On Mon 2015-11-30 20:44:31 +0200, Aleś Bułojčyk wrote:
> Hi Andres.
>
> On 30 November 2015 at 20:31, Andreas Metzler <ametz...@bebt.de> wrote:
>
>> I am stumped, could you plese post the output of
>> gnutls-cli -V -d 4711 freedns.afraid.org
>>
>>
> $ gnutls-cli --version
> gnutls-cli 3.3.8
> ...
>
>
> $ gnutls-cli -V -d 4711 freedns.afraid.org
> Processed 173 CA certificate(s).
> Resolving 'freedns.afraid.org'...
[...]
> |<11>| WRITE: wrote 281 bytes, 0 bytes left.
> |<3>| ASSERT: gnutls_buffers.c:1104
> |<10>| READ: Got 5 bytes from 0x4
> |<10>| READ: read 5 bytes from 0x4
> |<10>| RB: Have 0 bytes into buffer. Adding 5 bytes.
> |<10>| RB: Requested 5 bytes
> |<5>| REC[0x239b450]: SSL 84.84 Unknown Packet packet received. Epoch 0,
> length: 20527
> |<3>| ASSERT: gnutls_record.c:598
> |<1>| Received record packet of unknown type 72
This is bizarre and looks to me like a packet being tampered with on the wire.
It looks like it shows up again in your request for google.com as well.
Can you provide a packet capture of the TCP session? What network is
this going through?
--dkg
