* bug#23311: TLS handshake error
@ 2016-04-18 22:29 Ludovic Courtès
2016-04-19 14:06 ` Ludovic Courtès
2016-04-20 11:18 ` Ludovic Courtès
0 siblings, 2 replies; 7+ messages in thread
From: Ludovic Courtès @ 2016-04-18 22:29 UTC (permalink / raw)
To: 23311
Sometimes, TLS handshakes fail in strange ways (the following happens
after a dozen of iterations; I’ve enabled GnuTLS debugging in (guix
build download) here):
--8<---------------cut here---------------start------------->8---
$ while ./pre-inst-env guix download https://mirror.hydra.gnu.org/index.html ; do : ; done
[...]
Starting download of /tmp/guix-file.4axVhT
From https://mirror.hydra.gnu.org/index.html...
gnutls: [2565|3] ASSERT: gnutls_constate.c:588
gnutls: [2565|5] REC[0x1d98bd0]: Allocating epoch #1
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 (C0.86)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 (C0.87)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 (C0.72)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 (C0.73)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CCM (C0.AC)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CCM (C0.AD)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.8A)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.8B)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384 (C0.28)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256 (C0.76)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 (C0.77)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_GCM_SHA256 (00.9C)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_GCM_SHA384 (00.9D)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_GCM_SHA256 (C0.7A)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_GCM_SHA384 (C0.7B)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA1 (00.2F)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA256 (00.3C)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA1 (00.35)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA256 (00.3D)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 (00.41)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA256 (00.BA)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 (00.84)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA256 (00.C0)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CCM (C0.9C)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CCM (C0.9D)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_3DES_EDE_CBC_SHA1 (00.0A)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_GCM_SHA256 (00.9E)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_GCM_SHA384 (00.9F)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.7C)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.7D)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA1 (00.33)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA256 (00.67)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA1 (00.39)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA256 (00.6B)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 (00.BE)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 (00.C4)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CCM (C0.9E)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CCM (C0.9F)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension EXT MASTER SECRET (0 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension ENCRYPT THEN MAC (0 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension STATUS REQUEST (5 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SERVER NAME (25 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SAFE RENEGOTIATION (1 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SESSION TICKET (0 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SUPPORTED ECC (12 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (4.1) RSA-SHA256
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (4.3) ECDSA-SHA256
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (5.1) RSA-SHA384
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (5.3) ECDSA-SHA384
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (6.1) RSA-SHA512
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (6.3) ECDSA-SHA512
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (3.1) RSA-SHA224
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (3.3) ECDSA-SHA224
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (2.1) RSA-SHA1
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (2.3) ECDSA-SHA1
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SIGNATURE ALGORITHMS (22 bytes)
gnutls: [2565|4] HSK[0x1d98bd0]: CLIENT HELLO was queued [256 bytes]
gnutls: [2565|5] REC[0x1d98bd0]: Preparing Packet Handshake(22) with length: 256 and min pad: 0
gnutls: [2565|9] ENC[0x1d98bd0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls: [2565|5] REC[0x1d98bd0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 261
gnutls: [2565|3] ASSERT: gnutls_buffers.c:1154
gnutls: [2565|10] READ: Got 0 bytes from 0xd
gnutls: [2565|10] READ: read 0 bytes from 0xd
gnutls: [2565|3] ASSERT: gnutls_buffers.c:592
gnutls: [2565|3] ASSERT: gnutls_record.c:1038
gnutls: [2565|3] ASSERT: gnutls_record.c:1158
gnutls: [2565|3] ASSERT: gnutls_buffers.c:1409
gnutls: [2565|3] ASSERT: gnutls_handshake.c:1446
gnutls: [2565|3] ASSERT: gnutls_handshake.c:2757
ERROR: Throw to key `gnutls-error' with args `(#<gnutls-error-enum La TLS-konekto estis finigita neĝuste.> handshake)'.
