Debian Bug report logs - #316522
exim4-daemon-light: TLS connections fail with "An error was encountered at the TLS Finished packet calculation."

version graph

Package: exim4-daemon-light; Maintainer for exim4-daemon-light is Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>; Source for exim4-daemon-light is src:exim4.

Reported by: Alexander Myodov <maa_public@sinn.ru>

Date: Fri, 1 Jul 2005 15:03:01 UTC

Severity: important

Found in versions 4.50-8, 4.51-2

Fixed in version exim4/4.70~cvs+20091017-1

Done: Andreas Metzler <ametzler@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Alexander Myodov <maa_public@sinn.ru>:
New Bug report received and forwarded. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Alexander Myodov <maa_public@sinn.ru>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: exim4-daemon-light: TLS connections fail with "An error was encountered at the TLS Finished packet calculation."
Date: Fri, 01 Jul 2005 18:45:36 +0400
Package: exim4-daemon-light
Version: 4.50-8
Severity: important

  When I try to connect (email client used is TheBat for Windows) either to the SMTP port with StartTLS, or even to a port from tls_on_connect_ports list with TLS, Exim4 does not accept the message I am going to send and drops the following to /var/log/exim4/mainlog:
2005-07-01 03:48:56 TLS error on connection from (ws-honeyman.pvt) [192.168.0.1] (gnutls_handshake): An error was encountered at the TLS Finished packet calculation.
  The problem is reproducible each time I 
  The host is "honeyman.nnov.ru", the port is 25, and if someone who will investigate this issue would like to see the problem from client side, one may send anything to "honeyman" user on this host.
  The system has been updated to Sarge just yesterday (from some last-year snapshot) so the versions of all other packages (except the kernel) are Sarge's.


-- Package-specific info:
Exim version 4.50 #1 built 27-May-2005 08:08:19
Copyright (c) University of Cambridge 2004
Berkeley DB: Sleepycat Software: Berkeley DB 4.2.52: (December  3, 2003)
Support for: iconv() IPv6 GnuTLS
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Configuration file is /var/lib/exim4/config.autogenerated
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'

dc_eximconfig_configtype='smarthost'
dc_other_hostnames='srv-castle.pvt:honeyman.nnov.ru'
dc_local_interfaces='127.0.0.1:192.168.0.9:192.168.1.1:82.208.85.183'
dc_readhost=''
#dc_relay_domains='ws-honeyman.pvt'
dc_minimaldns='false'
#dc_relay_nets='192.168.0.0/16'
dc_smarthost='smtp.mts-nn.ru'
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname='false'
# dc_localdelivery='maildir_home'
dc_relay_domains=''
dc_relay_nets=''
dc_mailname_in_oh='true'
dc_localdelivery='cyrus_inbox_delivery'
mailname:honeyman.nnov.ru

-- System Information:
Debian Release: 3.1
Architecture: i386 (i586)
Kernel: Linux 2.6.6-1-386
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)

Versions of packages exim4-daemon-light depends on:
ii  exim4-base                  4.50-8       support files for all exim MTA (v4
ii  libc6                       2.3.2.ds1-22 GNU C Library: Shared libraries an
ii  libdb4.2                    4.2.52-18    Berkeley v4.2 Database Libraries [
ii  libgnutls11                 1.0.16-13.1  GNU TLS library - runtime library
ii  libpcre3                    4.5-1.2      Perl 5 Compatible Regular Expressi

-- no debconf information



Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Alexander Myodov <maa_public@sinn.ru>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #10 received at 316522@bugs.debian.org (full text, mbox):

From: Alexander Myodov <maa_public@sinn.ru>
To: Debian Bug Tracking System <316522@bugs.debian.org>
Subject: exim4-daemon-light: Lost text
Date: Fri, 01 Jul 2005 19:39:42 +0400
Package: exim4-daemon-light
Version: 4.50-8
Followup-For: Bug #316522

The missing text should be written as "The problem is reproducible each time I try to send any message via SMTP/TLS", sorry for inconvenience.



Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Alexander Myodov <maa_public@sinn.ru>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #15 received at 316522@bugs.debian.org (full text, mbox):

From: Alexander Myodov <maa_public@sinn.ru>
To: Debian Bug Tracking System <316522@bugs.debian.org>
Subject: exim4-daemon-light: 4.51-2 does not help
Date: Sat, 02 Jul 2005 01:09:01 +0400
Package: exim4-daemon-light
Version: 4.51-2
Followup-For: Bug #316522

In attempts to resolve the problem, I upgraded to 4.51-2 from unstable, and it didn't help, the problem still occurs.

The problem from bug #297174 may be connected (as it is about gnutls_handshake as well), but I don't use anything for LDAP!

And some more words: looks like the problem is client-dependent. I successfully got a email from ametzler@ sent out by swaks obviously via TLS; I managed to send the emails myself by Thunderbird 1.0/Win32 both via SMTP port with TLS and via SMTPS port via SSL; but "TheBat!" client still does not work. And I am unsure if it is only the TheBat's trouble, as this is at least the regression: the same client with the same version successfully worked with Exim/TLS before, with Exim ~4.31.



Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Marc Haber <mh+debian-packages@zugschlus.de>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #20 received at 316522@bugs.debian.org (full text, mbox):

From: Marc Haber <mh+debian-packages@zugschlus.de>
To: Alexander Myodov <maa_public@sinn.ru>, 316522@bugs.debian.org, 316522-submitter@bugs.debian.org
Cc: Marc Haber <mh+debian-packages@zugschlus.de>
Subject: Re: exim4-daemon-light: 4.51-2 does not help
Date: Sun, 3 Jul 2005 21:53:34 +0200
On Sat, Jul 02, 2005 at 01:09:01AM +0400, Alexander Myodov wrote:
> In attempts to resolve the problem, I upgraded to 4.51-2 from
> unstable, and it didn't help, the problem still occurs.

How about 4.52? There have been some changes in the TLS code.

> And some more words: looks like the problem is client-dependent. I
> successfully got a email from ametzler@ sent out by swaks obviously
> via TLS; I managed to send the emails myself by Thunderbird 1.0/Win32
> both via SMTP port with TLS and via SMTPS port via SSL; but "TheBat!"
> client still does not work. And I am unsure if it is only the
> TheBat's trouble, as this is at least the regression: the same client
> with the same version successfully worked with Exim/TLS before, with
> Exim ~4.31.

I suspect a client issue, but will consult with upstream once 4.52 has
been tried. There is a version compiled against sarge on
http://zg.debian.zugschlus.de/zg/pool/main/exim4/, version number
4.52-1~zg1.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835



Message sent on to Alexander Myodov <maa_public@sinn.ru>:
Bug#316522. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to "Alexander A. Myodov" <honeyman@uic.nnov.ru>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #28 received at 316522@bugs.debian.org (full text, mbox):

From: Alexander Myodov <honeyman@uic.nnov.ru>
To: Marc Haber <mh+debian-packages@zugschlus.de>
Cc: Alexander Myodov <maa_public@sinn.ru>, 316522@bugs.debian.org, <316522-submitter@bugs.debian.org>
Subject: Re[2]: exim4-daemon-light: 4.51-2 does not help
Date: Mon, 4 Jul 2005 00:23:21 +0400
Hello Marc,.

MH> How about 4.52? There have been some changes in the TLS code.
Just tried:

srv-castle:/etc/exim4/conf.d/main# dpkg -l 'exim4*' | grep ii
ii  exim4          4.51-2         metapackage to ease exim MTA (v4) installati
ii  exim4-base     4.52-1~zg1     support files for all exim MTA (v4) packages
ii  exim4-config   4.51-2         configuration for the exim MTA (v4)
ii  exim4-daemon-l 4.52-1~zg1     lightweight exim MTA (v4) daemon
ii  exim4-doc-info 4.50-1         documentation for the Exim MTA (v4) in info

Does not help, still receiving
2005-07-04 00:16:08 TLS error on connection from (ws-honeyman.pvt) [192.168.0.1] (gnutls_handshake): An error was encountered at the TLS Finished packet calculation.

Well, it is likely that the client has some problems (as Thunderbird works). But
there is something suspicious from the server side as well, as the previous
version (just checked - it was 4.32-2) worked. If it is just the client issue, it
would be great for upstream people to contact the client authors at
www.ritlabs.com, as their voice is definitely much more weighty than mine.

-- 
With best regards,
 Alexander                          mailto:honeyman@uic.nnov.ru




Message sent on to Alexander Myodov <maa_public@sinn.ru>:
Bug#316522. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Marc Haber <mh+debian-packages@zugschlus.de>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #36 received at 316522@bugs.debian.org (full text, mbox):

From: Marc Haber <mh+debian-packages@zugschlus.de>
To: Alexander Myodov <honeyman@uic.nnov.ru>, 316522@bugs.debian.org, 316522-submitter@bugs.debian.org
Cc: Marc Haber <mh+debian-packages@zugschlus.de>
Subject: Re: Re[2]: exim4-daemon-light: 4.51-2 does not help
Date: Tue, 10 Jan 2006 14:46:36 +0100
user exim4@packages.debian.org
usertags #316522 review-20060131
thanks

On Mon, Jul 04, 2005 at 12:23:21AM +0400, Alexander Myodov wrote:
> srv-castle:/etc/exim4/conf.d/main# dpkg -l 'exim4*' | grep ii
> ii  exim4          4.51-2         metapackage to ease exim MTA (v4) installati
> ii  exim4-base     4.52-1~zg1     support files for all exim MTA (v4) packages
> ii  exim4-config   4.51-2         configuration for the exim MTA (v4)
> ii  exim4-daemon-l 4.52-1~zg1     lightweight exim MTA (v4) daemon
> ii  exim4-doc-info 4.50-1         documentation for the Exim MTA (v4) in info
> 
> Does not help, still receiving
> 2005-07-04 00:16:08 TLS error on connection from (ws-honeyman.pvt) [192.168.0.1] (gnutls_handshake): An error was encountered at the TLS Finished packet calculation.
> 
> Well, it is likely that the client has some problems (as Thunderbird works). But
> there is something suspicious from the server side as well, as the previous
> version (just checked - it was 4.32-2) worked. If it is just the client issue, it
> would be great for upstream people to contact the client authors at
> www.ritlabs.com, as their voice is definitely much more weighty than mine.

Sorry for taking so long to respond. Can you retry exim 4.60? A
backport is available on
http://zg.debian.zugschlus.de/zg/pool/main/exim4/

I'll forward your request upstream as soon as I know that the problem
still happens with 4.60.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835



Message sent on to Alexander Myodov <maa_public@sinn.ru>:
Bug#316522. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Marc Haber <mh+debian-packages@zugschlus.de>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #44 received at 316522@bugs.debian.org (full text, mbox):

From: Marc Haber <mh+debian-packages@zugschlus.de>
To: 316522@bugs.debian.org, 316522-submitter@bugs.debian.org
Cc: Alexander Myodov <honeyman@uic.nnov.ru>
Subject: Re: Bug#316522: Re[2]: exim4-daemon-light: 4.51-2 does not help
Date: Mon, 13 Mar 2006 16:08:52 +0100
user exim4@packages.debian.org
usertags #316522 - review-20060131
usertags #316522 - close-20060430
thanks

On Tue, Jan 10, 2006 at 02:46:36PM +0100, Marc Haber wrote:
> Sorry for taking so long to respond. Can you retry exim 4.60? A
> backport is available on
> http://zg.debian.zugschlus.de/zg/pool/main/exim4/
> 
> I'll forward your request upstream as soon as I know that the problem
> still happens with 4.60.

Can you please try exim 4.60?

If no answer is received until 2006-04-30, I'm going to close this bug
as "fixed in 4.60".

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835



Message sent on to Alexander Myodov <maa_public@sinn.ru>:
Bug#316522. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Alexander Myodov <honeyman@uic.nnov.ru>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #52 received at 316522@bugs.debian.org (full text, mbox):

From: Alexander Myodov <honeyman@uic.nnov.ru>
To: Marc Haber <mh+debian-packages@zugschlus.de>
Cc: 316522@bugs.debian.org, 316522-submitter@bugs.debian.org, <316522-quiet@bugs.debian.org>, Alexander Myodov <honeyman@uic.nnov.ru>
Subject: Re: Bug#316522: Re[2]: exim4-daemon-light: 4.51-2 does not help
Date: Thu, 30 Mar 2006 04:14:10 +0400
Hello Marc,

> Can you please try exim 4.60?
Really sorry for such huge delay - lots of work, and I also had to
reconfigure the station (where Exim runs) to the new network, so Exim
was also had to be reconfigured - and Exim is by far not the most
important service there yet...
But,... back to business.  Unfortunately, bad news - exim4 v4.60-1
(with exim4-daemon-light v4.60-4) still have such problem, without any
differences.
But fortunately, I was finally able to find a bugtracker for the
used email client, TheBat, and raised a ticket there - you can see it on
https://www.ritlabs.com/bt/view.php?id=5785 . Let's see how it will
come...


-- 
With best regards,
 Alexander                          mailto:honeyman@uic.nnov.ru




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Alexander Myodov <honeyman@uic.nnov.ru>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #57 received at 316522@bugs.debian.org (full text, mbox):

From: Alexander Myodov <honeyman@uic.nnov.ru>
To: Marc Haber <mh+debian-packages@zugschlus.de>
Cc: 316522@bugs.debian.org, 316522-submitter@bugs.debian.org, <316522-quiet@bugs.debian.org>, Alexander Myodov <honeyman@uic.nnov.ru>
Subject: Re: Bug#316522: Re[2]: exim4-daemon-light: 4.51-2 does not help
Date: Thu, 30 Mar 2006 04:15:24 +0400
Hello Marc,

> Can you please try exim 4.60?
Really sorry for such huge delay - lots of work, and I also had to
reconfigure the station (where Exim runs) to the new network, so Exim
was also had to be reconfigured - and Exim is by far not the most
important service there yet...
But,... back to business.  Unfortunately, bad news - exim4 v4.60-1
(with exim4-daemon-light v4.60-4) still have such problem, without any
differences.
But fortunately, I was finally able to find a bugtracker for the
used email client, TheBat, and raised a ticket there - you can see it on
https://www.ritlabs.com/bt/view.php?id=5785 . Let's see how it will
come...


-- 
With best regards,
 Alexander                          mailto:honeyman@uic.nnov.ru




Information stored:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Alexander Myodov <honeyman@uic.nnov.ru>:
Extra info received and filed, but not forwarded. Full text and rfc822 format available.

Information stored:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Alexander Myodov <honeyman@uic.nnov.ru>:
Extra info received and filed, but not forwarded. Full text and rfc822 format available.

Message sent on to Alexander Myodov <maa_public@sinn.ru>:
Bug#316522. Full text and rfc822 format available.

Message sent on to Alexander Myodov <maa_public@sinn.ru>:
Bug#316522. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Marc Haber <mh+debian-packages@zugschlus.de>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #78 received at 316522@bugs.debian.org (full text, mbox):

From: Marc Haber <mh+debian-packages@zugschlus.de>
To: 316522@bugs.debian.org, 316522-submitter@bugs.debian.org
Cc: Alexander Myodov <honeyman@uic.nnov.ru>
Subject: Re: Bug#316522: Re[2]: exim4-daemon-light: 4.51-2 does not help
Date: Wed, 21 Jun 2006 19:32:53 +0200
user exim4@packages.debian.org
usertags #316522 gnutls
thanks

Usertagging this bug for gnutls coordination.

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835



Message sent on to Alexander Myodov <maa_public@sinn.ru>:
Bug#316522. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Marc Haber <mh+debian-packages@zugschlus.de>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #86 received at 316522@bugs.debian.org (full text, mbox):

From: Marc Haber <mh+debian-packages@zugschlus.de>
To: Alexander Myodov <honeyman@uic.nnov.ru>, 316522@bugs.debian.org, 316522-submitter@bugs.debian.org
Cc: Marc Haber <mh+debian-packages@zugschlus.de>, 316522-quiet@bugs.debian.org
Subject: Re: Bug#316522: Re[2]: exim4-daemon-light: 4.51-2 does not help
Date: Tue, 4 Dec 2007 11:26:45 +0100
On Thu, Mar 30, 2006 at 04:15:24AM +0400, Alexander Myodov wrote:
> But,... back to business.  Unfortunately, bad news - exim4 v4.60-1
> (with exim4-daemon-light v4.60-4) still have such problem, without any
> differences.
> But fortunately, I was finally able to find a bugtracker for the
> used email client, TheBat, and raised a ticket there - you can see it on
> https://www.ritlabs.com/bt/view.php?id=5785 . Let's see how it will
> come...

Is it possible that The Bat (unlike any other MUA) wants to have a
trust relationship to the certificate, which you didn't establish?

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835




Information stored:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Marc Haber <mh+debian-packages@zugschlus.de>:
Extra info received and filed, but not forwarded. Full text and rfc822 format available.

Message sent on to Alexander Myodov <maa_public@sinn.ru>:
Bug#316522. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Simon Josefsson <simon@josefsson.org>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #99 received at 316522@bugs.debian.org (full text, mbox):

From: Simon Josefsson <simon@josefsson.org>
To: Alexander Myodov <maa_public@sinn.ru>
Cc: 316522@bugs.debian.org
Subject: Re: exim4-daemon-light: TLS connections fail with "An error was encountered at the TLS Finished packet calculation."
Date: Fri, 04 Jan 2008 18:20:04 +0100
Hi Alexander!  I'm trying to help with this bug.  Can you still
reproduce the problem with TheBat?  With which versions of exim/gnutls?
You reported the problem in 2005/2006, so things may have changed...

You said earlier versions of exim worked, can you pin-point which
version it worked and which it stopped working in?  Can you reproduce
that it works?

To debug this, it would help if you could run gnutls-serv or openssl
s_client on a host, and try to talk to it using TheBat.  Try:

$ gnutls-serv --port 465 --x509keyfile KEY.pem --x509certfile CERT.pem --debug

Also, if you are able to re-build exim4 with openssl, testing that
configuration together with TheBat would also be useful.

Can you reproduce this using a recent version of TheBat?  I see that it
is possible to download TheBat and use it for free for 30 days, so if
you can confirm that this happens with the latest version of TheBat and
exim4+gnutls I can download it and try to debug this problem myself.

Thanks,
/Simon




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Simon Josefsson <simon@josefsson.org>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #104 received at 316522@bugs.debian.org (full text, mbox):

From: Simon Josefsson <simon@josefsson.org>
To: Marc Haber <mh+gnutls-devel@zugschlus.de>
Cc: gnutls-devel@gnu.org, 316522@bugs.debian.org
Subject: Re: Interoperability issue with The Bat (Debian Bug #316522)
Date: Fri, 04 Jan 2008 20:29:25 +0100
Simon Josefsson <simon@josefsson.org> writes:

>> It might be possible (judging from
>> https://www.ritlabs.com/bt/view.php?id=5785) that The Bat by default
>> refuses to talk TLS to a server presenting a self-signed certificate.
>
> I also note that it is possible to download trial versions of TheBat.
> If we can get a recipe to reproduce the problem using it, that would
> help a lot.

TheBat works under Wine, so I downloaded it and debugged this... FWIW, I
can reproduce the problem:

2008-01-04 19:03:02 TLS error on connection from xxx.bredband.comhem.se (mocca.local) [x.y.z.q] (gnutls_handshake): An error was encountered at the TLS Finished packet calculation.

Using gnutls-serv, I get the connection debug log [1] below.  TheBat
complains that the CA is untrusted, and I have to click continue.  Then
it fails with the TLS Finished packet calculation error.

However, if I start gnutls-serv with --disable-client-cert I get the
debug log [2] which is a successful TLS handshake!

Even though the TLS handshake is successful TheBat doesn't send the
e-mail though, and I don't know why, it may be because it expects CRLF
and I only sent LF.

Running openssl works, see debug log [3].  I also cannot TheBat to send
the e-mail, possibly due to the same CRLF issue.

I don't know why it works with openssl but not gnutls.  It needs more
debugging.  Given that we don't have source for TheBat, this is somewhat
difficult.  I would want to instrument it to print some information
about the TLS Finished computation, to see what it is using.

/Simon

Debug log [1]:

jas@mocca:~$ ~/bin/gnutls-serv -p 5870  -d 4711 --x509keyfile ~/src/www-gnutls/test-credentials/x509-server-key.pem --x509certfile ~/src/www-gnutls/test-credentials/x509-server.pem   --x509cafile ~/src/www-gnutls/test-credentials/x509-ca.pem 
Set static Diffie Hellman parameters, consider --dhparams.
Processed 1 CA certificate(s).
Echo Server ready. Listening to port '5870'.

