Bugs item #3527994, was opened at 2012-05-18 11:17
Message generated for change (Comment added) made by legoscia
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=586350&aid=3527994&group_id=88346
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Elias Pipping (pipping)
Assigned to: Nobody/Anonymous (nobody)
Summary: Problems with native gnutls
Initial Comment:
Ever since
commit f54c1b54b308f38caac66ae567e5f64f6adc631c
Author: Magnus Henoch <legoscia@...>
Date: Tue May 15 22:39:43 2012 +0100
Support native GnuTLS for STARTTLS
[..]
I've found myself unable to connect to lavabit.com using starttls. Here's what I found in my message buffer:
gnutls.c: [0] (Emacs) fatal error: The TLS connection was non-properly terminated.
gnutls.el: (err=[-110] The TLS connection was non-properly terminated.) boot: (:priority NORMAL :hostname lavabit.com :loglevel 0 :min-prime-bits nil :trustfiles (/etc/ssl/certs/ca-certificates.crt) :crlfiles nil :keylist nil :verify-flags nil :verify-error t :verify-hostname-error t :callbacks nil)
gnutls.c: [0] (Emacs) fatal error: The specified session has been invalidated for some reason. [100 times]
ME@...: connection lost: `connection broken by remote peer
'
(where i replaced my username with ME)
Here's the relevant part of my config:
(setq jabber-account-list '(("ME@..."
(:password . "PASSWORD")
(:network-server . "lavabit.com")
(:connection-type . starttls)
(:port . 5222)))
----------------------------------------------------------------------
>Comment By: Magnus Henoch (legoscia)
Date: 2012-06-20 07:06
Message:
That's good to hear; I was running out of things to try :) Closing this
ticket.
----------------------------------------------------------------------
Comment By: Elias Pipping (pipping)
Date: 2012-06-04 09:56
Message:
Sorry, my testing must've been flawed somehow.
I updated and tried again, now it works. Bisection led me to
c382ddead8c42452c3838263f41fc5ba0d997d62. Thanks :)
----------------------------------------------------------------------
Comment By: Elias Pipping (pipping)
Date: 2012-05-31 08:08
Message:
That doesn't seem to change anything.
A message that is written to the line at the bottom of the screen but not
the message buffer is this btw:
connection lost: `STARTTLS negotation files: GnuTLS error: #<process
jabber>, -110'
----------------------------------------------------------------------
Comment By: Magnus Henoch (legoscia)
Date: 2012-05-31 02:27
Message:
Just stumbled upon another thing: in the function jabber-ssl-send in
jabber-conn.el, there are two calls to process-send-string, the second one
just sending an extra newline. Could you try commenting out the second one?
----------------------------------------------------------------------
Comment By: Elias Pipping (pipping)
Date: 2012-05-30 15:26
Message:
I'm on emacs 24.0.97.1 and gnutls 3.0.19.
----------------------------------------------------------------------
Comment By: Magnus Henoch (legoscia)
Date: 2012-05-30 13:53
Message:
Sorry about the delay in responding...
I'm seeing this myself on Mac OS X, with Emacs 24.1.50 and GnuTLS 2.12.11
from Macports; it worked on a Linux machine I have no access to at the
moment... Which OS and GnuTLS version are you using? Are you able to try
different ones?
I discovered that setting gnutls-log-level to 5 yields more log messages,
but they don't tell me very much; pasting here in case it makes the problem
obvious to someone:
gnutls.c: [1] (Emacs) allocating credentials
gnutls.c: [2] (Emacs) allocating x509 credentials
gnutls.c: [2] (Emacs) using default verification flags
gnutls.c: [1] (Emacs) gnutls callbacks
gnutls.c: [1] (Emacs) gnutls_init
gnutls.c: [4] REC[0x11c53de00]: Allocating epoch #0
gnutls.c: [1] (Emacs) got non-default priority string: NORMAL
gnutls.c: [1] (Emacs) setting the priority string
gnutls.c: [2] ASSERT: gnutls_constate.c:695
gnutls.c: [4] REC[0x11c53de00]: Allocating epoch #1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_RSA_AES_128_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_RSA_AES_128_CBC_SHA256
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_RSA_CAMELLIA_128_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_RSA_AES_256_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_RSA_AES_256_CBC_SHA256
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_RSA_CAMELLIA_256_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_RSA_3DES_EDE_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_DSS_AES_128_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_DSS_AES_128_CBC_SHA256
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_DSS_CAMELLIA_128_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_DSS_AES_256_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_DSS_AES_256_CBC_SHA256
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_DSS_CAMELLIA_256_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
DHE_DSS_3DES_EDE_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
RSA_AES_128_CBC_SHA256
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
RSA_CAMELLIA_128_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
RSA_AES_256_CBC_SHA256
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite:
RSA_CAMELLIA_256_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
gnutls.c: [3] HSK[0x11c53de00]: Keeping ciphersuite: RSA_ARCFOUR_MD5
gnutls.c: [2] EXT[0x11c53de00]: Sending extension SAFE RENEGOTIATION (1
bytes)
gnutls.c: [2] EXT[SIGA]: sent signature algo (4.2) DSA-SHA256
gnutls.c: [2] EXT[SIGA]: sent signature algo (4.1) RSA-SHA256
gnutls.c: [2] EXT[SIGA]: sent signature algo (2.1) RSA-SHA1
gnutls.c: [2] EXT[SIGA]: sent signature algo (2.2) DSA-SHA1
gnutls.c: [2] EXT[0x11c53de00]: Sending extension SIGNATURE ALGORITHMS (10
bytes)
gnutls.c: [3] HSK[0x11c53de00]: CLIENT HELLO was sent [112 bytes]
gnutls.c: [6] BUF[HSK]: Inserted 112 bytes of Data
gnutls.c: [7] HWRITE: enqueued 112. Total 112 bytes.
