I am experiencing a TLS handshake problem when GnuTLS 3.0.11 server has a big pile of CA certificates to verify against. I can not reproduce the problem with GnuTLS 2.12.14.
Steps to re-produce: 1. Create server key+certificate: certtool --generate-privkey --outfile foo.key certtool --generate-self-signed --load-privkey foo.key --outfile foo.crt (leave all fields empty except expiration and enable signing and encryption) 2. Start server: gnutls-serv --x509keyfile foo.key --x509certfile foo.crt --x509cafile /etc/ssl/certs/ca-certificates.crt 3. Connect with client and observe failure: gnutls-cli --insecure -p 5556 localhost 4. Start server without CA cert bundle: gnutls-serv --x509keyfile foo.key --x509certfile foo.crt 5. Connect with client and observe success: gnutls-cli --insecure -p 5556 localhost Note that the file /etc/ssl/certs/ca-certificates.crt contains a big pile of certificates, as distributed by Debian and Ubuntu "ca-certificates" package. (I am happy to send it if needed.) If I specify just a sigle CA cert I do not see any problems. This means that when the problem happens the "certificate request" is bigger than 16k. Is this a bug, or is there just too many certificates? I suspect a bug because GnuTLS 2.12.14 nor OpenSSL does not have any issues. I am happy to supply any additional information. gnutls-serv outputs the following when the failure happens: Set static Diffie-Hellman parameters, consider --dhparams. Processed 141 CA certificate(s). HTTP Server listening on IPv4 0.0.0.0 port 5556...done HTTP Server listening on IPv6 :: port 5556...bind() failed: Address already in use * Accepted connection from IPv4 127.0.0.1 port 48518 on Tue May 29 14:18:09 2012 * Received alert '22': Record overflow. Error in handshake Error: A TLS fatal alert has been received. And the gnutls-cli outputs the following: Processed 141 CA certificate(s). Resolving 'localhost'... Connecting to '127.0.0.1:5556'... - Peer's certificate issuer is unknown - Peer's certificate is NOT trusted - The hostname in the certificate does NOT match 'localhost' *** Verifying server certificate failed... *** Fatal error: A TLS packet with unexpected length was received. *** Handshake has failed GnuTLS error: A TLS packet with unexpected length was received. gnutls-serv output with --debug 9: |<2>| ASSERT: pkcs11.c:459 |<2>| ASSERT: mpi.c:249 |<2>| ASSERT: gnutls_dh_primes.c:293 |<2>| ASSERT: dn.c:362 |<2>| ASSERT: dn.c:481 HTTP Server listening on IPv4 0.0.0.0 port 5556...done HTTP Server listening on IPv6 :: port 5556...bind() failed: Address already in use |<4>| REC[0xa1cd60]: Allocating epoch #0 |<2>| ASSERT: gnutls_constate.c:717 |<4>| REC[0xa1cd60]: Allocating epoch #1 |<2>| ASSERT: gnutls_buffers.c:974 |<4>| REC[0xa1cd60]: SSL 3.0 Handshake packet received. Epoch 0, length: 202 |<4>| REC[0xa1cd60]: Expected Packet Handshake(22) |<4>| REC[0xa1cd60]: Received Packet Handshake(22) with length: 202 |<4>| REC[0xa1cd60]: Decrypted Packet[0] Handshake(22) with length: 202 |<3>| HSK[0xa1cd60]: CLIENT HELLO was received. Length 198[198], frag offset 0, frag length: 198, sequence: 0 |<3>| HSK[0xa1cd60]: Client's version: 3.3 |<2>| ASSERT: gnutls_db.c:265 |<2>| ASSERT: gnutls_db.c:297 |<3>| EXT[0xa1cd60]: Parsing extension 'SERVER NAME/0' (14 