gnutls 2.10.5-2 and 2.12.7-1 on ARM are failing with PSK
Hardy Griech
ntbox at mardys.de
Thu Jul 7 12:17:02 UTC 2011
Hi,
my ARM hardware is a NAS with a Marvell Kirkwood processor. I'm using a
modified version of libapache2-mod-gnutls to allow
PSK_SHA_AES_128_CBC_SHA1 for TLS.
After updating gnutls from 2.10.5-1 to 2.10.5-2 PSK stopped working. It
stated in the log "GnuTLS: Handshake Failed (-24) 'Decryption has failed.'".
Upgrading to 2.12.7-1 also did not help.
2.12.7-1 works with the modified libapache2-mod-gnutls on an i386 box.
Testing connections with gnutls-serv and gnutls-cli showed, that
gnutls-serv on the ARM platform did not work, while the client does. On
the PC platform both worked.
Fetching gnutls from gnu.org, compiling and installing it (on
/usr/local) gave me a working PSK configuration with apache on the ARM box.
So my diagnosis is, that libgnutls on ARM is somehow broken.
Anybody else? Anything I can test?
Hardy
More information about the Pkg-gnutls-maint
mailing list