[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: TLS 1.2 server
From: |
Simon Josefsson |
Subject: |
Re: TLS 1.2 server |
Date: |
Thu, 01 Oct 2009 13:51:09 +0200 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) |
Daiki Ueno <address@hidden> writes:
>>>>>> In <address@hidden>
>>>>>> Simon Josefsson <address@hidden> wrote:
>> >> The x509self self-test started failing, and it may be TLS 1.2 related.
>> >> Can you take a look?
>> >
>> > Sure, but I couldn't reproduce the failure. What architecture did you
>> > run the test on?
>
>> Debian x86.
>
> I'm now able to reproduce it on x86. I wonder why this is not the case
> on amd64.
>
>> >> ==12233== Invalid read of size 4
>> >> ==12233== at 0x40479CC: _gnutls_hash_deinit (gnutls_hash_int.c:172)
>> >> ==12233== by 0x4058683: _gnutls_tls_sign_hdata (gnutls_sig.c:157)
>
> It should be fixed with:
> http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=01c50c13f7e7a1d676451015ef66c95511d1d734
>
> That was actually my mistake - when I changed the underlying hash
> function from SHA-1 to SHA256, I forgot to increase the buffer size of
> internal hash values.
Thanks!
I'll do a release shortly, so we can more easily test how TLS 1.2 works
in some real applications now that it is the default.
/Simon
- Re: TLS 1.2 server,
Simon Josefsson <=