[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] X.509 authentication and `GNUTLS_CERT_REQUIRE'
From: |
Ludovic Courtès |
Subject: |
[Help-gnutls] X.509 authentication and `GNUTLS_CERT_REQUIRE' |
Date: |
Fri, 11 May 2007 15:33:50 +0200 |
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux) |
Hi,
When X.509 authentication is used along with `GNUTLS_CERT_REQUIRE' on
the server-side, the client apparently does not send its certificate as
it should. Enabling debugging shows the following:
[7999|3] HSK[80aaee0]: CERTIFICATE was send [678 bytes]
[8037|3] HSK[80aaee0]: CERTIFICATE was received [678 bytes]
[7999|3] HSK[80aaee0]: CERTIFICATE REQUEST was send [9 bytes]
[8037|3] HSK[80aaee0]: CERTIFICATE REQUEST was received [9 bytes]
[8037|2] ASSERT: auth_cert.c:207
[7999|3] HSK[80aaee0]: SERVER HELLO DONE was send [4 bytes]
[8037|3] HSK[80aaee0]: SERVER HELLO DONE was received [4 bytes]
[8037|3] HSK[80aaee0]: CERTIFICATE was send [7 bytes]
[8037|3] HSK[80aaee0]: CLIENT KEY EXCHANGE was send [134 bytes]
[8037|3] REC[80aaee0]: Sent ChangeCipherSpec
[8037|3] HSK[80aaee0]: Cipher Suite: RSA_NULL_MD5
[8037|3] HSK[80aaee0]: Initializing internal [write] cipher sessions
[8037|3] HSK[80aaee0]: FINISHED was send [16 bytes]
[7999|3] HSK[80aaee0]: CERTIFICATE was received [7 bytes]
[7999|2] ASSERT: auth_cert.c:874
[7999|2] ASSERT: gnutls_handshake.c:2475
Here, 7999 is the server and 8037 is the client.
Apparently, in `_gnutls_send_client_certificate ()', the client ends up
calling `_gnutls_send_handshake ()' with DATA == NULL and DATA_SIZE == 0,
hence the 7-byte "certificate" message.
Any idea what's going wrong?
Thanks,
Ludovic.
- [Help-gnutls] X.509 authentication and `GNUTLS_CERT_REQUIRE',
Ludovic Courtès <=
- [Help-gnutls] Re: X.509 authentication and `GNUTLS_CERT_REQUIRE', Simon Josefsson, 2007/05/11
- [Help-gnutls] Re: X.509 authentication and `GNUTLS_CERT_REQUIRE', Ludovic Courtès, 2007/05/11
- [Help-gnutls] Re: X.509 authentication and `GNUTLS_CERT_REQUIRE', Simon Josefsson, 2007/05/12
- [Help-gnutls] Re: X.509 authentication and `GNUTLS_CERT_REQUIRE', Ludovic Courtès, 2007/05/12
- [Help-gnutls] Re: X.509 authentication and `GNUTLS_CERT_REQUIRE', Simon Josefsson, 2007/05/13
- [Help-gnutls] Re: X.509 authentication and `GNUTLS_CERT_REQUIRE', Ludovic Courtès, 2007/05/14
- [Help-gnutls] Re: X.509 authentication and `GNUTLS_CERT_REQUIRE', Simon Josefsson, 2007/05/14
- [Help-gnutls] Re: X.509 authentication and `GNUTLS_CERT_REQUIRE', Ludovic Courtès, 2007/05/14