Hi ports, Hi Antoine, After upgrading gnutls on a current system to its latest release and restarting a daemon using GnuTLS to serve a TLS server, I experienced rejected connections with "error -24 Decryption has failed."
To be precise, I am using a WeeChat Relay with TLS transport encryption, which worked fine until updating WeeChat to its latest release and GnuTLS as well. The now failing function is gnutls_handshake(3). Setting GNUTLS_DEBUG_LEVEL exposed lots of errors, starting with some generic TLS 1.3 issues. After fiddling with "openssl s_client" to start a TLS 1.2 session, it manually worked. Later I altered GnuTLS' priority string to disallow TLS 1.2, but now it failed due to some ciphers. This issue is not related to WeeChat, as gnutls-serv(1) shows. This tool comes with GnuTLS and has, for example, a built in HTTPS server. While creating the certificates and starting the server still works, establishing a TLS connection now becomes tricky. $ gnutls-serv \ --http \ --x509cafile x509-ca.pem \ --x509keyfile x509-server-key.pem \ --x509certfile x509-server.pem \ --priority SECURE256:-VERS-TLS1.3 \ -d 9999 2> out While using openssl s_client or curl works, trying Firefox results in the same error I am experiencing with WeeChat when using the Android companion app. For example, the debug log contains multiple ASSERT messages: > |<5>| REC[0xba132f88000]: SSL 3.3 Handshake packet received. Epoch 1, length: > 32 > |<5>| REC[0xba132f88000]: Expected Packet Handshake(22) > |<5>| REC[0xba132f88000]: Received Packet Handshake(22) with length: 32 > |<10>| READ: Got 32 bytes from 0x5 > |<10>| READ: read 32 bytes from 0x5 > |<10>| RB: Have 5 bytes into buffer. Adding 32 bytes. > |<10>| RB: Requested 37 bytes > |<3>| ASSERT: cipher.c[wrap_nettle_cipher_aead_decrypt]:1513 > |<3>| ASSERT: cipher.c[decrypt_packet]:614 > |<3>| ASSERT: cipher.c[_gnutls_decrypt]:138 > |<3>| ASSERT: record.c[_gnutls_recv_in_buffers]:1464 > |<0xba132f88000>| Discarded message[0] due to invalid decryption Just to make sure, I have installed gnutls on an OpenBSD 7.6 server and redid the experiment. There, no such issues happened and Firefox was able to serve the example page via HTTPS (after ignoring cert warnings). I am a bit puzzled if this an GnuTLS error or more likely due to some OpenBSD specifics. If anyone has some ideas or know where to look closer, I am grateful. Thanks! Best, Alvar [0]: https://gnutls.org/manual/html_node/gnutls_002dserv-Invocation.html