|<7>| READ: Got 5 bytes from 5
|<7>| READ: read 5 bytes from 5
|<7>| 0000 - 16 03 01 00 33 
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[8076e00]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[8076e00]: Received Packet[0] Handshake(22) with length: 51
|<7>| READ: Got 51 bytes from 5
|<7>| READ: read 51 bytes from 5
|<7>| 0000 - 01 00 00 2f 03 01 47 7e 7f ea 38 35 d5 07 47 e2 
|<7>| 0001 - ea 58 fd 1c 39 87 57 76 ad a6 bc 0b a6 41 63 35 
|<7>| 0002 - e9 18 0f 44 5a 31 00 00 08 00 35 00 2f 00 05 00 
|<7>| 0003 - 0a 01 00 
|<7>| RB: Have 5 bytes into buffer. Adding 51 bytes.
|<7>| RB: Requested 56 bytes
|<4>| REC[8076e00]: Decrypted Packet[0] Handshake(22) with length: 51
|<6>| BUF[HSK]: Inserted 51 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[8076e00]: CLIENT HELLO was received [51 bytes]
|<6>| BUF[REC][HD]: Read 47 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 47 bytes of Data
|<3>| HSK[8076e00]: Client's version: 3.1
|<2>| ASSERT: gnutls_db.c:327
|<2>| ASSERT: gnutls_db.c:247
|<2>| ASSERT: gnutls_extensions.c:159
|<3>| HSK[8076e00]: Removing ciphersuite: PSK_SHA_ARCFOUR_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: PSK_SHA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: PSK_SHA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[8076e00]: Selected cipher suite: RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Selected Compression Method: NULL
|<3>| HSK[8076e00]: SessionID: 674c898acd6cf0febb26777b94beeb83e1fcb9899a30b7cad5eb93dc2713681a
|<3>| HSK[8076e00]: SERVER HELLO was send [74 bytes]
|<6>| BUF[HSK]: Peeked 51 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[8076e00]: Sending Packet[0] Handshake(22) with length: 74
|<7>| WRITE: Will write 79 bytes to 5.
|<7>| WRITE: wrote 79 bytes to 5. Left 0 bytes. Total 79 bytes.
|<7>| 0000 - 16 03 01 00 4a 02 00 00 46 03 01 47 7e 7f ea c0 
|<7>| 0001 - fd 53 26 e1 f9 2f e2 e4 c6 8f 0f 35 ef e7 83 24 
|<7>| 0002 - a3 5c da a1 04 7c 22 09 a5 2e c0 20 67 4c 89 8a 
|<7>| 0003 - cd 6c f0 fe bb 26 77 7b 94 be eb 83 e1 fc b9 89 
|<7>| 0004 - 9a 30 b7 ca d5 eb 93 dc 27 13 68 1a 00 35 00 
|<4>| REC[8076e00]: Sent Packet[1] Handshake(22) with length: 79
|<3>| HSK[8076e00]: CERTIFICATE was send [612 bytes]
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[8076e00]: Sending Packet[1] Handshake(22) with length: 612
|<7>| WRITE: Will write 617 bytes to 5.
|<7>| WRITE: wrote 617 bytes to 5. Left 0 bytes. Total 617 bytes.
|<7>| 0000 - 16 03 01 02 64 0b 00 02 60 00 02 5d 00 02 5a 30 
|<7>| 0001 - 82 02 56 30 82 01 c1 a0 03 02 01 02 02 04 46 26 
|<7>| 0002 - 1d 31 30 0b 06 09 2a 86 48 86 f7 0d 01 01 05 30 
|<7>| 0003 - 19 31 17 30 15 06 03 55 04 03 13 0e 47 6e 75 54 
|<7>| 0004 - 4c 53 20 74 65 73 74 20 43 41 30 1e 17 0d 30 37 
|<7>| 0005 - 30 34 31 38 31 33 32 39 32 31 5a 17 0d 30 38 30 
|<7>| 0006 - 34 31 37 31 33 32 39 32 31 5a 30 37 31 1b 30 19 
|<7>| 0007 - 06 03 55 04 0a 13 12 47 6e 75 54 4c 53 20 74 65 
|<7>| 0008 - 73 74 20 73 65 72 76 65 72 31 18 30 16 06 03 55 
|<7>| 0009 - 04 03 13 0f 74 65 73 74 2e 67 6e 75 74 6c 73 2e 
|<7>| 000a - 6f 72 67 30 81 9c 30 0b 06 09 2a 86 48 86 f7 0d 
|<7>| 000b - 01 01 01 03 81 8c 00 30 81 88 02 81 80 d7 ba 5c 
|<7>| 000c - af a3 0c f0 2e a9 27 56 aa 53 8e a8 eb 7f 81 75 
|<7>| 000d - 4c 6b 98 be 4a ea b7 1e f8 4b c3 6a c4 da 0d 00 
|<7>| 000e - b8 ea 4c 13 1f 36 16 93 de 72 ef c6 a4 5e b2 6e 
|<7>| 000f - b6 ca 0a 88 55 75 90 96 ed a6 57 bc 0c 3b 76 0d 
|<7>| 0010 - 97 1e bd e9 ec 7f d3 a9 ec fb 85 64 a0 6b a0 48 
|<7>| 0011 - ce 77 7e 73 9c 31 13 ff 3d c8 ae a5 60 6e d9 b6 
|<7>| 0012 - 8c 5a 9a 6f b6 be 9f 6a bd a7 f0 a0 33 27 f5 b7 
|<7>| 0013 - 1d 92 e5 96 9c 73 52 d6 9f d6 c8 8e b1 02 03 01 
|<7>| 0014 - 00 01 a3 81 93 30 81 90 30 0c 06 03 55 1d 13 01 
|<7>| 0015 - 01 ff 04 02 30 00 30 1a 06 03 55 1d 11 04 13 30 
|<7>| 0016 - 11 82 0f 74 65 73 74 2e 67 6e 75 74 6c 73 2e 6f 
|<7>| 0017 - 72 67 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 
|<7>| 0018 - 06 01 05 05 07 03 01 30 0f 06 03 55 1d 0f 01 01 
|<7>| 0019 - ff 04 05 03 03 07 a0 00 30 1d 06 03 55 1d 0e 04 
|<7>| 001a - 16 04 14 eb c7 45 6e e5 f8 25 ca 8c 8d 83 0d 74 
|<7>| 001b - e9 86 d4 dd 55 b4 75 30 1f 06 03 55 1d 23 04 18 
|<7>| 001c - 30 16 80 14 e9 3c 1c fb ad 92 6e e6 06 a4 56 2c 
|<7>| 001d - a2 e1 c0 53 27 c8 f2 95 30 0b 06 09 2a 86 48 86 
|<7>| 001e - f7 0d 01 01 05 03 81 81 00 68 51 0f 4e df bb 6f 
|<7>| 001f - 3b c1 b8 e7 fb f9 09 9e 41 c9 f6 f6 44 fa 06 cc 
|<7>| 0020 - a1 d5 11 c9 5d ff 0a 4e 4e 50 45 fc 29 ea 88 1b 
|<7>| 0021 - a7 de 09 41 67 0d 43 f4 bb 60 31 47 82 50 f5 03 
|<7>| 0022 - 05 0d 05 15 f0 77 7a e2 52 c3 27 b3 18 1e 48 3c 
|<7>| 0023 - 58 05 f2 58 6c 32 de a2 13 41 b2 a6 8f 0c 96 fb 
|<7>| 0024 - 5d a8 a5 59 b3 10 29 f0 1b 15 0f 1c 9c ec 60 ac 
|<7>| 0025 - e2 8b 51 04 56 27 42 b7 1f 25 d1 32 16 ea 8d d2 
|<7>| 0026 - c8 69 08 82 bd 02 ee 8b 3a 
|<4>| REC[8076e00]: Sent Packet[2] Handshake(22) with length: 617
|<3>| HSK[8076e00]: CERTIFICATE REQUEST was send [38 bytes]
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[8076e00]: Sending Packet[2] Handshake(22) with length: 38
|<7>| WRITE: Will write 43 bytes to 5.
|<7>| WRITE: wrote 43 bytes to 5. Left 0 bytes. Total 43 bytes.
|<7>| 0000 - 16 03 01 00 26 0d 00 00 22 02 01 02 00 1d 00 1b 
|<7>| 0001 - 30 19 31 17 30 15 06 03 55 04 03 13 0e 47 6e 75 
|<7>| 0002 - 54 4c 53 20 74 65 73 74 20 43 41 
|<4>| REC[8076e00]: Sent Packet[3] Handshake(22) with length: 43
|<3>| HSK[8076e00]: SERVER HELLO DONE was send [4 bytes]
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[8076e00]: Sending Packet[3] Handshake(22) with length: 4
|<7>| WRITE: Will write 9 bytes to 5.
|<7>| WRITE: wrote 9 bytes to 5. Left 0 bytes. Total 9 bytes.
|<7>| 0000 - 16 03 01 00 04 0e 00 00 00 
|<4>| REC[8076e00]: Sent Packet[4] Handshake(22) with length: 9
|<7>| READ: -1 returned from 5, errno=11 gerrno=0
|<2>| ASSERT: gnutls_buffers.c:360
|<2>| ASSERT: gnutls_buffers.c:1152
|<2>| ASSERT: gnutls_handshake.c:1012
|<7>| READ: Got 5 bytes from 5
|<7>| READ: read 5 bytes from 5
|<7>| 0000 - 16 03 01 00 07 
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[8076e00]: Expected Packet[1] Handshake(22) with length: 1
|<4>| REC[8076e00]: Received Packet[1] Handshake(22) with length: 7
|<7>| READ: Got 7 bytes from 5
|<7>| READ: read 7 bytes from 5
|<7>| 0000 - 0b 00 00 03 00 00 00 
|<7>| RB: Have 5 bytes into buffer. Adding 7 bytes.
|<7>| RB: Requested 12 bytes
|<4>| REC[8076e00]: Decrypted Packet[1] Handshake(22) with length: 7
|<6>| BUF[HSK]: Inserted 7 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[8076e00]: CERTIFICATE was received [7 bytes]
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 3 bytes of Data
|<2>| ASSERT: auth_cert.c:877
|<7>| READ: -1 returned from 5, errno=11 gerrno=0
|<2>| ASSERT: gnutls_buffers.c:360
|<2>| ASSERT: gnutls_buffers.c:1152
|<2>| ASSERT: gnutls_handshake.c:1012
|<7>| READ: Got 5 bytes from 5
|<7>| READ: read 5 bytes from 5
|<7>| 0000 - 16 03 01 00 86 
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[8076e00]: Expected Packet[2] Handshake(22) with length: 1
|<4>| REC[8076e00]: Received Packet[2] Handshake(22) with length: 134
|<7>| READ: Got 134 bytes from 5
|<7>| READ: read 134 bytes from 5
|<7>| 0000 - 10 00 00 82 00 80 00 4a d8 ba 15 cc c7 3d 07 2d 
|<7>| 0001 - 24 b3 6a 8b 1a 3f 6d aa d9 63 65 dd 05 e1 71 24 
|<7>| 0002 - 84 7b 54 a2 15 b1 90 1d 08 16 bf 7c c4 f8 c0 a6 
|<7>| 0003 - 3b 44 80 f4 32 dd 4d 83 72 73 82 b2 4c 26 3d 6e 
|<7>| 0004 - ef f1 f7 85 32 9b c1 e7 44 80 79 f0 16 fe 1b 63 
|<7>| 0005 - 05 1d 0d 9e 7b 9a bd 93 63 12 81 7c 2d e5 cb 70 
|<7>| 0006 - 8b ea 33 dc fa dd dd ec 7d b6 09 e2 bd 55 a9 dc 
|<7>| 0007 - 43 b7 92 57 35 f8 3f ea 9c 9b aa 71 a3 f4 3c 9e 
|<7>| 0008 - 0e 66 f7 84 fc 1c 
|<7>| RB: Have 5 bytes into buffer. Adding 134 bytes.
|<7>| RB: Requested 139 bytes
|<4>| REC[8076e00]: Decrypted Packet[2] Handshake(22) with length: 134
|<6>| BUF[HSK]: Inserted 134 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[8076e00]: CLIENT KEY EXCHANGE was received [134 bytes]
|<6>| BUF[REC][HD]: Read 130 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 7 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 130 bytes of Data
|<7>| READ: Got 5 bytes from 5
|<7>| READ: read 5 bytes from 5
|<7>| 0000 - 14 03 01 00 01 
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[8076e00]: Expected Packet[3] Change Cipher Spec(20) with length: 1
|<4>| REC[8076e00]: Received Packet[3] Change Cipher Spec(20) with length: 1
|<7>| READ: Got 1 bytes from 5
|<7>| READ: read 1 bytes from 5
|<7>| 0000 - 01 
|<7>| RB: Have 5 bytes into buffer. Adding 1 bytes.
|<7>| RB: Requested 6 bytes
|<4>| REC[8076e00]: ChangeCipherSpec Packet was received
|<9>| INT: PREMASTER SECRET[48]: 0301098e27eb8e6550ec38ef93f166867e960aae7ddb720c8639c6ad1671190ce312bb7404f79a8e2c94079be95d5df2
|<9>| INT: CLIENT RANDOM[32]: 477e7fea3835d50747e2ea58fd1c39875776ada6bc0ba6416335e9180f445a31
|<9>| INT: SERVER RANDOM[32]: 477e7feac0fd5326e1f92fe2e4c68f0f35efe78324a35cdaa1047c2209a52ec0
|<9>| INT: MASTER SECRET: d3cd83cf9a7d93e1e29c412d25d22b76db818b4f698dd409d0fd2ab660a421366bc616c0c99fd6371ac12ffefb14e23b
|<9>| INT: KEY BLOCK[136]: 02595fa908cf516d7d6ba341e267caeef9a8462e523dd785a40d67c1f2073e11
|<9>| INT: CLIENT WRITE KEY [32]: 0ee1fe93e37314f57e66d59819a600efe8f3735aed5ce459b5b7a18246911b30
|<9>| INT: SERVER WRITE KEY [32]: d9e86b6714ec5f79e612b26f3769b6b1b14ebc14c5cab779b8974c41ac0566e5
|<3>| HSK[8076e00]: Cipher Suite: RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Initializing internal [read] cipher sessions
|<7>| READ: Got 5 bytes from 5
|<7>| READ: read 5 bytes from 5
|<7>| 0000 - 16 03 01 00 30 
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[8076e00]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[8076e00]: Received Packet[0] Handshake(22) with length: 48
|<7>| READ: Got 48 bytes from 5
|<7>| READ: read 48 bytes from 5
|<7>| 0000 - 7a 84 a5 1a b6 35 01 c4 db 5b 5e 33 9c 5f db aa 
|<7>| 0001 - 80 e1 31 05 46 ce 43 01 68 03 39 79 68 3b e9 d3 
|<7>| 0002 - ea 6f 41 3c 43 35 b4 03 ed 41 04 d6 aa 45 65 49 
|<7>| 0003 - 
|<7>| RB: Have 5 bytes into buffer. Adding 48 bytes.
|<7>| RB: Requested 53 bytes
|<4>| REC[8076e00]: Decrypted Packet[0] Handshake(22) with length: 16
|<6>| BUF[HSK]: Inserted 16 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[8076e00]: FINISHED was received [16 bytes]
|<6>| BUF[REC][HD]: Read 12 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 134 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 12 bytes of Data
|<2>| ASSERT: gnutls_handshake.c:620
|<2>| ASSERT: gnutls_handshake.c:2502
|<2>| ASSERT: gnutls_handshake.c:2634
|<6>| BUF[HSK]: Cleared Data from buffer
Error in handshake
Error: An error was encountered at the TLS Finished packet calculation.
|<4>| REC: Sending Alert[2|80] - Internal error
|<4>| REC[8076e00]: Sending Packet[4] Alert(21) with length: 2
|<7>| WRITE: Will write 7 bytes to 5.
|<7>| WRITE: wrote 7 bytes to 5. Left 0 bytes. Total 7 bytes.
|<7>| 0000 - 15 03 01 00 02 02 50 
|<4>| REC[8076e00]: Sent Packet[5] Alert(21) with length: 7
|<2>| ASSERT: gnutls_record.c:260