failed to download "/tmp/guix-file.4axVhT" from "https://mirror.hydra.gnu.org/index.html"
guix download: error: https://mirror.hydra.gnu.org/index.html: download failed
$ guix package -I gnutls
gnutls 3.4.7 out /gnu/store/k1bihwrvcrhjwpxg74d93w9dwsldrvap-gnutls-3.4.7
$ git describe
v0.10.0-298-g4f8cede
--8<---------------cut here---------------end--------------->8---
For reference, the successful handshakes look like this:
--8<---------------cut here---------------start------------->8---
Starting download of /tmp/guix-file.VSDV7l
From https://mirror.hydra.gnu.org/index.html...
gnutls: [2557|3] ASSERT: gnutls_constate.c:588
gnutls: [2557|5] REC[0x222ebd0]: Allocating epoch #1
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 (C0.86)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 (C0.87)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 (C0.72)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 (C0.73)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CCM (C0.AC)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CCM (C0.AD)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.8A)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.8B)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384 (C0.28)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256 (C0.76)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 (C0.77)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_GCM_SHA256 (00.9C)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_GCM_SHA384 (00.9D)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_GCM_SHA256 (C0.7A)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_GCM_SHA384 (C0.7B)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA1 (00.2F)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA256 (00.3C)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA1 (00.35)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA256 (00.3D)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 (00.41)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA256 (00.BA)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 (00.84)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA256 (00.C0)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CCM (C0.9C)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CCM (C0.9D)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_3DES_EDE_CBC_SHA1 (00.0A)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_GCM_SHA256 (00.9E)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_GCM_SHA384 (00.9F)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.7C)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.7D)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA1 (00.33)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA256 (00.67)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA1 (00.39)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA256 (00.6B)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 (00.BE)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 (00.C4)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CCM (C0.9E)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CCM (C0.9F)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension EXT MASTER SECRET (0 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension ENCRYPT THEN MAC (0 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension STATUS REQUEST (5 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SERVER NAME (25 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SAFE RENEGOTIATION (1 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SESSION TICKET (0 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SUPPORTED ECC (12 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (4.1) RSA-SHA256
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (4.3) ECDSA-SHA256
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (5.1) RSA-SHA384
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (5.3) ECDSA-SHA384
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (6.1) RSA-SHA512
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (6.3) ECDSA-SHA512
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (3.1) RSA-SHA224
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (3.3) ECDSA-SHA224
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (2.1) RSA-SHA1
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (2.3) ECDSA-SHA1
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SIGNATURE ALGORITHMS (22 bytes)
gnutls: [2557|4] HSK[0x222ebd0]: CLIENT HELLO was queued [256 bytes]
gnutls: [2557|5] REC[0x222ebd0]: Preparing Packet Handshake(22) with length: 256 and min pad: 0
gnutls: [2557|9] ENC[0x222ebd0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls: [2557|5] REC[0x222ebd0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 261
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1154
gnutls: [2557|10] READ: Got 5 bytes from 0xd
gnutls: [2557|10] READ: read 5 bytes from 0xd
gnutls: [2557|10] RB: Have 0 bytes into buffer. Adding 5 bytes.
gnutls: [2557|10] RB: Requested 5 bytes
gnutls: [2557|5] REC[0x222ebd0]: SSL 3.3 Handshake packet received. Epoch 0, length: 61
gnutls: [2557|5] REC[0x222ebd0]: Expected Packet Handshake(22)
gnutls: [2557|5] REC[0x222ebd0]: Received Packet Handshake(22) with length: 61
gnutls: [2557|10] READ: Got 61 bytes from 0xd
gnutls: [2557|10] READ: read 61 bytes from 0xd
gnutls: [2557|10] RB: Have 5 bytes into buffer. Adding 61 bytes.