bytes) |<3>| EXT[0xa1cd60]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes) |<3>| EXT[0xa1cd60]: Parsing extension 'SUPPORTED ECC/10' (12 bytes) |<3>| HSK[0xa1cd60]: Selected ECC curve SECP192R1 (5) |<3>| EXT[0xa1cd60]: Parsing extension 'SUPPORTED ECC POINT FORMATS/11' (2 bytes) |<3>| EXT[0xa1cd60]: Parsing extension 'SIGNATURE ALGORITHMS/13' (28 bytes) |<3>| EXT[0xa1cd60]: rcvd signature algo (4.1) RSA-SHA256 |<3>| EXT[0xa1cd60]: rcvd signature algo (4.2) DSA-SHA256 |<3>| EXT[0xa1cd60]: rcvd signature algo (4.3) ECDSA-SHA256 |<3>| EXT[0xa1cd60]: rcvd signature algo (5.1) RSA-SHA384 |<3>| EXT[0xa1cd60]: rcvd signature algo (5.3) ECDSA-SHA384 |<3>| EXT[0xa1cd60]: rcvd signature algo (6.1) RSA-SHA512 |<3>| EXT[0xa1cd60]: rcvd signature algo (6.3) ECDSA-SHA512 |<3>| EXT[0xa1cd60]: rcvd signature algo (3.1) RSA-SHA224 |<3>| EXT[0xa1cd60]: rcvd signature algo (3.2) DSA-SHA224 |<3>| EXT[0xa1cd60]: rcvd signature algo (3.3) ECDSA-SHA224 |<3>| EXT[0xa1cd60]: rcvd signature algo (2.1) RSA-SHA1 |<3>| EXT[0xa1cd60]: rcvd signature algo (2.2) DSA-SHA1 |<3>| EXT[0xa1cd60]: rcvd signature algo (2.3) ECDSA-SHA1 |<3>| HSK[0xa1cd60]: Requested PK algorithm: EC (4) -- ctype: X.509 (1) |<3>| HSK[0xa1cd60]: certificate[0] PK algorithm: RSA (1) - ctype: X.509 (1) |<3>| HSK[0xa1cd60]: Requested PK algorithm: EC (4) -- ctype: X.509 (1) |<3>| HSK[0xa1cd60]: certificate[0] PK algorithm: RSA (1) - ctype: X.509 (1) |<3>| HSK[0xa1cd60]: Requested PK algorithm: EC (4) -- ctype: X.509 (1) |<3>| HSK[0xa1cd60]: certificate[0] PK algorithm: RSA (1) - ctype: X.509 (1) |<3>| HSK[0xa1cd60]: Requested PK algorithm: EC (4) -- ctype: X.509 (1) |<3>| HSK[0xa1cd60]: certificate[0] PK algorithm: RSA (1) - ctype: X.509 (1) |<3>| HSK[0xa1cd60]: Requested PK algorithm: EC (4) -- ctype: X.509 (1) |<3>| HSK[0xa1cd60]: certificate[0] PK algorithm: RSA (1) - ctype: X.509 (1) |<3>| HSK[0xa1cd60]: Requested PK algorithm: EC (4) -- ctype: X.509 (1) |<3>| HSK[0xa1cd60]: certificate[0] PK algorithm: RSA (1) - ctype: X.509 (1) |<3>| HSK[0xa1cd60]: Requested PK algorithm: EC (4) -- ctype: X.509 (1) |<3>| HSK[0xa1cd60]: certificate[0] PK algorithm: RSA (1) - ctype: X.509 (1) |<3>| HSK[0xa1cd60]: Requested PK algorithm: RSA (1) -- ctype: X.509 (1) |<3>| HSK[0xa1cd60]: certificate[0] PK algorithm: RSA (1) - ctype: X.509 (1) |<3>| HSK[0xa1cd60]: Removing ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA1 |<3>| HSK[0xa1cd60]: Removing ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA256 |<3>| HSK[0xa1cd60]: Removing ciphersuite: ECDHE_ECDSA_AES_128_GCM_SHA256 |<3>| HSK[0xa1cd60]: Removing ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA1 |<3>| HSK[0xa1cd60]: Removing ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA384 |<3>| HSK[0xa1cd60]: Removing ciphersuite: ECDHE_ECDSA_AES_256_GCM_SHA384 |<3>| HSK[0xa1cd60]: Removing ciphersuite: ECDHE_ECDSA_3DES_EDE_CBC_SHA1 |<3>| HSK[0xa1cd60]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA1 (C0.13) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA256 (C0.27) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: ECDHE_RSA_AES_256_CBC_SHA1 (C0.14) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: ECDHE_RSA_AES_256_GCM_SHA384 (C0.30) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 (00.33) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA256 (00.67) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: