From tss at iki.fi  Mon Sep  2 21:53:02 2002
From: tss at iki.fi (Timo Sirainen)
Date: Mon Sep  2 21:53:02 2002
Subject: [Help-gnutls] UNEXPECTED_PACKET_LENGTH errors
Message-ID: <20020903015228.GK7534@irccrew.org>

I'm wondering a bit how I should deal with UNEXPECTED_PACKET_LENGTH errors
coming from gnutls_record_recv() each time connection is unexpectedly
terminated (eg. hitting ^C in gnutls-cli).

Shouldn't gnutls_record_recv() instead just return 0 to indicate that the
connection was closed? Or is this expected behaviour and I should simply
ignore all packet length errors?





From nmav at gnutls.org  Tue Sep  3 04:14:02 2002
From: nmav at gnutls.org (Nikos Mavroyanopoulos)
Date: Tue Sep  3 04:14:02 2002
Subject: [Help-gnutls] UNEXPECTED_PACKET_LENGTH errors
In-Reply-To: <20020903015228.GK7534@irccrew.org>
References: <20020903015228.GK7534@irccrew.org>
Message-ID: <20020903074736.GA927@gnutls.org>

On Tue, Sep 03, 2002 at 04:52:28AM +0300, Timo Sirainen wrote:

> I'm wondering a bit how I should deal with UNEXPECTED_PACKET_LENGTH errors
> coming from gnutls_record_recv() each time connection is unexpectedly
> terminated (eg. hitting ^C in gnutls-cli).
> Shouldn't gnutls_record_recv() instead just return 0 to indicate that the
> connection was closed? Or is this expected behaviour and I should simply
> ignore all packet length errors?

The TLS layer cannot be closed by the transport layer. Ie you cannot
call close() in a TLS connection before you call gnutls_bye(). This
is to avoid certain kind of attacks. However some browsers and other stuff
tend not to comply with this. RFC2818 (HTTPS), also states this, and
says that you should ignore this kind of errors.

It's up to you, whether you'll be pedantic or not. Gnutls just cannot 
ignore this error.

-- 
Nikos Mavroyanopoulos
mailto:nmav at gnutls.org