[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GnuTLS recv error (-9): A TLS packet with unexpected length was rece
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: GnuTLS recv error (-9): A TLS packet with unexpected length was received. - with Paypal Website Payment Pro |
Date: |
Thu, 3 Feb 2011 11:03:10 +0100 |
On Wed, Feb 2, 2011 at 11:33 PM, Joe Orton <address@hidden> wrote:
>> Several sites terminate the TLS connection without following the TLS
>> protocol (i.e. sending closure alerts), but rather terminate the TCP
>> connection directly. This is a relic of SSLv2 and it seems other
>> implementations ignore this error. GnuTLS doesn't and thus prints
>> this error. You could ignore it, but then you could not distinguish
>> between a premature connection termination (i.e. by someone injecting
>> a stray TCP termination packet) and normal termination.
> The problem is that GnuTLS does not distinguish the TCP closure case
> from this rather generic "unexpected length" error, as has been
> discussed on this list before. The OpenSSL API does expose this
> distinction.
How does openssl expose this distinction? Does it have a separate error for
unclean termination?
regards,
Nikos