[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Another renegotiation patch
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: Another renegotiation patch |
Date: |
Fri, 26 Feb 2010 19:03:56 +0100 |
User-agent: |
Thunderbird 2.0.0.23 (X11/20090817) |
Tomas Hoger wrote:
> Related to this... gnutls-cli currently does not break connection and
> exit when handshake error occurs during server-requested renegotiation
> (check_rehandshake() only prints rehandshake result).
>
> This can be tested as:
>
> $ gnutls-cli -p 666 ssltls.de
> ...
> - Simple Client Mode:
>
> GET /otherciphers/ HTTP/1.0
>
> *** Non fatal error: Rehandshake was requested by the peer.
> *** Received rehandshake request
> *** Fatal error: Safe renegotiation failed.
> *** Rehandshake Failed.
>
> No handshake_failure alert is sent, connection is not terminated.
Hi thanks for the report. Does the attached patch fix the issue for you?
regards,
Nikos
diff --git a/src/cli.c b/src/cli.c
index f6cb99f..55888af 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -1035,6 +1035,11 @@ do_handshake (socket_st * socket)
socket->secure = 1;
}
+ else
+ {
+ gnutls_alert_send_appropriate(socket->session, ret);
+ shutdown (socket->fd, SHUT_RDWR);
+ }
return ret;
}
- Re: Another renegotiation patch, Simon Josefsson, 2010/02/18
- Re: Another renegotiation patch, Tomas Hoger, 2010/02/18
- Re: Another renegotiation patch, Simon Josefsson, 2010/02/18
- Re: Another renegotiation patch, Tomas Hoger, 2010/02/18
- Re: Another renegotiation patch, Nikos Mavrogiannopoulos, 2010/02/21
- Re: Another renegotiation patch, Tomas Hoger, 2010/02/24
- Re: Another renegotiation patch, Tomas Hoger, 2010/02/25
- Re: Another renegotiation patch,
Nikos Mavrogiannopoulos <=
- Re: Another renegotiation patch, Tomas Hoger, 2010/02/27
- Re: Another renegotiation patch, Nikos Mavrogiannopoulos, 2010/02/26
- Re: Another renegotiation patch, Tomas Hoger, 2010/02/27