safe renegotiation bug?

Simon Josefsson simon at josefsson.org
Sat May 22 22:38:54 CEST 2010


Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:

> Simon Josefsson wrote:
>> I have added tests/safe-renegotiation/srn5.c in which a client with
>> support for safe reneg connect to a server without support for safe
>> reneg.  The handshake succeeds (as expected), however the call to
>> gnutls_safe_renegotiation_status in the server, after the handshake,
>> indicates that the session is using safe renegotiation -- this seems
>> like a bug to me.  Nikos/Steve, could you take a look?
>
> Should be ok now. I get aborts in the srn5 but they seem intended?

I fixed that now -- however it seems there is another problem, now the
rehandshake succeeds against a server that doesn't support safe
renegotiation.  The second handshake in srn5 should fail, shouldn't it?

/Simon




More information about the Gnutls-devel mailing list