bug#10060: 24.0.91; Built-in GNUtls err=-64 error

bug#10060: 24.0.91; Built-in GNUtls err=-64 error

[nyc4bos]

When using an intentionally incorrect PEM file, Emacs gives the following
*Backtrace* (see below).

The *Message* buffer has:

Starting GNUTLS
gnutls.el: (err=[-64] Error while reading file.) boot: (:priority NORMAL :hostname imap.aim.com :loglevel 0 :min-prime-bits nil :trustfiles (AOL.pem) :crlfiles nil :keylist nil :verify-flags nil :verify-error nil :verify-hostname-error t :callbacks nil)
Entering debugger...

Can the built-in GNUtls give a more graceful error message, if possible,
for a "err=[-64] error?

Thanks.

Diagnostic information follows:

Debugger entered--Lisp error: (gnutls-error #<process tls> -64)
  signal(gnutls-error (#<process tls> -64))
  (progn (signal (quote gnutls-error) (list process ret)))
  (if (gnutls-errorp ret) (progn (signal (quote gnutls-error) (list process ret))))
  (when (gnutls-errorp ret) (signal (quote gnutls-error) (list process ret)))
  (let* ((type (or type (quote gnutls-x509pki))) (default-trustfile "AOL.pem") (trustfiles (or trustfiles (when (file-exists-p default-trustfile) (list default-trustfile)))) (priority-string (or priority-string (cond ((eq type (quote gnutls-anon)) "NORMAL:+ANON-DH:!ARCFOUR-128") ((eq type (quote gnutls-x509pki)) (if gnutls-algorithm-priority (upcase gnutls-algorithm-priority) "NORMAL"))))) (min-prime-bits (or min-prime-bits gnutls-min-prime-bits)) (params (\` (:priority (\, priority-string) :hostname (\, hostname) :loglevel (\, gnutls-log-level) :min-prime-bits (\, min-prime-bits) :trustfiles (\, trustfiles) :crlfiles (\, crlfiles) :keylist (\, keylist) :verify-flags (\, verify-flags) :verify-error (\, verify-error) :verify-hostname-error (\, verify-hostname-error) :callbacks nil))) ret) (gnutls-message-maybe (setq ret (gnutls-boot process type params)) "boot: %s" params) (when (gnutls-errorp ret) (signal (quote gnutls-error) (list process ret))) process)
  (catch (quote --cl-block-gnutls-negotiate--) (message "Starting GNUTLS") (let* ((type (or type (quote gnutls-x509pki))) (default-trustfile "AOL.pem") (trustfiles (or trustfiles (when (file-exists-p default-trustfile) (list default-trustfile)))) (priority-string (or priority-string (cond ((eq type ...) "NORMAL:+ANON-DH:!ARCFOUR-128") ((eq type ...) (if gnutls-algorithm-priority ... "NORMAL"))))) (min-prime-bits (or min-prime-bits gnutls-min-prime-bits)) (params (\` (:priority (\, priority-string) :hostname (\, hostname) :loglevel (\, gnutls-log-level) :min-prime-bits (\, min-prime-bits) :trustfiles (\, trustfiles) :crlfiles (\, crlfiles) :keylist (\, keylist) :verify-flags (\, verify-flags) :verify-error (\, verify-error) :verify-hostname-error (\, verify-hostname-error) :callbacks nil))) ret) (gnutls-message-maybe (setq ret (gnutls-boot process type params)) "boot: %s" params) (when (gnutls-errorp ret) (signal (quote gnutls-error) (list process ret))) process) (message "DEBUG: %s " trustfiles))
