[debbugs-tracker] bug#23311: closed (TLS handshake error)

emacs-bug-tracker

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debbugs-tracker] bug#23311: closed (TLS handshake error)

From:	GNU bug Tracking System
Subject:	[debbugs-tracker] bug#23311: closed (TLS handshake error)
Date:	Wed, 20 Apr 2016 11:19:01 +0000

Your message dated Wed, 20 Apr 2016 13:18:38 +0200
with message-id <address@hidden>
and subject line Re: bug#23311: TLS handshake error
has caused the debbugs.gnu.org bug report #23311,
regarding TLS handshake error
to be marked as done.

(If you believe you have received this mail in error, please contact
address@hidden)


-- 
23311: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=23311
GNU Bug Tracking System
Contact address@hidden with problems

--- Begin Message --- Subject: TLS handshake error Date: Tue, 19 Apr 2016 00:29:50 +0200 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)

Sometimes, TLS handshakes fail in strange ways (the following happens
after a dozen of iterations; I’ve enabled GnuTLS debugging in (guix
build download) here):

--8<---------------cut here---------------start------------->8---
$ while ./pre-inst-env guix download https://mirror.hydra.gnu.org/index.html ; 
do : ; done

[...]

Starting download of /tmp/guix-file.4axVhT
>From https://mirror.hydra.gnu.org/index.html...
gnutls: [2565|3] ASSERT: gnutls_constate.c:588
gnutls: [2565|5] REC[0x1d98bd0]: Allocating epoch #1
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 (C0.86)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 (C0.87)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 (C0.72)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 (C0.73)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_128_CCM (C0.AC)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_256_CCM (C0.AD)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.8A)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.8B)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384 (C0.28)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256 (C0.76)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 (C0.77)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_128_GCM_SHA256 (00.9C)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_256_GCM_SHA384 (00.9D)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_128_GCM_SHA256 (C0.7A)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_256_GCM_SHA384 (C0.7B)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_128_CBC_SHA1 (00.2F)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_128_CBC_SHA256 (00.3C)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_256_CBC_SHA1 (00.35)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_256_CBC_SHA256 (00.3D)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 (00.41)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_128_CBC_SHA256 (00.BA)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 (00.84)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_256_CBC_SHA256 (00.C0)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CCM 
(C0.9C)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CCM 
(C0.9D)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_RSA_3DES_EDE_CBC_SHA1 (00.0A)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_128_GCM_SHA256 (00.9E)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_256_GCM_SHA384 (00.9F)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.7C)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.7D)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_128_CBC_SHA1 (00.33)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_128_CBC_SHA256 (00.67)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_256_CBC_SHA1 (00.39)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_256_CBC_SHA256 (00.6B)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 (00.BE)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 (00.C4)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_128_CCM (C0.9E)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_256_CCM (C0.9F)
gnutls: [2565|4] HSK[0x1d98bd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension EXT MASTER SECRET (0 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension ENCRYPT THEN MAC (0 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension STATUS REQUEST (5 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SERVER NAME (25 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SAFE RENEGOTIATION (1 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SESSION TICKET (0 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SUPPORTED ECC (12 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SUPPORTED ECC POINT FORMATS 
(2 bytes)
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (4.1) RSA-SHA256
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (4.3) ECDSA-SHA256
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (5.1) RSA-SHA384
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (5.3) ECDSA-SHA384
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (6.1) RSA-SHA512
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (6.3) ECDSA-SHA512
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (3.1) RSA-SHA224
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (3.3) ECDSA-SHA224
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (2.1) RSA-SHA1
gnutls: [2565|4] EXT[0x1d98bd0]: sent signature algo (2.3) ECDSA-SHA1
gnutls: [2565|4] EXT[0x1d98bd0]: Sending extension SIGNATURE ALGORITHMS (22 
bytes)
gnutls: [2565|4] HSK[0x1d98bd0]: CLIENT HELLO was queued [256 bytes]
gnutls: [2565|5] REC[0x1d98bd0]: Preparing Packet Handshake(22) with length: 
256 and min pad: 0
gnutls: [2565|9] ENC[0x1d98bd0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls: [2565|5] REC[0x1d98bd0]: Sent Packet[1] Handshake(22) in epoch 0 and 
length: 261
gnutls: [2565|3] ASSERT: gnutls_buffers.c:1154
gnutls: [2565|10] READ: Got 0 bytes from 0xd
gnutls: [2565|10] READ: read 0 bytes from 0xd
gnutls: [2565|3] ASSERT: gnutls_buffers.c:592
gnutls: [2565|3] ASSERT: gnutls_record.c:1038
gnutls: [2565|3] ASSERT: gnutls_record.c:1158
gnutls: [2565|3] ASSERT: gnutls_buffers.c:1409
gnutls: [2565|3] ASSERT: gnutls_handshake.c:1446
gnutls: [2565|3] ASSERT: gnutls_handshake.c:2757
ERROR: Throw to key `gnutls-error' with args `(#<gnutls-error-enum La 
TLS-konekto estis finigita neĝuste.> handshake)'.
failed to download "/tmp/guix-file.4axVhT" from 
"https://mirror.hydra.gnu.org/index.html";
guix download: error: https://mirror.hydra.gnu.org/index.html: download failed
$ guix package -I gnutls
gnutls  3.4.7   out     /gnu/store/k1bihwrvcrhjwpxg74d93w9dwsldrvap-gnutls-3.4.7
$ git describe
v0.10.0-298-g4f8cede
--8<---------------cut here---------------end--------------->8---