Debug log [2]:

jas@mocca:~$ ~/bin/gnutls-serv -p 5870  -d 4711 --x509keyfile ~/src/www-gnutls/test-credentials/x509-server-key.pem --x509certfile ~/src/www-gnutls/test-credentials/x509-server.pem   --x509cafile ~/src/www-gnutls/test-credentials/x509-ca.pem  --disable-client-cert
Set static Diffie Hellman parameters, consider --dhparams.
Processed 1 CA certificate(s).
Echo Server ready. Listening to port '5870'.

|<7>| READ: Got 5 bytes from 5
|<7>| READ: read 5 bytes from 5
|<7>| 0000 - 16 03 01 00 33 
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[8076e00]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[8076e00]: Received Packet[0] Handshake(22) with length: 51
|<7>| READ: Got 51 bytes from 5
|<7>| READ: read 51 bytes from 5
|<7>| 0000 - 01 00 00 2f 03 01 47 7e 81 22 69 9e b4 30 84 03 
|<7>| 0001 - ac a9 40 27 eb 83 a9 55 a4 60 e1 82 51 ee 2c b0 
|<7>| 0002 - 8b a1 ea a9 43 6b 00 00 08 00 35 00 2f 00 05 00 
|<7>| 0003 - 0a 01 00 
|<7>| RB: Have 5 bytes into buffer. Adding 51 bytes.
|<7>| RB: Requested 56 bytes
|<4>| REC[8076e00]: Decrypted Packet[0] Handshake(22) with length: 51
|<6>| BUF[HSK]: Inserted 51 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[8076e00]: CLIENT HELLO was received [51 bytes]
|<6>| BUF[REC][HD]: Read 47 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 47 bytes of Data
|<3>| HSK[8076e00]: Client's version: 3.1
|<2>| ASSERT: gnutls_db.c:327
|<2>| ASSERT: gnutls_db.c:247
|<2>| ASSERT: gnutls_extensions.c:159
|<3>| HSK[8076e00]: Removing ciphersuite: PSK_SHA_ARCFOUR_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: PSK_SHA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: PSK_SHA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1
|<3>| HSK[8076e00]: Removing ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[8076e00]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[8076e00]: Selected cipher suite: RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Selected Compression Method: NULL
|<3>| HSK[8076e00]: SessionID: ee4e9fb607619b26881520e2db07a39ed2371ab4551ec8974cb8d359ddc5c8d5
|<3>| HSK[8076e00]: SERVER HELLO was send [74 bytes]
|<6>| BUF[HSK]: Peeked 51 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[8076e00]: Sending Packet[0] Handshake(22) with length: 74
|<7>| WRITE: Will write 79 bytes to 5.
|<7>| WRITE: wrote 79 bytes to 5. Left 0 bytes. Total 79 bytes.
|<7>| 0000 - 16 03 01 00 4a 02 00 00 46 03 01 47 7e 81 22 b9 
|<7>| 0001 - 96 81 9c ac 8b aa ec 38 3e 0a de 6b d6 dd e1 3e 
|<7>| 0002 - dc 55 2d ee 84 49 c4 0a 98 db 41 20 ee 4e 9f b6 
|<7>| 0003 - 07 61 9b 26 88 15 20 e2 db 07 a3 9e d2 37 1a b4 
|<7>| 0004 - 55 1e c8 97 4c b8 d3 59 dd c5 c8 d5 00 35 00 
|<4>| REC[8076e00]: Sent Packet[1] Handshake(22) with length: 79
|<3>| HSK[8076e00]: CERTIFICATE was send [612 bytes]
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[8076e00]: Sending Packet[1] Handshake(22) with length: 612
|<7>| WRITE: Will write 617 bytes to 5.
|<7>| WRITE: wrote 617 bytes to 5. Left 0 bytes. Total 617 bytes.
|<7>| 0000 - 16 03 01 02 64 0b 00 02 60 00 02 5d 00 02 5a 30 
|<7>| 0001 - 82 02 56 30 82 01 c1 a0 03 02 01 02 02 04 46 26 
|<7>| 0002 - 1d 31 30 0b 06 09 2a 86 48 86 f7 0d 01 01 05 30 
|<7>| 0003 - 19 31 17 30 15 06 03 55 04 03 13 0e 47 6e 75 54 
|<7>| 0004 - 4c 53 20 74 65 73 74 20 43 41 30 1e 17 0d 30 37 
|<7>| 0005 - 30 34 31 38 31 33 32 39 32 31 5a 17 0d 30 38 30 
|<7>| 0006 - 34 31 37 31 33 32 39 32 31 5a 30 37 31 1b 30 19 
|<7>| 0007 - 06 03 55 04 0a 13 12 47 6e 75 54 4c 53 20 74 65 
|<7>| 0008 - 73 74 20 73 65 72 76 65 72 31 18 30 16 06 03 55 
|<7>| 0009 - 04 03 13 0f 74 65 73 74 2e 67 6e 75 74 6c 73 2e 
|<7>| 000a - 6f 72 67 30 81 9c 30 0b 06 09 2a 86 48 86 f7 0d 
|<7>| 000b - 01 01 01 03 81 8c 00 30 81 88 02 81 80 d7 ba 5c 
|<7>| 000c - af a3 0c f0 2e a9 27 56 aa 53 8e a8 eb 7f 81 75 
|<7>| 000d - 4c 6b 98 be 4a ea b7 1e f8 4b c3 6a c4 da 0d 00 
|<7>| 000e - b8 ea 4c 13 1f 36 16 93 de 72 ef c6 a4 5e b2 6e 
|<7>| 000f - b6 ca 0a 88 55 75 90 96 ed a6 57 bc 0c 3b 76 0d 
|<7>| 0010 - 97 1e bd e9 ec 7f d3 a9 ec fb 85 64 a0 6b a0 48 
|<7>| 0011 - ce 77 7e 73 9c 31 13 ff 3d c8 ae a5 60 6e d9 b6 
|<7>| 0012 - 8c 5a 9a 6f b6 be 9f 6a bd a7 f0 a0 33 27 f5 b7 
|<7>| 0013 - 1d 92 e5 96 9c 73 52 d6 9f d6 c8 8e b1 02 03 01 
|<7>| 0014 - 00 01 a3 81 93 30 81 90 30 0c 06 03 55 1d 13 01 
|<7>| 0015 - 01 ff 04 02 30 00 30 1a 06 03 55 1d 11 04 13 30 
|<7>| 0016 - 11 82 0f 74 65 73 74 2e 67 6e 75 74 6c 73 2e 6f 
|<7>| 0017 - 72 67 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 
|<7>| 0018 - 06 01 05 05 07 03 01 30 0f 06 03 55 1d 0f 01 01 
|<7>| 0019 - ff 04 05 03 03 07 a0 00 30 1d 06 03 55 1d 0e 04 
|<7>| 001a - 16 04 14 eb c7 45 6e e5 f8 25 ca 8c 8d 83 0d 74 
|<7>| 001b - e9 86 d4 dd 55 b4 75 30 1f 06 03 55 1d 23 04 18 
|<7>| 001c - 30 16 80 14 e9 3c 1c fb ad 92 6e e6 06 a4 56 2c 
|<7>| 001d - a2 e1 c0 53 27 c8 f2 95 30 0b 06 09 2a 86 48 86 
|<7>| 001e - f7 0d 01 01 05 03 81 81 00 68 51 0f 4e df bb 6f 
|<7>| 001f - 3b c1 b8 e7 fb f9 09 9e 41 c9 f6 f6 44 fa 06 cc 
|<7>| 0020 - a1 d5 11 c9 5d ff 0a 4e 4e 50 45 fc 29 ea 88 1b 
|<7>| 0021 - a7 de 09 41 67 0d 43 f4 bb 60 31 47 82 50 f5 03 
|<7>| 0022 - 05 0d 05 15 f0 77 7a e2 52 c3 27 b3 18 1e 48 3c 
|<7>| 0023 - 58 05 f2 58 6c 32 de a2 13 41 b2 a6 8f 0c 96 fb 
|<7>| 0024 - 5d a8 a5 59 b3 10 29 f0 1b 15 0f 1c 9c ec 60 ac 
|<7>| 0025 - e2 8b 51 04 56 27 42 b7 1f 25 d1 32 16 ea 8d d2 
|<7>| 0026 - c8 69 08 82 bd 02 ee 8b 3a 
|<4>| REC[8076e00]: Sent Packet[2] Handshake(22) with length: 617
|<3>| HSK[8076e00]: SERVER HELLO DONE was send [4 bytes]
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[8076e00]: Sending Packet[2] Handshake(22) with length: 4
|<7>| WRITE: Will write 9 bytes to 5.
|<7>| WRITE: wrote 9 bytes to 5. Left 0 bytes. Total 9 bytes.
|<7>| 0000 - 16 03 01 00 04 0e 00 00 00 
|<4>| REC[8076e00]: Sent Packet[3] Handshake(22) with length: 9
|<7>| READ: -1 returned from 5, errno=11 gerrno=0
|<2>| ASSERT: gnutls_buffers.c:360
|<2>| ASSERT: gnutls_buffers.c:1152
|<2>| ASSERT: gnutls_handshake.c:1012
|<7>| READ: Got 5 bytes from 5
|<7>| READ: read 5 bytes from 5
|<7>| 0000 - 16 03 01 00 86 
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[8076e00]: Expected Packet[1] Handshake(22) with length: 1
|<4>| REC[8076e00]: Received Packet[1] Handshake(22) with length: 134
|<7>| READ: Got 134 bytes from 5
|<7>| READ: read 134 bytes from 5
|<7>| 0000 - 10 00 00 82 00 80 c4 49 53 90 12 3a d4 4c 40 e0 
|<7>| 0001 - 1a 70 e1 21 ae 0b 43 4b 26 dd 00 2a 48 b9 70 43 
|<7>| 0002 - 7f 75 55 a6 5b 27 05 80 b8 fc 27 81 64 dd 04 28 
|<7>| 0003 - 19 b2 1b 64 5f 8e 13 90 a2 cd 31 b6 c5 1a fe 6f 
|<7>| 0004 - 77 fc a0 d0 9d e0 48 24 93 07 52 31 79 c8 54 77 
|<7>| 0005 - 81 6e 36 09 72 04 3e 21 5c 15 6a d2 8c 72 65 c6 
|<7>| 0006 - d1 a3 a2 4c e6 44 6f 82 ef b4 34 58 3f f9 3f 72 
|<7>| 0007 - 22 99 6b 8a 62 23 46 0c e6 ac b4 83 50 0a 36 9b 
|<7>| 0008 - 0e 59 6f bf a2 04 
|<7>| RB: Have 5 bytes into buffer. Adding 134 bytes.
|<7>| RB: Requested 139 bytes
|<4>| REC[8076e00]: Decrypted Packet[1] Handshake(22) with length: 134
|<6>| BUF[HSK]: Inserted 134 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[8076e00]: CLIENT KEY EXCHANGE was received [134 bytes]
|<6>| BUF[REC][HD]: Read 130 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 130 bytes of Data
|<7>| READ: Got 5 bytes from 5
|<7>| READ: read 5 bytes from 5
|<7>| 0000 - 14 03 01 00 01 
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[8076e00]: Expected Packet[2] Change Cipher Spec(20) with length: 1
|<4>| REC[8076e00]: Received Packet[2] Change Cipher Spec(20) with length: 1
|<7>| READ: Got 1 bytes from 5
|<7>| READ: read 1 bytes from 5
|<7>| 0000 - 01 
|<7>| RB: Have 5 bytes into buffer. Adding 1 bytes.
|<7>| RB: Requested 6 bytes
|<4>| REC[8076e00]: ChangeCipherSpec Packet was received
|<9>| INT: PREMASTER SECRET[48]: 0301b8adc0c631d4c0b78173285fdf3dd79a8e2a54eedafb47803d4c99f2bffe25d778fe7b7a18a2cb861cd52e70d516
|<9>| INT: CLIENT RANDOM[32]: 477e8122699eb4308403aca94027eb83a955a460e18251ee2cb08ba1eaa9436b
|<9>| INT: SERVER RANDOM[32]: 477e8122b996819cac8baaec383e0ade6bd6dde13edc552dee8449c40a98db41
|<9>| INT: MASTER SECRET: 72cb3bd4090aa2280752dd8826ed6c99da143b90071400871e8e00411fe4ae8cf7d5d8847d83b8cb9b8bc04b15b6d4c0
|<9>| INT: KEY BLOCK[136]: e0ed77336974428c9eaa005d4c3f275a982310570200419029264e70437669a6
|<9>| INT: CLIENT WRITE KEY [32]: 2321d92c1e7235b6e570c4c87775d1bc53f4613d4bc954b13c49979c6cd2e670
|<9>| INT: SERVER WRITE KEY [32]: 79579b995d7163b918dbcf1c323785240c628178869214f97193dc643b3acb0a
|<3>| HSK[8076e00]: Cipher Suite: RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Initializing internal [read] cipher sessions
|<7>| READ: Got 5 bytes from 5
|<7>| READ: read 5 bytes from 5
|<7>| 0000 - 16 03 01 00 30 
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[8076e00]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[8076e00]: Received Packet[0] Handshake(22) with length: 48
|<7>| READ: Got 48 bytes from 5
|<7>| READ: read 48 bytes from 5
|<7>| 0000 - 41 d1 0a e3 00 c5 bd 5a f4 f7 b0 dc 97 f8 9e ad 
|<7>| 0001 - d6 3b 74 c6 1b 67 1b 69 2c 2b ab 3b 18 41 5a 77 
|<7>| 0002 - 29 f4 85 d0 df 06 e7 c2 a1 69 08 ed 6b 58 bf 89 
|<7>| 0003 - 
|<7>| RB: Have 5 bytes into buffer. Adding 48 bytes.
|<7>| RB: Requested 53 bytes
|<4>| REC[8076e00]: Decrypted Packet[0] Handshake(22) with length: 16
|<6>| BUF[HSK]: Inserted 16 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[8076e00]: FINISHED was received [16 bytes]
|<6>| BUF[REC][HD]: Read 12 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 134 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 12 bytes of Data
|<3>| REC[8076e00]: Sent ChangeCipherSpec
|<4>| REC[8076e00]: Sending Packet[3] Change Cipher Spec(20) with length: 1
|<7>| WRITE: Will write 6 bytes to 5.
|<7>| WRITE: wrote 6 bytes to 5. Left 0 bytes. Total 6 bytes.
|<7>| 0000 - 14 03 01 00 01 01 
|<4>| REC[8076e00]: Sent Packet[4] Change Cipher Spec(20) with length: 6
|<3>| HSK[8076e00]: Cipher Suite: RSA_AES_256_CBC_SHA1
|<3>| HSK[8076e00]: Initializing internal [write] cipher sessions
|<6>| BUF[HSK]: Peeked 16 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<3>| HSK[8076e00]: FINISHED was send [16 bytes]
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[8076e00]: Sending Packet[0] Handshake(22) with length: 16
|<7>| WRITE: Will write 53 bytes to 5.
|<7>| WRITE: wrote 53 bytes to 5. Left 0 bytes. Total 53 bytes.
|<7>| 0000 - 16 03 01 00 30 ed 01 52 ea 14 a6 8b 80 21 a4 74 
|<7>| 0001 - 5c 4e f8 56 e0 94 d6 a9 52 c4 17 37 19 bd 69 45 
|<7>| 0002 - c3 64 b5 d4 21 64 8e 17 4e 5c 21 a4 ab 9d 56 16 
|<7>| 0003 - 5c ba fc 6d 43 
|<4>| REC[8076e00]: Sent Packet[1] Handshake(22) with length: 53
|<6>| BUF[HSK]: Cleared Data from buffer

