GNU bug report logs -
#20465
24.4; GnuTLS integration seems faulty
Previous Next
Reported by: Leandro Facchinetti <me <at> leafac.com>
Date: Wed, 29 Apr 2015 20:31:04 UTC
Severity: normal
Tags: fixed
Merged with 18208
Found in versions 24.4, 24.4.50
Fixed in version 25.1
Done: Lars Magne Ingebrigtsen <larsi <at> gnus.org>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 20465 in the body.
You can then email your comments to 20465 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Wed, 29 Apr 2015 20:31:04 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Leandro Facchinetti <me <at> leafac.com>
:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org
.
(Wed, 29 Apr 2015 20:31:04 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
I'm trying to retrieve a URL hosted on CloudFlare with Universal SSL
enabled (more about what's that here:
https://blog.cloudflare.com/introducing-universal-ssl/).
The following command is the one causing the issue:
(url-retrieve-synchronously "https://kill-the-newsletter.com")
As you can see on the "Recent messages" section of this bug report, I'm
getting back a -12 error, which by the GnuTLS manual means
"GNUTLS_E_FATAL_ALERT_RECEIVED: A TLS fatal alert has been received."
But then I tried connecting with the server using the `gnutls-cli' tool
provided by GnuTLS itself. From the command line, I ran:
$ gnutls-cli kill-the-newsletter.com
And it worked.
This leads me to conclude that somehow `gnutls.c' in Emacs is calling
the library in a way it shouldn't.
I'd love to help fix this myself, but I'm not experienced with C
programming outside the assignments I did as an undergrad a few years
ago, and I don't understand the internals of Emacs and GnuTLS very well.
So I ask you to please guide me on the right direction.
Thanks!
In GNU Emacs 24.4.1 (x86_64-unknown-linux-gnu, GTK+ Version 3.16.2)
of 2015-04-17 on andyrtr
Windowing system distributor `The X.Org Foundation', version 11.0.11701000
Configured using:
`configure --prefix=/usr --sysconfdir=/etc --libexecdir=/usr/lib
--localstatedir=/var --with-x-toolkit=gtk3 --with-xft
'CFLAGS=-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong
--param=ssp-buffer-size=4' CPPFLAGS=-D_FORTIFY_SOURCE=2
LDFLAGS=-Wl,-O1,--sort-common,--as-needed,-z,relro'
Important settings:
value of $LANG: en_US.utf8
locale-coding-system: utf-8-unix
Major mode: Lisp Interaction
Minor modes in effect:
tooltip-mode: t
electric-indent-mode: t
mouse-wheel-mode: t
tool-bar-mode: t
menu-bar-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
blink-cursor-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
line-number-mode: t
transient-mark-mode: t
Recent input:
<help-echo> M-: C-g M-: ( C-y SPC " h t t p s : / /
k i l l - t h e - n e w s l e t t e r . c o m " ) <return>
q M-: <up> C-S-e M-w C-g M-x e m a s <backspace> c
s - r e p o <tab> <backspace> <backspace> <backspace>
<backspace> <backspace> <backspace> <backspace> <backspace>
<backspace> <backspace> r e p o <tab> r t <tab> <r
eturn>
Recent messages:
For information about GNU Emacs and the GNU system, type C-h C-a.
Quit
Contacting host: kill-the-newsletter.com:443
gnutls.c: [0] (Emacs) fatal error: A TLS fatal alert has been received.
gnutls.c: [0] (Emacs) Received alert: Internal error
gnutls.el: (err=[-12] A TLS fatal alert has been received.) boot: (:priority NORMAL :hostname kill-the-newsletter.com :loglevel 0 :min-prime-bits 256 :trustfiles (/etc/ssl/certs/ca-certificates.crt) :crlfiles nil :keylist nil :verify-flags nil :verify-error nil :callbacks nil)
Entering debugger...
Back to top level.
Quit
Making completion list...
Load-path shadows:
None found.
