[gnutls-devel] GnuTLS | Fix interleaved handshake handling in TLS 1.3 (!708)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Aug 1 14:04:49 CEST 2018

Daiki Ueno commented on a discussion on lib/record.c:

>  	     record_check_version(session, htype, record->version)) < 0)
>  		return gnutls_assert_val(ret);
> -	if (record->length == 0 || record->length > max_record_recv_size(session)) {
> +	/* Checks for empty records are done after decryption, in

That is to distinguish the following cases:
- an empty Handshake message follows an incomplete Handshake message
- an empty Application Data message follows an incomplete Handshake message.

Both cases are error, but the latter should send unexpected_message alert.  Note that under TLS 1.3, all encrypted records have the Application Data content type, and it is not possible to determine the actual content type at this point.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/708#note_91815421
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180801/341f532c/attachment.html>

More information about the Gnutls-devel mailing list