gnutls: [2557|10] RB: Requested 66 bytes
gnutls: [2557|5] REC[0x222ebd0]: Decrypted Packet[0] Handshake(22) with length: 61
gnutls: [2557|4] HSK[0x222ebd0]: SERVER HELLO (2) was received. Length 57[57], frag offset 0, frag length: 57, sequence: 0
gnutls: [2557|4] HSK[0x222ebd0]: Server's version: 3.3
gnutls: [2557|4] HSK[0x222ebd0]: SessionID length: 0
gnutls: [2557|4] HSK[0x222ebd0]: SessionID: c0
gnutls: [2557|4] HSK[0x222ebd0]: Selected cipher suite: ECDHE_RSA_AES_128_GCM_SHA256
gnutls: [2557|4] HSK[0x222ebd0]: Selected compression method: NULL (0)
gnutls: [2557|4] EXT[0x222ebd0]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Parsing extension 'SUPPORTED ECC POINT FORMATS/11' (4 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Parsing extension 'SESSION TICKET/35' (0 bytes)
gnutls: [2557|4] HSK[0x222ebd0]: Safe renegotiation succeeded
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1154
gnutls: [2557|10] READ: Got 5 bytes from 0xd
gnutls: [2557|10] READ: read 5 bytes from 0xd
gnutls: [2557|10] RB: Have 0 bytes into buffer. Adding 5 bytes.
gnutls: [2557|10] RB: Requested 5 bytes
gnutls: [2557|5] REC[0x222ebd0]: SSL 3.3 Handshake packet received. Epoch 0, length: 2538
gnutls: [2557|5] REC[0x222ebd0]: Expected Packet Handshake(22)
gnutls: [2557|5] REC[0x222ebd0]: Received Packet Handshake(22) with length: 2538
gnutls: [2557|10] READ: Got 1339 bytes from 0xd
gnutls: [2557|10] READ: Got 1199 bytes from 0xd
gnutls: [2557|10] READ: read 2538 bytes from 0xd
gnutls: [2557|10] RB: Have 5 bytes into buffer. Adding 2538 bytes.
gnutls: [2557|10] RB: Requested 2543 bytes
gnutls: [2557|5] REC[0x222ebd0]: Decrypted Packet[1] Handshake(22) with length: 2538
gnutls: [2557|4] HSK[0x222ebd0]: CERTIFICATE (11) was received. Length 2534[2534], frag offset 0, frag length: 2534, sequence: 0
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1154
gnutls: [2557|10] READ: Got 5 bytes from 0xd
gnutls: [2557|10] READ: read 5 bytes from 0xd
gnutls: [2557|10] RB: Have 0 bytes into buffer. Adding 5 bytes.
gnutls: [2557|10] RB: Requested 5 bytes
gnutls: [2557|5] REC[0x222ebd0]: SSL 3.3 Handshake packet received. Epoch 0, length: 333
gnutls: [2557|5] REC[0x222ebd0]: Expected Packet Handshake(22)
gnutls: [2557|5] REC[0x222ebd0]: Received Packet Handshake(22) with length: 333
gnutls: [2557|10] READ: Got 333 bytes from 0xd
gnutls: [2557|10] READ: read 333 bytes from 0xd
gnutls: [2557|10] RB: Have 5 bytes into buffer. Adding 333 bytes.
gnutls: [2557|10] RB: Requested 338 bytes
gnutls: [2557|5] REC[0x222ebd0]: Decrypted Packet[2] Handshake(22) with length: 333
gnutls: [2557|4] HSK[0x222ebd0]: SERVER KEY EXCHANGE (12) was received. Length 329[329], frag offset 0, frag length: 329, sequence: 0
gnutls: [2557|4] HSK[0x222ebd0]: Selected ECC curve SECP256R1 (2)
gnutls: [2557|4] HSK[0x222ebd0]: verify handshake data: using RSA-SHA256
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1154
gnutls: [2557|10] READ: Got 5 bytes from 0xd
gnutls: [2557|10] READ: read 5 bytes from 0xd
gnutls: [2557|10] RB: Have 0 bytes into buffer. Adding 5 bytes.
gnutls: [2557|10] RB: Requested 5 bytes
gnutls: [2557|5] REC[0x222ebd0]: SSL 3.3 Handshake packet received. Epoch 0, length: 4
gnutls: [2557|5] REC[0x222ebd0]: Expected Packet Handshake(22)
gnutls: [2557|5] REC[0x222ebd0]: Received Packet Handshake(22) with length: 4
gnutls: [2557|10] READ: Got 4 bytes from 0xd
gnutls: [2557|10] READ: read 4 bytes from 0xd
gnutls: [2557|10] RB: Have 5 bytes into buffer. Adding 4 bytes.