Features:
(shadow sort mail-extr emacsbug message format-spec rfc822 mml mml-sec
mm-decode mm-bodies mm-encode mailabbrev gmm-utils mailheader sendmail
mail-utils help-mode easymenu debug gnutls cl-loaddefs cl-lib
network-stream starttls url-http tls mail-parse rfc2231 rfc2047 rfc2045
ietf-drums url-gw url-cache url-auth url url-proxy url-privacy
url-expand url-methods url-history url-cookie url-domsuf url-util
url-parse auth-source eieio byte-opt bytecomp byte-compile cconv
eieio-core gnus-util mm-util help-fns mail-prsvr password-cache url-vars
mailcap time-date tooltip electric uniquify ediff-hook vc-hooks
lisp-float-type mwheel x-win x-dnd tool-bar dnd fontset image regexp-opt
fringe tabulated-list newcomment lisp-mode prog-mode register page
menu-bar rfn-eshadow timer select scroll-bar mouse jit-lock font-lock
syntax facemenu font-core frame cham georgian utf-8-lang misc-lang
vietnamese tibetan thai tai-viet lao korean japanese hebrew greek
romanian slovak czech european ethiopic indian cyrillic chinese
case-table epa-hook jka-cmpr-hook help simple abbrev minibuffer nadvice
loaddefs button faces cus-face macroexp files text-properties overlay
sha1 md5 base64 format env code-pages mule custom widget
hashtable-print-readable backquote make-network-process dbusbind
gfilenotify dynamic-setting system-font-setting font-render-setting
move-toolbar gtk x-toolkit x multi-tty emacs)
Memory information:
((conses 16 91117 5130)
(symbols 48 19938 0)
(miscs 40 45 118)
(strings 32 18371 4972)
(string-bytes 1 493143)
(vectors 16 11427)
(vector-slots 8 411227 6068)
(floats 8 74 213)
(intervals 56 245 1)
(buffers 960 13)
(heap 1024 38752 1009))
--
Leandro Facchinetti <me <at> leafac.com>
https://www.leafac.com
GPG key: 3DF3D583
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Wed, 29 Apr 2015 20:37:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 20465 <at> debbugs.gnu.org (full text, mbox):
Leandro Facchinetti <me <at> leafac.com> writes:
> But then I tried connecting with the server using the `gnutls-cli' tool
> provided by GnuTLS itself. From the command line, I ran:
>
> $ gnutls-cli kill-the-newsletter.com
>
> And it worked.
$ gnutls-cli --disable-sni kill-the-newsletter.com
Processed 157 CA certificate(s).
Resolving 'kill-the-newsletter.com'...
Connecting to '2400:cb00:2048:1::681f:5646:443'...
*** Fatal error: A TLS fatal alert has been received.
*** Received alert [80]: Internal error
*** Handshake has failed
GnuTLS error: A TLS fatal alert has been received.
Andreas.
--
Andreas Schwab, schwab <at> linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Wed, 29 Apr 2015 20:49:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 20465 <at> debbugs.gnu.org (full text, mbox):
This has been fixed in Emacs 25 (emacs-24.4-1962-gccae04f).
Andreas.
--
Andreas Schwab, schwab <at> linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
Forcibly Merged 18208 20465.
Request was from
Glenn Morris <rgm <at> gnu.org>
to
control <at> debbugs.gnu.org
.
(Wed, 29 Apr 2015 20:53:02 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Wed, 29 Apr 2015 20:55:03 GMT)
Full text and
rfc822 format available.
Message #16 received at 20465 <at> debbugs.gnu.org (full text, mbox):
Thank you very much, Andreas!
That was spot on.
And kudos for the lightning fast answer!
Do I need to do something to mark the bug I opened as fixed?
Andreas Schwab writes:
> Leandro Facchinetti <me <at> leafac.com> writes:
>
>> But then I tried connecting with the server using the `gnutls-cli' tool
>> provided by GnuTLS itself. From the command line, I ran:
>>
>> $ gnutls-cli kill-the-newsletter.com
>>
>> And it worked.
>
> $ gnutls-cli --disable-sni kill-the-newsletter.com
> Processed 157 CA certificate(s).
> Resolving 'kill-the-newsletter.com'...
> Connecting to '2400:cb00:2048:1::681f:5646:443'...
> *** Fatal error: A TLS fatal alert has been received.
> *** Received alert [80]: Internal error
> *** Handshake has failed
> GnuTLS error: A TLS fatal alert has been received.
>
> Andreas.
--
Leandro Facchinetti <me <at> leafac.com>
https://www.leafac.com
GPG key: 3DF3D583
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Mon, 04 May 2015 22:08:01 GMT)
Full text and
rfc822 format available.
Message #19 received at 20465 <at> debbugs.gnu.org (full text, mbox):
On Wed, 29 Apr 2015 22:48:53 +0200 Andreas Schwab <schwab <at> linux-m68k.org> wrote:
AS> This has been fixed in Emacs 25 (emacs-24.4-1962-gccae04f).
