Hi, thanks for the answers...
Am Freitag, 30. September 2022, 10:32:32 CEST schrieb Daiki Ueno: > I need a bit more information to answer properly: > Are both client and server programs using GnuTLS? If yes, could you > provide the exact package versions, for both client and server? client and server are both 3.7.1 It also works with the 3.5.8 client from debian stretch If I limit the protocol to tls1.2 it also works. > > 64 GB is above the limit of AES-GCM being safely used without rekeying. ah, yes, , AES-256-GCM, MAC AEAD is used, so this seems to be the reason. > If TLS 1.3 is negotiated GnuTLS initiates automatic rekeying, though TLS > 1.3 is a feature supported by GnuTLS 3.6 or later. hm, but this rekeying doesn't seem to happen. Otherwise it would work. Does gnutls_record_recv gets the GNUTLS_E_REHANDSHAKE as return value in this case? > Perhaps you could try other ciphers that doesn't have such limitation, > e.g., CHACHA20-POLY1305? > Regards, > I will try this Cheers Michael _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
