Bug#980513: libgnutls30: _gnutls_sort_clist Assertion with openconnect GlobalProtect VPN
Andreas Metzler
ametzler at bebt.de
Fri Jan 22 17:04:08 GMT 2021
Control: forwarded -1 https://gitlab.com/gnutls/gnutls/-/merge_requests/1370
On 2021-01-21 Matthew Chandler <tardarsauce at gmail.com> wrote:
> I've never used gnutls-cli before, and I'm not at all sure what openconnect
> is doing internally to match that behaviour, but it appears that I can
> reproduce w/ -cli
Hello,
Thank you, I can reproduce and have forwarded upstream.
The problem is triggered by the fact that the server is not configured
correctly. (GnuTLS should still work.) As you can see it sends 7
certificates:
Certificate[0] client certificate
Certificate[1] intermediate cert 1
Certificate[2] intermediate cert 2
Certificate[3] CA certificate (self-signed)
Certificate[4] Certificate[1] again
Certificate[5] Certificate[2] again
Certificate[6] Certificate[3] again
The duplicates (456) should not be sent.
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-gnutls-maint
mailing list