On 2016-09-19 "[email protected]" <[email protected]> wrote:
> 2016-09-17 12:15 GMT-04:00 Andreas Metzler <[email protected]>:
[...]
> > | Then click capture -> Stop, In "apply display filter", type ssl, then
> > | File -> Export specified packets and send the saved pcap file.
> This link has two files:
> pcap_gnutls.pcapng (Fail, libgnutls30:amd64 3.5.4-2)
> pcap_gnutls_v352.pcapng (Working version, libgnutls30:amd64 3.5.2-3)
> https://drive.google.com/drive/folders/0B3_AQUiHn1qMcEVjdVpNeHBJUHc
Hello Marcelo,
this seems to be hard to debug/reproduce, Nikos (upstream) writes:
=======================================================================
I do not see anything wrong in the capture. I even created a small
program to replay the connection locally (I have a debian installation
on x86_64 with the same packages available), and the connection
continued past the failure point on that system.
I'm searching in the dark here, but the following info could help:
1. run gnutls-cli www.server-that-failsĀ -d 9
2. run valgrind gnutls-cli www.server-that-fails
3. compile the attached program as "gcc -O2 -g sim.c -lgmp -lhogweed &&
./a.out", and also run valgrind ./a.out
[...]
One 4th item suggested by Niels Moeller:
4. run ldd /usr/bin/gnutls-cli # (that way we can see whether the
client is linked to the expected nettle library)
=======================================================================
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
#include <gmp.h>
#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <string.h>
#include <nettle/bignum.h>
#include <nettle/rsa.h>
const char strn[] =
"00f245c2bcfff8646f8a440e6e543c75d56ff21f876e9a9f5998c01a75101aae"
"1ee673662ce125a8536f92f252275e0074419b050e2fcd731f1dcae54302fdd0"
"9c033a8f1ea2a7b9b5fc3c219f5adf2274c19f7b121b85ab2cd49768f7178930"
"5e14b15be50ebcda847bcce2d55e27da451728c99e7e3a211d49a62789a6a19f"
"9b22ad3f38cf5c5c331381755ac99c4fa6f636b4d41f9c24e12da36d350fd9f2"
"2f620904c7a62bbbe3e45e41b9c8ec634eee8f83156006291d2e8f9d8020722d"
"7ea5c505092165803b5289555ab5b53cb82006b2e1e15fc487d30a69f028ee79"
"ee427b974add98d742c16d527d92101522599dc44c2026a5dbf3d343b91efba2f9";
const char stre[] = "010001";
#define SIZEOF_MPZT sizeof(__mpz_struct)
#define TOMPZ(x) ((__mpz_struct*)(x))
int main()
{
void *e, *n;
struct rsa_public_key pub;
e = malloc(SIZEOF_MPZT);
assert(e!=NULL);
n = malloc(SIZEOF_MPZT);
assert(n!=NULL);
mpz_init(TOMPZ(e));
mpz_init(TOMPZ(n));
assert(gmp_sscanf(stre, "%Zx", TOMPZ(e)) > 0);
assert(gmp_sscanf(strn, "%Zx", TOMPZ(n)) > 0);
fprintf(stderr, "size: %u\n", (unsigned)nettle_mpz_sizeinbase_256_u(TOMPZ(n)));
memcpy(pub.n, n, SIZEOF_MPZT);
memcpy(pub.e, e, SIZEOF_MPZT);
assert(rsa_public_key_prepare(&pub) > 0);
fprintf(stderr, "size: %u\n", (unsigned)pub.size);
mpz_clear(TOMPZ(e));
mpz_clear(TOMPZ(n));
free(e);
free(n);
return 0;
}
