unofficial mirror of bug-gnu-emacs@gnu.org 
 help / color / mirror / code / Atom feed
From: Thomas Fitzsimmons <fitzsim@fitzsim.org>
To: Lars Magne Ingebrigtsen <larsi@gnus.org>
Cc: Ted Zlatanov <tzz@lifelogs.com>, 10904@debbugs.gnu.org
Subject: bug#10904: 24.0.93; Infinite loop in GnuTLS code during Gnus nnimap-initiated SSL handshake
Date: Sun, 08 Apr 2012 13:46:56 -0400	[thread overview]
Message-ID: <m3zkamdskv.fsf@fitzsim.org> (raw)
In-Reply-To: <m3zkaxlpt3.fsf@fitzsim.org> (Thomas Fitzsimmons's message of "Fri, 30 Mar 2012 17:52:24 -0400")

[-- Attachment #1: Type: text/plain, Size: 1634 bytes --]

I rechecked this against bzr Emacs and GnuTLS 3.0.17 and it's still
there.  I tried to create a smaller test case and came up with this:

$ gnutls-serv --http &
$ emacs -Q

(progn
  (setq gnutls-log-level 5
        message-log-max t)
  (open-protocol-stream
        "*nnimap*" (current-buffer) "localhost"
        5556
        :type 'ssl
        :return-list t
        :shell-command "ssh %s imapd"
        :capability-command "1 CAPABILITY\r\n"
        :end-of-command "\r\n"
        :success " OK "
        :starttls-function
        (lambda (capabilities)
          (when (gnus-string-match-p "STARTTLS" capabilities)
            "1 STARTTLS\r\n"))))

The open-protocol-stream call is how nnimap-open-connection-1 in
lisp/gnus/nnimap.el creates the IMAP network process.

The loop happens when the GnuTLS handshake fails for some reason, within
a network process.  I use the attached patch to limit the number of
iterations.  I'm not familiar enough with the Emacs process code to
suggest a fix though.

It would be nice if one of you could try against gnutls-serv and confirm
you see this -- I think the problem is general enough that this proves
it and will allow a fix that I can test against my IMAP server.

However, if need-be I can try to arrange a tunnel to the IMAP server I'm
trying to connect to.

As for why this hasn't been seen before, it doesn't affect the GnuTLS
backend standalone (as Ted pointed out) -- it seems to only happen when
an SSL-using process is created and the GnuTLS handshake fails, so it
will be rare that it happens.  Still, an infinite loop is not a nice
failure mode, even if it's rare.

Thomas

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: emacs-gnutls-limit-loop.patch --]
[-- Type: text/x-patch, Size: 651 bytes --]

--- src/gnutls.c~	2012-02-13 15:46:01.000000000 -0500
+++ src/gnutls.c	2012-02-23 14:21:22.000000000 -0500
@@ -378,6 +378,8 @@
   return (bytes_written);
 }
 
+static int error_count = 0;
+
 EMACS_INT
 emacs_gnutls_read (struct Lisp_Process *proc, char *buf, EMACS_INT nbyte)
 {
@@ -386,8 +388,17 @@
 
   if (proc->gnutls_initstage != GNUTLS_STAGE_READY)
     {
+      if (error_count < 100)
+        {
+      error_count++;
       emacs_gnutls_handshake (proc);
       return -1;
+        }
+      else
+        {
+      error_count = 0;
+        return 0;
+        }
     }
   rtnval = fn_gnutls_record_recv (state, buf, nbyte);
   if (rtnval >= 0)

  reply	other threads:[~2012-04-08 17:46 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-02-27 23:51 bug#10904: 24.0.93; Infinite loop in GnuTLS code during Gnus nnimap-initiated SSL handshake Thomas Fitzsimmons
2012-03-03 14:56 ` Lars Magne Ingebrigtsen
2012-03-19 13:54   ` Ted Zlatanov
2012-03-21 15:40     ` Thomas Fitzsimmons
2012-03-22 21:29       ` Lars Magne Ingebrigtsen
2012-03-24 22:04         ` Thomas Fitzsimmons
2012-03-30 12:13           ` Ted Zlatanov
2012-03-30 21:52             ` Thomas Fitzsimmons
2012-04-08 17:46               ` Thomas Fitzsimmons [this message]
2012-04-09  0:37                 ` Ted Zlatanov
2012-04-09 13:14                   ` Ted Zlatanov
2012-04-10  3:07                   ` Thomas Fitzsimmons
2012-04-10 11:54                     ` Ted Zlatanov
2012-04-10 17:44                       ` Lars Magne Ingebrigtsen
2012-04-11 12:02                         ` Ted Zlatanov
2014-12-08 20:06                       ` Lars Magne Ingebrigtsen
2014-12-10 16:10                         ` Ted Zlatanov
2016-02-05  7:26                           ` Lars Ingebrigtsen
2016-06-02 14:21                             ` Ted Zlatanov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.gnu.org/software/emacs/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m3zkamdskv.fsf@fitzsim.org \
    --to=fitzsim@fitzsim.org \
    --cc=10904@debbugs.gnu.org \
    --cc=larsi@gnus.org \
    --cc=tzz@lifelogs.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).