[Issues] [mod_gnutls 0000059]: mod_gnutls sending unrecognized alert description code
issues at outoforder.cc
issues at outoforder.cc
Sat Dec 1 08:36:37 EST 2007
The following issue has been RESOLVED.
======================================================================
http://issues.outoforder.cc/view.php?id=59
======================================================================
Reported By: Nelson B
Assigned To: nmav
======================================================================
Project: mod_gnutls
Issue ID: 59
Category: SSL/TLS Standards Issue
Reproducibility: always
Severity: minor
Priority: normal
Status: resolved
Apache Version: unspecified
Resolution: fixed
Fixed in Version: 0.4.0
======================================================================
Date Submitted: 03-28-2006 04:36 EST
Last Modified: 12-01-2007 08:36 EST
======================================================================
Summary: mod_gnutls sending unrecognized alert description
code
Description:
I've been testing seamonkey + NSS + SNI extension support against
https://sni.corelands.com/ (a.k.a {one,two,three,four}.sni.corelands.com.
I've found that if the handshake doesn't complete in just a couple
seconds, the server sends a "fatal" TLS ALERT record bearning the
description code 0xCE. 0xCE is not a known alert description in any
TLS RFC or ID that I've found. Whassup with that?
======================================================================
----------------------------------------------------------------------
chip - 03-29-06 09:51
----------------------------------------------------------------------
I haven't been able to reproduce this using Opera. Can you post the patch
that you are using for mozilla?
I also upgraded the sni test server to gnutls 1.3.5 last night....
Hopefully I can get around to creating updated certificates soon.
----------------------------------------------------------------------
Nelson B - 06-28-06 22:32
----------------------------------------------------------------------
sni.corelands.com:443 now seems to be behaving as an http (not https)
server,
sending out an html page in response to any SSL3/TLS client hello.
I hope it will come back to being an sni test page, even if it continues
to use expired certs.
----------------------------------------------------------------------
chip - 06-29-06 02:16
----------------------------------------------------------------------
I have upgraded GnuTLS to 1.4.0 -- although it does appear to now be
crashing sometimes.
----------------------------------------------------------------------
nmav - 11-30-07 15:19
----------------------------------------------------------------------
This issue has been solved in the new (0.4.0) relases.
----------------------------------------------------------------------
nmav - 12-01-07 08:36
----------------------------------------------------------------------
Resolved in 0.4.0.
Issue History
Date Modified Username Field Change
======================================================================
03-28-06 04:36 Nelson B New Issue
03-28-06 04:36 Nelson B Apache Version => unspecified
03-29-06 09:51 chip Note Added: 0000066
06-28-06 22:32 Nelson B Note Added: 0000080
06-29-06 02:16 chip Note Added: 0000081
11-30-07 15:19 nmav Note Added: 0000097
12-01-07 08:36 nmav Status new => resolved
12-01-07 08:36 nmav Fixed in Version => 0.4.0
12-01-07 08:36 nmav Resolution open => fixed
12-01-07 08:36 nmav Assigned To => nmav
12-01-07 08:36 nmav Note Added: 0000098
======================================================================
More information about the Issues
mailing list