DHE_RSA_AES_128_GCM_SHA256 (00.9E) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 (00.39) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA256 (00.6B) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 (00.16) |<3>| HSK[0xa1cd60]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA1 |<3>| HSK[0xa1cd60]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA256 |<3>| HSK[0xa1cd60]: Removing ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 |<3>| HSK[0xa1cd60]: Removing ciphersuite: DHE_DSS_AES_128_GCM_SHA256 |<3>| HSK[0xa1cd60]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA1 |<3>| HSK[0xa1cd60]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA256 |<3>| HSK[0xa1cd60]: Removing ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 |<3>| HSK[0xa1cd60]: Removing ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 |<3>| HSK[0xa1cd60]: Removing ciphersuite: DHE_DSS_ARCFOUR_SHA1 |<3>| HSK[0xa1cd60]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 (00.2F) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256 (00.3C) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 (00.41) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: RSA_AES_128_GCM_SHA256 (00.9C) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 (00.35) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256 (00.3D) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 (00.84) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 (00.0A) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 (00.05) |<3>| HSK[0xa1cd60]: Keeping ciphersuite: RSA_ARCFOUR_MD5 (00.04) |<3>| HSK[0xa1cd60]: Requested cipher suites[size: 80]: |<3>| 0xc0, 0x09 ECDHE_ECDSA_AES_128_CBC_SHA1 |<3>| 0xc0, 0x23 ECDHE_ECDSA_AES_128_CBC_SHA256 |<3>| 0xc0, 0x2b ECDHE_ECDSA_AES_128_GCM_SHA256 |<3>| 0xc0, 0x0a ECDHE_ECDSA_AES_256_CBC_SHA1 |<3>| 0xc0, 0x24 ECDHE_ECDSA_AES_256_CBC_SHA384 |<3>| 0xc0, 0x2c ECDHE_ECDSA_AES_256_GCM_SHA384 |<3>| 0xc0, 0x08 ECDHE_ECDSA_3DES_EDE_CBC_SHA1 |<3>| 0xc0, 0x13 ECDHE_RSA_AES_128_CBC_SHA1 |<3>| HSK[0xa1cd60]: Selected cipher suite: ECDHE_RSA_AES_128_CBC_SHA1 |<3>| HSK[0xa1cd60]: Selected Compression Method: NULL |<3>| HSK[0xa1cd60]: Safe renegotiation succeeded |<3>| EXT[0xa1cd60]: Sending extension SAFE RENEGOTIATION (1 bytes) |<3>| EXT[0xa1cd60]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes) |<3>| HSK[0xa1cd60]: SessionID: 176537c551ca398133358e980be582adc4243490f0d5d9559384190fd366d705 |<3>| HSK[0xa1cd60]: SERVER HELLO was queued [87 bytes] |<3>| HSK[0xa1cd60]: CERTIFICATE was queued [816 bytes] |<3>| HSK[0xa1cd60]: signing handshake data: using RSA-SHA256 |<3>| HSK[0xa1cd60]: SERVER KEY EXCHANGE was queued [365 bytes] |<3>| EXT[0xa1cd60]: sent signature algo (4.1) RSA-SHA256 |<3>| EXT[0xa1cd60]: sent signature algo (4.2) DSA-SHA256 |<3>| EXT[0xa1cd60]: sent signature algo (4.3) ECDSA-SHA256 |<3>| EXT[0xa1cd60]: sent signature algo (5.1) RSA-SHA384 |<3>| EXT[0xa1cd60]: sent signature algo (5.3) ECDSA-SHA384 |<3>| EXT[0xa1cd60]: sent signature algo (6.1) RSA-SHA512 |<3>| EXT[0xa1cd60]: sent signature algo (6.3) ECDSA-SHA512 |<3>| EXT[0xa1cd60]: sent signature algo (3.1) RSA-SHA224 |<3>| EXT[0xa1cd60]: sent signature algo (3.2) DSA-SHA224 |<3>| EXT[0xa1cd60]: sent signature algo (3.3) ECDSA-SHA224 |<3>| EXT[0xa1cd60]: sent signature algo (2.1) RSA-SHA1 |<3>| EXT[0xa1cd60]: sent signature algo (2.2) DSA-SHA1 |<3>| EXT[0xa1cd60]: sent signature algo (2.3) ECDSA-SHA1 |<3>| HSK[0xa1cd60]: CERTIFICATE REQUEST was queued [17029 bytes] |<3>| HSK[0xa1cd60]: SERVER HELLO DONE was queued [4 bytes] |<4>| REC[0xa1cd60]: Preparing Packet Handshake(22) with length: 87 |<9>| ENC[0xa1cd60]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 |<4>| REC[0xa1cd60]: Sent Packet[1] Handshake(22) in epoch 0 and length: 92 |<4>| REC[0xa1cd60]: Preparing Packet Handshake(22) with length: 816 |<9>| ENC[0xa1cd60]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 |<4>| REC[0xa1cd60]: Sent Packet[2] Handshake(22) in epoch 0 and length: 821 |<4>| REC[0xa1cd60]: Preparing Packet Handshake(22) with length: 365 |<9>| ENC[0xa1cd60]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 |<4>| REC[0xa1cd60]: Sent Packet[3] Handshake(22) in epoch 0 and length: 370 |<4>| REC[0xa1cd60]: Preparing Packet Handshake(22) with length: 17029 |<9>| ENC[0xa1cd60]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 |<4>| REC[0xa1cd60]: Sent Packet[4] Handshake(22) in epoch 0 and length: 16389 |<4>| REC[0xa1cd60]: Preparing Packet Handshake(22) with length: 645 |<9>| ENC[0xa1cd60]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 |<4>| REC[0xa1cd60]: Sent Packet[5] Handshake(22) in epoch 0 and length: 650 |<4>| REC[0xa1cd60]: Preparing Packet Handshake(22) with length: 4 |<9>| ENC[0xa1cd60]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 |<4>| REC[0xa1cd60]: Sent Packet[6] Handshake(22) in epoch 0 and length: 9 |<2>| ASSERT: gnutls_buffers.c:974 |<2>| ASSERT: gnutls_buffers.c:974 |<4>| REC[0xa1cd60]: SSL 3.3 Alert packet received. Epoch 0, length: 2 |<4>| REC[0xa1cd60]: Expected Packet Handshake(22) |<4>| REC[0xa1cd60]: Received Packet Alert(21) with length: 2 |<4>| REC[0xa1cd60]: Decrypted Packet[1] Alert(21) with length: 2 |<4>| REC[0xa1cd60]: Alert[2|22] - Record overflow - was received |<2>| ASSERT: gnutls_record.c:627 |<2>| ASSERT: gnutls_record.c:633 |<2>| ASSERT: gnutls_record.c:1111 |<2>| ASSERT: gnutls_buffers.c:1175 |<2>| ASSERT: gnutls_handshake.c:1269 |<2>| ASSERT: gnutls_handshake.c:2827 Error in handshake |<4>| REC: Sending Alert[2|80] - Internal error |<4>| REC[0xa1cd60]: Preparing Packet Alert(21) with length: 2 |<9>| ENC[0xa1cd60]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 |<4>| REC[0xa1cd60]: Sent Packet[7] Alert(21) in epoch 0 and length: 7 |<2>| ASSERT: gnutls_record.c:238 |<4>| REC[0xa1cd60]: Start of epoch cleanup |<4>| REC[0xa1cd60]: End of epoch cleanup |<4>| REC[0xa1cd60]: Epoch #0 freed |<4>| REC[0xa1cd60]: Epoch #1 freed gnutls-cli output with --debug 9: |<2>| ASSERT: pkcs11.c:459 |<4>| REC[0x24e4120]: Allocating epoch #0 |<2>| ASSERT: gnutls_constate.c:717 |<4>| REC[0x24e4120]: Allocating epoch #1 |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA1 (C0.13) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_RSA_AES_128_CBC_SHA256 (C0.27) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_RSA_AES_256_CBC_SHA1 (C0.14) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_RSA_AES_256_GCM_SHA384 (C0.30) |<3>| HSK[0x24e4120]: Keeping ciphersuite: ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 (00.33) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA256 (00.67) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_RSA_AES_128_GCM_SHA256 (00.9E) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 (00.39) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA256 (00.6B) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 (00.16) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 (00.32) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA256 (00.40) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 (00.44) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_DSS_AES_128_GCM_SHA256 (00.A2) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 (00.38) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA256 (00.6A) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 (00.87) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 (00.13) |<3>| HSK[0x24e4120]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 (00.66) |<3>| HSK[0x24e4120]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 (00.2F) |<3>| HSK[0x24e4120]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256 (00.3C) |<3>| HSK[0x24e4120]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 (00.41) |<3>| HSK[0x24e4120]: Keeping ciphersuite: RSA_AES_128_GCM_SHA256 (00.9C) |<3>| HSK[0x24e4120]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 (00.35) |<3>| HSK[0x24e4120]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256 (00.3D) |<3>| HSK[0x24e4120]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 (00.84) |<3>| HSK[0x24e4120]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 (00.0A) |<3>| HSK[0x24e4120]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 (00.05) |<3>| HSK[0x24e4120]: Keeping ciphersuite: RSA_ARCFOUR_MD5 (00.04) |<3>| EXT[0x24e4120]: Sending extension SERVER NAME (14 bytes) |<3>| EXT[0x24e4120]: Sending extension SAFE RENEGOTIATION (1 bytes) |<3>| EXT[0x24e4120]: Sending extension SUPPORTED ECC (12 bytes) |<3>| EXT[0x24e4120]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes) |<3>| EXT[0x24e4120]: sent signature algo (4.1) RSA-SHA256 |<3>| EXT[0x24e4120]: sent signature algo (4.2) DSA-SHA256 |<3>| EXT[0x24e4120]: sent signature algo (4.3) ECDSA-SHA256 |<3>| EXT[0x24e4120]: sent signature algo (5.1) RSA-SHA384 |<3>| EXT[0x24e4120]: sent signature algo (5.3) ECDSA-SHA384 |<3>| EXT[0x24e4120]: sent signature algo (6.1) RSA-SHA512 |<3>| EXT[0x24e4120]: sent signature algo (6.3) ECDSA-SHA512 |<3>| EXT[0x24e4120]: sent signature algo (3.1) RSA-SHA224 |<3>| EXT[0x24e4120]: sent signature algo (3.2) DSA-SHA224 |<3>| EXT[0x24e4120]: sent signature algo (3.3) ECDSA-SHA224 |<3>| EXT[0x24e4120]: sent signature algo (2.1) RSA-SHA1 |<3>| EXT[0x24e4120]: sent signature algo (2.2) DSA-SHA1 |<3>| EXT[0x24e4120]: sent signature algo (2.3) ECDSA-SHA1 |<3>| EXT[0x24e4120]: Sending extension SIGNATURE ALGORITHMS (28 bytes) |<3>| HSK[0x24e4120]: CLIENT HELLO was queued [202 bytes] |<4>| REC[0x24e4120]: Preparing Packet Handshake(22) with length: 202 |<9>| ENC[0x24e4120]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 |<4>| REC[0x24e4120]: Sent Packet[1] Handshake(22) in epoch 0 and length: 207 |<2>| ASSERT: gnutls_buffers.c:974 |<4>| REC[0x24e4120]: SSL 3.3 Handshake packet received. Epoch 0, length: 87 |<4>| REC[0x24e4120]: Expected Packet Handshake(22) |<4>| REC[0x24e4120]: Received Packet Handshake(22) with length: 87 |<4>| REC[0x24e4120]: Decrypted Packet[0] Handshake(22) with