[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Emacs core TLS support
From: |
Ted Zlatanov |
Subject: |
Re: Emacs core TLS support |
Date: |
Sun, 26 Sep 2010 01:09:20 -0500 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux) |
On Wed, 15 Sep 2010 14:13:57 +0200 Nikos Mavrogiannopoulos <address@hidden>
wrote:
NM> Use/check the gnutls-http-serv script in doc/credentials. It sets up a
NM> server with a certificate, ready for testing. If the server doesn't
NM> have a certificate it wouldn't be able to fully operate.
OK, this server works with ex-client2 and with a regular web browser
like w3m, but not with Emacs. The only difference between ex-client2
and my code AFAICT is that it specifies the trust file as "ca.pem" and
then calls `gnutls_certificate_set_x509_trust_file' with that missing
file without checking the return code. I tried that and it didn't make
a difference. I keep getting error GNUTLS_E_UNEXPECTED_PACKET_LENGTH
after a bunch of handshakes.
I've gone over my code carefully and just can't figure out what's
different. I'm sure it's something simple I've overlooked. So I
checked my changes into the Emacs repo in order to have other, more
expert developers take a look. All the tedious work is done; the files
of interest are src/process.[ch] (where the process is set up with the
GnuTLS members), src/gnutls.[ch], and lisp/net/gnutls.el.
Here's the recipe to see the problem:
1) compile Emacs with
./configure --with-gnutls; make bootstrap
2) run it directly:
cd src
gdb --args ./emacs ../lisp/net/gnutls.el
3) when it loads, do:
(you'll also need the gnutls-http-serv running locally)
M-x eval-buffer
M-: (open-ssl-stream "tls" "tls-buffer" "localhost" 5556)
4) look in *Messages* for the errors:
gnutls: allocating credentials
gnutls: allocating x509 credentials
gnutls: setting the trustfile
gnutls: processed 142 CA certificates
gnutls: setting the keyfile
gnutls: gnutls_init
gnutls: setting the priority string
gnutls: setting the credentials
gnutls: setting the x509 credentials
gnutls: handshake: setting the transport pointers to 8/8
gnutls: handshake: handshaking
gnutls.el: (err=[gnutls-e-again] Resource temporarily unavailable, try again.)
handshake: nil
gnutls: handshake: handshaking
... repeated a LOT ...
gnutls.el: (err=[gnutls-e-again] Resource temporarily unavailable, try again.)
handshake: nil
gnutls: handshake: handshaking [2 times]
gnutls.el: (err=[gnutls-e-again] Resource temporarily unavailable, try again.)
handshake: nil
gnutls: handshake: handshaking
gnutls.el: (err=[-9] A TLS packet with unexpected length was received.)
handshake: nil
Ouch, error return -9 (A TLS packet with unexpected length was received.)
nil
Mark set [2 times]
Ted
- Re: Emacs core TLS support, (continued)
- Message not available
- Message not available
- Re: Emacs core TLS support, Nikos Mavrogiannopoulos, 2010/09/13
- Message not available
- Re: Emacs core TLS support, Nikos Mavrogiannopoulos, 2010/09/14
- Re: Emacs core TLS support, Lars Magne Ingebrigtsen, 2010/09/14
- Re: Emacs core TLS support, Ted Zlatanov, 2010/09/15
- Re: Emacs core TLS support, Ted Zlatanov, 2010/09/14
- Message not available
- Re: Emacs core TLS support, Nikos Mavrogiannopoulos, 2010/09/15
- Re: Emacs core TLS support, Ted Zlatanov, 2010/09/15
- Re: Emacs core TLS support,
Ted Zlatanov <=
- Re: Emacs core TLS support, Lars Magne Ingebrigtsen, 2010/09/26
- Re: Emacs core TLS support, James Cloos, 2010/09/26
- Re: Emacs core TLS support, Lars Magne Ingebrigtsen, 2010/09/27
- Re: Emacs core TLS support, Lars Magne Ingebrigtsen, 2010/09/27
- Re: Emacs core TLS support, Lars Magne Ingebrigtsen, 2010/09/27
- Re: Emacs core TLS support, Lars Magne Ingebrigtsen, 2010/09/27
- Re: Emacs core TLS support, Ted Zlatanov, 2010/09/27
- Re: Emacs core TLS support, Lars Magne Ingebrigtsen, 2010/09/27
- Re: Emacs core TLS support, Bruce Stephens, 2010/09/27
- Re: Emacs core TLS support, Lars Magne Ingebrigtsen, 2010/09/27