[gnutls-devel] GnuTLS | resume-with-stek-expiration throws a fishy warning (#1181)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Fri Feb 12 18:47:42 CET 2021 


Andreas Metzler created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1181



After 37e54a05221e076ba905d2d53fc7d885dc9e9ebc resume-with-stek-expiration throws a fishy warning but exits with success.

Patching 3.7.0 release with
e0bb98e1f71f94691f600839ff748d3a9f469d3e
09b40be6e0e0a59ba4bd764067eb353241043a70
05ee0d49fe93d8812ef220c7b830c4b3553ac4fd
37e54a05221e076ba905d2d53fc7d885dc9e9ebc
results in something that seems to break resume-with-stek-expiration without triggering an actual error:
~~~
(sid)ametzler at argenau:/tmp/GNUTLS/gnutls-3.7.0/tests$ ./resume-with-stek-expiration --verbose  ; echo $?

[...]
testing tls1.3 resumption

STEK was rotated!
client: Handshake was completed
server: Handshake was completed
client: Success: Session was NOT resumed
server: Success: Session was NOT resumed
STEK was rotated!
client: Handshake was completed
client: Success: Session was resumed
server: Handshake was completed
server: Success: Session was resumed
STEK was rotated!
server: Handshake was completed
server: Success: Session was resumed
client: Handshake was completed
client: Success: Session was resumed
STEK was rotated!
client: Handshake was completed
server: Handshake was completed
server: Success: Session was NOT resumed
resume_and_close:134: client: Session was resumed (but should not)
Self test `./resume-with-stek-expiration' finished with 0 errors
0
~~~

Not the "resume_and_close:134: client: Session was resumed (but should not)".

(I accidentally stumbled over this while cherrypicking, Git HEAD (2ea09dff25c74a4da598efdc62e7d3b42a11727c) does not show the message.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1181
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210212/ab088bbe/attachment-0001.html>

More information about the Gnutls-devel mailing list