Source: gnutls26 Version: 2.12.20-6 Severity: normal Running gnutls-serv -d 255 -p 1234 --x509certfile /etc/ssl/certs/rilynn.pem --x509keyfile /etc/ssl/private/rilynn.key and gnutls-cli -d 255 -p 1234 --priority SECURE128 rilynn.me.uk on the same box fails to negotiate a cipher suite. A priority string of NORMAL appears to work.
The server reports: Set static Diffie-Hellman parameters, consider --dhparams. Echo Server listening on IPv4 0.0.0.0 port 1234...done Echo Server listening on IPv6 :: port 1234...bind() failed: Address already in use |<4>| REC[0x9224138]: Allocating epoch #0 * Accepted connection from IPv4 192.168.0.1 port 50714 on Mon May 13 18:07:09 2013 |<2>| ASSERT: gnutls_constate.c:695 |<4>| REC[0x9224138]: Allocating epoch #1 |<7>| READ: Got 5 bytes from 0x5 |<7>| READ: read 5 bytes from 0x5 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[0x9224138]: Expected Packet[0] Handshake(22) with length: 1 |<4>| REC[0x9224138]: Received Packet[0] Handshake(22) with length: 113 |<7>| READ: Got 113 bytes from 0x5 |<7>| READ: read 113 bytes from 0x5 |<7>| RB: Have 5 bytes into buffer. Adding 113 bytes. |<7>| RB: Requested 118 bytes |<4>| REC[0x9224138]: Decrypted Packet[0] Handshake(22) with length: 113 |<6>| BUF[HSK]: Inserted 113 bytes of Data(22) |<6>| BUF[REC][HD]: Read 1 bytes of Data(22) |<6>| BUF[REC][HD]: Read 3 bytes of Data(22) |<3>| HSK[0x9224138]: CLIENT HELLO was received [113 bytes] |<6>| BUF[REC][HD]: Read 109 bytes of Data(22) |<6>| BUF[HSK]: Inserted 4 bytes of Data |<6>| BUF[HSK]: Inserted 109 bytes of Data |<3>| HSK[0x9224138]: Client's version: 3.3 |<2>| ASSERT: gnutls_db.c:326 |<2>| ASSERT: gnutls_db.c:246 |<2>| EXT[0x9224138]: Parsing extension 'SERVER NAME/0' (17 bytes) |<2>| EXT[0x9224138]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes) |<2>| EXT[0x9224138]: Parsing extension 'SESSION TICKET/35' (0 bytes) |<2>| EXT[0x9224138]: Parsing extension 'SIGNATURE ALGORITHMS/13' (6 bytes) |<2>| EXT[SIGA]: rcvd signature algo (4.1) RSA-SHA256 |<2>| EXT[SIGA]: rcvd signature algo (2.2) DSA-SHA1 |<2>| ASSERT: gnutls_handshake.c:3348 |<1>| Could not find an appropriate certificate: Insufficient credentials for that request. |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_DSS_ARCFOUR_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA256 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA256 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_RSA_AES_128_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_RSA_AES_256_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_RSA_AES_128_CBC_SHA256 |<3>| HSK[0x9224138]: Removing ciphersuite: DHE_RSA_AES_256_CBC_SHA256 |<3>| HSK[0x9224138]: Removing ciphersuite: RSA_ARCFOUR_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: RSA_ARCFOUR_MD5 |<3>| HSK[0x9224138]: Removing ciphersuite: RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: RSA_AES_128_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: RSA_AES_256_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 |<3>| HSK[0x9224138]: Removing ciphersuite: RSA_AES_128_CBC_SHA256 |<3>| HSK[0x9224138]: Removing ciphersuite: RSA_AES_256_CBC_SHA256 |<2>| ASSERT: gnutls_handshake.c:921 |<2>| ASSERT: gnutls_handshake.c:586 |<2>| ASSERT: gnutls_handshake.c:2358 |<2>| ASSERT: gnutls_handshake.c:2991 |<6>| BUF[HSK]: Cleared Data from buffer Error in handshake Error: Could not negotiate a supported cipher suite. |<4>| REC: Sending Alert[2|40] - Handshake failed |<4>| REC[0x9224138]: Sending Packet[0] Alert(21) with length: 2 |<7>| WRITE: enqueued 7 bytes for 0x5. Total 7 bytes. |<7>| WRITE FLUSH: 7 bytes in buffer. |<7>| WRITE: wrote 7 bytes, 0 bytes