NTBTLS: ignoring ALERT

NIIBE Yutaka gniibe at fsij.org
Mon Jan 16 09:07:01 CET 2017


While testing NTBTLS with the keyserver hufu.ki.iif.hu, I encounter the
issue of:

    https://tls.mbed.org/discussions/bug-report-issues/mishandling-of-non-fatal-alerts-client-side

When I use following patch, it works for me.

diff --git a/src/protocol.c b/src/protocol.c
index 8e0fca5..50fa787 100644
--- a/src/protocol.c
+++ b/src/protocol.c
@@ -1529,6 +1529,7 @@ _ntbtls_read_record (ntbtls_t tls)
 
   tls->in_hslen = 0;
 
+ read_record_header:
   /*
    * Read the record header and validate it
    */
@@ -1718,6 +1719,9 @@ _ntbtls_read_record (ntbtls_t tls)
           debug_msg (2, "is a close notify message");
           return gpg_error (GPG_ERR_CLOSE_NOTIFY);
         }
+
+      tls->in_left = 0;
+      goto read_record_header;
     }
 
   tls->in_left = 0;
-- 



More information about the Gnupg-devel mailing list