reassign 709292 libssl1.0.0 retitle 709292 libssl1.0.0: "decryption failed or bad record mac" during handshake clone 709292 -1 reassign -1 libgnutls26 retitle -1 libgnutls26: segfaults during handshake severity -1 important affects -1 wget kthxbye
On Wed, May 22, 2013 at 01:37:35PM +0200, rodrifra wrote: > Package: curl > Version: 7.26.0-1+wheezy2 > Severity: normal > > Dear Maintainer, > > Executing the following: > curl -o pruebacurl.html > https://sede.dgt.gob.es/sede/faces/paginas/testra/testraIframe.xhtml?pagina=consulta.html > Produced the next error: > error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad > record mac > > Forcing SSLv3 solves the problem: > curl -3 -o pruebacurl.html > https://sede.dgt.gob.es/sede/faces/paginas/testra/testraIframe.xhtml?pagina=consulta.html If there's any bug, it's probably in the server's SSL implementation, since it can't do a proper TLS handshake, in any case it's not curl's fault. I'm reassigning this to openssl (which is what curl uses) to make sure there's nothing wrong with it. > wget has same problem in latest stable version, but oldstable works fine. Hmm, if I try with wget (from sid), it segfaults, same with gnutls-cli. Seems to be a bug in gnutls: > % gnutls-cli sede.dgt.gob.es -p 443 > Resolving 'sede.dgt.gob.es'... > Connecting to '213.4.59.219:443'... > zsh: segmentation fault gnutls-cli sede.dgt.gob.es -p 443 Backtrace: > Resolving 'sede.dgt.gob.es'... > Connecting to '213.4.59.219:443'... > > Program received signal SIGSEGV, Segmentation fault. > 0x00007ffff7b3908e in _gnutls_ciphertext2compressed ( > session=session@entry=0x6224f0, > compress_data=compress_data@entry=0x625e60 "\001", > compress_size=compress_size@entry=16384, ciphertext=..., type=21 '\025', > params=params@entry=0x623630) at gnutls_cipher.c:572 > 572 gnutls_cipher.c: File o directory non esistente. > (gdb) bt > #0 0x00007ffff7b3908e in _gnutls_ciphertext2compressed ( > session=session@entry=0x6224f0, > compress_data=compress_data@entry=0x625e60 "\001", > compress_size=compress_size@entry=16384, ciphertext=..., type=21 '\025', > params=params@entry=0x623630) at gnutls_cipher.c:572 > #1 0x00007ffff7b392a3 in _gnutls_decrypt (session=session@entry=0x6224f0, > ciphertext=ciphertext@entry=0x6232b5 > "\327\343'\214?\266\230I$P:uS\027e\026\245\276Q\322vӤG\373U\215;X\310<\224", > ciphertext_size=ciphertext_size@entry=32, > data=data@entry=0x625e60 "\001", max_data_size=16384, > type=type@entry=GNUTLS_ALERT, params=0x623630) at gnutls_cipher.c:148 > #2 0x00007ffff7b36cd1 in _gnutls_recv_int (session=session@entry=0x6224f0, > type=type@entry=GNUTLS_HANDSHAKE, > htype=htype@entry=GNUTLS_HANDSHAKE_FINISHED, > data=data@entry=0x622ad0 "\016", sizeofdata=sizeofdata@entry=1) > at gnutls_record.c:1068 > #3 0x00007ffff7b3aa0c in _gnutls_handshake_io_recv_int ( > session=session@entry=0x6224f0, type=type@entry=GNUTLS_HANDSHAKE, > htype=htype@entry=GNUTLS_HANDSHAKE_FINISHED, iptr=iptr@entry=0x622ad0, > sizeOfPtr=sizeOfPtr@entry=1) at gnutls_buffers.c:893 > #4 0x00007ffff7b3db1d in _gnutls_recv_handshake_header ( > recv_type=<synthetic pointer>, type=type@entry=GNUTLS_HANDSHAKE_FINISHED, > session=session@entry=0x6224f0) at gnutls_handshake.c:1285 > #5 _gnutls_recv_handshake (session=session@entry=0x6224f0, > data=data@entry=0x7fffffffcec8, datalen=datalen@entry=0x7fffffffcec4, > type=type@entry=GNUTLS_HANDSHAKE_FINISHED, > optional=optional@entry=MANDATORY_PACKET) at gnutls_handshake.c:1447 > #6 0x00007ffff7b3e55c in _gnutls_recv_finished (session=0x6224f0) > at gnutls_handshake.c:748 > #7 _gnutls_recv_handshake_final (session=session@entry=0x6224f0, > init=init@entry=0) at gnutls_handshake.c:2956 > #8 0x00007ffff7b3e954 in _gnutls_handshake_common > (session=session@entry=0x6224f0) > at gnutls_handshake.c:3138 > #9 0x00007ffff7b400ba in gnutls_handshake (session=0x6224f0) > at gnutls_handshake.c:2690 > #10 0x0000000000406a6e in ?? () > #11 0x0000000000405734 in ?? () > #12 0x00007ffff6ca6a55 in __libc_start_main (main=0x404fd0, argc=4, > ubp_av=0x7fffffffe1d8, init=<optimized out>, fini=<optimized out>, > rtld_fini=<optimized out>, stack_end=0x7fffffffe1c8) at libc-start.c:260 > #13 0x00000000004060e1 in ?? () > #14 0x00007fffffffe1c8 in ?? () > #15 0x0000000000000000 in ?? () Cheers -- perl -E '$_=q;$/= @{[@_]};and s;\S+;<inidehG ordnasselA>;eg;say~~reverse'
signature.asc
Description: Digital signature