Advertisement
Guest User

Untitled

a guest
Feb 15th, 2010
169
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.39 KB | None | 0 0
  1. mime@kira:~ % gnutls-cli-debug -p 5556 192.168.2.4
  2. Resolving '192.168.2.4'...
  3. Connecting to '192.168.2.4:5556'...
  4. Checking for TLS 1.1 support... no
  5. Checking fallback from TLS 1.1 to... TLS 1.0
  6. Checking for TLS 1.0 support... yes
  7. Checking for SSL 3.0 support... yes
  8. Checking for HTTPS server name... not checked
  9. Checking for version rollback bug in RSA PMS... yes
  10. Checking for version rollback bug in Client Hello... no
  11. Checking whether we need to disable TLS 1.0... N/A
  12. Checking whether the server ignores the RSA PMS version... no
  13. Checking whether the server can accept Hello Extensions... yes
  14. Checking whether the server can accept cipher suites not in SSL 3.0 spec... no
  15. Checking whether the server can accept a bogus TLS record version in the client hello... no
  16. Checking for certificate information... N/A
  17. Checking for trusted CAs... N/A
  18. Checking whether the server understands TLS closure alerts... partially
  19. Checking whether the server supports session resumption... yes
  20. Checking for export-grade ciphersuite support... yes
  21. Checking RSA-export ciphersuite info... N/A
  22. Checking for anonymous authentication support... no
  23. Checking anonymous Diffie-Hellman group info... N/A
  24. Checking for ephemeral Diffie-Hellman support... no
  25. Checking ephemeral Diffie-Hellman group info... N/A
  26. Checking for AES cipher support (TLS extension)... no
  27. Checking for CAMELLIA cipher support (TLS extension)... no
  28. Checking for 3DES cipher support... no
  29. Checking for ARCFOUR 128 cipher support... no
  30. Checking for ARCFOUR 40 cipher support... yes
  31. Checking for MD5 MAC support... yes
  32. Checking for SHA1 MAC support... no
  33. Checking for LZO compression support (GnuTLS extension)... no
  34. Checking for max record size (TLS extension)... no
  35. Checking for SRP authentication support (TLS extension)... yes
  36. Checking for OpenPGP authentication support (TLS extension)... no
  37. mime@kira:~ %
  38. mime@kira:~ % gnutls-cli -p 5556 192.168.2.4 -d 4711 -V
  39. Resolving '192.168.2.4'...
  40. Connecting to '192.168.2.4:5556'...
  41. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
  42. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1
  43. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
  44. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1
  45. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
  46. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1
  47. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1
  48. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1
  49. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1
  50. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
  51. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
  52. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1
  53. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1
  54. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1
  55. |<3>| HSK[0x8063c60]: Keeping ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1
  56. |<3>| HSK[0x8063c60]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1
  57. |<3>| HSK[0x8063c60]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1
  58. |<3>| HSK[0x8063c60]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1
  59. |<3>| HSK[0x8063c60]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1
  60. |<3>| HSK[0x8063c60]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1
  61. |<3>| HSK[0x8063c60]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1
  62. |<3>| HSK[0x8063c60]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
  63. |<3>| HSK[0x8063c60]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1
  64. |<3>| HSK[0x8063c60]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
  65. |<3>| HSK[0x8063c60]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1
  66. |<3>| HSK[0x8063c60]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
  67. |<3>| HSK[0x8063c60]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
  68. |<3>| HSK[0x8063c60]: Keeping ciphersuite: RSA_ARCFOUR_MD5
  69. |<3>| HSK[0x8063c60]: Keeping ciphersuite: PSK_SHA_AES_128_CBC_SHA1
  70. |<3>| HSK[0x8063c60]: Keeping ciphersuite: PSK_SHA_AES_256_CBC_SHA1
  71. |<3>| HSK[0x8063c60]: Keeping ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1
  72. |<3>| HSK[0x8063c60]: Keeping ciphersuite: PSK_SHA_ARCFOUR_SHA1
  73. |<3>| HSK[0x8063c60]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1
  74. |<3>| HSK[0x8063c60]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1
  75. |<3>| HSK[0x8063c60]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1
  76. |<2>| EXT[0x8063c60]: Sending extension CERT_TYPE
  77. |<2>| EXT[0x8063c60]: Sending extension SERVER_NAME
  78. |<3>| HSK[0x8063c60]: CLIENT HELLO was send [124 bytes]
  79. |<6>| BUF[HSK]: Peeked 0 bytes of Data
  80. |<6>| BUF[HSK]: Emptied buffer
  81. |<4>| REC[0x8063c60]: Sending Packet[0] Handshake(22) with length: 124
  82. |<2>| ASSERT: gnutls_cipher.c:204
  83. |<7>| WRITE: Will write 129 bytes to 0x4.
  84. |<7>| WRITE: wrote 129 bytes to 0x4. Left 0 bytes. Total 129 bytes.
  85. |<7>| 0000 - 16 03 02 00 7c 01 00 00 78 03 02 4b 79 a9 49 42
  86. |<7>| 0001 - 09 c6 86 f7 27 5f 1d a2 42 38 a1 17 08 47 96 29
  87. |<7>| 0002 - 53 dd ec c2 22 35 dd a5 88 bc 8d 00 00 34 00 33
  88. |<7>| 0003 - 00 45 00 39 00 88 00 16 00 32 00 44 00 38 00 87
  89. |<7>| 0004 - 00 13 00 66 00 90 00 91 00 8f 00 8e 00 2f 00 41
  90. |<7>| 0005 - 00 35 00 84 00 0a 00 05 00 04 00 8c 00 8d 00 8b
  91. |<7>| 0006 - 00 8a 01 00 00 1b 00 09 00 03 02 00 01 00 00 00
  92. |<7>| 0007 - 10 00 0e 00 00 0b 31 39 32 2e 31 36 38 2e 32 2e
  93. |<7>| 0008 - 34
  94. |<4>| REC[0x8063c60]: Sent Packet[1] Handshake(22) with length: 129
  95. |<7>| READ: Got 5 bytes from 0x4
  96. |<7>| 0000 - 15 03 01 00 02
  97. |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
  98. |<7>| RB: Requested 5 bytes
  99. |<4>| REC[0x8063c60]: Expected Packet[0] Handshake(22) with length: 1
  100. |<4>| REC[0x8063c60]: Received Packet[0] Alert(21) with length: 2
  101. |<7>| READ: Got 2 bytes from 0x4
  102. |<7>| READ: read 2 bytes from 0x4
  103. |<7>| 0000 - 02 28
  104. |<7>| RB: Have 5 bytes into buffer. Adding 2 bytes.
  105. |<7>| RB: Requested 7 bytes
  106. |<2>| ASSERT: gnutls_cipher.c:204
  107. |<4>| REC[0x8063c60]: Decrypted Packet[0] Alert(21) with length: 2
  108. |<4>| REC[0x8063c60]: Alert[2|40] - Handshake failed - was received
  109. |<2>| ASSERT: gnutls_record.c:695
  110. |<2>| ASSERT: gnutls_record.c:1048
  111. |<2>| ASSERT: gnutls_buffers.c:1032
  112. |<2>| ASSERT: gnutls_handshake.c:1045
  113. |<2>| ASSERT: gnutls_handshake.c:2364
  114. |<6>| BUF[HSK]: Cleared Data from buffer
  115. *** Fatal error: A TLS fatal alert has been received.
  116. *** Received alert [40]: Handshake failed
  117. *** Handshake has failed
  118. GNUTLS ERROR: A TLS fatal alert has been received.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement