[gnutls-devel] 3.2.2 breaks TLS sockets

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri Jul 26 18:18:17 CEST 2013


On 07/26/2013 05:15 PM, Dan Winship wrote:

>> This patch should fix the issue. If I am correct on the interpretation
>> of the issue, it seems that these particular servers exceed the
>> maximum allowed number of bytes. The %COMPAT keyword should have
>> allowed them nevertheless, and that is what the patch do.
>>
>> Please let me know if that fixes the issue, and if not, if possible
>> let me know of the debugging output.
> 
> After applying that patch, I could no longer reproduce the bug. And
> adding some more debug showed a case where t.size was 18432 but
> MAX_RECORD_RECV_SIZE was 16384. So it looks like your interpretation is
> right.

Thank you Dan and also Mark for trying that patch out. I've committed
the fix to master, and I'll roll out a release one of the next few days.

regards,
Nikos

PS. It is interesting to know that this type of broken server is so
widespread.




More information about the Gnutls-devel mailing list