gnutls.c: [7] HWRITE FLUSH: 112 bytes in buffer.
gnutls.c: [4] REC[0x11c53de00]: Sending Packet[0] Handshake(22) with
length: 112
gnutls.c: [7] WRITE: enqueued 117 bytes for 0xb. Total 117 bytes.
gnutls.c: [4] REC[0x11c53de00]: Sent Packet[1] Handshake(22) with length:
117
gnutls.c: [7] HWRITE: wrote 112 bytes, 0 bytes left.
gnutls.c: [7] WRITE FLUSH: 117 bytes in buffer.
gnutls.c: [7] WRITE: wrote 117 bytes, 0 bytes left.
gnutls.c: [7] READ: -1 returned from 0xb, errno=35 gerrno=0
gnutls.c: [1] (Emacs) non-fatal error: Resource temporarily unavailable,
try again.
gnutls.c: [7] READ: Got 0 bytes from 0xb
gnutls.c: [7] READ: read 0 bytes from 0xb
gnutls.c: [2] ASSERT: gnutls_buffers.c:640
gnutls.c: [2] ASSERT: gnutls_record.c:969
gnutls.c: [2] ASSERT: gnutls_handshake.c:2762
gnutls.c: [6] BUF[HSK]: Cleared Data from buffer
gnutls.c: [0] (Emacs) fatal error: A TLS packet with unexpected length was
received.
gnutls.c: [4] REC: Sending Alert[2|22] - Record overflow
gnutls.c: [4] REC[0x11c53de00]: Sending Packet[1] Alert(21) with length: 2
gnutls.c: [7] WRITE: enqueued 7 bytes for 0xb. Total 7 bytes.
gnutls.c: [7] WRITE FLUSH: 7 bytes in buffer.
gnutls.c: [7] WRITE: wrote 7 bytes, 0 bytes left.
gnutls.c: [4] REC[0x11c53de00]: Sent Packet[2] Alert(21) with length: 7
gnutls.el: (err=[-9] A TLS packet with unexpected length was received.)
boot: (:priority NORMAL :hostname jabber.se :loglevel 10 :min-prime-bits
nil :trustfiles nil :crlfiles nil :keylist nil :verify-flags nil
:verify-error t :verify-hostname-error t :callbacks nil)
gnutls.c: [2] (Emacs) Deallocating x509 credentials
gnutls.c: [6] BUF[HSK]: Cleared Data from buffer
gnutls.c: [4] REC[0x11c53de00]: Epoch #0 freed
gnutls.c: [4] REC[0x11c53de00]: Epoch #1 freed
----------------------------------------------------------------------
Comment By: Elias Pipping (pipping)
Date: 2012-05-19 07:44
Message:
After
commit 1dca591d17cf084e6d870f55898e9343926f8bb8
Author: Magnus Henoch <magnus.henoch@...>
Date: Sat May 19 15:01:05 2012 +0100
Fix reporting of STARTTLS negotiation errors [..]
My message buffer looks like this:
Sat May 19 16:40:07 2012: Starting jabber-connection
Sat May 19 16:40:07 2012: jabber-connection enters :connecting
Sat May 19 16:40:07 2012: Found enter function for :connecting: #[(fsm
state-data) "\306�\307\"�\310 !�\306�\311\"�\306�\312\"�\306�\313\"�
�
��
$\210-�\314D\207" [state-data connection-type connect-function server
network-server port plist-get :connection-type jabber-get-connect-function
:server :network-server :port nil fsm] 5]
Sat May 19 16:40:07 2012: Using data from enter function
Sat May 19 16:40:07 2012: Sent :connected to jabber-connection in state
:connecting
Sat May 19 16:40:07 2012: jabber-connection enters :connected
Sat May 19 16:40:07 2012: Found enter function for :connected: #[(fsm
state-data) "\303�!\210\304�
\305D\207" [fsm *jabber-connected* state-data jabber-send-stream-header t
nil] 2]
Sat May 19 16:40:07 2012: Using data from enter function
Sat May 19 16:40:07 2012: Sent :filter to jabber-connection in state
:connected
Sat May 19 16:40:07 2012: Sent :stream-start to jabber-connection in state
:connected
Sat May 19 16:40:08 2012: Sent :filter to jabber-connection in state
:connected
Sat May 19 16:40:08 2012: Sent :stanza to jabber-connection in state
:connected
Sat May 19 16:40:08 2012: jabber-connection enters :starttls
Sat May 19 16:40:08 2012: Found enter function for :starttls: #[(fsm
state-data) "\302�!\210 \303D\207" [fsm state-data jabber-starttls-initiate
nil] 2]
Sat May 19 16:40:08 2012: Using data from enter function
Sat May 19 16:40:08 2012: Sent :filter to jabber-connection in state
:starttls
Sat May 19 16:40:08 2012: Sent :stanza to jabber-connection in state
:starttls
Sat May 19 16:40:08 2012: jabber-connection enters nil
Sat May 19 16:40:08 2012: Found enter function for nil: #[(fsm state-data)
"\306�\307\"�\310 !\203\"
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=586350&aid=3527994&group_id=88346
|