gnutls: [2557|10] RB: Requested 9 bytes
gnutls: [2557|5] REC[0x222ebd0]: Decrypted Packet[3] Handshake(22) with length: 4
gnutls: [2557|4] HSK[0x222ebd0]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 1, sequence: 0
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1145
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1374
gnutls: [2557|4] HSK[0x222ebd0]: CLIENT KEY EXCHANGE was queued [70 bytes]
gnutls: [2557|4] REC[0x222ebd0]: Sent ChangeCipherSpec
gnutls: [2557|9] INT: PREMASTER SECRET[32]: 716e3dcaccba7603e0ebb582523b8843346f6a39b8cf48e2621dca454c10ab86
gnutls: [2557|9] INT: CLIENT RANDOM[32]: 571555d2e90ca30c79a44bfb5819f6b8efd46b4b3624ea6b8fa061f5d0b112e2
gnutls: [2557|9] INT: SERVER RANDOM[32]: 35b4aac815c824fb266db15ca58299fc404184fe9d0bcd7a0b2430648c548757
gnutls: [2557|9] INT: MASTER SECRET: 1c79b7539323f17b5208443b95ad00d350ff0161b792bda105ca16617af059fb3bfe7aae6917cd99c4dc2a12c2e66fea
gnutls: [2557|5] REC[0x222ebd0]: Initializing epoch #1
gnutls: [2557|9] INT: KEY BLOCK[40]: 53c329765d368833c6633081fe69fc63065ea7a51deab4bc5e06a43067e85a2e
gnutls: [2557|9] INT: CLIENT WRITE KEY [16]: 53c329765d368833c6633081fe69fc63
gnutls: [2557|9] INT: SERVER WRITE KEY [16]: 065ea7a51deab4bc5e06a43067e85a2e
gnutls: [2557|5] REC[0x222ebd0]: Epoch #1 ready
gnutls: [2557|4] HSK[0x222ebd0]: Cipher Suite: ECDHE_RSA_AES_128_GCM_SHA256
gnutls: [2557|4] HSK[0x222ebd0]: Initializing internal [write] cipher sessions
gnutls: [2557|4] HSK[0x222ebd0]: recording tls-unique CB (send)
gnutls: [2557|4] HSK[0x222ebd0]: FINISHED was queued [16 bytes]
gnutls: [2557|5] REC[0x222ebd0]: Preparing Packet Handshake(22) with length: 70 and min pad: 0
gnutls: [2557|9] ENC[0x222ebd0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls: [2557|5] REC[0x222ebd0]: Sent Packet[2] Handshake(22) in epoch 0 and length: 75
gnutls: [2557|5] REC[0x222ebd0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
gnutls: [2557|9] ENC[0x222ebd0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls: [2557|5] REC[0x222ebd0]: Sent Packet[3] ChangeCipherSpec(20) in epoch 0 and length: 6
gnutls: [2557|5] REC[0x222ebd0]: Preparing Packet Handshake(22) with length: 16 and min pad: 0
gnutls: [2557|9] ENC[0x222ebd0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
gnutls: [2557|5] REC[0x222ebd0]: Sent Packet[1] Handshake(22) in epoch 1 and length: 45
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1154
[...]
--8<---------------cut here---------------end--------------->8---
In the bad case, the client gets stuck for a few seconds in ‘recvfrom’
and eventually bails out (“Got 0 bytes from 0xd”).
The same loop with https://www.gnu.org/index.html or
https://hydra.gnu.org/logo works well, it seems, so it might be a
misconfiguration on mirror.hydra.gnu.org.
Ludo’.