* connection from ::ffff:192.168.1.9, port 43206
- Server has requested a certificate.
- Certificate type: X.509
No certificates found!

- Peer did not send any certificate.
- Version: TLS1.0
- Key Exchange: RSA
- Cipher: AES-256-CBC
- MAC: SHA1
- Compression: NULL
|<7>| READ: -1 returned from 5, errno=11 gerrno=0
|<2>| ASSERT: gnutls_buffers.c:360

Debug log [3]:

jas@mocca:~/src/openssl-0.9.8g/apps$ ./openssl s_server -accept 5870 -cert /home/jas/src/www-gnutls/test-credentials/x509-server.pem -key ~/src/www-gnutls/test-credentials/x509-server-key.pem -CAfile ~/src/www-gnutls/test-credentials/x509-ca.pem -debug  -msg -chain  -verify 0
verify depth is 0
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
read from 0x81c56a0 [0x81cad28] (11 bytes => 11 (0xB))
0000 - 16 03 01 00 33 01 00 00-2f 03 01                  ....3.../..
read from 0x81c56a0 [0x81cad33] (45 bytes => 45 (0x2D))
0000 - 47 7e 88 09 ff e1 e6 1c-f0 13 10 e7 e6 05 19 eb   G~..............
0010 - 7a 1d ee 66 e4 35 50 06-63 75 9f 55 89 ad 36 0f   z..f.5P.cu.U..6.
0020 - 00 00 08 00 35 00 2f 00-05 00 0a 01               ....5./.....
002d - <SPACES/NULS>
<<< TLS 1.0 Handshake [length 0033], ClientHello
    01 00 00 2f 03 01 47 7e 88 09 ff e1 e6 1c f0 13
    10 e7 e6 05 19 eb 7a 1d ee 66 e4 35 50 06 63 75
    9f 55 89 ad 36 0f 00 00 08 00 35 00 2f 00 05 00
    0a 01 00
>>> TLS 1.0 Handshake [length 004a], ServerHello
    02 00 00 46 03 01 47 7e 88 09 04 ac 62 00 c0 bf
    8e a1 10 57 60 3f 86 d4 52 f1 98 6f 74 a2 88 45
    9e 3f d9 ed 60 5e 20 17 d5 3f ef 40 42 25 39 e1
    37 5f 45 7f 62 11 5a 55 a8 38 9f 15 00 e9 cb d6
    10 46 bf 61 6d 77 af 00 35 00
write to 0x81c56a0 [0x81d4ef0] (79 bytes => 79 (0x4F))
0000 - 16 03 01 00 4a 02 00 00-46 03 01 47 7e 88 09 04   ....J...F..G~...
0010 - ac 62 00 c0 bf 8e a1 10-57 60 3f 86 d4 52 f1 98   .b......W`?..R..
0020 - 6f 74 a2 88 45 9e 3f d9-ed 60 5e 20 17 d5 3f ef   ot..E.?..`^ ..?.
0030 - 40 42 25 39 e1 37 5f 45-7f 62 11 5a 55 a8 38 9f   @B%9.7_E.b.ZU.8.
0040 - 15 00 e9 cb d6 10 46 bf-61 6d 77 af 00 35         ......F.amw..5
004f - <SPACES/NULS>
>>> TLS 1.0 Handshake [length 0452], Certificate
    0b 00 04 4e 00 04 4b 00 02 5a 30 82 02 56 30 82
    01 c1 a0 03 02 01 02 02 04 46 26 1d 31 30 0b 06
    09 2a 86 48 86 f7 0d 01 01 05 30 19 31 17 30 15
    06 03 55 04 03 13 0e 47 6e 75 54 4c 53 20 74 65
    73 74 20 43 41 30 1e 17 0d 30 37 30 34 31 38 31
    33 32 39 32 31 5a 17 0d 30 38 30 34 31 37 31 33
    32 39 32 31 5a 30 37 31 1b 30 19 06 03 55 04 0a
    13 12 47 6e 75 54 4c 53 20 74 65 73 74 20 73 65
    72 76 65 72 31 18 30 16 06 03 55 04 03 13 0f 74
    65 73 74 2e 67 6e 75 74 6c 73 2e 6f 72 67 30 81
    9c 30 0b 06 09 2a 86 48 86 f7 0d 01 01 01 03 81
    8c 00 30 81 88 02 81 80 d7 ba 5c af a3 0c f0 2e
    a9 27 56 aa 53 8e a8 eb 7f 81 75 4c 6b 98 be 4a
    ea b7 1e f8 4b c3 6a c4 da 0d 00 b8 ea 4c 13 1f
    36 16 93 de 72 ef c6 a4 5e b2 6e b6 ca 0a 88 55
    75 90 96 ed a6 57 bc 0c 3b 76 0d 97 1e bd e9 ec
    7f d3 a9 ec fb 85 64 a0 6b a0 48 ce 77 7e 73 9c
    31 13 ff 3d c8 ae a5 60 6e d9 b6 8c 5a 9a 6f b6
    be 9f 6a bd a7 f0 a0 33 27 f5 b7 1d 92 e5 96 9c
    73 52 d6 9f d6 c8 8e b1 02 03 01 00 01 a3 81 93
    30 81 90 30 0c 06 03 55 1d 13 01 01 ff 04 02 30
    00 30 1a 06 03 55 1d 11 04 13 30 11 82 0f 74 65
    73 74 2e 67 6e 75 74 6c 73 2e 6f 72 67 30 13 06
    03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07
    03 01 30 0f 06 03 55 1d 0f 01 01 ff 04 05 03 03
    07 a0 00 30 1d 06 03 55 1d 0e 04 16 04 14 eb c7
    45 6e e5 f8 25 ca 8c 8d 83 0d 74 e9 86 d4 dd 55
    b4 75 30 1f 06 03 55 1d 23 04 18 30 16 80 14 e9
    3c 1c fb ad 92 6e e6 06 a4 56 2c a2 e1 c0 53 27
    c8 f2 95 30 0b 06 09 2a 86 48 86 f7 0d 01 01 05
    03 81 81 00 68 51 0f 4e df bb 6f 3b c1 b8 e7 fb
    f9 09 9e 41 c9 f6 f6 44 fa 06 cc a1 d5 11 c9 5d
    ff 0a 4e 4e 50 45 fc 29 ea 88 1b a7 de 09 41 67
    0d 43 f4 bb 60 31 47 82 50 f5 03 05 0d 05 15 f0
    77 7a e2 52 c3 27 b3 18 1e 48 3c 58 05 f2 58 6c
    32 de a2 13 41 b2 a6 8f 0c 96 fb 5d a8 a5 59 b3
    10 29 f0 1b 15 0f 1c 9c ec 60 ac e2 8b 51 04 56
    27 42 b7 1f 25 d1 32 16 ea 8d d2 c8 69 08 82 bd
    02 ee 8b 3a 00 01 eb 30 82 01 e7 30 82 01 52 a0
    03 02 01 02 02 04 46 26 1d 27 30 0b 06 09 2a 86
    48 86 f7 0d 01 01 05 30 19 31 17 30 15 06 03 55
    04 03 13 0e 47 6e 75 54 4c 53 20 74 65 73 74 20
    43 41 30 1e 17 0d 30 37 30 34 31 38 31 33 32 39
    31 31 5a 17 0d 30 38 30 34 31 37 31 33 32 39 31
    31 5a 30 19 31 17 30 15 06 03 55 04 03 13 0e 47
    6e 75 54 4c 53 20 74 65 73 74 20 43 41 30 81 9c
    30 0b 06 09 2a 86 48 86 f7 0d 01 01 01 03 81 8c
    00 30 81 88 02 81 80 be ec 98 7a 1d 6f 7e 6b 25
    9e e8 20 78 42 a0 64 05 66 43 99 6d 49 d5 18 ec
    7d b9 58 64 b2 80 a3 14 61 9d 0a 4f be 2f f0 2e
    fc d2 ab 5c 36 df 53 ec 43 c7 fc de 91 bc 1e 01
    a6 b7 6c b2 07 10 2e cb 61 47 75 ca 03 ce 23 6e
    38 f1 34 27 1a 1a cd f7 96 f3 b3 f0 0d 67 7f ca
    77 84 3f 9c 29 f4 62 91 f6 12 5b 62 5a cc ba ed
    08 2e 32 44 26 ac fd 23 ce 53 1b bb f2 87 fe dc
    78 93 7c 59 bf a1 75 02 03 01 00 01 a3 43 30 41
    30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01
    ff 30 0f 06 03 55 1d 0f 01 01 ff 04 05 03 03 07
    04 00 30 1d 06 03 55 1d 0e 04 16 04 14 e9 3c 1c
    fb ad 92 6e e6 06 a4 56 2c a2 e1 c0 53 27 c8 f2
    95 30 0b 06 09 2a 86 48 86 f7 0d 01 01 05 03 81
    81 00 89 a2 11 a8 67 e9 d6 33 e9 35 e5 61 00 12
    ba d1 25 34 28 80 32 9e 3b ae ee 41 ea e6 97 94
    81 89 fc 25 df 73 37 31 31 04 e1 29 d5 53 a2 a4
    6b 1f e8 6e ba a1 00 21 0c 5a 76 a3 cc e4 cf b6
    47 ef 5c d1 e0 71 16 2a 85 fa 9f 91 26 9f a0 ef
    70 41 ff f6 90 21 9c 6c 4d 1c 90 28 4b b7 33 4c
    ab ff 24 36 49 86 4a 87 c7 2a c4 d5 fb 8b b2 0e
    50 bf 6e 43 4f 0e fe 3d fa 94 a4 88 73 e4 16 e6
    ec 9e
write to 0x81c56a0 [0x81d4ef0] (1111 bytes => 1111 (0x457))
0000 - 16 03 01 04 52 0b 00 04-4e 00 04 4b 00 02 5a 30   ....R...N..K..Z0
0010 - 82 02 56 30 82 01 c1 a0-03 02 01 02 02 04 46 26   ..V0..........F&
0020 - 1d 31 30 0b 06 09 2a 86-48 86 f7 0d 01 01 05 30   .10...*.H......0
0030 - 19 31 17 30 15 06 03 55-04 03 13 0e 47 6e 75 54   .1.0...U....GnuT
0040 - 4c 53 20 74 65 73 74 20-43 41 30 1e 17 0d 30 37   LS test CA0...07
0050 - 30 34 31 38 31 33 32 39-32 31 5a 17 0d 30 38 30   0418132921Z..080
0060 - 34 31 37 31 33 32 39 32-31 5a 30 37 31 1b 30 19   417132921Z071.0.
0070 - 06 03 55 04 0a 13 12 47-6e 75 54 4c 53 20 74 65   ..U....GnuTLS te
0080 - 73 74 20 73 65 72 76 65-72 31 18 30 16 06 03 55   st server1.0...U
0090 - 04 03 13 0f 74 65 73 74-2e 67 6e 75 74 6c 73 2e   ....test.gnutls.
00a0 - 6f 72 67 30 81 9c 30 0b-06 09 2a 86 48 86 f7 0d   org0..0...*.H...
00b0 - 01 01 01 03 81 8c 00 30-81 88 02 81 80 d7 ba 5c   .......0.......\
00c0 - af a3 0c f0 2e a9 27 56-aa 53 8e a8 eb 7f 81 75   ......'V.S.....u
00d0 - 4c 6b 98 be 4a ea b7 1e-f8 4b c3 6a c4 da 0d 00   Lk..J....K.j....
00e0 - b8 ea 4c 13 1f 36 16 93-de 72 ef c6 a4 5e b2 6e   ..L..6...r...^.n
00f0 - b6 ca 0a 88 55 75 90 96-ed a6 57 bc 0c 3b 76 0d   ....Uu....W..;v.
0100 - 97 1e bd e9 ec 7f d3 a9-ec fb 85 64 a0 6b a0 48   ...........d.k.H
0110 - ce 77 7e 73 9c 31 13 ff-3d c8 ae a5 60 6e d9 b6   .w~s.1..=...`n..
0120 - 8c 5a 9a 6f b6 be 9f 6a-bd a7 f0 a0 33 27 f5 b7   .Z.o...j....3'..
0130 - 1d 92 e5 96 9c 73 52 d6-9f d6 c8 8e b1 02 03 01   .....sR.........
0140 - 00 01 a3 81 93 30 81 90-30 0c 06 03 55 1d 13 01   .....0..0...U...
0150 - 01 ff 04 02 30 00 30 1a-06 03 55 1d 11 04 13 30   ....0.0...U....0
