[gnutls-devel] GnuTLS | Cannot connect to pop.verizon.net:995 (#997)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat May 23 16:53:53 CEST 2020




rrivers2 commented:


[allow_zero_length_session_tickets.patch](/uploads/26bec94f704ed4f5530703e377d7232b/allow_zero_length_session_tickets.patch)

Daiki,

Will Ubuntu upgrade the version of GnuTLS in 18.04 from 3.5 to 3.6?  If not, I attached a first cut at a patch to allow zero length sessions tickets returned by a server.  It is based on the latest source code from Ubuntu 18.04 in the gnutls28-3.5.18 package.  After the patch is applied gnutls-cli will connect to pop.verizon.net:995 successfully, display the banner and prompt for input:
```
- Handshake was completed

- Simple Client Mode:

+OK Hello from jpop-0.1
```

More testing is needed to make sure that setting priv->session_ticket to NULL and priv->session_ticket_len to 0 doesn't break the rest of the code.

Testing with the current version of OpenSSL on Ubuntu 18.04.4 (1.1.1-1ubuntu2.1~18.04.5) showed that it is able to handle zero length session tickets:

```
openssl s_client -msg -tls1_2 -connect pop.verizon.net:995

<<< TLS 1.2, Handshake [length 000a], NewSessionTicket
    04 00 00 06 00 00 00 3c 00 00
```

It displays the banner and waits for input.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/997#note_347792969
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200523/fd4cc85b/attachment.html>


More information about the Gnutls-devel mailing list