|
| From: | tangtong |
| Subject: | RE: Memory leaks are observed for libgnutls in multi-thread mode |
| Date: | Thu, 29 Oct 2009 05:27:52 +0000 |
|
Hi,Nikos I have rebuilt the lib with the latest daily snap shot and the GIT snapshot commited by you, the memory leak and core issue have been resolved. One more question: in your commit comments: "3. In TLS 1.2 when a certificate request is sent, support is not complete. In that case abort the handshake. By checking TLS 1.2 it seems that the algorithms to be used for the signature in the certificate verify message are negotiated not at the client/server hello messages but rather selected by the server at the certificate request. This might not look as bad, but since in this message we have to sign all previous handshake messages, it forces us to keep all the handshake messages into a buffer until this point... I don't know who proposed this change to the TLS WG, but it seems it wasn't really thought of." If client certificate is not needed, the current implemenation can support TLS1.2, right? Regards Tony From: address@hidden To: address@hidden Date: Mon, 26 Oct 2009 01:35:35 +0000 CC: address@hidden; address@hidden Subject: RE: Memory leaks are observed for libgnutls in multi-thread mode Hi,Nikos I have reproduced the core dump with the server/client in the attach. If not using the memory-leak patch, the core will not happen. Regards Tony From: address@hidden To: address@hidden Date: Fri, 23 Oct 2009 14:28:50 +0000 CC: address@hidden; address@hidden Subject: RE: Memory leaks are observed for libgnutls in multi-thread mode Hi,Nikos The server is implemented by myself with gnutls2.9.4 and your patch. To make investigation easy, I will build a simplified server based on gnutls demo server codes and let you know the results later. Regards Tony > Date: Fri, 23 Oct 2009 10:38:20 +0300 > Subject: Re: Memory leaks are observed for libgnutls in multi-thread mode > From: address@hidden > To: address@hidden > CC: address@hidden; address@hidden > > Thanks. However in order to reproduce it I need to know to which > server you connect to and which options does this server use? > > 2009/10/23 tangtong <address@hidden>: > > Hi,Nikos > > > > The gnutls-cli built by me will core when I enable TLS1.2. I think the code > > base I use is a little diffent from what you are using. The following is my > > steps to setup the build enviorment: > > 1)Download a gnutls releaes package 2.8.3 and decompress it; > > 2)Download 2.9.4 snap shot and uncompress it to the directory created in the > > step 1); > > 3)Run patch you provide. > > > > Seems only snapshot of 2.9.4 is not the whole build env, that's why i > > decompress it to a build enviorment of 2.8.3. > > > > Regards > > Tony > > > > > > > > > > > > > > > > > >> Date: Thu, 22 Oct 2009 19:31:02 +0300 > >> From: address@hidden > >> To: address@hidden > >> CC: address@hidden; address@hidden > >> Subject: Re: Memory leaks are observed for libgnutls in multi-thread mode > >> > >> tangtong wrote: > >> > Hi,Nikos > >> > >> > 2)The patch doesn't support > >> > "NONE:+VERS-TLS1.2:+AES-256-CBC:+RSA:+SHA256:+COMP-NULL", I t! hink your > >> > patch disable the tls1.2 support, it will core with the following dump > >> > info: > >> > fe9a2bb8 _gcry_md_copy (ffbff33c, 0, 0, febc6ed0, 14f8, fed3805c) + 4 > >> > feca8dfc _gnutls_hash_copy (ffbff338, 365c4, 0, 0, 0, 0) + 80 > >> > fec9e0fc _gnutls_finished (36180, 2, ffbff440, 1, 6, 0) + 84 > >> > fec9edc0 _gnutls_send_handshake_final (0, 0, 0, e, e, 4) + 128 > >> > feca2548 _gnutls_handshake_common (36180, 0, 10, 4, ffffffe0, ffbff551) > >> > + 30 > >> > feca382c gnutls_handshake (0, 4, 32fc8, 8e8, 17ac, ffbff5c4) + 60 > >> > 000119bc main (1, ffbffa54, ffbffa5c, 22508, 0, 0) + 118 > >> > 000112c8 _start (0, 0, 0, 0, 0, 0) + 5c > >> > >> Can you send me information on how I can reproduce this issue? I can use > >> ./gnutls-cli tls.secg.org --priority > >> "NONE:+VERS-TLS1.2:+AES-128-CBC:+RSA:+DHE-DSS:+SHA256:+COMP-NULL" to > >> connect using TLS1.2 without any issues.> > >> regards, > >> Nikos > > > > ________________________________ > > 全新 Windows 7:寻找最适合您的 PC。 了解详情。 Messenger保护盾2.0,更安全可靠的Messenger聊天! 现在就下载! Messenger保护盾2.0,更安全可靠的Messenger聊天! 现在就下载! 全新 Windows 7:寻找最适合您的 PC。 了解详情。 |
| [Prev in Thread] | Current Thread | [Next in Thread] |