0160 - 11 82 0f 74 65 73 74 2e-67 6e 75 74 6c 73 2e 6f   ...test.gnutls.o
0170 - 72 67 30 13 06 03 55 1d-25 04 0c 30 0a 06 08 2b   rg0...U.%..0...+
0180 - 06 01 05 05 07 03 01 30-0f 06 03 55 1d 0f 01 01   .......0...U....
0190 - ff 04 05 03 03 07 a0 00-30 1d 06 03 55 1d 0e 04   ........0...U...
01a0 - 16 04 14 eb c7 45 6e e5-f8 25 ca 8c 8d 83 0d 74   .....En..%.....t
01b0 - e9 86 d4 dd 55 b4 75 30-1f 06 03 55 1d 23 04 18   ....U.u0...U.#..
01c0 - 30 16 80 14 e9 3c 1c fb-ad 92 6e e6 06 a4 56 2c   0....<....n...V,
01d0 - a2 e1 c0 53 27 c8 f2 95-30 0b 06 09 2a 86 48 86   ...S'...0...*.H.
01e0 - f7 0d 01 01 05 03 81 81-00 68 51 0f 4e df bb 6f   .........hQ.N..o
01f0 - 3b c1 b8 e7 fb f9 09 9e-41 c9 f6 f6 44 fa 06 cc   ;.......A...D...
0200 - a1 d5 11 c9 5d ff 0a 4e-4e 50 45 fc 29 ea 88 1b   ....]..NNPE.)...
0210 - a7 de 09 41 67 0d 43 f4-bb 60 31 47 82 50 f5 03   ...Ag.C..`1G.P..
0220 - 05 0d 05 15 f0 77 7a e2-52 c3 27 b3 18 1e 48 3c   .....wz.R.'...H<
0230 - 58 05 f2 58 6c 32 de a2-13 41 b2 a6 8f 0c 96 fb   X..Xl2...A......
0240 - 5d a8 a5 59 b3 10 29 f0-1b 15 0f 1c 9c ec 60 ac   ]..Y..).......`.
0250 - e2 8b 51 04 56 27 42 b7-1f 25 d1 32 16 ea 8d d2   ..Q.V'B..%.2....
0260 - c8 69 08 82 bd 02 ee 8b-3a 00 01 eb 30 82 01 e7   .i......:...0...
0270 - 30 82 01 52 a0 03 02 01-02 02 04 46 26 1d 27 30   0..R.......F&.'0
0280 - 0b 06 09 2a 86 48 86 f7-0d 01 01 05 30 19 31 17   ...*.H......0.1.
0290 - 30 15 06 03 55 04 03 13-0e 47 6e 75 54 4c 53 20   0...U....GnuTLS 
02a0 - 74 65 73 74 20 43 41 30-1e 17 0d 30 37 30 34 31   test CA0...07041
02b0 - 38 31 33 32 39 31 31 5a-17 0d 30 38 30 34 31 37   8132911Z..080417
02c0 - 31 33 32 39 31 31 5a 30-19 31 17 30 15 06 03 55   132911Z0.1.0...U
02d0 - 04 03 13 0e 47 6e 75 54-4c 53 20 74 65 73 74 20   ....GnuTLS test 
02e0 - 43 41 30 81 9c 30 0b 06-09 2a 86 48 86 f7 0d 01   CA0..0...*.H....
02f0 - 01 01 03 81 8c 00 30 81-88 02 81 80 be ec 98 7a   ......0........z
0300 - 1d 6f 7e 6b 25 9e e8 20-78 42 a0 64 05 66 43 99   .o~k%.. xB.d.fC.
0310 - 6d 49 d5 18 ec 7d b9 58-64 b2 80 a3 14 61 9d 0a   mI...}.Xd....a..
0320 - 4f be 2f f0 2e fc d2 ab-5c 36 df 53 ec 43 c7 fc   O./.....\6.S.C..
0330 - de 91 bc 1e 01 a6 b7 6c-b2 07 10 2e cb 61 47 75   .......l.....aGu
0340 - ca 03 ce 23 6e 38 f1 34-27 1a 1a cd f7 96 f3 b3   ...#n8.4'.......
0350 - f0 0d 67 7f ca 77 84 3f-9c 29 f4 62 91 f6 12 5b   ..g..w.?.).b...[
0360 - 62 5a cc ba ed 08 2e 32-44 26 ac fd 23 ce 53 1b   bZ.....2D&..#.S.
0370 - bb f2 87 fe dc 78 93 7c-59 bf a1 75 02 03 01 00   .....x.|Y..u....
0380 - 01 a3 43 30 41 30 0f 06-03 55 1d 13 01 01 ff 04   ..C0A0...U......
0390 - 05 30 03 01 01 ff 30 0f-06 03 55 1d 0f 01 01 ff   .0....0...U.....
03a0 - 04 05 03 03 07 04 00 30-1d 06 03 55 1d 0e 04 16   .......0...U....
03b0 - 04 14 e9 3c 1c fb ad 92-6e e6 06 a4 56 2c a2 e1   ...<....n...V,..
03c0 - c0 53 27 c8 f2 95 30 0b-06 09 2a 86 48 86 f7 0d   .S'...0...*.H...
03d0 - 01 01 05 03 81 81 00 89-a2 11 a8 67 e9 d6 33 e9   ...........g..3.
03e0 - 35 e5 61 00 12 ba d1 25-34 28 80 32 9e 3b ae ee   5.a....%4(.2.;..
03f0 - 41 ea e6 97 94 81 89 fc-25 df 73 37 31 31 04 e1   A.......%.s711..
0400 - 29 d5 53 a2 a4 6b 1f e8-6e ba a1 00 21 0c 5a 76   ).S..k..n...!.Zv
0410 - a3 cc e4 cf b6 47 ef 5c-d1 e0 71 16 2a 85 fa 9f   .....G.\..q.*...
0420 - 91 26 9f a0 ef 70 41 ff-f6 90 21 9c 6c 4d 1c 90   .&...pA...!.lM..
0430 - 28 4b b7 33 4c ab ff 24-36 49 86 4a 87 c7 2a c4   (K.3L..$6I.J..*.
0440 - d5 fb 8b b2 0e 50 bf 6e-43 4f 0e fe 3d fa 94 a4   .....P.nCO..=...
0450 - 88 73 e4 16 e6 ec 9e                              .s.....
>>> TLS 1.0 Handshake [length 002b], CertificateRequest
    0d 00 00 23 03 01 02 40 00 1d 00 1b 30 19 31 17
    30 15 06 03 55 04 03 13 0e 47 6e 75 54 4c 53 20
    74 65 73 74 20 43 41 0e 00 00 00
write to 0x81c56a0 [0x81d4ef0] (48 bytes => 48 (0x30))
0000 - 16 03 01 00 2b 0d 00 00-23 03 01 02 40 00 1d 00   ....+...#...@...
0010 - 1b 30 19 31 17 30 15 06-03 55 04 03 13 0e 47 6e   .0.1.0...U....Gn
0020 - 75 54 4c 53 20 74 65 73-74 20 43 41 0e            uTLS test CA.
0030 - <SPACES/NULS>
read from 0x81c56a0 [0x81cad28] (5 bytes => 5 (0x5))
0000 - 16 03 01 00 07                                    .....
read from 0x81c56a0 [0x81cad2d] (7 bytes => 7 (0x7))
0000 - 0b 00 00 03                                       ....
0007 - <SPACES/NULS>
<<< TLS 1.0 Handshake [length 0007], Certificate
    0b 00 00 03 00 00 00
read from 0x81c56a0 [0x81cad28] (5 bytes => 5 (0x5))
0000 - 16 03 01 00 86                                    .....
read from 0x81c56a0 [0x81cad2d] (134 bytes => 134 (0x86))
0000 - 10 00 00 82 00 80 a6 13-63 71 e6 e0 8e 4d 32 4f   ........cq...M2O
0010 - ce f0 37 75 3a aa 80 af-b1 35 8e 79 ba f3 14 1b   ..7u:....5.y....
0020 - a3 77 7b d1 4e 1c 7c 96-4c 19 0a 57 f9 44 43 7a   .w{.N.|.L..W.DCz
0030 - 7d a2 a8 63 5b 5a 22 e7-46 6b 6b 9c 3e bb 9f 96   }..c[Z".Fkk.>...
0040 - 71 92 32 43 b8 c3 1f 79-54 25 3b 9e 29 83 8d bc   q.2C...yT%;.)...
0050 - 9f 07 8e 62 ba 5f d2 bb-83 bf 9d 65 b2 5d 81 bb   ...b._.....e.]..
0060 - 2c 46 51 ee 7f 1d da 3c-b4 bc f9 72 fd 02 fd 0f   ,FQ....<...r....
0070 - 3b 2f b2 3a 36 12 42 ba-77 05 2e 32 b7 4f f9 d3   ;/.:6.B.w..2.O..
0080 - ef 05 b4 24 6e 95                                 ...$n.
<<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
    10 00 00 82 00 80 a6 13 63 71 e6 e0 8e 4d 32 4f
    ce f0 37 75 3a aa 80 af b1 35 8e 79 ba f3 14 1b
    a3 77 7b d1 4e 1c 7c 96 4c 19 0a 57 f9 44 43 7a
    7d a2 a8 63 5b 5a 22 e7 46 6b 6b 9c 3e bb 9f 96
    71 92 32 43 b8 c3 1f 79 54 25 3b 9e 29 83 8d bc
    9f 07 8e 62 ba 5f d2 bb 83 bf 9d 65 b2 5d 81 bb
    2c 46 51 ee 7f 1d da 3c b4 bc f9 72 fd 02 fd 0f
    3b 2f b2 3a 36 12 42 ba 77 05 2e 32 b7 4f f9 d3
    ef 05 b4 24 6e 95
read from 0x81c56a0 [0x81cad28] (5 bytes => 5 (0x5))
0000 - 14 03 01 00 01                                    .....
read from 0x81c56a0 [0x81cad2d] (1 bytes => 1 (0x1))
0000 - 01                                                .
<<< TLS 1.0 ChangeCipherSpec [length 0001]
    01
read from 0x81c56a0 [0x81cad28] (5 bytes => 5 (0x5))
0000 - 16 03 01 00 30                                    ....0
read from 0x81c56a0 [0x81cad2d] (48 bytes => 48 (0x30))
0000 - de 25 c7 3d 3b db f4 f2-58 c5 d4 de b2 06 5c c4   .%.=;...X.....\.
0010 - ce b6 ec cf 38 c6 73 e2-fa 85 ea fb 6b ee 9d 40   ....8.s.....k..@
0020 - f5 15 b4 da f5 43 fa ca-28 3d 45 c2 dd a3 77 4e   .....C..(=E...wN
<<< TLS 1.0 Handshake [length 0010], Finished
    14 00 00 0c f7 db c2 09 fd 03 0d 27 79 e2 33 40
>>> TLS 1.0 ChangeCipherSpec [length 0001]
    01
write to 0x81c56a0 [0x81d4ef0] (6 bytes => 6 (0x6))
0000 - 14 03 01 00 01 01                                 ......
>>> TLS 1.0 Handshake [length 0010], Finished
    14 00 00 0c 79 a0 30 f7 30 70 8b 5c f3 ca c3 e6
write to 0x81c56a0 [0x81d4ef0] (53 bytes => 53 (0x35))
0000 - 16 03 01 00 30 2f e5 11-51 bd 0e d2 27 bc 65 bb   ....0/..Q...'.e.
0010 - 13 2f a3 9a b5 a2 8c e5-c7 e2 c7 77 99 d8 46 f6   ./.........w..F.
0020 - 80 89 ac f4 a2 67 f6 9f-97 3b e0 ff 3b 93 25 d4   .....g...;..;.%.
0030 - d0 a9 ac c5 88                                    .....
-----BEGIN SSL SESSION PARAMETERS-----
MHUCAQECAgMBBAIANQQgF9U/70BCJTnhN19Ff2IRWlWoOJ8VAOnL1hBGv2Ftd68E
MG8bKoF3TF1ynHAWGcytcmhbVh2eDUcT5Zb4r5UBdazPlfojMQhHlmxFAK2ECpR+
26EGAgRHfogJogQCAgEspAYEBAEAAAA=
-----END SSL SESSION PARAMETERS-----
Shared ciphers:AES256-SHA:AES128-SHA:RC4-SHA:DES-CBC3-SHA
CIPHER is AES256-SHA




