[gnutls-devel] GnuTLS | GNUTLS_ALPN_MANDATORY is enforced in server mode only (#1595)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Fri Oct 18 15:16:57 CEST 2024
Robert Pluim created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1595
## Description of problem:
gnutls_alpn_set_protocols is documented to accept GNUTLS_ALPN_MANDATORY to mean "Require ALPN negotiation", but that flag is only checked when running in server mode, not in client mode.
## Version of gnutls used:
3.7.9
## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Debian
## How reproducible:
Always
Steps to Reproduce:
1. Patch gnutls/src/cli.c to pass GNUTLS_ALPN_MANDATORY in the call to gnutls_alpn_set_protocols
2. Run the modified gnutls-cli: `gnutls-cli --http --port 6666 --alpn=h2` against a gnutls-serv without any alpn flags specified
## Actual results:
Connection succeeds
## Expected results:
*** Fatal error: No common application protocol could be negotiated.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1595
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20241018/e8a04dc6/attachment.html>
More information about the Gnutls-devel
mailing list