[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8650) EAGAIN from gnutls_handshake not respected

To: openldap-its@OpenLDAP.org
Subject: (ITS#8650) EAGAIN from gnutls_handshake not respected
From: ryan@openldap.org
Date: Sat, 06 May 2017 22:32:26 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Ryan Tandy
Version: RE24
OS: Debian
URL: 
Submission from: (NULL) (24.68.41.160)
Submitted by: ryan


https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861838

That bug's submitter seems to have unintentionally configured their slapd with
the entire list of system CAs. They're fixing it, but we have a bug here too.

When the ServerHello is larger than 16kb, gnutls_handshake can return
GNUTLS_E_AGAIN. In theory this was always possible, but I'm only seeing it
happen with gnutls 3.x and haven't the exact change responsible.

We need to loop gnutls_handshake until it completes, like we do already in the
re-handshake case.

Prev by Date: Re: (ITS#8648) sasl_client_init called concurrently causes issues
Next by Date: Re: (ITS#8650) EAGAIN from gnutls_handshake not respected
Index(es):
- Chronological
- Thread