Hi, I get decryption error when using NULL-MD5 or NULL-SHA1 cipher suites when using gnutls-serv, and connecting with a openssl client.
Server is started that way: $ gnutls-serv --http --x509cafile x509-ca.pem --x509keyfile x509-server-key.pem --x509certfile x509-server.pem --priority "NORMAL:+ANON-DH:+NULL" The openssl s_client is started that way: $ openssl s_client -cipher NULL-SHA -connect localhost:5556 This is what I get from the gnutls logs: * Accepted connection from IPv4 127.0.0.1 port 53650 on Thu Nov 3 17:23:51 2011 * Successful handshake from IPv4 127.0.0.1 port 53650 - Session ID: 26:C8:6A:7B:CE:F2:99:0B:19:1F:90:90:D8:58:73:60:99:BF:8D:DE:1B:7B:77:A2:80:54:65:11:D0:A8:5F:94 - Certificate type: X.509 - Could not verify certificate (err: The peer did not send any certificate.) - Version: TLS1.0 - Key Exchange: RSA - Cipher: NULL - MAC: SHA1 - Compression: NULL Error while receiving data >From the openssl side I get an error as well: 140735311722940:error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac:s3_pkt.c:479: I believe it worked fine when I was using gnutls-2.12. I used both openssl 0.9.8r and 1.0.0e for the client side. Any known issue there ? -- Fabrice _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