^ permalink raw reply [flat|nested] 7+ messages in thread
* bug#23311: TLS handshake error
2016-04-18 22:29 bug#23311: TLS handshake error Ludovic Courtès
@ 2016-04-19 14:06 ` Ludovic Courtès
2016-04-19 21:10 ` Ludovic Courtès
2016-04-20 11:18 ` Ludovic Courtès
1 sibling, 1 reply; 7+ messages in thread
From: Ludovic Courtès @ 2016-04-19 14:06 UTC (permalink / raw)
To: 23311
ludo@gnu.org (Ludovic Courtès) skribis:
> Sometimes, TLS handshakes fail in strange ways (the following happens
> after a dozen of iterations; I’ve enabled GnuTLS debugging in (guix
> build download) here):
Can also be reproduced like this:
--8<---------------cut here---------------start------------->8---
$ while echo 'GET /index.html' | gnutls-cli mirror.hydra.gnu.org ; do : ; done
[...]
Resolving 'mirror.hydra.gnu.org'...
Connecting to '131.159.14.26:443'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `CN=hydra.gnunet.org', issuer `C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X1', RSA key 2048 bits, signed using RSA-SHA256, activated `2016-03-19 22:26:00 UTC', expires `2016-06-17 22:26:00 UTC', SHA-1 fingerprint `51c20b204469ccf4fa62b471f421f15a55146975'
Public Key ID:
ab678bd61d4e942cc835ee7c099be880d98eca89
Public key's random art:
+--[ RSA 2048]----+
| |
| o |
| . + o . |
| o + + |
| + +S* . |
| o o . =.= |
| o o ..= . |
|o o . oo+ o |
|E+ .oo.. |
+-----------------+
- Certificate[1] info:
- subject `C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X1', issuer `O=Digital Signature Trust Co.,CN=DST Root CA X3', RSA key 2048 bits, signed using RSA-SHA256, activated `2015-10-19 22:33:36 UTC', expires `2020-10-19 22:33:36 UTC', SHA-1 fingerprint `3eae91937ec85d74483ff4b77b07b43e2af36bf4'
- Status: The certificate is trusted.
- Description: (TLS1.2)-(ECDHE-RSA-SECP256R1)-(AES-256-GCM)
- Session ID: 3D:90:F6:7E:0A:B1:58:9B:FE:69:0C:3C:1C:8F:2F:7C:53:FB:5B:0B:86:26:59:C3:E3:98:CF:0C:1E:59:25:3E
- Ephemeral EC Diffie-Hellman parameters
- Using curve: SECP256R1
- Curve size: 256 bits
- Version: TLS1.2
- Key Exchange: ECDHE-RSA
- Server Signature: RSA-SHA512
- Cipher: AES-256-GCM
- MAC: AEAD
- Compression: NULL
- Options: safe renegotiation,
- Handshake was completed
- Simple Client Mode:
Processed 525 CA certificate(s).
Resolving 'mirror.hydra.gnu.org'...
Connecting to '131.159.14.26:443'...
*** Fatal error: The operation timed out
*** Handshake has failed
GnuTLS error: The operation timed out
$ gnutls-cli --version
gnutls-cli 3.4.7
--8<---------------cut here---------------end--------------->8---
… or by running this program:
--8<---------------cut here---------------start------------->8---
(use-modules (gnutls)
(ice-9 match))
(match (getaddrinfo "mirror.hydra.gnu.org" "https")
((addrinfo _ ...)
(let ((addr (addrinfo:addr addrinfo)))
(let loop ((i 0))
(pk 'try i)
(let ((socket (socket (addrinfo:fam addrinfo)
SOCK_STREAM (addrinfo:protocol addrinfo))))
(connect socket addr)
(let ((session (make-session connection-end/client)))
(set-session-server-name! session server-name-type/dns
"mirror.hydra.gnu.org")
(set-session-transport-fd! session (fileno socket))
(set-session-default-priority! session)
(set-session-credentials! session (make-certificate-credentials))
(handshake session)
(close-port socket)
(loop (1+ i))))))))
--8<---------------cut here---------------end--------------->8---
… like this:
--8<---------------cut here---------------start------------->8---
$ guile ./tls.scm
[...]
;;; (try 75)
Backtrace:
In ice-9/boot-9.scm:
155: 8 [catch #t #<catch-closure 28887e0> ...]
In unknown file:
?: 7 [apply-smob/1 #<catch-closure 28887e0>]
In ice-9/boot-9.scm:
61: 6 [call-with-prompt prompt0 ...]