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Marc Haber <mh+gnutls-devel@zugschlus.de>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #109 received at 316522@bugs.debian.org (full text, mbox):

From: Marc Haber <mh+gnutls-devel@zugschlus.de>
To: Simon Josefsson <simon@josefsson.org>
Cc: Marc Haber <mh+gnutls-devel@zugschlus.de>, gnutls-devel@gnu.org, 316522@bugs.debian.org
Subject: Re: Interoperability issue with The Bat (Debian Bug #316522)
Date: Fri, 4 Jan 2008 21:16:36 +0100
On Fri, Jan 04, 2008 at 08:29:25PM +0100, Simon Josefsson wrote:
> However, if I start gnutls-serv with --disable-client-cert I get the
> debug log [2] which is a successful TLS handshake!

Interesting.

> Even though the TLS handshake is successful TheBat doesn't send the
> e-mail though, and I don't know why, it may be because it expects CRLF
> and I only sent LF.

gnutls-serv is an echo server and will echo everything the client says
back to the client. You cannot type on a gnutls-serv's stdin and
expect it to sent what you type back to the client.

Been there, fallen into this particular pit as well.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Nikos Mavrogiannopoulos <nmav@gnutls.org>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #114 received at 316522@bugs.debian.org (full text, mbox):

From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
To: gnutls-devel@gnu.org
Cc: Simon Josefsson <simon@josefsson.org>, Marc Haber <mh+gnutls-devel@zugschlus.de>, 316522@bugs.debian.org
Subject: Re: Interoperability issue with The Bat (Debian Bug #316522)
Date: Tue, 8 Jan 2008 21:19:15 +0200
On Friday 04 January 2008, Simon Josefsson wrote:
> Simon Josefsson <simon@josefsson.org> writes:
> >> It might be possible (judging from
> >> https://www.ritlabs.com/bt/view.php?id=5785) that The Bat by default
> >> refuses to talk TLS to a server presenting a self-signed certificate.
> >
> > I also note that it is possible to download trial versions of TheBat.
> > If we can get a recipe to reproduce the problem using it, that would
> > help a lot.
> TheBat works under Wine, so I downloaded it and debugged this... FWIW, I
> can reproduce the problem:
> 2008-01-04 19:03:02 TLS error on connection from xxx.bredband.comhem.se
> (mocca.local) [x.y.z.q] (gnutls_handshake): An error was encountered at the
> TLS Finished packet calculation.
> Using gnutls-serv, I get the connection debug log [1] below.  TheBat
> complains that the CA is untrusted, and I have to click continue.  Then
> it fails with the TLS Finished packet calculation error.

Could you try with different protocol/algorithm combinations? I think the 
output of connection with gnutls using SSL 3.0 and arcfour might be useful 
too.

> However, if I start gnutls-serv with --disable-client-cert I get the
> debug log [2] which is a successful TLS handshake!

An idea might be that it doesn't insert the certificate request message to the 
handshake hash. Openssl has several compatibility options enabled by default 
and this might be one, but I am not sure, I only speculate!

regards,
Nikos




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Alexander Myodov <maa_public@sinn.ru>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #119 received at 316522@bugs.debian.org (full text, mbox):

From: Alexander Myodov <maa_public@sinn.ru>
To: Simon Josefsson <simon@josefsson.org>
Cc: 316522@bugs.debian.org
Subject: Re: exim4-daemon-light: TLS connections fail with "An error was encountered at the TLS Finished packet calculation."
Date: Mon, 14 Jan 2008 14:21:52 +0300
[Message part 1 (text/plain, inline)]
Simon,

I see you managed to run The Bat under Wine and reproduce the issue - 
that's good, cause I disabled my mail system since that bug report 
already, and trying to reproduce the issue will require a lot of efforts 
to make it running again. Sorry for that.

But as far as I remember the issue, I did established the trust with my 
own self-signed certificate (used on the mail server) in The Bat before 
the issue. And everything worked successfully, until the new version of 
Exim was released. If I reported it by 4.50 version, it is most likely 
that the last working version was something reeeally old. I can't 
already find the exact Debian snapshot used to setup the system, but I 
think the working version was something about 4.33 or 4.34.


On Пт, 2008-01-04 at 18:20 +0100, Simon Josefsson wrote:
Hi Alexander!  I'm trying to help with this bug.  Can you still
> reproduce the problem with TheBat?  With which versions of exim/gnutls?
> You reported the problem in 2005/2006, so things may have changed...
>
> You said earlier versions of exim worked, can you pin-point which
> version it worked and which it stopped working in?  Can you reproduce
> that it works?
>
> To debug this, it would help if you could run gnutls-serv or openssl
> s_client on a host, and try to talk to it using TheBat.  Try:
>
> $ gnutls-serv --port 465 --x509keyfile KEY.pem --x509certfile 
CERT.pem --debug
>
> Also, if you are able to re-build exim4 with openssl, testing that
> configuration together with TheBat would also be useful.
>
> Can you reproduce this using a recent version of TheBat?  I see that it
> is possible to download TheBat and use it for free for 30 days, so if
> you can confirm that this happens with the latest version of TheBat and
> exim4+gnutls I can download it and try to debug this problem myself.
>
> Thanks,
> /Simon
[Message part 2 (text/html, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Simon Josefsson <simon@josefsson.org>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #124 received at 316522@bugs.debian.org (full text, mbox):

From: Simon Josefsson <simon@josefsson.org>
To: Alexander Myodov <maa_public@sinn.ru>
Cc: 316522@bugs.debian.org
Subject: Re: exim4-daemon-light: TLS connections fail with "An error was encountered at the TLS Finished packet calculation."
Date: Mon, 14 Jan 2008 12:25:01 +0100
Hi.  Thanks for the information.  The problem is most likely not
exim-related but gnutls-related, so if you have any idea on what the
gnutls version was, that would help.  I could try older versions of
gnutls against TheBat to see if I can get it working, and then try to
find the differences, but it may be too much work.

There is a difference between gnutls and openssl here, in that gnutls
sends the CERTIFICATE_REQUEST message by default, and we should think
more about whether we could change that.  That is something that exim
could ask gnutls to do, though, so this may be a exim change.

/Simon

Alexander Myodov <maa_public@sinn.ru> writes:

> Simon,
>
> I see you managed to run The Bat under Wine and reproduce the issue - 
> that's good, cause I disabled my mail system since that bug report
> already, and trying to reproduce the issue will require a lot of
> efforts to make it running again. Sorry for that.
>
> But as far as I remember the issue, I did established the trust with
> my own self-signed certificate (used on the mail server) in The Bat
> before the issue. And everything worked successfully, until the new
> version of Exim was released. If I reported it by 4.50 version, it is
> most likely that the last working version was something reeeally
> old. I can't already find the exact Debian snapshot used to setup the
> system, but I think the working version was something about 4.33 or
> 4.34.
>
>
> On Пт, 2008-01-04 at 18:20 +0100, Simon Josefsson wrote:
> Hi Alexander!  I'm trying to help with this bug.  Can you still
>> reproduce the problem with TheBat?  With which versions of exim/gnutls?
>> You reported the problem in 2005/2006, so things may have changed...
>>
>> You said earlier versions of exim worked, can you pin-point which
>> version it worked and which it stopped working in?  Can you reproduce
>> that it works?
>>
>> To debug this, it would help if you could run gnutls-serv or openssl
>> s_client on a host, and try to talk to it using TheBat.  Try:
>>
>> $ gnutls-serv --port 465 --x509keyfile KEY.pem --x509certfile 
> CERT.pem --debug
>>
>> Also, if you are able to re-build exim4 with openssl, testing that
>> configuration together with TheBat would also be useful.
>>
>> Can you reproduce this using a recent version of TheBat?  I see that it
>> is possible to download TheBat and use it for free for 30 days, so if
>> you can confirm that this happens with the latest version of TheBat and
>> exim4+gnutls I can download it and try to debug this problem myself.
>>
>> Thanks,
>> /Simon




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#316522; Package exim4-daemon-light. Full text and rfc822 format available.

Acknowledgement sent to Simon Josefsson <simon@josefsson.org>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #129 received at 316522@bugs.debian.org (full text, mbox):

From: Simon Josefsson <simon@josefsson.org>
To: Alexander Myodov <maa_public@sinn.ru>
Cc: 316522@bugs.debian.org
Subject: Workaround available
Date: Tue, 04 Mar 2008 14:11:33 +0100
Hi Alexander,

I think we have identified the problem -- TheBat doesn't handle
certificate request messages properly.  To work around this problem, you
can add "MAIN_TLS_TRY_VERIFY_HOSTS=" in the exim configuration.

It would be helpful if you could test this and confirm whether it works
or not.

This bug is quite similar to #459323, see:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459323

That bug is closed to being closed, and documenting the workaround
should fix this bug as well.

Btw, in message #104 I incorrectly thought gnutls-serv
--disable-client-cert had problems, but it was just my incorrect usage:
gnutls-serv doesn't read for input on stdin, so it was not strange that
TheBat didn't try to send any e-mail.

/Simon




Reply sent to Andreas Metzler <ametzler@debian.org>:
You have taken responsibility. (Sat, 17 Oct 2009 16:39:03 GMT) Full text and rfc822 format available.

