Hello Oto, Sorry for the late response.
Oto Šťáva <[email protected]> writes: > I have an application that allows the user to set their own priority > string for GnuTLS, including the %NO_TICKETS keyword, which disables > TLS resumption. That same application also supports QUIC via the > ngtcp2 library. There is an edge-case where if I set %NO_TICKETS and > attempt to use 0-RTT functions of the ngtcp2 library, the QUIC > connection gets into an invalid state and eventually crashes with an > assertion error. Is there some API through which I can reliably check > whether tickets are enabled for a session so as to avoid calling the > 0-RTT-related functions in such a case? I tried via > (gnutls_session_get_flags(...) & GNUTLS_SFLAGS_SESSION_TICKET), but > that returns true even when %NO_TICKETS is present in the priority > string. Would I have to parse the priority string manually? Right, GNUTLS_SFLAGS_SESSION_TICKET can only be used to check whether a session ticket is received. There is currently no API that returns the settings of the use of session tickets, and I generally agree that it would make sense to have one like gnutls_session_ticket_enabled_server. I haven't looked into the actual error when used with ngtcp2, but does it happen around (or inside) the call to GnuTLS API gnutls_record_*_early_data? If so, we might rather want to add a fallback behavior (i.e., disabling 0-RTT) rather than erroring out. Regards, -- Daiki Ueno _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