In ice-9/eval.scm:
432: 5 [eval # #]
In ice-9/boot-9.scm:
2401: 4 [save-module-excursion #<procedure 28d2a40 at ice-9/boot-9.scm:4045:3 ()>]
4052: 3 [#<procedure 28d2a40 at ice-9/boot-9.scm:4045:3 ()>]
In unknown file:
?: 2 [load-compiled/vm "/home/ludo/.cache/guile/ccache/2.0-LE-8-2.0/home/ludo/src/guix/tls.scm.go"]
In /home/ludo/src/guix/./tls.scm:
18: 1 [#<procedure 29f34a0 ()>]
In unknown file:
?: 0 [handshake #<session 2e0c680>]
ERROR: In procedure handshake:
ERROR: Throw to key `gnutls-error' with args `(#<gnutls-error-enum The TLS connection was non-properly terminated.> handshake)'.
--8<---------------cut here---------------end--------------->8---
Ludo’.
^ permalink raw reply [flat|nested] 7+ messages in thread
* bug#23311: TLS handshake error
2016-04-19 14:06 ` Ludovic Courtès
@ 2016-04-19 21:10 ` Ludovic Courtès
2016-04-19 21:51 ` Ludovic Courtès
0 siblings, 1 reply; 7+ messages in thread
From: Ludovic Courtès @ 2016-04-19 21:10 UTC (permalink / raw)
To: 23311
ludo@gnu.org (Ludovic Courtès) skribis:
> $ while echo 'GET /index.html' | gnutls-cli mirror.hydra.gnu.org ; do : ; done
Same with GnuTLS 3.4.11.
Ludo’.
^ permalink raw reply [flat|nested] 7+ messages in thread
* bug#23311: TLS handshake error
2016-04-19 21:10 ` Ludovic Courtès
@ 2016-04-19 21:51 ` Ludovic Courtès
0 siblings, 0 replies; 7+ messages in thread
From: Ludovic Courtès @ 2016-04-19 21:51 UTC (permalink / raw)
To: 23311
Continuing my monologue. :-)
On the client side (with gnutls-cli), the handshake looks like:
--8<---------------cut here---------------start------------->8---
connect(4, {sa_family=AF_INET, sin_port=htons(443), sin_addr=inet_addr("131.159.14.26")}, 16) = 0
writev(4, [{"\26\3\1\1\0\1\0\0\374\3\3W\26\244\271\231\376\373\234\244+\253S\314\263\347$\363$[\337\215\360\255'\340\231#R\37]~\344\0\0l\300+\300,\300\206\300\207\300\t\300#\300\n\300$\300r\300s\300\254\300\255\300\10\300/\3000\300\212\300\213\300\23\300'\300\24\300(\300v\300w\300\22\0\234\0\235\300z\300{\0/\0<\0005\0=\0A\0\272\0\204\0\300\300\234\300\235\0\n\0\236\0\237\300|\300}\0003\0g\0009\0k\0E\0\276\0\210\0\304\300\236\300\237\0\26\1\0\0g\0\27\0\0\0\26\0\0\0\5\0\5\1\0\0\0\0\0\0\0\31\0\27\0\0\24mirror.hydra.gnu.org\377\1\0\1\0\0#\0\0\0\n\0\f\0\n\0\27\0\30\0\31\0\25\0\23\0\v\0\2\1\0\0\r\0\26\0\24\4\1\4\3\5\1\5\3\6\1\6\3\3\1\3\3\2\1\2\3", 261}], 1) = 261
select(5, [4], NULL, NULL, {40, 0}) = 0 (Timeout)
write(2, "*** Fatal error: The operation timed out\n", 41) = 41
--8<---------------cut here---------------end--------------->8---
On the server side (nginx 1.8.1 with OpenSSL 1.0.2f), a successful
handshake looks like this:
