[Issues] [mod_gnutls 0000059]: mod_gnutls sending unrecognized alert description code
issues at outoforder.cc
issues at outoforder.cc
Fri Nov 30 15:19:08 EST 2007
A NOTE has been added to this issue.
======================================================================
http://issues.outoforder.cc/view.php?id=59
======================================================================
Reported By: Nelson B
Assigned To:
======================================================================
Project: mod_gnutls
Issue ID: 59
Category: SSL/TLS Standards Issue
Reproducibility: always
Severity: minor
Priority: normal
Status: new
Apache Version: unspecified
======================================================================
Date Submitted: 03-28-2006 04:36 EST
Last Modified: 11-30-2007 15:19 EST
======================================================================
Summary: mod_gnutls sending unrecognized alert description
code
Description:
I've been testing seamonkey + NSS + SNI extension support against
https://sni.corelands.com/ (a.k.a {one,two,three,four}.sni.corelands.com.
I've found that if the handshake doesn't complete in just a couple
seconds, the server sends a "fatal" TLS ALERT record bearning the
description code 0xCE. 0xCE is not a known alert description in any
TLS RFC or ID that I've found. Whassup with that?
======================================================================
----------------------------------------------------------------------
chip - 03-29-06 09:51
----------------------------------------------------------------------
I haven't been able to reproduce this using Opera. Can you post the patch
that you are using for mozilla?
I also upgraded the sni test server to gnutls 1.3.5 last night....
Hopefully I can get around to creating updated certificates soon.
----------------------------------------------------------------------
Nelson B - 06-28-06 22:32
----------------------------------------------------------------------
sni.corelands.com:443 now seems to be behaving as an http (not https)
server,
sending out an html page in response to any SSL3/TLS client hello.
I hope it will come back to being an sni test page, even if it continues
to use expired certs.
----------------------------------------------------------------------
chip - 06-29-06 02:16
----------------------------------------------------------------------
I have upgraded GnuTLS to 1.4.0 -- although it does appear to now be
crashing sometimes.
----------------------------------------------------------------------
nmav - 11-30-07 15:19
----------------------------------------------------------------------
This issue has been solved in the new (0.4.0) relases.
Issue History
Date Modified Username Field Change
======================================================================
03-28-06 04:36 Nelson B New Issue
03-28-06 04:36 Nelson B Apache Version => unspecified
03-29-06 09:51 chip Note Added: 0000066
06-28-06 22:32 Nelson B Note Added: 0000080
06-29-06 02:16 chip Note Added: 0000081
11-30-07 15:19 nmav Note Added: 0000097
======================================================================
More information about the Issues
mailing list