[gnutls-devel] GnuTLS | With TLS 1.3 enabled, gnutls_handshake() succeeds in client when client fails to send required certificate (#615)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat Nov 17 16:32:41 CET 2018

>From your documentation of GNUTLS_AUTO_REAUTH:

"""This must be enabled with GNUTLS_POST_HANDSHAKE_AUTH for TLS1.3, and it requires to restore interrupted calls to gnutls_record_recv() based on the output of gnutls_record_get_direction() , i.e., gnutls_record_recv() could also be interrupted when sending when this flag is enabled."""

So if `gnutls_record_recv()` is interrupted and `gnutls_record_get_direction()` returns 1 (trying to write data) I have to next call `gnutls_record_send()` instead of restoring the call to `gnutls_record_recv()`? Not sure that's easier. (Also we can't use `gnutls_record_get_direction()` because we do unfortunately support reading and writing simultaneously on separate threads.)

Seems much easier to handle reauth manually.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/615#note_117997619
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181117/c2a90e9c/attachment-0001.html>

More information about the Gnutls-devel mailing list