* bug#20908: 25.0.50; gnutls-negotiate error "Invalid format operation %u"
@ 2015-06-27 3:55 lo2net
2015-06-27 8:05 ` Eli Zaretskii
0 siblings, 1 reply; 3+ messages in thread
From: lo2net @ 2015-06-27 3:55 UTC (permalink / raw)
To: 20908
[-- Attachment #1: Type: text/plain, Size: 773 bytes --]
Hi all,
I've got a problem: when using (gnutls-negotiate :verify-error t) to initialize a SSL/TLS
connection , server has an expired certificate cause gnutls-boot signal
an error "Invalid format operation %u", apparently it's not related to
gnutls-error. So digging into the source
code, here is the error signal:
src/gnutls.c:1511
if (verify_error_all
|| !NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error)))
{
emacs_gnutls_deinit (proc);
error ("Certificate validation failed %s, verification code %u",
c_hostname, peer_verification);
}
After checking elisp manual and source code, function Fformat(error call
it to format string) does not
support '%u', here should using '%d' instead.
I made a simple patch for this:
[-- Attachment #2: 0001-gnutls-boot-fix-error-Invalid-format-operation-u-whe.patch --]
[-- Type: text/plain, Size: 834 bytes --]
From d046b24f7cee1b30e45dd094c0299304cfd7c270 Mon Sep 17 00:00:00 2001
From: lo2net <fangtao0901@gmail.com>
Date: Thu, 25 Jun 2015 17:00:03 +0800
Subject: [PATCH] gnutls-boot: fix error "Invalid format operation %u" when
certificate validation fail
---
src/gnutls.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/gnutls.c b/src/gnutls.c
index cab2404..6a2c873 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -1512,7 +1512,7 @@ one trustfile (usually a CA bundle). */)
|| !NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error)))
{
emacs_gnutls_deinit (proc);
- error ("Certificate validation failed %s, verification code %u",
+ error ("Certificate validation failed %s, verification code %d",
c_hostname, peer_verification);
}
else
--
1.9.5.msysgit.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* bug#20908: 25.0.50; gnutls-negotiate error "Invalid format operation %u"
2015-06-27 3:55 bug#20908: 25.0.50; gnutls-negotiate error "Invalid format operation %u" lo2net
@ 2015-06-27 8:05 ` Eli Zaretskii
2015-06-27 12:39 ` tao fang
0 siblings, 1 reply; 3+ messages in thread
From: Eli Zaretskii @ 2015-06-27 8:05 UTC (permalink / raw)
To: lo2net; +Cc: 20908-done
> From: lo2net <fangtao0901@gmail.com>
> Date: Sat, 27 Jun 2015 11:55:43 +0800
>
> I've got a problem: when using (gnutls-negotiate :verify-error t) to initialize a SSL/TLS
> connection , server has an expired certificate cause gnutls-boot signal
> an error "Invalid format operation %u", apparently it's not related to
> gnutls-error. So digging into the source
> code, here is the error signal:
>
> src/gnutls.c:1511
>
> if (verify_error_all
> || !NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error)))
> {
> emacs_gnutls_deinit (proc);
> error ("Certificate validation failed %s, verification code %u",
> c_hostname, peer_verification);
> }
>
> After checking elisp manual and source code, function Fformat(error call
> it to format string) does not
> support '%u', here should using '%d' instead.
>
> I made a simple patch for this:
Thanks. I used %x instead of %d in the change I just pushed, because
the peer_verification value is actually a bitwise OR of the various
bits, so displaying it in hex will make its interpretation easier.
With that, I'm marking this bug done.
^ permalink raw reply [flat|nested] 3+ messages in thread
* bug#20908: 25.0.50; gnutls-negotiate error "Invalid format operation %u"
2015-06-27 8:05 ` Eli Zaretskii
@ 2015-06-27 12:39 ` tao fang
0 siblings, 0 replies; 3+ messages in thread
From: tao fang @ 2015-06-27 12:39 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 20908-done
[-- Attachment #1: Type: text/plain, Size: 1300 bytes --]
Okay, thanks!
On Sat, Jun 27, 2015 at 4:05 PM, Eli Zaretskii <eliz@gnu.org> wrote:
> > From: lo2net <fangtao0901@gmail.com>
> > Date: Sat, 27 Jun 2015 11:55:43 +0800
> >
> > I've got a problem: when using (gnutls-negotiate :verify-error t) to
> initialize a SSL/TLS
> > connection , server has an expired certificate cause gnutls-boot signal
> > an error "Invalid format operation %u", apparently it's not related to
> > gnutls-error. So digging into the source
> > code, here is the error signal:
> >
> > src/gnutls.c:1511
> >
> > if (verify_error_all
> > || !NILP (Fmember (QCgnutls_bootprop_trustfiles,
> verify_error)))
> > {
> > emacs_gnutls_deinit (proc);
> > error ("Certificate validation failed %s, verification code %u",
> > c_hostname, peer_verification);
> > }
> >
> > After checking elisp manual and source code, function Fformat(error call
> > it to format string) does not
> > support '%u', here should using '%d' instead.
> >
> > I made a simple patch for this:
>
> Thanks. I used %x instead of %d in the change I just pushed, because
> the peer_verification value is actually a bitwise OR of the various
> bits, so displaying it in hex will make its interpretation easier.
>
> With that, I'm marking this bug done.
>
[-- Attachment #2: Type: text/html, Size: 1881 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-06-27 12:39 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-06-27 3:55 bug#20908: 25.0.50; gnutls-negotiate error "Invalid format operation %u" lo2net
2015-06-27 8:05 ` Eli Zaretskii
2015-06-27 12:39 ` tao fang
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).