[gnutls-devel] GnuTLS | ALPN issue (#951)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat Mar 7 21:37:35 CET 2020

ASoasofoFoInLoveasorr illov commented:

Thanks. Ya.. I understand . But our ISP doing it to some extent , may be for a group of IPs.
I am trying to connect to a HTTPS server ..
I can open it  via Browser or my code using  JAVA HTTPSURLConnection  class . 

But I fail to connect SAME  via GNUTLS C client because I can not properly set ALPN via GNUTLS.
I think ALPN order in CLIENT HELLO message is wrong.

I am attaching two PCAP  files here.  

File -1  - Good . It can connect to server ( using CURL command)
File- 2     Bad - It can not  connect to SAME server ( C code using GNUTLS 3,2,9 )

( please note if I am in different network , the  C client using GNUTLS (without settings ALPN) can open the website without any problem.  )

Can you please check attached PCAPs once.

Only difference I see between two is - TLS Record length. 
Thank you


[2-gnutls-alpn-BAD.pdf](/uploads/82ee8f969fe436ad46d0d08688239e4c/2-gnutls-alpn-BAD.pdf)Thank you

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/951#note_301277740
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200307/060e77fc/attachment.html>

More information about the Gnutls-devel mailing list