[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#10904: 24.0.93; Infinite loop in GnuTLS code during Gnus nnimap-init
bug#10904: 24.0.93; Infinite loop in GnuTLS code during Gnus nnimap-initiated SSL handshake
Mon, 09 Apr 2012 23:07:34 -0400
Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux)
Ted Zlatanov <address@hidden> writes:
> On Sun, 08 Apr 2012 13:46:56 -0400 Thomas Fitzsimmons <address@hidden> wrote:
> TF> The loop happens when the GnuTLS handshake fails for some reason, within
> TF> a network process. I use the attached patch to limit the number of
> TF> iterations. I'm not familiar enough with the Emacs process code to
> TF> suggest a fix though.
> Thanks again for the help and provided patch. I modified it to keep the
> number of handshakes tried per connection, not globally. Please try
> it. I will also propose it on emacs-devel for inclusion in the upcoming
> 24.1 release.
I tried trunk against my IMAP server and the applied patch prevents the
infinite loop. At the default gnutls-log-level, a connection attempt
Warning: Opening nnimap server on <imap_server_hostname>...failed: ; Unable to
open server nnimap+<imap_server_hostname> due to: GnuTLS error: #<process
gnutls.c:  (Emacs) fatal error: The specified session has been invalidated
for some reason.
A nice improvement would be to detect when the server uses a ciphersuite
that GnuTLS's default priority list ("NORMAL") rejects, warn the user,
and ask if they want to retry with a more permissive list
("PERFORMANCE"). But that's a separate enhancement -- for now your
patch fixes the infinite loop and setting gnutls-algorithm-priority to
"performance" works around the server's weak ciphersuite.