For reference, the successful handshakes look like this:

--8<---------------cut here---------------start------------->8---
Starting download of /tmp/guix-file.VSDV7l
>From https://mirror.hydra.gnu.org/index.html...
gnutls: [2557|3] ASSERT: gnutls_constate.c:588
gnutls: [2557|5] REC[0x222ebd0]: Allocating epoch #1
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 (C0.86)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 (C0.87)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 (C0.72)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 (C0.73)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_128_CCM (C0.AC)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_AES_256_CCM (C0.AD)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.8A)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.8B)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384 (C0.28)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256 (C0.76)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 (C0.77)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_128_GCM_SHA256 (00.9C)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_256_GCM_SHA384 (00.9D)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_128_GCM_SHA256 (C0.7A)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_256_GCM_SHA384 (C0.7B)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_128_CBC_SHA1 (00.2F)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_128_CBC_SHA256 (00.3C)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_256_CBC_SHA1 (00.35)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_AES_256_CBC_SHA256 (00.3D)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 (00.41)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_128_CBC_SHA256 (00.BA)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 (00.84)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_CAMELLIA_256_CBC_SHA256 (00.C0)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CCM 
(C0.9C)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CCM 
(C0.9D)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_RSA_3DES_EDE_CBC_SHA1 (00.0A)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_128_GCM_SHA256 (00.9E)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_256_GCM_SHA384 (00.9F)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.7C)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.7D)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_128_CBC_SHA1 (00.33)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_128_CBC_SHA256 (00.67)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_256_CBC_SHA1 (00.39)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_256_CBC_SHA256 (00.6B)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 (00.BE)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 (00.C4)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_128_CCM (C0.9E)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_AES_256_CCM (C0.9F)
gnutls: [2557|4] HSK[0x222ebd0]: Keeping ciphersuite: 
GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension EXT MASTER SECRET (0 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension ENCRYPT THEN MAC (0 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension STATUS REQUEST (5 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SERVER NAME (25 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SAFE RENEGOTIATION (1 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SESSION TICKET (0 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SUPPORTED ECC (12 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SUPPORTED ECC POINT FORMATS 
(2 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (4.1) RSA-SHA256
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (4.3) ECDSA-SHA256
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (5.1) RSA-SHA384
