From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Thomas Fitzsimmons <fitzsim@fitzsim.org>
Newsgroups: gmane.emacs.bugs
Subject: bug#10904: 24.0.93;
	Infinite loop in GnuTLS code during Gnus nnimap-initiated SSL
	handshake
Date: Mon, 09 Apr 2012 23:07:34 -0400
Message-ID: <m3vcl89te1.fsf@fitzsim.org>
References: <m3obsjg7i0.fsf@ducky.fitzsim.org>
	<m34nu5d96s.fsf@stories.gnus.org> <87haxk3dce.fsf@lifelogs.com>
	<m3r4wmnesm.fsf@fitzsim.org> <m3k42cnx2x.fsf@stories.gnus.org>
	<m3zkb5mz9q.fsf@fitzsim.org> <87hax6wakn.fsf@lifelogs.com>
	<m3zkaxlpt3.fsf@fitzsim.org> <m3zkamdskv.fsf@fitzsim.org>
	<87sjgdoi43.fsf@lifelogs.com>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: dough.gmane.org 1334027292 24497 80.91.229.3 (10 Apr 2012 03:08:12 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Tue, 10 Apr 2012 03:08:12 +0000 (UTC)
Cc: Lars Magne Ingebrigtsen <larsi@gnus.org>, 10904@debbugs.gnu.org
To: Ted Zlatanov <tzz@lifelogs.com>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Tue Apr 10 05:08:11 2012
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1SHRRB-0004Gt-0e
	for geb-bug-gnu-emacs@m.gmane.org; Tue, 10 Apr 2012 05:08:09 +0200
Original-Received: from localhost ([::1]:51118 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1SHRRA-00085F-Ao
	for geb-bug-gnu-emacs@m.gmane.org; Mon, 09 Apr 2012 23:08:08 -0400
Original-Received: from eggs.gnu.org ([208.118.235.92]:40260)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1SHRR7-00084y-KE
	for bug-gnu-emacs@gnu.org; Mon, 09 Apr 2012 23:08:06 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1SHRR5-0000wD-QU
	for bug-gnu-emacs@gnu.org; Mon, 09 Apr 2012 23:08:05 -0400
Original-Received: from debbugs.gnu.org ([140.186.70.43]:51180)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1SHRR5-0000w9-N0
	for bug-gnu-emacs@gnu.org; Mon, 09 Apr 2012 23:08:03 -0400
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.72)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1SHRS2-0006rB-Bq
	for bug-gnu-emacs@gnu.org; Mon, 09 Apr 2012 23:09:02 -0400
X-Loop: help-debbugs@gnu.org
Resent-From: Thomas Fitzsimmons <fitzsim@fitzsim.org>
Original-Sender: debbugs-submit-bounces@debbugs.gnu.org
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Tue, 10 Apr 2012 03:09:02 +0000
Resent-Message-ID: <handler.10904.B10904.133402732726328@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 10904
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
Original-Received: via spool by 10904-submit@debbugs.gnu.org id=B10904.133402732726328
	(code B ref 10904); Tue, 10 Apr 2012 03:09:02 +0000
Original-Received: (at 10904) by debbugs.gnu.org; 10 Apr 2012 03:08:47 +0000
Original-Received: from localhost ([127.0.0.1]:47718 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1SHRRn-0006qb-6Z
	for submit@debbugs.gnu.org; Mon, 09 Apr 2012 23:08:47 -0400
Original-Received: from mail-iy0-f172.google.com ([209.85.210.172]:50032)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <fitzsim@fitzsim.org>) id 1SHRRk-0006qT-Ok
	for 10904@debbugs.gnu.org; Mon, 09 Apr 2012 23:08:46 -0400
Original-Received: by iazz13 with SMTP id z13so6368163iaz.3
	for <10904@debbugs.gnu.org>; Mon, 09 Apr 2012 20:07:45 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=from:to:cc:subject:references:date:in-reply-to:message-id
	:user-agent:mime-version:content-type:x-gm-message-state;
	bh=uWd4AtZ8kntS+Z6XZ58xJVYXxCLQW5AuymlQzVfOMWc=;
	b=AstTYQC9BrOJBFWVonO8qD+5Gd1gMmm7En7afvqRZ0zohiBL7TXS8WdGK7s2/0ZUKf
	C1VwmnKCT0Pcaz9RpZPiJY0UiWMTcIrx3gZA2TfJKzH8+JjCQRYpGUcrlmGmjbAzIijk
	0aBGeyzVDFMKMbartr3y6LqP7HJ3f5zgHAuP1DS4W+lRPIdlziAVd70khBDl1xfj4uqk
	EgY1098qeWNZMkKTLcIPXunfhoCXoURttts6uBksO4HcuXtnqSKCZSVRipwNaay9rolC
	+T0lilToGJfuhwh1R2Evo3uCZfiOCWWoKpDeRDXVSPJ219hK8KAg9Tjs84fXdJfUCYMg
	AHmw==
Original-Received: by 10.42.180.66 with SMTP id bt2mr5539998icb.56.1334027264935;
	Mon, 09 Apr 2012 20:07:44 -0700 (PDT)
Original-Received: from ducky.fitzsim.org (69-165-165-189.dsl.teksavvy.com.
	[69.165.165.189])
	by mx.google.com with ESMTPS id k8sm42228692igz.4.2012.04.09.20.07.43
	(version=TLSv1/SSLv3 cipher=OTHER);
	Mon, 09 Apr 2012 20:07:44 -0700 (PDT)
In-Reply-To: <87sjgdoi43.fsf@lifelogs.com> (Ted Zlatanov's message of "Sun, 08
	Apr 2012 20:37:32 -0400")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux)
X-Gm-Message-State: ALoCoQkyxfl/mlhkCqaWD4Wj3ePoYHQUCna5IsVVcu/1crw4NQ8UmWQpDiMVFbJNJeeNWZMepoUx
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.13
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2)
X-Received-From: 140.186.70.43
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
	the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.bugs:58676
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/58676>

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Sun, 08 Apr 2012 13:46:56 -0400 Thomas Fitzsimmons <fitzsim@fitzsim.org> wrote:
>
> TF> The loop happens when the GnuTLS handshake fails for some reason, within
> TF> a network process.  I use the attached patch to limit the number of
> TF> iterations.  I'm not familiar enough with the Emacs process code to
> TF> suggest a fix though.
>
> Thanks again for the help and provided patch.  I modified it to keep the
> number of handshakes tried per connection, not globally.  Please try
> it.  I will also propose it on emacs-devel for inclusion in the upcoming
> 24.1 release.

I tried trunk against my IMAP server and the applied patch prevents the
infinite loop.  At the default gnutls-log-level, a connection attempt
fails with:

Warning: Opening nnimap server on <imap_server_hostname>...failed: ; Unable to open server nnimap+<imap_server_hostname> due to: GnuTLS error: #<process *nnimap*>, -9
gnutls.c: [0] (Emacs) fatal error: The specified session has been invalidated for some reason.

A nice improvement would be to detect when the server uses a ciphersuite
that GnuTLS's default priority list ("NORMAL") rejects, warn the user,
and ask if they want to retry with a more permissive list
("PERFORMANCE").  But that's a separate enhancement -- for now your
patch fixes the infinite loop and setting gnutls-algorithm-priority to
"performance" works around the server's weak ciphersuite.

Thanks,
Thomas