[Help-gnutls] Re: gnutls_record_send() problem
laurent.birtz at kryptiva.com
Wed Jan 23 19:05:16 CET 2008
Simon Josefsson wrote:
> I can reproduce this. The reason is this: The server is waiting for the
> client to send something, which it echoes back, but since the client
> never sends anything (a zero string is no data) the server never
> responds, and the client is stuck waiting for input from the server.
Yes, both processes are blocked for reading.
> The gnutls_record_send function takes a buffer and a length indicator,
> so the first seems OK to me. The latter would be incorrect, 'ret' is
> used as the return value in that function, not a length indicator.
> Maybe you could clarify what change you are thinking of?
Well, calling strlen() on a buffer received from a client is a
security hole (I guess it's OK in the case of an example). In
this context 'ret' is the number of bytes read by
gnutls_record_recv(), so it is a length indicator. I assume
strlen() was used to avoid counting the terminating 0.
> I can't reproduce this. Are you using the verbatim example source code?
> Below is what 'valgrind ./ex-client1' prints for me when ex-serv-anon is
I guess it depends on other factors than just the version of
GnuTLS. The problem is gone in the latest version.
More information about the Gnutls-help