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (5.3) ECDSA-SHA384
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (6.1) RSA-SHA512
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (6.3) ECDSA-SHA512
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (3.1) RSA-SHA224
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (3.3) ECDSA-SHA224
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (2.1) RSA-SHA1
gnutls: [2557|4] EXT[0x222ebd0]: sent signature algo (2.3) ECDSA-SHA1
gnutls: [2557|4] EXT[0x222ebd0]: Sending extension SIGNATURE ALGORITHMS (22 
bytes)
gnutls: [2557|4] HSK[0x222ebd0]: CLIENT HELLO was queued [256 bytes]
gnutls: [2557|5] REC[0x222ebd0]: Preparing Packet Handshake(22) with length: 
256 and min pad: 0
gnutls: [2557|9] ENC[0x222ebd0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls: [2557|5] REC[0x222ebd0]: Sent Packet[1] Handshake(22) in epoch 0 and 
length: 261
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1154
gnutls: [2557|10] READ: Got 5 bytes from 0xd
gnutls: [2557|10] READ: read 5 bytes from 0xd
gnutls: [2557|10] RB: Have 0 bytes into buffer. Adding 5 bytes.
gnutls: [2557|10] RB: Requested 5 bytes
gnutls: [2557|5] REC[0x222ebd0]: SSL 3.3 Handshake packet received. Epoch 0, 
length: 61
gnutls: [2557|5] REC[0x222ebd0]: Expected Packet Handshake(22)
gnutls: [2557|5] REC[0x222ebd0]: Received Packet Handshake(22) with length: 61
gnutls: [2557|10] READ: Got 61 bytes from 0xd
gnutls: [2557|10] READ: read 61 bytes from 0xd
gnutls: [2557|10] RB: Have 5 bytes into buffer. Adding 61 bytes.
gnutls: [2557|10] RB: Requested 66 bytes
gnutls: [2557|5] REC[0x222ebd0]: Decrypted Packet[0] Handshake(22) with length: 
61
gnutls: [2557|4] HSK[0x222ebd0]: SERVER HELLO (2) was received. Length 57[57], 
frag offset 0, frag length: 57, sequence: 0
gnutls: [2557|4] HSK[0x222ebd0]: Server's version: 3.3
gnutls: [2557|4] HSK[0x222ebd0]: SessionID length: 0
gnutls: [2557|4] HSK[0x222ebd0]: SessionID: c0
gnutls: [2557|4] HSK[0x222ebd0]: Selected cipher suite: 
ECDHE_RSA_AES_128_GCM_SHA256
gnutls: [2557|4] HSK[0x222ebd0]: Selected compression method: NULL (0)
gnutls: [2557|4] EXT[0x222ebd0]: Parsing extension 'SAFE RENEGOTIATION/65281' 
(1 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Parsing extension 'SUPPORTED ECC POINT 
FORMATS/11' (4 bytes)
gnutls: [2557|4] EXT[0x222ebd0]: Parsing extension 'SESSION TICKET/35' (0 bytes)
gnutls: [2557|4] HSK[0x222ebd0]: Safe renegotiation succeeded
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1154
gnutls: [2557|10] READ: Got 5 bytes from 0xd
gnutls: [2557|10] READ: read 5 bytes from 0xd
gnutls: [2557|10] RB: Have 0 bytes into buffer. Adding 5 bytes.
gnutls: [2557|10] RB: Requested 5 bytes
gnutls: [2557|5] REC[0x222ebd0]: SSL 3.3 Handshake packet received. Epoch 0, 
length: 2538
gnutls: [2557|5] REC[0x222ebd0]: Expected Packet Handshake(22)
gnutls: [2557|5] REC[0x222ebd0]: Received Packet Handshake(22) with length: 2538
gnutls: [2557|10] READ: Got 1339 bytes from 0xd
gnutls: [2557|10] READ: Got 1199 bytes from 0xd
gnutls: [2557|10] READ: read 2538 bytes from 0xd
gnutls: [2557|10] RB: Have 5 bytes into buffer. Adding 2538 bytes.
gnutls: [2557|10] RB: Requested 2543 bytes
gnutls: [2557|5] REC[0x222ebd0]: Decrypted Packet[1] Handshake(22) with length: 
2538
gnutls: [2557|4] HSK[0x222ebd0]: CERTIFICATE (11) was received. Length 
2534[2534], frag offset 0, frag length: 2534, sequence: 0
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1154
gnutls: [2557|10] READ: Got 5 bytes from 0xd
gnutls: [2557|10] READ: read 5 bytes from 0xd
gnutls: [2557|10] RB: Have 0 bytes into buffer. Adding 5 bytes.
gnutls: [2557|10] RB: Requested 5 bytes
gnutls: [2557|5] REC[0x222ebd0]: SSL 3.3 Handshake packet received. Epoch 0, 
length: 333
