[Issues] [mod_gnutls 0000059]: mod_gnutls sending unrecognized alert description code

issues at outoforder.cc issues at outoforder.cc
Wed Jun 28 22:32:47 EDT 2006 

A NOTE has been added to this issue. 
====================================================================== 
http://issues.outoforder.cc/view.php?id=59 
====================================================================== 
Reported By:                Nelson B
Assigned To:                
====================================================================== 
Project:                    mod_gnutls
Issue ID:                   59
Category:                   SSL/TLS Standards Issue
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     new
Apache Version:             unspecified 
====================================================================== 
Date Submitted:             03-28-2006 04:36 EST
Last Modified:              06-28-2006 22:32 EDT
====================================================================== 
Summary:                    mod_gnutls sending unrecognized alert description
code
Description: 
I've been testing seamonkey + NSS + SNI extension support against 
https://sni.corelands.com/ (a.k.a {one,two,three,four}.sni.corelands.com.

I've found that if the handshake doesn't complete in just a couple
seconds, the server sends a "fatal" TLS ALERT record bearning the 
description code 0xCE.  0xCE is not a known alert description in any
TLS RFC or ID that I've found.  Whassup with that?

====================================================================== 

---------------------------------------------------------------------- 
 chip - 03-29-06 09:51  
---------------------------------------------------------------------- 
I haven't been able to reproduce this using Opera.  Can you post the patch
that you are using for mozilla?

I also upgraded the sni test server to gnutls 1.3.5 last night....
Hopefully I can get around to creating updated certificates soon. 

---------------------------------------------------------------------- 
 Nelson B - 06-28-06 22:32  
---------------------------------------------------------------------- 
sni.corelands.com:443 now seems to be behaving as an http (not https)
server,
sending out an html page in response to any SSL3/TLS client hello. 
I hope it will come back to being an sni test page, even if it continues 
to use expired certs. 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
03-28-06 04:36  Nelson B       New Issue                                    
03-28-06 04:36  Nelson B       Apache Version            => unspecified     
03-29-06 09:51  chip           Note Added: 0000066                          
06-28-06 22:32  Nelson B       Note Added: 0000080                          
======================================================================

More information about the Issues mailing list