serverhello refused by openssl

Nikos Mavrogiannopoulos nmav at
Thu Sep 8 00:03:12 CEST 2011

On 09/07/2011 07:39 PM, J. Cameijo Cerdeira wrote:
> Hello, I was able to connect to a server (it uses gnu libmicrohttpd)
> until I've upgraded to gnutls 3.0.2. since then openssl based clients
> (old versions 0.9.7g and 0.9.8c) started failing with
> SSL3_GET_SERVER_HELLO:bad packet length. libmicrohttpd uses a
> "NORMAL" priority string. tried changing that to NORMAL:%COMPAT to no
> avail. It's probably a bug in openssl but I'd like someone could
> enlighten me.

Thanks for reporting it. Does the attached patch solve the issue? It
seems we sent an extension structure of size zero and that particular
version of openssl didn't like it. With the patch we do not send a zero
size extension structure.

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: patch.txt
URL: </pipermail/attachments/20110908/29058ebd/attachment.txt>

More information about the Gnutls-devel mailing list