  (cl-block-wrapper (catch (quote --cl-block-gnutls-negotiate--) (message "Starting GNUTLS") (let* ((type (or type (quote gnutls-x509pki))) (default-trustfile "AOL.pem") (trustfiles (or trustfiles (when (file-exists-p default-trustfile) (list default-trustfile)))) (priority-string (or priority-string (cond (... "NORMAL:+ANON-DH:!ARCFOUR-128") (... ...)))) (min-prime-bits (or min-prime-bits gnutls-min-prime-bits)) (params (\` (:priority (\, priority-string) :hostname (\, hostname) :loglevel (\, gnutls-log-level) :min-prime-bits (\, min-prime-bits) :trustfiles (\, trustfiles) :crlfiles (\, crlfiles) :keylist (\, keylist) :verify-flags (\, verify-flags) :verify-error (\, verify-error) :verify-hostname-error (\, verify-hostname-error) :callbacks nil))) ret) (gnutls-message-maybe (setq ret (gnutls-boot process type params)) "boot: %s" params) (when (gnutls-errorp ret) (signal (quote gnutls-error) (list process ret))) process) (message "DEBUG: %s " trustfiles)))
  (block gnutls-negotiate (message "Starting GNUTLS") (let* ((type (or type (quote gnutls-x509pki))) (default-trustfile "AOL.pem") (trustfiles (or trustfiles (when (file-exists-p default-trustfile) (list default-trustfile)))) (priority-string (or priority-string (cond ((eq type ...) "NORMAL:+ANON-DH:!ARCFOUR-128") ((eq type ...) (if gnutls-algorithm-priority ... "NORMAL"))))) (min-prime-bits (or min-prime-bits gnutls-min-prime-bits)) (params (\` (:priority (\, priority-string) :hostname (\, hostname) :loglevel (\, gnutls-log-level) :min-prime-bits (\, min-prime-bits) :trustfiles (\, trustfiles) :crlfiles (\, crlfiles) :keylist (\, keylist) :verify-flags (\, verify-flags) :verify-error (\, verify-error) :verify-hostname-error (\, verify-hostname-error) :callbacks nil))) ret) (gnutls-message-maybe (setq ret (gnutls-boot process type params)) "boot: %s" params) (when (gnutls-errorp ret) (signal (quote gnutls-error) (list process ret))) process) (message "DEBUG: %s " trustfiles))
  (let* ((process (car (cdr (memq (quote :process) spec)))) (type (car (cdr (memq (quote :type) spec)))) (hostname (car (cdr (memq (quote :hostname) spec)))) (priority-string (car (cdr (memq (quote :priority-string) spec)))) (trustfiles (car (cdr (memq (quote :trustfiles) spec)))) (crlfiles (car (cdr (memq (quote :crlfiles) spec)))) (keylist (car (cdr (memq (quote :keylist) spec)))) (min-prime-bits (car (cdr (memq (quote :min-prime-bits) spec)))) (verify-flags (car (cdr (memq (quote :verify-flags) spec)))) (verify-error (car (cdr (memq (quote :verify-error) spec)))) (verify-hostname-error (car (cdr (memq (quote :verify-hostname-error) spec))))) (block gnutls-negotiate (message "Starting GNUTLS") (let* ((type (or type (quote gnutls-x509pki))) (default-trustfile "AOL.pem") (trustfiles (or trustfiles (when (file-exists-p default-trustfile) (list default-trustfile)))) (priority-string (or priority-string (cond (... "NORMAL:+ANON-DH:!ARCFOUR-128") (... ...)))) (min-prime-bits (or min-prime-bits gnutls-min-prime-bits)) (params (\` (:priority (\, priority-string) :hostname (\, hostname) :loglevel (\, gnutls-log-level) :min-prime-bits (\, min-prime-bits) :trustfiles (\, trustfiles) :crlfiles (\, crlfiles) :keylist (\, keylist) :verify-flags (\, verify-flags) :verify-error (\, verify-error) :verify-hostname-error (\, verify-hostname-error) :callbacks nil))) ret) (gnutls-message-maybe (setq ret (gnutls-boot process type params)) "boot: %s" params) (when (gnutls-errorp ret) (signal (quote gnutls-error) (list process ret))) process) ))
  gnutls-negotiate(:process #<process tls> :type gnutls-x509pki :verify-hostname-error t :hostname "imap.aim.com")
  eval((gnutls-negotiate :process (open-network-stream "tls" "tls-buffer" "imap.aim.com" 993) :type (quote gnutls-x509pki) :verify-hostname-error verify-hostname-error :hostname host-X) nil)
  eval-last-sexp-1(t)
  eval-last-sexp(t)
  eval-print-last-sexp()
  call-interactively(eval-print-last-sexp nil nil)