gnutls: [2557|5] REC[0x222ebd0]: Expected Packet Handshake(22)
gnutls: [2557|5] REC[0x222ebd0]: Received Packet Handshake(22) with length: 333
gnutls: [2557|10] READ: Got 333 bytes from 0xd
gnutls: [2557|10] READ: read 333 bytes from 0xd
gnutls: [2557|10] RB: Have 5 bytes into buffer. Adding 333 bytes.
gnutls: [2557|10] RB: Requested 338 bytes
gnutls: [2557|5] REC[0x222ebd0]: Decrypted Packet[2] Handshake(22) with length: 
333
gnutls: [2557|4] HSK[0x222ebd0]: SERVER KEY EXCHANGE (12) was received. Length 
329[329], frag offset 0, frag length: 329, sequence: 0
gnutls: [2557|4] HSK[0x222ebd0]: Selected ECC curve SECP256R1 (2)
gnutls: [2557|4] HSK[0x222ebd0]: verify handshake data: using RSA-SHA256
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1154
gnutls: [2557|10] READ: Got 5 bytes from 0xd
gnutls: [2557|10] READ: read 5 bytes from 0xd
gnutls: [2557|10] RB: Have 0 bytes into buffer. Adding 5 bytes.
gnutls: [2557|10] RB: Requested 5 bytes
gnutls: [2557|5] REC[0x222ebd0]: SSL 3.3 Handshake packet received. Epoch 0, 
length: 4
gnutls: [2557|5] REC[0x222ebd0]: Expected Packet Handshake(22)
gnutls: [2557|5] REC[0x222ebd0]: Received Packet Handshake(22) with length: 4
gnutls: [2557|10] READ: Got 4 bytes from 0xd
gnutls: [2557|10] READ: read 4 bytes from 0xd
gnutls: [2557|10] RB: Have 5 bytes into buffer. Adding 4 bytes.
gnutls: [2557|10] RB: Requested 9 bytes
gnutls: [2557|5] REC[0x222ebd0]: Decrypted Packet[3] Handshake(22) with length: 
4
gnutls: [2557|4] HSK[0x222ebd0]: SERVER HELLO DONE (14) was received. Length 
0[0], frag offset 0, frag length: 1, sequence: 0
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1145
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1374
gnutls: [2557|4] HSK[0x222ebd0]: CLIENT KEY EXCHANGE was queued [70 bytes]
gnutls: [2557|4] REC[0x222ebd0]: Sent ChangeCipherSpec
gnutls: [2557|9] INT: PREMASTER SECRET[32]: 
716e3dcaccba7603e0ebb582523b8843346f6a39b8cf48e2621dca454c10ab86
gnutls: [2557|9] INT: CLIENT RANDOM[32]: 
571555d2e90ca30c79a44bfb5819f6b8efd46b4b3624ea6b8fa061f5d0b112e2
gnutls: [2557|9] INT: SERVER RANDOM[32]: 
35b4aac815c824fb266db15ca58299fc404184fe9d0bcd7a0b2430648c548757
gnutls: [2557|9] INT: MASTER SECRET: 
1c79b7539323f17b5208443b95ad00d350ff0161b792bda105ca16617af059fb3bfe7aae6917cd99c4dc2a12c2e66fea
gnutls: [2557|5] REC[0x222ebd0]: Initializing epoch #1
gnutls: [2557|9] INT: KEY BLOCK[40]: 
53c329765d368833c6633081fe69fc63065ea7a51deab4bc5e06a43067e85a2e
gnutls: [2557|9] INT: CLIENT WRITE KEY [16]: 53c329765d368833c6633081fe69fc63
gnutls: [2557|9] INT: SERVER WRITE KEY [16]: 065ea7a51deab4bc5e06a43067e85a2e
gnutls: [2557|5] REC[0x222ebd0]: Epoch #1 ready
gnutls: [2557|4] HSK[0x222ebd0]: Cipher Suite: ECDHE_RSA_AES_128_GCM_SHA256
gnutls: [2557|4] HSK[0x222ebd0]: Initializing internal [write] cipher sessions
gnutls: [2557|4] HSK[0x222ebd0]: recording tls-unique CB (send)
gnutls: [2557|4] HSK[0x222ebd0]: FINISHED was queued [16 bytes]
gnutls: [2557|5] REC[0x222ebd0]: Preparing Packet Handshake(22) with length: 70 
and min pad: 0
gnutls: [2557|9] ENC[0x222ebd0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls: [2557|5] REC[0x222ebd0]: Sent Packet[2] Handshake(22) in epoch 0 and 
length: 75
gnutls: [2557|5] REC[0x222ebd0]: Preparing Packet ChangeCipherSpec(20) with 
length: 1 and min pad: 0
gnutls: [2557|9] ENC[0x222ebd0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls: [2557|5] REC[0x222ebd0]: Sent Packet[3] ChangeCipherSpec(20) in epoch 0 
and length: 6
gnutls: [2557|5] REC[0x222ebd0]: Preparing Packet Handshake(22) with length: 16 
and min pad: 0
gnutls: [2557|9] ENC[0x222ebd0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
gnutls: [2557|5] REC[0x222ebd0]: Sent Packet[1] Handshake(22) in epoch 1 and 
length: 45
gnutls: [2557|3] ASSERT: gnutls_buffers.c:1154

