Nikos Mavroyanopoulos nmav at gnutls.org
Tue Sep 3 04:14:02 CEST 2002

On Tue, Sep 03, 2002 at 04:52:28AM +0300, Timo Sirainen wrote:

> I'm wondering a bit how I should deal with UNEXPECTED_PACKET_LENGTH errors
> coming from gnutls_record_recv() each time connection is unexpectedly
> terminated (eg. hitting ^C in gnutls-cli).
> Shouldn't gnutls_record_recv() instead just return 0 to indicate that the
> connection was closed? Or is this expected behaviour and I should simply
> ignore all packet length errors?

The TLS layer cannot be closed by the transport layer. Ie you cannot
call close() in a TLS connection before you call gnutls_bye(). This
is to avoid certain kind of attacks. However some browsers and other stuff
tend not to comply with this. RFC2818 (HTTPS), also states this, and
says that you should ignore this kind of errors.

It's up to you, whether you'll be pedantic or not. Gnutls just cannot 
ignore this error.

Nikos Mavroyanopoulos
mailto:nmav at gnutls.org

More information about the Gnutls-help mailing list