In GNU Emacs 24.0.91.1 (i386-mingw-nt5.1.2600)
 of 2011-11-14 on MARVIN
Windowing system distributor `Microsoft Corp.', version 5.1.2600
configured using `configure --with-gcc (4.6) --no-opt --cflags -I"D:/devel/emacs/libs/libXpm-3.5.8/include" -I"D:/devel/emacs/libs/libXpm-3.5.8/src" -I"D:/devel/emacs/libs/libpng-dev_1.4.3-1/include" -I"D:/devel/emacs/libs/zlib-dev_1.2.5-2/include" -I"D:/devel/emacs/libs/giflib-4.1.4-1/include" -I"D:/devel/emacs/libs/jpeg-6b-4/include" -I"D:/devel/emacs/libs/tiff-3.8.2-1/include" -I"D:/devel/emacs/libs/gnutls-2.10.1/include" --ldflags -L"D:/devel/emacs/libs/gnutls-2.10.1/lib"'

Important settings:
  value of $LC_ALL: nil
  value of $LC_COLLATE: nil
  value of $LC_CTYPE: nil
  value of $LC_MESSAGES: nil
  value of $LC_MONETARY: nil
  value of $LC_NUMERIC: nil
  value of $LC_TIME: nil
  value of $LANG: en_US
  value of $XMODIFIERS: nil
  locale-coding-system: cp949
  default enable-multibyte-characters: t

Major mode: Message

Minor modes in effect:
  gnus-message-citation-mode: t
  jabber-activity-mode: t
  mml-mode: t
  show-paren-mode: t
  tooltip-mode: t
  mouse-wheel-mode: t
  tool-bar-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  line-number-mode: t
  transient-mark-mode: t
  abbrev-mode: t

Recent input:
<return> n <return> C-n SPC SPC <help-echo> n C-p C-f 
C-f C-f C-f SPC <help-echo> <help-echo> <help-echo> 
SPC C-n C-f C-f C-f SPC SPC <backspace> F C-x k <return> 
y e s <return> C-x o C-x b * s c <tab> <return> C-x 
i s x 3 <tab> <return> C-s c h o o C-a C-n C-n C-n 
C-n C-n C-n C-f C-f C-f C-f C-f C-f C-f C-f C-SPC C-f 
C-f C-f C-f C-f C-f C-f C-f C-f C-f C-f C-f C-f C-f 
C-f C-f C-f C-f C-f <escape> w C-a C-n C-n C-n C-e 
SPC C-y C-a C-SPC C-n C-w C-y <escape> < C-n C-n C-n 
C-n C-y <return> C-p C-p C-e C-j C-x b <return> C-x 
o F C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n <help-echo> 
<help-echo> <help-echo> <help-echo> <help-echo> <help-echo> 
<help-echo> <help-echo> <help-echo> <menu-bar> <help-menu> 
<send-emacs-bug-report>

Recent messages:
Mark set
Mark saved where search started
Mark set [8 times]
xding
goto-history-element: End of history; no default available
xding
goto-history-element: End of history; no default available

Load-path shadows:
None found.

