From: Maxime Devos <maximedevos@telenet.be>
To: "Ludovic Courtès" <ludo@gnu.org>, 56867@debbugs.gnu.org
Cc: guile-devel@gnu.org
Subject: [bug#56867] [PATCH] download: Do not wrap TLS port on GnuTLS >= 3.7.7.
Date: Mon, 1 Aug 2022 11:56:00 +0200 [thread overview]
Message-ID: <da075774-a438-71b9-a4aa-3520a0070621@telenet.be> (raw)
In-Reply-To: <20220801090749.11655-1-ludo@gnu.org>
[-- Attachment #1.1.1: Type: text/plain, Size: 2414 bytes --]
Some objections on error handling (I don't know much about the wrapping)
On 01-08-2022 11:07, Ludovic Courtès wrote:
> [...]
> Hello!
>
> I'll land a similar change in Guile's (web client) module afterwards
> if there are no objections.
>
> Ludo'.
>
> diff --git a/guix/build/download.scm b/guix/build/download.scm
> index 41583e8143..de094890b3 100644
> --- a/guix/build/download.scm
> +++ b/guix/build/download.scm
> @@ -245,6 +245,54 @@ (define (print-tls-certificate-error port key args default-printer)
> (set-exception-printer! 'tls-certificate-error
> print-tls-certificate-error)
>
> +(define (wrap-record-port-for-gnutls<3.7.7 record port)
> + "Return a port that wraps RECORD to ensure that closing it also closes PORT,
> +the actual socket port, and its file descriptor. Make sure it does not
> +introduce extra buffering (custom ports are buffered by default as of Guile
> +3.0.5).
> +
> +This wrapper is unnecessary with GnuTLS >= 3.7.7, which can automatically
> +close SESSION's file descriptor when RECORD is closed."
> + (define (read! bv start count)
> + (define read
> + (catch 'gnutls-error
> + (lambda ()
> + (get-bytevector-n! record bv start count))
> + (lambda (key err proc . rest)
> + ;; When responding to "Connection: close" requests, some servers
> + ;; close the connection abruptly after sending the response body,
> + ;; without doing a proper TLS connection termination. Treat it as
> + ;; EOF. This is fixed in GnuTLS 3.7.7.
> + (if (eq? err error/premature-termination)
> + the-eof-object
> + (apply throw key err proc rest)))))
Objection: 'catch' makes the backtrace part happening inside the
'get-bytevector-n!' disappear, because it is unwinding, as has been
noted a few times (in different contexts) by Attila Lendvai and me.
Maybe use 'guard' with an appropriate condition instead?
> + (if (module-defined? (resolve-interface '(gnutls))
> + 'set-session-record-port-close!) ;GnuTLS >= 3.7.7
resolve-module (and presumably also sets #:ensure #t by default, which
sometimes causes 'module not found' messages to be replaced by 'unbound
variable', which I don't think is useful behaviour, can #:ensure be set
to #false?
Greetings,
Maxime
[-- Attachment #1.1.2: OpenPGP public key --]
[-- Type: application/pgp-keys, Size: 929 bytes --]
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 236 bytes --]
next prev parent reply other threads:[~2022-08-01 9:57 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-01 9:07 [bug#56867] [PATCH] download: Do not wrap TLS port on GnuTLS >= 3.7.7 Ludovic Courtès
2022-08-01 9:15 ` Ludovic Courtès
2022-08-01 9:56 ` Maxime Devos [this message]
2022-08-02 7:59 ` Ludovic Courtès
2022-08-04 19:37 ` Maxime Devos
2022-08-05 8:31 ` Ludovic Courtès
2022-08-05 10:17 ` Maxime Devos
2022-08-03 15:57 ` bug#56867: " Ludovic Courtès
2022-08-04 14:20 ` [bug#56867] " Ludovic Courtès
[not found] ` <87v8r86p7s.fsf@kolabnow.com>
2022-08-04 16:19 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=da075774-a438-71b9-a4aa-3520a0070621@telenet.be \
--to=maximedevos@telenet.be \
--cc=56867@debbugs.gnu.org \
--cc=guile-devel@gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).