[gnutls-devel] GnuTLS | DTLS 1.2 Hello Verify Request from coaps Server ignored by libcoap client with GnuTLS (#960)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Mar 27 17:14:37 CET 2020
Stefan Bühler commented:
Wtf. I "just" (13:25 UTC :) ) noticed the zeroed random when watching openconnect, and though about opening a private issue - seems security relevant.
Attached patch should fix the zero random, and also prevent creating a new random on retry.
[0001-dtls-client-hello-fix-zeroed-random.patch](/uploads/0eb6f33a4592089b75b7f91a7800d359/0001-dtls-client-hello-fix-zeroed-random.patch)
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/960#note_312917741
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200327/6d642a19/attachment-0001.html>
More information about the Gnutls-devel
mailing list