[gnutls-devel] gnutls 3.2.3 segfault in _gnutls_epoch_set_keys

Stefan Bühler stbuehler at lighttpd.net
Fri Aug 2 16:20:21 CEST 2013


I think I found the problem:

_gnutls_epoch_set_cipher_suite fails, because my normal priority string
has RC4 disabled; the hello_cb is supposed to enable RC4 for TLS1.0

Although the callback gets called (and sees the correct version and
sets the RC4 priority), _gnutls_epoch_set_cipher_suite still doesn't
accept the RC4 cipher from the ticket state.

The return value of _gnutls_epoch_set_cipher_suite isn't checked by any
of the calling functions... this should probably be fixed (same for
_gnutls_epoch_set_compression and so on).

Also it'd be nice if the hello callback could change the priority :)

More information about the Gnutls-devel mailing list