[gnutls-devel] GnuTLS | Unexpected TLS packet during handshake with Twitter.com (#841)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Oct 2 17:06:08 CEST 2019

Tim Rühsen commented:

The second (failing) connect uses the previously received session data (TLS Session Resumption).

As the assert in the log file says, GnuTLS expects to see ChangeCipherSpec, but in fact the server delivers in this order
Handshake Protocol: New Session Ticket
Change Cipher Spec Protocol: Change Cipher Spec
Handshake Protocol: Encrypted Handshake Message
(see packet #33 in the pcap file)

GnuTLS 3.6.9 dislikes this. It's time to call @nmav who is into the details of the TLS protocols. Is the server's message is in the specs or should GnuTLS be more flexible here ?

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/841#note_225110002
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191002/17c430ee/attachment-0001.html>

More information about the Gnutls-devel mailing list