[gnutls-devel] Regression in gnutls-3.2.2: server accepts clients without a certificate

Petr Pisar petr.pisar at atlas.cz
Thu Aug 29 15:54:11 CEST 2013


On Thu, Aug 29, 2013 at 02:24:27PM +0300, Nikos Mavrogiannopoulos wrote:
> On Wed, Aug 28, 2013 at 11:18 PM, Petr Pisar <petr.pisar at atlas.cz> wrote:
> 
> > I've found a regression between 3.2.1 and 3.2.2. `gnutls-serv -r' used to
> > refuse TLS clients without a valid certificate, this is not true in GnuTLS
> > 3.2.2 anymore.
> >
> > I tried to find the faulty commit in git tree, but server compiled from the
> > git tag gnutls_3_2_1 behaves differently then the one from 3.2.1 tar ball.
> > I observe the regression with my application that uses GnuTLS library too.
> >
> 
> Thank you for reporting that. I've committed a fix in the repository and
> added a test case to avoid this regression from occurring again.
> 
Thanks for quick fix. I confirm that applying the commit
4aebdbe7d424f2a1705f3751c5fef6f2e5f4e616 to 3.2.3 release fixes the
regression.

BTW, ISO C 99 recognizes `_Bool' type which you could use instead of the
1-bit-long integer bit-fields.

-- Petr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
URL: </pipermail/attachments/20130829/d5881ed8/attachment.sig>


More information about the Gnutls-devel mailing list