[gnutls-devel] GnuTLS | Connection problems with older servers (record packet with invalid length was received) (#811)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Sat Aug 3 08:02:11 CEST 2019
Nikos Mavrogiannopoulos commented:
Thank you. I tried to reproduce with 2.12.24, and I could not. It's a pitty ubuntu never updated to that version.
The issue is that we moved to a more precise maximum record size calculation but that did not include the random padding possibility. Most likely we need to enhance `_gnutls_record_overhead` to account for it in CBC modes. We also miss backwards interoperability tests which could have prevented that. However, I'm not sure how easy would be to introduce them due to conflicting dependencies.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/811#note_199751636
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190803/abd6d4ea/attachment.html>
More information about the Gnutls-devel
mailing list