0x574f76c (t2): IN.gnutls: WRITE: Will write 7 bytes to 166892884. > 0x574f76c (t2): IN.gnutls: WRITE: wrote 7 bytes to 166892884. Left 0 > bytes. Total 7 bytes. > 0x574f76c (t2): IN.gnutls: 0000 - 15 03 01 00 02 02 14 > 0x574f76c (t2): IN.gnutls: REC[a1407c0]: Sent Packet[5] with length: 7 > 0x574f76c (t2): IN.gnutls: ASSERT: gnutls_psk.c:309 > > > > > Gesendet von freenetMail- > Mehr als nur eine > E-Mail-Adresse > http://email.freenet.de/dienste/emailoffice/produktuebersicht/basic/mail/index.html?pid=6828 _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
