[gnutls-devel] GnuTLS | ClientHello.legacy_session_id is not set even if middlebox compat mode is enabled in TLS 1.3 (#1074)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Tue Aug 25 11:14:26 CEST 2020

Daiki Ueno created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1074

The RFC suggests that ClientHello.legacy_session_id should be non-empty if TLS 1.3 client supports the middlebox compatibility mode, though GnuTLS client always sends empty session ID while `TLS13_APPENDIX_D4` is defined as 1.  This is because, while the session id is generated in `send_client_hello`, it is not copied to the ClientHello:
#ifdef TLS13_APPENDIX_D4
		if (max_ver->tls13_sem &&
		    session->security_parameters.session_id_size == 0) {

			/* Under TLS1.3 we generate a random session ID to make
			 * the TLS1.3 session look like a resumed TLS1.2 session */
			ret = _gnutls_generate_session_id(session->security_parameters.
			if (ret < 0) {
				goto cleanup;

		/* Copy the Session ID - if any
		ret = _gnutls_buffer_append_data_prefix(&extdata, 8,
		if (ret < 0) {
			goto cleanup;
We probably should set the local variable `session_id_len` and also point to `security_parameters.session_id` rather than `resumed_security_parameters.session_id`.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1074
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200825/2bb1f6e4/attachment.html>

More information about the Gnutls-devel mailing list