[Help-gnutls] Re: help troubleshooting "TLS packet with unexpected length was received" error
Simon Josefsson
simon at josefsson.org
Mon Mar 23 17:09:58 CET 2009
Brad Fritz <brad-gnutls at fritzfam.com> writes:
> I am able to reproduce the problem using gnutls-cli v2.6.4 built from
> source:
>
> ./src/gnutls-cli -d 4711 --x509cafile /usr/share/ca-certificates/mozilla/ValiCert_Class_2_VA.crt api.smugmug.com
The server is buggy, it does not handle MAC padding correctly, since
this appears to work:
gnutls-cli -d 4711 --x509cafile /usr/share/ca-certificates/mozilla/ValiCert_Class_2_VA.crt api.smugmug.com --priority NORMAL:%COMPAT
The %COMPAT keyword disables MAC padding. You can read about it here:
http://www.gnu.org/software/gnutls/manual/html_node/On-Record-Padding.html
/Simon
More information about the Gnutls-help
mailing list