[gnutls-devel] GnuTLS | gnutls_session_t unsafe to use from multiple threads due to TLS 1.3 rekeying (#1717)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Fri Jul 11 08:03:30 CEST 2025
Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1717#note_2619430349
Thank you for the detailed report. I agree that this should eventually be addressed in GnuTLS with a private locking mechanism, though the record send state transitions are intricate; I suspect that we could utilize the atomic compare-and-swap pattern for that.
As for the workaround, yes, using a ChaCha20-Poly1305 ciphersuite sounds like a good short-term solution, and I can't think of anything else off-hand.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1717#note_2619430349
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250711/3a9d9376/attachment.html>
More information about the Gnutls-devel
mailing list