Re: confirmation that debian #480041 is a gnutls problem, and steps to reproduce

[Nikos Mavrogiannopoulos]

Actually you only need to do this test on record_recv(). Note that
usually servers request upgrade in order to receive a client
certificate, thus it might be a good idea to notify or prompt the user
about that.

regards,
Nikos

On Fri, Nov 21, 2008 at 10:29 AM, Joe Orton <address@hidden> wrote:
> On Fri, Nov 21, 2008 at 09:24:02AM +0200, Nikos Mavrogiannopoulos wrote:
>> For neon to solve this, it has to perform a handshake after the
>> rehandshake request has been required.
>
> Ah, I didn't realise that - OpenSSL will automatically rehandshake
> whenever requested by the server.  So to provide the equivalent
> behaviour with GnuTLS, I have to do something like:
>
> start:
>   ret = gnutls_record_send(blah);
>   if (ret == GNUTLS_E_REHANDSHAKE) {
>       gnutls_handshake(blah);
>       goto start;
>   }
>
> and similarly with calls to record_recv?
>
> Regards, Joe
>