length: 87 |<3>| HSK[0x24e4120]: SERVER HELLO was received. Length 83[83], frag offset 0, frag length: 83, sequence: 0 |<3>| HSK[0x24e4120]: Server's version: 3.3 |<3>| HSK[0x24e4120]: SessionID length: 32 |<3>| HSK[0x24e4120]: SessionID: 176537c551ca398133358e980be582adc4243490f0d5d9559384190fd366d705 |<3>| HSK[0x24e4120]: Selected cipher suite: ECDHE_RSA_AES_128_CBC_SHA1 |<3>| HSK[0x24e4120]: Selected compression method: NULL (0) |<3>| EXT[0x24e4120]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes) |<3>| EXT[0x24e4120]: Parsing extension 'SUPPORTED ECC POINT FORMATS/11' (2 bytes) |<3>| HSK[0x24e4120]: Safe renegotiation succeeded |<2>| ASSERT: gnutls_buffers.c:974 |<4>| REC[0x24e4120]: SSL 3.3 Handshake packet received. Epoch 0, length: 816 |<4>| REC[0x24e4120]: Expected Packet Handshake(22) |<4>| REC[0x24e4120]: Received Packet Handshake(22) with length: 816 |<4>| REC[0x24e4120]: Decrypted Packet[1] Handshake(22) with length: 816 |<3>| HSK[0x24e4120]: CERTIFICATE was received. Length 812[812], frag offset 0, frag length: 812, sequence: 0 |<2>| ASSERT: dn.c:1190 |<2>| ASSERT: verify.c:395 |<2>| ASSERT: verify.c:642 |<2>| ASSERT: dn.c:362 |<2>| ASSERT: dn.c:481 |<2>| ASSERT: gnutls_buffers.c:974 |<4>| REC[0x24e4120]: SSL 3.3 Handshake packet received. Epoch 0, length: 365 |<4>| REC[0x24e4120]: Expected Packet Handshake(22) |<4>| REC[0x24e4120]: Received Packet Handshake(22) with length: 365 |<4>| REC[0x24e4120]: Decrypted Packet[2] Handshake(22) with length: 365 |<3>| HSK[0x24e4120]: SERVER KEY EXCHANGE was received. Length 361[361], frag offset 0, frag length: 361, sequence: 0 |<3>| HSK[0x24e4120]: Selected ECC curve SECP192R1 (5) |<3>| HSK[0x24e4120]: verify handshake data: using RSA-SHA256 |<2>| ASSERT: signature.c:304 |<2>| ASSERT: gnutls_buffers.c:974 |<4>| REC[0x24e4120]: SSL 3.3 Handshake packet received. Epoch 0, length: 16384 |<4>| REC[0x24e4120]: Expected Packet Handshake(22) |<4>| REC[0x24e4120]: Received Packet Handshake(22) with length: 16384 |<4>| REC[0x24e4120]: Decrypted Packet[3] Handshake(22) with length: 16384 |<3>| HSK[0x24e4120]: CERTIFICATE REQUEST was received. Length 17025[16380], frag offset 0, frag length: 17025, sequence: 0 |<2>| ASSERT: gnutls_buffers.c:819 |<2>| ASSERT: gnutls_buffers.c:1031 |<2>| ASSERT: gnutls_handshake.c:1269 |<2>| ASSERT: gnutls_handshake.c:2515 *** Fatal error: A TLS packet with unexpected length was received. |<4>| REC: Sending Alert[2|22] - Record overflow |<4>| REC[0x24e4120]: Preparing Packet Alert(21) with length: 2 |<9>| ENC[0x24e4120]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 |<4>| REC[0x24e4120]: Sent Packet[2] Alert(21) in epoch 0 and length: 7 *** Handshake has failed GnuTLS error: A TLS packet with unexpected length was received. |<4>| REC[0x24e4120]: Start of epoch cleanup |<4>| REC[0x24e4120]: End of epoch cleanup |<4>| REC[0x24e4120]: Epoch #0 freed |<4>| REC[0x24e4120]: Epoch #1 freed Processed 141 CA certificate(s). Resolving 'localhost'... Connecting to '127.0.0.1:5556'... - Peer's certificate issuer is unknown - Peer's certificate is NOT trusted - The hostname in the certificate does NOT match 'localhost' *** Verifying server certificate failed... -- Janne Snabb / EPIPE Communications [email protected] - http://epipe.com/ _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
