SSL compatibility mode
mark at kingant.net
Sun Apr 14 13:27:40 EDT 2013
On Sat, Nov 24, 2012 at 10:08 AM, Tomasz Wasilczyk
<tomkiewicz.groups at gmail.com> wrote:
> I have just double-checked it, and it seems, that this problem is only
> related to gnutls. Mozilla NSS seems not to be that picky and just
> returns EOF in that case.
> Anyway, I'm convinced, that we shouldn't just ignore that error when
> using gnutls, so suggested configuration for ssl is still appropriate,
> even if it doesn't do anything with NSS (because it seems to be
> already in "compatibility mode").
If NSS treats this situation as EOF and we're not experiencing
problems from it, then I think we should change our gnutls ssl plugin
to always treat GNUTLS_E_PREMATURE_TERMINATION as EOF. Our SSL
plugins should behave as similarly as possible.
I'd prefer to avoid adding
unless we're sure there is a use case for it.
> Should I change anything in proposed patch ?
>  http://pastebin.com/qFYTSWS5
Hmm, what does gnutls_session_enable_compatibility_mode() actually do?
The man page is very vague. Is that call needed in order to detect
More information about the Devel