From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: Paul Eggert <eggert@cs.ucla.edu>
Newsgroups: gmane.emacs.devel
Subject: Re: master 583995c: GnuTLS HMAC and symmetric cipher support
Date: Tue, 18 Jul 2017 00:45:52 -0700
Organization: UCLA Computer Science Department
Message-ID: <22246710-dc3b-f146-1812-cc374a709f0b@cs.ucla.edu>
References: <20170714150706.13106.18905@vcs0.savannah.gnu.org>
	<20170714150707.5E9B322DF8@vcs0.savannah.gnu.org>
	<fhfudwszb8.fsf@fencepost.gnu.org> <87eftfdu5g.fsf@lifelogs.com>
	<7kzic356o4.fsf@fencepost.gnu.org>
	<CAM-tV-_hAYnvPLt5KSF8yeo5XkeMjb_vwSZA0Wqoa19KH5+4qw@mail.gmail.com>
	<34d18yexh0.fsf@fencepost.gnu.org>
	<CAM-tV-_B0GYEkQq4hs+yOh+uXwggvcrAyCMu10C4dmyhSghPmQ@mail.gmail.com>
	<2ztw2auan0.fsf@fencepost.gnu.org>
	<f9d2b34e-b131-9bf5-e9d5-3c3cfefc9ef3@cs.ucla.edu>
	<n9zic2agnk.fsf@fencepost.gnu.org>
	<3f44fabe-80b7-8a01-2b64-0a33b2a311b3@cs.ucla.edu>
	<02lgnm1zjh.fsf@fencepost.gnu.org>
	<bc2531d3-2249-0a6f-8795-9b130da4b373@cs.ucla.edu>
	<niwp76pj7w.fsf@fencepost.gnu.org>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="------------82730AA08B5414A1DDF15D14"
X-Trace: blaine.gmane.org 1500363978 19209 195.159.176.226 (18 Jul 2017 07:46:18 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Tue, 18 Jul 2017 07:46:18 +0000 (UTC)
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
	Thunderbird/52.2.1
Cc: Emacs developers <emacs-devel@gnu.org>,
	Noam Postavsky <npostavs@users.sourceforge.net>
To: Glenn Morris <rgm@gnu.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Jul 18 09:46:08 2017
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1dXNCo-0004Lf-0m
	for ged-emacs-devel@m.gmane.org; Tue, 18 Jul 2017 09:46:06 +0200
Original-Received: from localhost ([::1]:54585 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1dXNCt-0008B6-8v
	for ged-emacs-devel@m.gmane.org; Tue, 18 Jul 2017 03:46:11 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:51817)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eggert@cs.ucla.edu>) id 1dXNCh-00089S-DF
	for emacs-devel@gnu.org; Tue, 18 Jul 2017 03:46:00 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eggert@cs.ucla.edu>) id 1dXNCe-00055S-8O
	for emacs-devel@gnu.org; Tue, 18 Jul 2017 03:45:59 -0400
Original-Received: from zimbra.cs.ucla.edu ([131.179.128.68]:51294)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <eggert@cs.ucla.edu>)
	id 1dXNCd-00054Y-Uc; Tue, 18 Jul 2017 03:45:56 -0400
Original-Received: from localhost (localhost [127.0.0.1])
	by zimbra.cs.ucla.edu (Postfix) with ESMTP id 263F4160211;
	Tue, 18 Jul 2017 00:45:54 -0700 (PDT)
Original-Received: from zimbra.cs.ucla.edu ([127.0.0.1])
	by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10032)
	with ESMTP id na-y5xqUOqrA; Tue, 18 Jul 2017 00:45:53 -0700 (PDT)
Original-Received: from localhost (localhost [127.0.0.1])
	by zimbra.cs.ucla.edu (Postfix) with ESMTP id 244AC16023D;
	Tue, 18 Jul 2017 00:45:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at zimbra.cs.ucla.edu
Original-Received: from zimbra.cs.ucla.edu ([127.0.0.1])
	by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10026)
	with ESMTP id WUQlFmG8UKXn; Tue, 18 Jul 2017 00:45:53 -0700 (PDT)
Original-Received: from [192.168.1.9] (unknown [47.153.184.153])
	by zimbra.cs.ucla.edu (Postfix) with ESMTPSA id E9F75160211;
	Tue, 18 Jul 2017 00:45:52 -0700 (PDT)
In-Reply-To: <niwp76pj7w.fsf@fencepost.gnu.org>
Content-Language: en-US
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [fuzzy]
X-Received-From: 131.179.128.68
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel/>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: "Emacs-devel" <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.devel:216816
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/216816>

