Nikos Mavrogiannopoulos
Nikos Mavrogiannopoulos
From the error message, I think it tries to parser the `status_request` extension as a `client_hello` status request which has different form despite the same code point.
That also makes me wonder whether there are other client implementations doing the same.
What is the issue you trying to address with this change? Going to a fully deterministic mode for all tests will most likely cause other problems as it will limit...
Actually for the exact same reason you give, it may make sense to have this test in duplicate. One with the DTLS numbers to ensure that the implementation doesn't use...
> Quoting DTLS RFC 6347 section 4.1.1.1 discussing PMTU issues "For DTLS over TCP or SCTP, ..." so clearly it was anticipated that some use of DTLS over TCP would...
> I don't see why you couldn't offer both TLS and DTLS on the same port... I don't say that you couldn't under any conditions. I say that it is...
The 'Multiple Certificate Status Request Extension' is kind of a dead proposal. We were considering adding it in gnutls, but It was never implemented by anyone, and TLS 1.3 didn't...
Would https://github.com/radcli/radcli/pull/93 address this?
Thank you for reporting this. Is the realm expected to be reported on the accounting requests according to the RFC? If that's the case and you have the time and...
I suggest you provide the logs from ocserv during a connection to identify what goes wrong.