From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Robert Pluim Newsgroups: gmane.emacs.devel Subject: Re: :nowait t misbehaves when falling back from IPv6 to IPv4 Date: Wed, 20 Feb 2019 19:44:38 +0100 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="95516"; mail-complaints-to="usenet@blaine.gmane.org" To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Feb 20 19:49:17 2019 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([209.51.188.17]) by blaine.gmane.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1gwWvk-000OhR-LX for ged-emacs-devel@m.gmane.org; Wed, 20 Feb 2019 19:49:16 +0100 Original-Received: from localhost ([127.0.0.1]:45641 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gwWvj-0000ve-Ju for ged-emacs-devel@m.gmane.org; Wed, 20 Feb 2019 13:49:15 -0500 Original-Received: from eggs.gnu.org ([209.51.188.92]:39432) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gwWuD-0000qm-2j for emacs-devel@gnu.org; Wed, 20 Feb 2019 13:47:42 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gwWrL-0000TS-7N for emacs-devel@gnu.org; Wed, 20 Feb 2019 13:44:44 -0500 Original-Received: from mail-wm1-x334.google.com ([2a00:1450:4864:20::334]:40854) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gwWrK-0000T8-W7 for emacs-devel@gnu.org; Wed, 20 Feb 2019 13:44:43 -0500 Original-Received: by mail-wm1-x334.google.com with SMTP id t15so7366044wmi.5 for ; Wed, 20 Feb 2019 10:44:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:references:mail-followup-to:mail-copies-to :gmane-reply-to-list:date:message-id:mime-version :content-transfer-encoding; bh=NrD3byQ0vX1Cm5rRWcWswDif/hF/Dykc24ARlP8nwvU=; b=gnjvf1yg/SE4ZwRKbg9GVvHqhwS2RpBUXxbeDYEqV4txMI2dezJ8gQ+J+5Q6NIb73f AyxPlMhhuVkmm9jUknhVvxtAGgGxvmywwxCwSRQkflyB8xB5HU85dHt10kyJJfx2G24O K0C0GKcVDacvcLLzBnWheYqfCbkFkWwMpx+v5e8OX6ADeq0tVpM37DMbIgrHi2JbquHa cmP5dyzfCNaQoyLMkYLU0n43aDgBib8R6uP7bsKdt5IyGp2lGCdblBWXDDT/s1Qu9Ofo onKS8yHHvi120j7aIl5/SLLFOe2MKOutfBrS8+fGMgZnxvvFfS+nTeOb4K06uKQf+8lz 8u9Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:references:mail-followup-to :mail-copies-to:gmane-reply-to-list:date:message-id:mime-version :content-transfer-encoding; bh=NrD3byQ0vX1Cm5rRWcWswDif/hF/Dykc24ARlP8nwvU=; b=D94FP1r5tQpoYmPbXLNG8VyXBDWk+kEqO3LqQ48KL2AKj24o+hBYQ06X1gmg0OzkKv 6+OE4Kf0nEmViFti3tMr6XMmN5H/HS/TME+ueHj+uzAmr4e9LTT8vfQe/5SBpUhEVeCn PIGwf4xlKlLdRzdlB40sHkvRk/7fuZFsLYctTDMRppywYtOEDT1GMVC3HOm2rF9Hwoh4 Ul3DXkJPdRQC9gXKoSzs8IvNX+lSt+rjdHaY5FQtnr0VJmMu1Y545kVLy7VOl+2W0213 ISlrEvKBngfcSensagEaLyLDKx/0u/x6wiBTChRjBLw8AUcOxZmTGDeyz90B8A3mxa5l 3QlA== X-Gm-Message-State: AHQUAuZLjvOSqv2K89jmIjuqSwEM0we5O52PhGFgX4rLqeBhubDWn/R2 UXO2DmnfI70BXwBP1futAI6HcVWj X-Google-Smtp-Source: AHgI3Ia/dVuDku0FyZpexlFqhW9am54BqXM0C18orFyQFcK+HgkHraVR5wuI3xppgWxD7f/wYt7JZg== X-Received: by 2002:a7b:c442:: with SMTP id l2mr7577779wmi.140.1550688280550; Wed, 20 Feb 2019 10:44:40 -0800 (PST) Original-Received: from rpluim-mac ([2a01:e34:ecfc:a860:dda:cfc2:7168:6ad8]) by smtp.gmail.com with ESMTPSA id f10sm3542865wmb.35.2019.02.20.10.44.39 for (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Wed, 20 Feb 2019 10:44:39 -0800 (PST) Mail-Followup-To: emacs-devel@gnu.org Mail-Copies-To: never Gmane-Reply-To-List: yes X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::334 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:233492 Archived-At: Robert Pluim writes: > Robert Pluim writes: > >> I unfortunately don=CA=BCt have time to look into this right now, but >> perhaps someone familiar with the network code has some ideas. > > So this is GnuTLS related: setting package-archives to use http rather > than https makes everything work. And after several hours of debugging, the fix turns out to be small, but one that I definitely want others to look at. Here=CA=BCs what happens: 1. update-package-archives requests an asynchronous load of an url on elpa.gnu.org 2. make-network-process looks up 'elpa.gnu.org', which returns an IPv6 and an IPv4 address (in that order) 3. it calls 'connect_network_socket', which calls 'connect', starts TLS negotiation, and then continues on because this is a non-blocking connect 4. some time later, that IPv6 connection has failed, which is noticed in 'wait_reading_process_output'. Because we have more addresses to try, it calls 'connect_network_socket' again, this time for the IPv4 address 5. 'connect_network_socket' again calls 'connect', but doesn=CA=BCt start T= LS negotiation, since the TLS boot parameters were deleted in [3] 6. TCP finishes connecting, we call the user-provided sentinel, which ends up sending an HTTP request on what is supposed to be a TLS secured channel, and elpa.gnu.org quite rightly sends a '400' error and shuts down the connection The fix below works for both emacs-26 and master. I have not fully reasoned about its consequences. This close to a release I=CA=BCm certain it won't go into emacs-26, so perhaps we should put an entry in PROBLEMS telling people to either use elpa.gnu.org's IPv4 address in 'package-archives', or to use http instead of https when they have problems connecting. Broken IPv6 setups will only make this more likely in the future, so perhaps we should think about implementing a limited version of 'Happy Eyeballs 2' at some point. 2019-02-20 Robert Pluim * src/process.c (connect_network_socket): Only delete gnutls_boot_parameters if TLS negotiation actually succeeded, as they may be needed for connection to other addresses for the same host. diff --git a/src/process.c b/src/process.c index b0a327229c..8784827cd4 100644 --- a/src/process.c +++ b/src/process.c @@ -3657,11 +3657,13 @@ connect_network_socket (Lisp_Object proc, Lisp_Obje= ct addrinfos, Lisp_Object boot, params =3D p->gnutls_boot_parameters; =20 boot =3D Fgnutls_boot (proc, XCAR (params), XCDR (params)); - p->gnutls_boot_parameters =3D Qnil; =20 if (p->gnutls_initstage =3D=3D GNUTLS_STAGE_READY) + { /* Run sentinels, etc. */ + p->gnutls_boot_parameters =3D Qnil; finish_after_tls_connection (proc); + } else if (p->gnutls_initstage !=3D GNUTLS_STAGE_HANDSHAKE_TRIED) { deactivate_process (proc);