On 31/07/15 00:07, Jeremy Harris wrote: > On 30/07/15 14:39, Jeremy Harris wrote: >> On 30/07/15 12:33, Nikos Mavrogiannopoulos wrote: >>> On Sun, Jul 26, 2015 at 11:10 PM, Jeremy Harris <[email protected]> wrote: >>>> gnutls 3.3.8 >>> >>> The latest version of gnutls on this branch is 3.3.16. Does the issue >>> occur with that version? >> >> I'll see if I can arrange that. > > Still occurs with 3.3.16 (as shipped for Debian Stretch).
Further: reproducible using the "client-ssl" utility from Exim's testsuite, against the current Exim HEAD, but not when using the "client-gnutls" utility. The former is built with OpenSSL, the latter with GnuTLS 3.3.16, and packet capture shows that the latter is requesting certificate status of the server despite not being told to do so. Specifically, gnutls_ocsp_status_request_enable_client() has not been called. This is another aspect of the bug, but it means that you cannot repro the bug purely using GnuTLS-based applications. -- Cheers, Jeremy _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