[...]
--8<---------------cut here---------------end--------------->8---

In the bad case, the client gets stuck for a few seconds in ‘recvfrom’
and eventually bails out (“Got 0 bytes from 0xd”).

The same loop with https://www.gnu.org/index.html or
https://hydra.gnu.org/logo works well, it seems, so it might be a
misconfiguration on mirror.hydra.gnu.org.

Ludo’.

--- End Message ---

--- Begin Message --- Subject: Re: bug#23311: TLS handshake error Date: Wed, 20 Apr 2016 13:18:38 +0200 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)

address@hidden (Ludovic Courtès) skribis:

> $ while ./pre-inst-env guix download https://mirror.hydra.gnu.org/index.html 
> ; do : ; done

Interestingly, the same loop with wget (which uses the very same GnuTLS)
goes on forever.

It turns out that instead of the default TLS cipher suite priority
string (“NORMAL”), wget does:

--8<---------------cut here---------------start------------->8---
    case secure_protocol_auto:
      err = gnutls_priority_set_direct (session, "NORMAL:%COMPAT:-VERS-SSL3.0", 
NULL);
      break;
--8<---------------cut here---------------end--------------->8---

The code doesn’t explain why, but GnuTLS’s documentation has this bit
(info "(gnutls) Priority Strings"):

--8<---------------cut here---------------start------------->8---
%COMPAT                          will enable compatibility
                                 mode.  It might mean that
                                 violations of the protocols
                                 are allowed as long as maximum
                                 compatibility with problematic
                                 clients and servers is
                                 achieved.  More specifically
                                 this string would disable TLS
                                 record random padding,
                                 tolerate packets over the
                                 maximum allowed TLS record,
                                 and add a padding to TLS
                                 Client Hello packet to prevent
                                 it being in the 256-512 range
                                 which is known to be causing
                                 issues with a commonly used
                                 firewall.
--8<---------------cut here---------------end--------------->8---

Indeed, as soon as we add %COMPAT, ‘gnutls-cli’ et al. send a 253-byte
client hello (instead of 261) and the problem vanishes.

Commit 967ee481e893fd77ff8ca896188e20e425331bf2 does that.

Ludo’.

--- End Message ---

[Prev in Thread]

Current Thread

[Next in Thread]

[debbugs-tracker] bug#23311: closed (TLS handshake error), GNU bug Tracking System <=

Prev by Date: [debbugs-tracker] bug#23299: closed (25.1.50; org-timestamp-change: Invalid time zone specification: (nil nil nil))
Next by Date: [debbugs-tracker] bug#23323: closed ([PATCH] List the command help-go-forward to the manual.)
Previous by thread: [debbugs-tracker] bug#23299: closed (25.1.50; org-timestamp-change: Invalid time zone specification: (nil nil nil))
Next by thread: [debbugs-tracker] bug#23323: closed ([PATCH] List the command help-go-forward to the manual.)
Index(es):
- Date
- Thread