Re: ssl connection issues

[Michael Blumenkrantz]

On Tue, 28 Sep 2010 17:56:30 +0200
Nikos Mavrogiannopoulos <address@hidden> wrote:

> On 09/28/2010 11:43 AM, Michael Blumenkrantz wrote:
> 
> > Which code specifically is old?  Should I be using
> > gnutls_priority_set_direct now instead of the other priority functions?
> 
> That's what I noticed. Probably other functions as well. Check the examples.
> 
> 
> regards,
> Nikos
> 
> 
> 
I have read through the examples and tested using my code.  It functions fine,
though I took your advice and migrated to newer priority strings.  It seems
that I may have found a gnutls bug in handshaking, however, though I will
reserve judgment on that until I have investigated further.  The bug seems to
be if you are doing async connections, you cannot call gnutls_handshake with a
very small amount of data in the buffer or else the handshake will fail with an
error.  Specifically, I find this occurring while receiving data (as a client)
for a session ticket.

I have so far found this to be the case by briefly pausing execution of my
program just before the gnutls_handshake() call where it would be reading from
the file descriptor so that more data can accumulate, and then continuing.  The
handshake completes as expected, where it would have failed if running at
normal speed.

Is it possible that there is a bug like this?

-- 
Mike Blumenkrantz
Zentific: Our boolean values are huge.