[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GnuTLS recv error (-9): A TLS packet with unexpected length was rece
From: |
Joe Orton |
Subject: |
Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro |
Date: |
Wed, 2 Feb 2011 22:33:50 +0000 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Wed, Feb 02, 2011 at 08:09:38AM +0100, Nikos Mavrogiannopoulos wrote:
> On 02/01/2011 06:12 PM, Zachary Krebs wrote:
> > I sent this to the libcurl community and they asked me to ping gnutls
> > to see where the issue resides:
> >
> > Thanks for considering my support request, and I hope I do not
> > agitate/irritate anyone by posting in the wrong place.
> > I looked here first: http://curl.haxx.se/mail/lib-2010-06/0169.html
> > and did not find a resolution.
> > I am attempting to use the Website Payment Pro Paypal module with Drupal
> > CMS.
> [...]
> > When I attempt to complete a payment, I get an error in my log:
> > "GnuTLS recv error (-9): A TLS packet with unexpected length was received"
>
> Several sites terminate the TLS connection without following the TLS
> protocol (i.e. sending closure alerts), but rather terminate the TCP
> connection directly. This is a relic of SSLv2 and it seems other
> implementations ignore this error. GnuTLS doesn't and thus prints
> this error. You could ignore it, but then you could not distinguish
> between a premature connection termination (i.e. by someone injecting
> a stray TCP termination packet) and normal termination.
The problem is that GnuTLS does not distinguish the TCP closure case
from this rather generic "unexpected length" error, as has been
discussed on this list before. The OpenSSL API does expose this
distinction.
It is not uncommon for SSL servers to perform unclean TCP closure in
some cases and HTTP clients can safely work around it if the connection
is in the right state.
Zachary, if you disable keepalive support in libcurl, does it work?
Regards, Joe
- GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro, Zachary Krebs, 2011/02/01
- Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro, Nikos Mavrogiannopoulos, 2011/02/02
- Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro, Zachary Krebs, 2011/02/02
- Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro,
Joe Orton <=
- Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro, Nikos Mavrogiannopoulos, 2011/02/03
- Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro, Joe Orton, 2011/02/03
- Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro, Nikos Mavrogiannopoulos, 2011/02/03
- Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro, Dan Winship, 2011/02/03
- Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro, Nikos Mavrogiannopoulos, 2011/02/07