[gnutls-devel] GnuTLS | Update session_ticket.c to add support for zero length session tickets returned from the server (!1260)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed May 27 19:43:15 CEST 2020




Andreas Metzler commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1260#note_350255352

@rrivers2 wrote

> @ametzler I believe the issue is related to older versions of GnuTLS. The version I was using was 3.5.18 included with Ubuntu 18.04.4. Another user on the launchpad bug report stated that Debian 9 has the same issue but didn't report the version of GnuTLS.
> 
> I think the 3.6 branch uses TLS1.3 which the server returns a valid session ticket and isn't an issue. It is only with older versions that use TLS1.2 and below that the server returns the zero length session ticket and the problem exists.

I see, thanks. Disabling TLS1.3 makes the issue reproducible even on 3.6.13:
~~~
ametzler at argenau:~$ gnutls-cli --priority=NORMAL:-VERS-TLS1.3 pop.verizon.net:995
[...]
- Status: The certificate is trusted.
*** Fatal error: Internal error in memory allocation.
~~~

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1260#note_350255352
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200527/1b43d596/attachment.html>


More information about the Gnutls-devel mailing list