<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=utf-8" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<p class="details" style="font-style: italic; color: #777777;">

<a href="https://gitlab.com/nmav">Nikos Mavrogiannopoulos</a>

commented on a discussion

on <a href="https://gitlab.com/gnutls/gnutls/merge_requests/806#note_117467884">lib/constate.c</a>:

</p>

<table>

<tr class="line_holder" id="">

<td class="diff-line-num old_line" data-linenumber="743" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

743

</td>

<td class="diff-line-num new_line" data-linenumber="743" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

743

</td>

<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC743" class="line" lang="c"><span class="cp" style="color: #999; font-weight: 600;">          dst->prf = src->prf; \</span></span>

</pre>

</td>

</tr>

<tr class="line_holder" id="">

<td class="diff-line-num old_line" data-linenumber="744" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

744

</td>

<td class="diff-line-num new_line" data-linenumber="744" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

744

</td>

<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC744" class="line" lang="c"><span class="cp" style="color: #999; font-weight: 600;">          dst->grp = src->grp; \</span></span>

</pre>

</td>

</tr>

<tr class="line_holder" id="">

<td class="diff-line-num old_line" data-linenumber="745" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

745

</td>

<td class="diff-line-num new_line" data-linenumber="745" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

745

</td>

<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC745" class="line" lang="c"><span class="cp" style="color: #999; font-weight: 600;">          dst->pversion = src->pversion; \</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="diff-line-num new old_line" data-linenumber="746" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="diff-line-num new new_line" data-linenumber="746" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

746

</td>

<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC746" class="line" lang="c"><span class="cp" style="color: #999; font-weight: 600;">          dst->client_ctype = src->client_ctype; \</span></span>

</pre>

</td>

</tr>

</table>

<div>

<p dir="auto">Thanks for that, I remembered we had discussed it but had lost the details. It seems that we didn't have a test for certificate types and resumption it and it never worked. Now when resuming under TLS1.3 the certificate type is changed from the default X509 to zero. That is, while the copy from resumed parameters to active session is done, the negotiated parameters are not stored in the resumed parameters when packing; and this copy that I replaced was actually setting a certificate type of zero. This made applications like lftp when using gnutls 3.6.4 to fail due to an unexpected certificate type when checking it on a resumed session. That's why I'm reverting that change and ensure that we test the expected behavior in terms of certificate type.</p>

<p dir="auto">Given that the intended use never worked, we should correctly fix it on the rfc7250, and also add a test which guarrantees that certificate types are correctly seen when resuming a session.</p>

</div>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777777;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/merge_requests/806#note_117467884">view it on GitLab</a>.

<br>

You're receiving this email because of your account on gitlab.com.

If you'd like to receive fewer emails, you can

<a href="https://gitlab.com/sent_notifications/8325c42576b1914a91a750c15a969e20/unsubscribe">unsubscribe</a>

from this thread or

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Merge request","url":"https://gitlab.com/gnutls/gnutls/merge_requests/806#note_117467884"}}</script>

</p>

</div>

</body>

</html>