--8<---------------cut here---------------start------------->8---
accept4(14, {sa_family=AF_INET, sin_port=htons(52680), sin_addr=inet_addr("XX.XX.XX.XX")}, [16], SOCK_NONBLOCK) = 12
epoll_ctl(10, EPOLL_CTL_ADD, 12, {EPOLLIN|EPOLLRDHUP|EPOLLET, {u32=2707653273, u64=139997166666393}}) = 0
epoll_wait(10, {{EPOLLIN, {u32=2707653273, u64=139997166666393}}}, 512, 60000) = 1
recvfrom(12, "\26", 1, MSG_PEEK, NULL, NULL) = 1
read(12, "\26\3\1\1\0\1\0\0\374\3\3", 11) = 11
read(12, "W\26\244\247\331\372\233o\343\210\362{\265'b\343A\240*\212\336jk\330\245\33W\10\311?\33\274\0\0l\300+\300,\300\206\300\207\300\t\300#\300\n\300$\300r\300s\300\254\300\255\300\10\300/\3000\300\212\300\213\300\23\300'\
300\24\300(\300v\300w\300\22\0\234\0\235\300z\300{\0/\0<\0005\0=\0A\0\272\0\204\0\300\300\234\300\235\0\n\0\236\0\237\300|\300}\0003\0g\0009\0k\0E\0\276\0\210\0\304\300\236\300\237\0\26\1\0\0g\0\27\0\0\0\26\0\0\0\5\0\5\1\0\0\0
\0\0\0\0\31\0\27\0\0\24mirror.hydra.gnu.org\377\1\0\1\0\0#\0\0\0\n\0\f\0\n\0\27\0\30\0\31\0\25\0\23\0\v\0\2\1\0\0\r\0\26\0\24\4\1\4\3\5\1\5\3\6\1\6\3\3\1\3\3\2\1\2\3", 250) = 250
write(12, "\26\3\3\0=\2\0\0009\3\3R)\306\6O\365\23\3\210\4\204\331\23\272\225D\vGN:!\234\366\345\244h\347\335\36712\223\0\3000\0\0\21\377\1\0\1\0\0\v\0\4\3\0\1\2\0#\0\0\26\3\3\t\352\v\0\t\346\0\t\343\0\00510\202\5-0\202\4\25\2
40\3\2\1\2\2\22\1#v\v\263\357\2151&\20p\247\346P\30\3778\3710\r\6\t*\206H\206\367\r\1\1\v\5\0000J1\v0\t\6\3U\4\6\23\2US1\0260\24\6\3U\4\n\23\rLet's Encrypt1#0!\6\3U\4\3\23\32Let's Encrypt Authority X10\36\27\r160319222600Z\27\
r160617222600Z0\0331\0310\27\6\3U\4\3\23\20hydra.gnunet.org0\202\1\"0\r\6\t*\206H\206\367\r\1\1\1\5\0\3\202\1\17\0000\202\1\n\2\202\1\1\0\333\2259t\\z%p\210\353\233z\331L\253\334\37fo\35xNd\210\215~g\344T~\257\3317\3027\223[~\
304'\252\340m\252\374\226"..., 2956) = 2956
[...]
write(12, "\25\3\3\0\32\335t\334'\343\31\347.D\362\22\254c\f4\34\270\226\201\34f\243h\302\354g", 31) = 31
close(12) = 0
--8<---------------cut here---------------end--------------->8---
(Note the 250 + 11 = 261 bytes sent by the client.)
In the faulty case, nginx seems stuck in epoll_wait, not seeing activity
on FD 12, even though the client did send its 261 bytes:
--8<---------------cut here---------------start------------->8---
accept4(14, {sa_family=AF_INET, sin_port=htons(52682), sin_addr=inet_addr("XX.XX.XX.XX")}, [16], SOCK_NONBLOCK) = 12
epoll_ctl(10, EPOLL_CTL_ADD, 12, {EPOLLIN|EPOLLRDHUP|EPOLLET, {u32=2707653272, u64=139997166666392}}) = 0
epoll_wait(10, <detached ...>
--8<---------------cut here---------------end--------------->8---
The server is using a relatively old kernel version.
To be continued…
Ludo’.