left. |<4>| REC[0x9224138]: Sent Packet[1] Alert(21) with length: 7 |<2>| ASSERT: gnutls_record.c:276 |<6>| BUF[HSK]: Cleared Data from buffer |<4>| REC[0x9224138]: Epoch #0 freed |<4>| REC[0x9224138]: Epoch #1 freed The client reports : Resolving 'rilynn.me.uk'... Connecting to '192.168.0.1:1234'... |<4>| REC[0x89c9238]: Allocating epoch #0 |<2>| ASSERT: gnutls_constate.c:695 |<4>| REC[0x89c9238]: Allocating epoch #1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA256 |<3>| HSK[0x89c9238]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA256 |<3>| HSK[0x89c9238]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256 |<3>| HSK[0x89c9238]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[0x89c9238]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 |<2>| EXT[0x89c9238]: Sending extension SERVER NAME (17 bytes) |<2>| EXT[0x89c9238]: Sending extension SAFE RENEGOTIATION (1 bytes) |<2>| EXT[0x89c9238]: Sending extension SESSION TICKET (0 bytes) |<2>| EXT[SIGA]: sent signature algo (4.1) RSA-SHA256 |<2>| EXT[SIGA]: sent signature algo (2.2) DSA-SHA1 |<2>| EXT[0x89c9238]: Sending extension SIGNATURE ALGORITHMS (6 bytes) |<3>| HSK[0x89c9238]: CLIENT HELLO was sent [113 bytes] |<6>| BUF[HSK]: Inserted 113 bytes of Data |<7>| HWRITE: enqueued 113. Total 113 bytes. |<7>| HWRITE FLUSH: 113 bytes in buffer. |<4>| REC[0x89c9238]: Sending Packet[0] Handshake(22) with length: 113 |<7>| WRITE: enqueued 118 bytes for 0x4. Total 118 bytes. |<4>| REC[0x89c9238]: Sent Packet[1] Handshake(22) with length: 118 |<7>| HWRITE: wrote 113 bytes, 0 bytes left. |<7>| WRITE FLUSH: 118 bytes in buffer. |<7>| WRITE: wrote 118 bytes, 0 bytes left. |<7>| READ: Got 5 bytes from 0x4 |<7>| READ: read 5 bytes from 0x4 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[0x89c9238]: Expected Packet[0] Handshake(22) with length: 1 |<4>| REC[0x89c9238]: Received Packet[0] Alert(21) with length: 2 |<7>| READ: Got 2 bytes from 0x4 |<7>| READ: read 2 bytes from 0x4 |<7>| RB: Have 5 bytes into buffer. Adding 2 bytes. |<7>| RB: Requested 7 bytes |<4>| REC[0x89c9238]: Decrypted Packet[0] Alert(21) with length: 2 |<4>| REC[0x89c9238]: Alert[2|40] - Handshake failed - was received |<2>| ASSERT: gnutls_record.c:726 |<2>| ASSERT: gnutls_record.c:1122 |<2>| ASSERT: gnutls_handshake.c:2762 |<6>| BUF[HSK]: Cleared Data from buffer *** Fatal error: A TLS fatal alert has been received. *** Received alert [40]: Handshake failed |<4>| REC: Sending Alert[2|80] - Internal error |<4>| REC[0x89c9238]: Sending Packet[1] Alert(21) with length: 2 |<7>| WRITE: enqueued 7 bytes for 0x4. Total 7 bytes. |<7>| WRITE FLUSH: 7 bytes in buffer. |<7>| WRITE: wrote 7 bytes, 0 bytes left. |<4>| REC[0x89c9238]: Sent Packet[2] Alert(21) with length: 7 *** Handshake has failed GnuTLS error: A TLS fatal alert has been received. |<6>| BUF[HSK]: Cleared Data from buffer |<4>| REC[0x89c9238]: Epoch #0 freed |<4>| REC[0x89c9238]: Epoch #1 freed Using a priority string of SECURE128 for outgoing SMTP connections in Debian exim also fails between two Wheezy boxes, which is how I noticed the problem in the first place. Also, gnutls appears to prefer to use the weakest available cipher instead of the strongest, which seems a bit odd. Thanks, Roger -- System Information: Debian Release: 7.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-686-pae (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libgnutls26 depends on: ii libc6 2.13-38 ii libgcrypt11 1.5.0-5 ii libp11-kit0 0.12-3 ii libtasn1-3 2.13-2 ii multiarch-support 2.13-38 ii zlib1g 1:1.2.7.dfsg-13 libgnutls26 recommends no packages. libgnutls26 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org