This is a multi-part message in MIME format.
--------------82730AA08B5414A1DDF15D14
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable

Glenn Morris wrote:
> Since 583995c, make check on hydra crashes when loading the gnutls test=
s.
> It uses gnutls 3.2.21. I installed that on my rhel7 system (with
> --disable-non-suiteb-curves) and reproduced the crash. The

I don't see how the crash can occur with vanilla GnuTLS 3.2.21, as its=20
gnutls_cipher_list returns a list of IDs that does not contain=20
GNUTLS_CIPHER_UNKNOWN. Perhaps you were using a modified GnuTLS 3.2.21. O=
r=20
possibly I'm misreading the GnuTLS source code, though I don't see how.

As you're observing the problem I installed the attached, which is simila=
r to=20
the patch that worked for you.

--------------82730AA08B5414A1DDF15D14
Content-Type: text/x-patch;
 name="0001-Port-gnutls.c-to-older-buggier-GnuTLS.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
 filename="0001-Port-gnutls.c-to-older-buggier-GnuTLS.patch"

=46rom 376151481b2172dbb08d25bb5946f0f627f7453d Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Tue, 18 Jul 2017 00:37:03 -0700
Subject: [PATCH] Port gnutls.c to older (buggier?) GnuTLS

Problem reported for GnuTLS 3.2.1 by Glenn Morris in:
http://lists.gnu.org/archive/html/emacs-devel/2017-07/msg00716.html
http://lists.gnu.org/archive/html/emacs-devel/2017-07/msg00742.html
Although I don't see how this bug can occur with vanilla GnuTLS 3.2.1,
perhaps hydra was using a modified GnuTLS.
* src/gnutls.c (Fgnutls_ciphers): Don't assume GNUTLS_CIPHER_NULL
is at the end of the list returned by gnutls_cipher_list,
or that the earlier ciphers all have non-null names.
---
 src/gnutls.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/gnutls.c b/src/gnutls.c
index 9fbaea2..e406d66 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -1854,12 +1854,17 @@ The alist key is the cipher name. */)
=20
 #ifdef HAVE_GNUTLS3_CIPHER
   const gnutls_cipher_algorithm_t *gciphers =3D gnutls_cipher_list ();
-  for (ptrdiff_t pos =3D 0; gciphers[pos] !=3D GNUTLS_CIPHER_NULL; pos++=
)
+  for (ptrdiff_t pos =3D 0; gciphers[pos] !=3D 0; pos++)
     {
       gnutls_cipher_algorithm_t gca =3D gciphers[pos];
+      if (gca =3D=3D GNUTLS_CIPHER_NULL)
+	continue;
+      char const *cipher_name =3D gnutls_cipher_get_name (gca);
+      if (!cipher_name)
+	continue;
=20
       /* A symbol representing the GnuTLS cipher.  */
-      Lisp_Object cipher_symbol =3D intern (gnutls_cipher_get_name (gca)=
);
+      Lisp_Object cipher_symbol =3D intern (cipher_name);
=20
       ptrdiff_t cipher_tag_size =3D gnutls_cipher_get_tag_size (gca);
=20
--=20
2.7.4


--------------82730AA08B5414A1DDF15D14--