^ permalink raw reply [flat|nested] 7+ messages in thread
* bug#23311: TLS handshake error
2016-04-18 22:29 bug#23311: TLS handshake error Ludovic Courtès
2016-04-19 14:06 ` Ludovic Courtès
@ 2016-04-20 11:18 ` Ludovic Courtès
2016-04-20 11:31 ` Mathieu Lirzin
1 sibling, 1 reply; 7+ messages in thread
From: Ludovic Courtès @ 2016-04-20 11:18 UTC (permalink / raw)
To: 23311-done
ludo@gnu.org (Ludovic Courtès) skribis:
> $ while ./pre-inst-env guix download https://mirror.hydra.gnu.org/index.html ; do : ; done
Interestingly, the same loop with wget (which uses the very same GnuTLS)
goes on forever.
It turns out that instead of the default TLS cipher suite priority
string (“NORMAL”), wget does:
--8<---------------cut here---------------start------------->8---
case secure_protocol_auto:
err = gnutls_priority_set_direct (session, "NORMAL:%COMPAT:-VERS-SSL3.0", NULL);
break;
--8<---------------cut here---------------end--------------->8---
The code doesn’t explain why, but GnuTLS’s documentation has this bit
(info "(gnutls) Priority Strings"):
--8<---------------cut here---------------start------------->8---
%COMPAT will enable compatibility
mode. It might mean that
violations of the protocols
are allowed as long as maximum
compatibility with problematic
clients and servers is
achieved. More specifically
this string would disable TLS
record random padding,
tolerate packets over the
maximum allowed TLS record,
and add a padding to TLS
Client Hello packet to prevent
it being in the 256-512 range
which is known to be causing
issues with a commonly used
firewall.
--8<---------------cut here---------------end--------------->8---
Indeed, as soon as we add %COMPAT, ‘gnutls-cli’ et al. send a 253-byte
client hello (instead of 261) and the problem vanishes.
Commit 967ee481e893fd77ff8ca896188e20e425331bf2 does that.
Ludo’.
^ permalink raw reply [flat|nested] 7+ messages in thread
* bug#23311: TLS handshake error
2016-04-20 11:18 ` Ludovic Courtès
@ 2016-04-20 11:31 ` Mathieu Lirzin
2016-04-20 15:32 ` Ludovic Courtès
0 siblings, 1 reply; 7+ messages in thread
From: Mathieu Lirzin @ 2016-04-20 11:31 UTC (permalink / raw)
To: 23311
ludo@gnu.org (Ludovic Courtès) writes:
> Indeed, as soon as we add %COMPAT, ‘gnutls-cli’ et al. send a 253-byte
> client hello (instead of 261) and the problem vanishes.
>
> Commit 967ee481e893fd77ff8ca896188e20e425331bf2 does that.
\o/
Thanks for taking the time to debug this!
--
Mathieu Lirzin
^ permalink raw reply [flat|nested] 7+ messages in thread
* bug#23311: TLS handshake error
2016-04-20 11:31 ` Mathieu Lirzin
@ 2016-04-20 15:32 ` Ludovic Courtès
0 siblings, 0 replies; 7+ messages in thread
From: Ludovic Courtès @ 2016-04-20 15:32 UTC (permalink / raw)
To: Mathieu Lirzin; +Cc: 23311
Mathieu Lirzin <mthl@gnu.org> skribis:
> ludo@gnu.org (Ludovic Courtès) writes:
>
>> Indeed, as soon as we add %COMPAT, ‘gnutls-cli’ et al. send a 253-byte
>> client hello (instead of 261) and the problem vanishes.
>>
>> Commit 967ee481e893fd77ff8ca896188e20e425331bf2 does that.
>
> \o/
>
> Thanks for taking the time to debug this!
And thanks for mentioning it to me! I had never hit it (maybe because I
would hit C-c before the thing times out and reports an error) until I
tried harder.
Ludo’.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2016-04-20 15:33 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-04-18 22:29 bug#23311: TLS handshake error Ludovic Courtès
2016-04-19 14:06 ` Ludovic Courtès
2016-04-19 21:10 ` Ludovic Courtès
2016-04-19 21:51 ` Ludovic Courtès
2016-04-20 11:18 ` Ludovic Courtès
2016-04-20 11:31 ` Mathieu Lirzin
2016-04-20 15:32 ` Ludovic Courtès
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).