Features:
(shadow emacsbug re-builder multi-isearch mule-util sort gnus-cite
smiley ansi-color flow-fill mail-extr gnus-async gnus-bcklg gnus-ml
nndraft nnmh nndoc utf-7 rfc2104 nnagent nnml nnimap utf7 nnfolder
parse-time netrc gnutls network-stream gnus-agent gnus-srvr gnus-score
score-mode nnvirtual gnus-msg gnus-art mm-uu mml2015 mm-view mml-smime
smime dig nntp gnus-cache offlineimap google-weather url-cache
google-maps google-maps-static google-maps-geocode google-maps-base json
pcmpl-ssh executable pcomplete jabber jabber-libnotify dbus
jabber-awesome jabber-osd jabber-wmii jabber-xmessage jabber-festival
jabber-sawfish jabber-ratpoison jabber-screen jabber-socks5
jabber-ft-server jabber-si-server jabber-ft-client jabber-ft-common
jabber-si-client jabber-si-common jabber-feature-neg jabber-truncate
jabber-time jabber-autoaway jabber-vcard-avatars jabber-chatstates
jabber-events jabber-vcard jabber-avatar jabber-activity jabber-watch
jabber-modeline jabber-ahc-presence jabber-ahc jabber-version
jabber-ourversion jabber-muc-nick-completion hippie-exp comint ring
jabber-browse jabber-search jabber-register jabber-roster
jabber-presence jabber-muc jabber-muc-nick-coloring hexrgb
jabber-newdisco jabber-widget jabber-disco jabber-chat jabber-history
jabber-chatbuffer jabber-alert jabber-iq jabber-core jabber-console
sgml-mode ewoc jabber-keymap jabber-sasl sasl sasl-anonymous sasl-login
sasl-plain fsm jabber-logon jabber-conn srv dns starttls tls jabber-xml
xml jabber-menu jabber-autoloads jabber-util epa-file epa epg epg-config
sieve sieve-mode sieve-manage nnir gnus-sum gnus-group mm-url url
url-proxy url-privacy url-expand url-methods url-history url-cookie
url-util url-parse auth-source eieio byte-opt bytecomp byte-compile
cconv macroexp assoc password-cache url-vars mailcap gnus-undo nnmail
mail-source gnus-start gnus-spec gnus-int gnus-range message derived
format-spec rfc822 mml mml-sec mm-decode mm-bodies mm-encode mail-parse
rfc2231 rfc2047 rfc2045 ietf-drums mailabbrev gmm-utils mailheader
gnus-win gnus gnus-ems nnoo nnheader gnus-util mm-util mail-prsvr
mail-utils help-mode view advice advice-preload pager w3m-search w3m
help-fns browse-url doc-view easymenu jka-compr dired desktop regexp-opt
image-mode timezone w3m-hist w3m-fb bookmark-w3m w3m-ems w3m-ccl ccl
w3m-favicon w3m-image w3m-proc w3m-util wid-edit w3m-wget server
easy-mmode cl edmacro kmacro paren time-date tooltip ediff-hook vc-hooks
lisp-float-type mwheel dos-w32 disp-table ls-lisp w32-win w32-vars
tool-bar dnd fontset image fringe lisp-mode register page menu-bar
rfn-eshadow timer select scroll-bar mouse jit-lock font-lock syntax
facemenu font-core frame cham georgian utf-8-lang misc-lang vietnamese
tibetan thai tai-viet lao korean japanese hebrew greek romanian slovak
czech european ethiopic indian cyrillic chinese case-table epa-hook
jka-cmpr-hook help simple abbrev minibuffer button faces cus-face files
text-properties overlay sha1 md5 base64 format env code-pages mule
custom widget hashtable-print-readable backquote make-network-process
multi-tty emacs)

bug#10060: 24.0.91; Built-in GNUtls err=-64 error

[Ted Zlatanov]

On Tue, 15 Nov 2011 21:48:31 -0500 nyc4bos@aol.com wrote: 

n> When using an intentionally incorrect PEM file, Emacs gives the following
n> *Backtrace* (see below).

n> The *Message* buffer has:

n> Starting GNUTLS
n> gnutls.el: (err=[-64] Error while reading file.) boot: (:priority NORMAL :hostname imap.aim.com :loglevel 0 :min-prime-bits nil :trustfiles (AOL.pem) :crlfiles nil :keylist nil :verify-flags nil :verify-error nil :verify-hostname-error t :callbacks nil)
n> Entering debugger...

n> Can the built-in GNUtls give a more graceful error message, if possible,
n> for a "err=[-64] error?

n> Thanks.

n> Diagnostic information follows:

n> Debugger entered--Lisp error: (gnutls-error #<process tls> -64)
n>   signal(gnutls-error (#<process tls> -64))

I'm not sure that should be the library's job.  IOW, the error is really
what GnuTLS tells us, and the text is a bonus that can be easily
obtained with `gnutls-error-string' (I assume end users don't run GnuTLS
functions directly, so it's reasonable to ask code that uses gnutls.el
to make that effort).  If you disagree, tell me how the error should be
bubbled back to the code that invoked it, and how we should embellish
GnuTLS error messages in general (there are hundreds).

Thanks
Ted