[gnutls-devel] gnutls_record_send after incomplete gnutls_handshake sends data unencrypted

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Jan 18 13:53:15 CET 2017


On Mon, Jan 2, 2017 at 10:41 AM, Nikos Mavrogiannopoulos
<nmav at gnutls.org> wrote:
> Thank you. That's certainly something to be addressed at least in the
> new 3.6.x branch. I've created an issue on the gitlab interface:
> https://gitlab.com/gnutls/gnutls/issues/158
>
> I'm wondering however, whether this could have side-effects, i.e.,
> whether some existing program relied on that behavior to send TLS
> application data records prior to handshake being complete.

A fix is available at:
https://gitlab.com/gnutls/gnutls/merge_requests/228

regards,
Nikos



More information about the Gnutls-devel mailing list