Notification sent to Alexander Myodov <maa_public@sinn.ru>:
Bug acknowledged by developer. (Sat, 17 Oct 2009 16:39:03 GMT) Full text and rfc822 format available.

Message #134 received at 316522-close@bugs.debian.org (full text, mbox):

From: Andreas Metzler <ametzler@debian.org>
To: 316522-close@bugs.debian.org
Subject: Bug#316522: fixed in exim4 4.70~cvs+20091017-1
Date: Sat, 17 Oct 2009 16:20:00 +0000
Source: exim4
Source-Version: 4.70~cvs+20091017-1

We believe that the bug you reported is fixed in the latest version of
exim4, which is due to be installed in the Debian FTP archive:

exim4-base_4.70~cvs+20091017-1_i386.deb
  to pool/main/e/exim4/exim4-base_4.70~cvs+20091017-1_i386.deb
exim4-config_4.70~cvs+20091017-1_all.deb
  to pool/main/e/exim4/exim4-config_4.70~cvs+20091017-1_all.deb
exim4-daemon-heavy-dbg_4.70~cvs+20091017-1_i386.deb
  to pool/main/e/exim4/exim4-daemon-heavy-dbg_4.70~cvs+20091017-1_i386.deb
exim4-daemon-heavy_4.70~cvs+20091017-1_i386.deb
  to pool/main/e/exim4/exim4-daemon-heavy_4.70~cvs+20091017-1_i386.deb
exim4-daemon-light-dbg_4.70~cvs+20091017-1_i386.deb
  to pool/main/e/exim4/exim4-daemon-light-dbg_4.70~cvs+20091017-1_i386.deb
exim4-daemon-light_4.70~cvs+20091017-1_i386.deb
  to pool/main/e/exim4/exim4-daemon-light_4.70~cvs+20091017-1_i386.deb
exim4-dbg_4.70~cvs+20091017-1_i386.deb
  to pool/main/e/exim4/exim4-dbg_4.70~cvs+20091017-1_i386.deb
exim4-dev_4.70~cvs+20091017-1_i386.deb
  to pool/main/e/exim4/exim4-dev_4.70~cvs+20091017-1_i386.deb
exim4_4.70~cvs+20091017-1.diff.gz
  to pool/main/e/exim4/exim4_4.70~cvs+20091017-1.diff.gz
exim4_4.70~cvs+20091017-1.dsc
  to pool/main/e/exim4/exim4_4.70~cvs+20091017-1.dsc
exim4_4.70~cvs+20091017-1_all.deb
  to pool/main/e/exim4/exim4_4.70~cvs+20091017-1_all.deb
exim4_4.70~cvs+20091017.orig.tar.gz
  to pool/main/e/exim4/exim4_4.70~cvs+20091017.orig.tar.gz
eximon4_4.70~cvs+20091017-1_i386.deb
  to pool/main/e/exim4/eximon4_4.70~cvs+20091017-1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 316522@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Metzler <ametzler@debian.org> (supplier of updated exim4 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Format: 1.8
Date: Sat, 17 Oct 2009 14:26:54 +0200
Source: exim4
Binary: exim4-base exim4-config exim4-daemon-light exim4 exim4-daemon-heavy exim4-daemon-custom eximon4 exim4-dbg exim4-daemon-light-dbg exim4-daemon-heavy-dbg exim4-daemon-custom-dbg exim4-dev
Architecture: source i386 all
Version: 4.70~cvs+20091017-1
Distribution: experimental
Urgency: low
Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description: 
 exim4      - metapackage to ease Exim MTA (v4) installation
 exim4-base - support files for all Exim MTA (v4) packages
 exim4-config - configuration for the Exim MTA (v4)
 exim4-daemon-custom - custom Exim MTA (v4) daemon with locally set features
 exim4-daemon-custom-dbg - debugging symbols for the Exim MTA (v4) packages
 exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac
 exim4-daemon-heavy-dbg - debugging symbols for the Exim MTA (v4) packages
 exim4-daemon-light - lightweight Exim MTA (v4) daemon
 exim4-daemon-light-dbg - debugging symbols for the Exim MTA (v4) packages
 exim4-dbg  - debugging symbols for the Exim MTA (v4) packages
 exim4-dev  - header files for the Exim MTA (v4) packages
 eximon4    - monitor application for the Exim MTA (v4) (X11 interface)
Closes: 316522 459883 471425 482012 486436 486437 515503 515999 543354 544292
Changes: 
 exim4 (4.70~cvs+20091017-1) experimental; urgency=low
 .
   * Fix syntax errors in README.Debian.xml. (Thank's, Daniel Leidert)
   * New upstream cvs snapshot.
     + Drop unnecessary patches: 36_pcre 37_exiwhatpsmisc.
     + Close dovecot socket after wrong password was given. Closes: #515503
     + Standalone DKIM support. Obsoletes and therefore
       Closes: #486437,#459883
   * Drop upstream URL from package descriptions. Closes: #471425
   * [patches/00_unpack.dpatch] Drop workaround for tar 1.14, even oldstable
     has 1.16. Closes: #486436.
   * Do not set 'tls_try_verify_hosts = *' by default anymore. Some clients
     (e.g Outlook) will terminate the SSL connection when the server presents
     the long list of accepted TLS certificates after STARTTLS. If TLS
     certificate validation of clients is needed you'll need to set
     MAIN_TLS_TRY_VERIFY_HOSTS again and point MAIN_TLS_VERIFY_CERTIFICATES to
     a file containing only the accepted certificates.
     Closes: #515999, #316522, #482012
   * Add debian/README.source. (Policy 3.8.3)
   * Fix typo in update-exim4.conf.8.
     Thanks to Calum Mackay. Closes: #543354
   * Listen on IPv6 loopback interface by default. (Only applies to fresh
     installations.) Closes: #544292
   * upstream default configure file explicitly disables dkim in some
     instances. Merge into Debian config and update debian/example.conf.md5.
     Bump Conflicts of exim4-config package.
Checksums-Sha1: 
 e9b7bed8be83507e39df386a7bb79d3debd778e0 1686 exim4_4.70~cvs+20091017-1.dsc
 d0419c898ab5f9ccb8fc17a578c308ee246204ce 2134427 exim4_4.70~cvs+20091017.orig.tar.gz
 5d30cfa49fb7eddc46653b51edb70eba71dc7d84 558195 exim4_4.70~cvs+20091017-1.diff.gz
 54f6b520229a0edc6c0430452efe1be2b99a100b 999030 exim4-base_4.70~cvs+20091017-1_i386.deb
 c0661efeccc6ae281a96ca63121826dc467bd04d 99620 eximon4_4.70~cvs+20091017-1_i386.deb
 6325df95063c2e36ad8272e0c46c928dd5ee21cc 459442 exim4-daemon-light_4.70~cvs+20091017-1_i386.deb
 17e164a20d79387cf578544f0ccf74128c6671fe 507900 exim4-daemon-heavy_4.70~cvs+20091017-1_i386.deb
 2f6f23048dece4c37070153f4c3f6e339a758a52 719568 exim4-daemon-light-dbg_4.70~cvs+20091017-1_i386.deb
 33908ceedeee38b1815f54de0fbe5383368fe029 806238 exim4-daemon-heavy-dbg_4.70~cvs+20091017-1_i386.deb
 6bef107f9a87f7bea598ebc6c0566d3b4f36c8a8 266450 exim4-dbg_4.70~cvs+20091017-1_i386.deb
 235e5735573c0e51c4b75733a1fd3983b452fff3 72526 exim4-dev_4.70~cvs+20091017-1_i386.deb
 52751e82a7e39d15b24a7b92f609ae9615bb43fe 372606 exim4-config_4.70~cvs+20091017-1_all.deb
 26e6837b57e11327b00bc28278f9aa977a2485e6 7894 exim4_4.70~cvs+20091017-1_all.deb
Checksums-Sha256: 
 fd035e9bb076e1ba754db415ae6c67f0135687346b7ec8abb13d88ba7f19a33e 1686 exim4_4.70~cvs+20091017-1.dsc
 b5ea710d1fe92f740556cac623a8cd2d3592429d8213411d85c103622110487e 2134427 exim4_4.70~cvs+20091017.orig.tar.gz
 ba17d1727e0e5598e0327a2d289432b1bc70488073de04ffa2c86ad13704ef6d 558195 exim4_4.70~cvs+20091017-1.diff.gz
 4e28ca87eb90682ab74cea99256f6552a3f914a184691fd91a7bb8c3a5015978 999030 exim4-base_4.70~cvs+20091017-1_i386.deb
 6f76fffbff84bcd06d448203567f69fd3975b4adcc6210ba4e4c11041287094e 99620 eximon4_4.70~cvs+20091017-1_i386.deb
 6a19f3642b13ddeff77291d5e7cfeb9f1cf39ac0494da6588c1479c51c766c44 459442 exim4-daemon-light_4.70~cvs+20091017-1_i386.deb
 4ff2f9e25c9e6910c858592f5c7ca8a8e67ff5bc257c3c54e4e63b8647938ab8 507900 exim4-daemon-heavy_4.70~cvs+20091017-1_i386.deb
 f08eb0f3872e9b0214fa34f45bfa7444007496b5091e4f103845205a05c55a14 719568 exim4-daemon-light-dbg_4.70~cvs+20091017-1_i386.deb
 11f47503fbb48509392113f710db8f49938f8c648cb72c8b8bbbb0340d100d6c 806238 exim4-daemon-heavy-dbg_4.70~cvs+20091017-1_i386.deb
 c3a1472584f7a7e7d5c6422ce54a5d2030a31760db38b2b3f2368a7aa2682e26 266450 exim4-dbg_4.70~cvs+20091017-1_i386.deb
 175e066442e8c78eb32dce8c429adca595c161c6e868fd9483e3c0340a683a0e 72526 exim4-dev_4.70~cvs+20091017-1_i386.deb
 7bf7d3f69830fa2cb91553a31cd71914b8b7b38fa9eb0c194c115dcd62ee26de 372606 exim4-config_4.70~cvs+20091017-1_all.deb
 3e36757e01ed58b7da7edb2b30a59e1978edee207091f36112006f48e4e671a9 7894 exim4_4.70~cvs+20091017-1_all.deb
Files: 
 1f770b26fe5d41bb69e8ca019839ae89 1686 mail standard exim4_4.70~cvs+20091017-1.dsc
 10915b64e67d55cf7194e73d00ee41fe 2134427 mail standard exim4_4.70~cvs+20091017.orig.tar.gz
 4516d68460e14bc20aa70850b2b5085f 558195 mail standard exim4_4.70~cvs+20091017-1.diff.gz
 6ab461299e025f66e66ca74a5a296049 999030 mail standard exim4-base_4.70~cvs+20091017-1_i386.deb
 77f729a6d0fbeffd18e9298a14bec124 99620 mail optional eximon4_4.70~cvs+20091017-1_i386.deb
 0de932912e7ed6883b7c652042760551 459442 mail standard exim4-daemon-light_4.70~cvs+20091017-1_i386.deb
 6e3d090293eb4f81b43285a3dbac32f4 507900 mail optional exim4-daemon-heavy_4.70~cvs+20091017-1_i386.deb
 b95809420720a986318c12c6a08feded 719568 debug extra exim4-daemon-light-dbg_4.70~cvs+20091017-1_i386.deb
 4f3d8d8f6376e1712f84563420b4f9c4 806238 debug extra exim4-daemon-heavy-dbg_4.70~cvs+20091017-1_i386.deb
 dc4cc6939ec71fa0e1b7c5b0c085eea4 266450 debug extra exim4-dbg_4.70~cvs+20091017-1_i386.deb
 7d32bfb0a48fdd3f307dff6331eeec5c 72526 mail extra exim4-dev_4.70~cvs+20091017-1_i386.deb
 24a5978f8e91879e01e4a7a1bff052fd 372606 mail standard exim4-config_4.70~cvs+20091017-1_all.deb
 6c5f5247d672cc9609d491c57d52e4c8 7894 mail standard exim4_4.70~cvs+20091017-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEAREDAAYFAkrZ0KcACgkQHTOcZYuNdmN9BwCcCQL7RBbD9hlmnljXriB04gKW
8bYAoKLm+Ez2EHhpha1yvm2HvrgxjjJJ
=ZUet
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 06 Jan 2010 07:29:43 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Mon Apr 21 06:02:52 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.