TLS Renegotiation problem

Simon Josefsson simon at
Tue Nov 10 12:29:04 CET 2009

Tomas Hoger <thoger at> writes:

> On Tue, Nov 10, 2009 at 09:55:52AM +0100, Simon Josefsson wrote:
>> What other popular servers use GnuTLS?
> CUPS and libvirt(d).  No GNUTLS_E_REHANDSHAKE in their sources, client
> requested renegotiations seem to fail.

Thanks for checking.  So to summarize, so far the following servers
appears to not be affected by this problem when used with GnuTLS:


If the servers are linked with OpenSSL I don't know if they are
vulnerable or not, it would depend on whether OpenSSL perform
renegotiation without application interaction.  So make sure they are
linked to GnuTLS before declaring victory.

I think we now have some evidence to suggest GnuTLS needn't do anything
about this.  It seems any use of rehandshake with GnuTLS is
application-specific and then the answer is probably to fix that
application instead of GnuTLS.  Any more insight or thoughts on this is

What GnuTLS needs to do, though, is to have a discussion of the issue in
the manual where renegotiation is discussed, so application writers are
aware of the problem.


More information about the Gnutls-devel mailing list