[gnutls-devel] BUG: Cannot connect with non-blocking OS to OCSP stapling-enabled (CERTIFICATE STATUS) server
nmav at gnutls.org
Tue Jan 7 09:30:46 CET 2014
On Mon, Jan 6, 2014 at 3:30 PM, Nils Maier <testnutzer123 at gmail.com> wrote:
> Affected: Likely all GnuTLS versions supporting OCSP stapling. Tested
> with 3.1.18 and 3.2.8.
> - Program client using non-blocking sockets. Or if you're lazy, use
> aria2, where we discovered this.
> Or wget master, which is affected as well, or something like that.
Thank you. The fix seems correct and I'll apply it. As a work-around you
may call gnutls_init() with the GNUTLS_NO_EXTENSIONS flag (when defined).
The side effect would be to disable the OCSP status extension and the
session ticket extension being enabled by default.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel