Re: TLS 1.3 support in 'gsasl' CLI tool

help-gsasl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TLS 1.3 support in 'gsasl' CLI tool

From:	Simon Josefsson
Subject:	Re: TLS 1.3 support in 'gsasl' CLI tool
Date:	Thu, 24 Dec 2020 09:13:56 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)

Simon Josefsson <help-gsasl@gnu.org> writes:

> Enrico Scholz <enrico.scholz@sigma-chemnitz.de> writes:
>
>> Hello,
>>
>> when speaking with TLS 1.3 servers, gnutls_record_recv() returns
>> GNUTLS_E_AGAIN which is interpreted as an error by 'gsasl' and
>> communication is aborted then.
>>
>> I fixed it for me in
>>
>>   
>> https://gitlab-ext.sigma-chemnitz.de/ensc/gsasl/-/commit/1729c4438a9d24c3383abf74c17d0e5ee78318c3
>>
>> (which contains an example of such a communication).
>>
>>
>> But patch is on top of other ones which were discussed nine years ago
>> but never applied.
>
> Hi Enrico!  Thanks for the report -- indeed I can reproduce the problem.

And now I finalled installed your patch here:

https://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=864afe39f659ab09e3b25b484dbd67bab15e819c

I modified it slightly to not depend on your earlier patches.  I haven't
been able to reproduce that problem yet.  I will review TLS handling in
the CLI next.

Thanks,
/Simon

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: TLS 1.3 support in 'gsasl' CLI tool, Simon Josefsson <=

Prev by Date: Re: scram-sha-1-plus
Next by Date: GNU SASL 1.9.2 (development version)
Previous by thread: Re: scram-sha-1-plus
Next by thread: GNU SASL 1.9.2 (development version)
Index(es):
- Date
- Thread