GnuTLS Re-Handshake Fails
Nikos Mavrogiannopoulos
nmav at gnutls.org
Mon May 23 21:51:24 CEST 2011
On 05/23/2011 07:24 PM, Dash Shendy wrote:
> What is your server and what options do you have? Why do you do
> rehandshake in the first place?
>>>> I was just testing the re-handshaking, that's all really, is
>>>> that the way you test it? do I need an extra flag?
> The server closed the session for some reason. Your server log might
> have more information. But don't just post logs, explain what you are
> doing.
>>>> I was just testing to see that everything works and I thought
>>>> I'd let you know about this error, just being a good netizen.
>>>> My main issue is actually that weird compression error, I've
>>>> been tearing my hair-out re-compiling my lamp stack trying to
>>>> fix it:)
Ok, so did you modify gnutls-cli to perform a rehandshake? Is that the
case? HTTPS servers do not really support re-handshake (there is no
real reason to), except for when they initiate it. mod_gnutls at least
should behave like that. That is because the prominent reason to
initiate a rehandshake is to upgrade credentials (i.e. require the
client to send his certificate).
So what you see is actually mod_gnutls closing your session because
you asked for rehandshake. If you request a URL that requires client
authentication is would ask for rehandshake by itself.
regards,
Nikos
More information about the Gnutls-help
mailing list