[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#25061: consider adding %COMPAT to default gnutls priority string

From: Ludovic Courtès
Subject: bug#25061: consider adding %COMPAT to default gnutls priority string
Date: Mon, 30 Jan 2017 09:01:40 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)

Hi Lars,

Lars Ingebrigtsen <address@hidden> skribis:

> Ted Zlatanov <address@hidden> writes:
>> On Thu, 01 Dec 2016 21:25:29 +0100 address@hidden (Ludovic Courtès) wrote: 
>> LC> Ted Zlatanov <address@hidden> skribis:
>>>> We could break down %COMPAT to all its components and find which ones
>>>> are causing the issue.
>> LC> %DUMBFW may be that option (info "(gnutls) Priority Strings"):
>> LC> will add a private extension with bogus data that make the
>> LC> client hello exceed 512 bytes. This avoids a black hole
>> LC> behavior in some firewalls. This is the [_rfc7685_] client
>> LC> hello padding extension, also enabled with %COMPAT.
>> Nice. Could you or Andy verify if it resolves the originally reported
>> problem? I think it's very reasonable to add it to the default, if it does.
> Yes, I think so, too.  Did anyone of you check whether it fixed the problems?

I’m just a passerby so I haven’t tested.  ;-)

I think Andy has been traveling lately but he might be able to check


reply via email to

[Prev in Thread] Current Thread [Next in Thread]