Andreas, could you be more specific, if you know what fixed the problem,
and what the problem itself was? Was it addressed in a previous bug or
do you perhaps know the commit ID or something else?
Thanks!
Ted
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Mon, 04 May 2015 22:09:01 GMT)
Full text and
rfc822 format available.
Message #22 received at 20465 <at> debbugs.gnu.org (full text, mbox):
On Wed, 29 Apr 2015 16:54:18 -0400 Leandro Facchinetti <me <at> leafac.com> wrote:
LF> Do I need to do something to mark the bug I opened as fixed?
Normally you'd reply to 20465-done <at> debbugs.gnu.org but I'd like to wait
until we know what was broken and how we fixed it.
Thanks
Ted
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Mon, 04 May 2015 22:26:02 GMT)
Full text and
rfc822 format available.
Message #25 received at 20465 <at> debbugs.gnu.org (full text, mbox):
Ted Zlatanov <tzz <at> lifelogs.com> writes:
> On Wed, 29 Apr 2015 22:48:53 +0200 Andreas Schwab <schwab <at> linux-m68k.org> wrote:
>
> AS> This has been fixed in Emacs 25 (emacs-24.4-1962-gccae04f).
>
> Andreas, could you be more specific, if you know what fixed the problem,
> and what the problem itself was? Was it addressed in a previous bug or
> do you perhaps know the commit ID or something else?
That _is_ the commit ID.
Andreas.
--
Andreas Schwab, schwab <at> linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Mon, 04 May 2015 22:39:02 GMT)
Full text and
rfc822 format available.
Message #28 received at 20465 <at> debbugs.gnu.org (full text, mbox):
On Tue, 05 May 2015 00:25:28 +0200 Andreas Schwab <schwab <at> linux-m68k.org> wrote:
AS> Ted Zlatanov <tzz <at> lifelogs.com> writes:
>> On Wed, 29 Apr 2015 22:48:53 +0200 Andreas Schwab <schwab <at> linux-m68k.org> wrote:
>>
AS> This has been fixed in Emacs 25 (emacs-24.4-1962-gccae04f).
>>
>> Andreas, could you be more specific, if you know what fixed the problem,
>> and what the problem itself was? Was it addressed in a previous bug or
>> do you perhaps know the commit ID or something else?
AS> That _is_ the commit ID.
I am either unable to copy and paste or unable to pull some revisions or
otherwise blind, because I can't find that commit ID. Sorry to be a pest
but could you give the full hash, as `git log' would show it?
Ted
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Tue, 05 May 2015 00:41:02 GMT)
Full text and
rfc822 format available.
Message #31 received at 20465 <at> debbugs.gnu.org (full text, mbox):
> I am either unable to copy and paste or unable to pull some revisions or
> otherwise blind, because I can't find that commit ID. Sorry to be a pest
> but could you give the full hash, as `git log' would show it?
To be honest, I thought that was the commit hash and tried to look for
it, to satisfy my curiosity. I couldn't find it either, but I figured it
was just me being dumb.
At least, I can point this related issue (it was listed on the bug
tracker along with the issue I opened):
http://debbugs.gnu.org/cgi/bugreport.cgi?bug=18208
--
Leandro Facchinetti <me <at> leafac.com>
https://www.leafac.com
GPG key: 3DF3D583
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Tue, 05 May 2015 00:44:01 GMT)
Full text and
rfc822 format available.
Message #34 received at 20465 <at> debbugs.gnu.org (full text, mbox):
> Normally you'd reply to 20465-done <at> debbugs.gnu.org but I'd like to wait
> until we know what was broken and how we fixed it.
Thanks for letting me know.
There was nothing _broken_ per se. It was just that `gnutls.c' didn't
support Server Name Indication (SNI).
I suppose the fix was to add some options when calling GnuTLS.
When we settle this question, I'll e-mail 20465-done <at> debbugs.gnu.org to
close the issue.
--
Leandro Facchinetti <me <at> leafac.com>
https://www.leafac.com
GPG key: 3DF3D583
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Tue, 05 May 2015 00:53:02 GMT)
Full text and
rfc822 format available.
Message #37 received at 20465 <at> debbugs.gnu.org (full text, mbox):
git show emacs-24.4-1962-gccae04f
works fine for me.
(ccae04f205db7cffa0f247a463272f6c5af77122 if you prefer.)
It's why I merged this report with #18208 5 days ago, thus closing it.
Presumably the desire was to indicate that the fixing commit came *after* 24.4.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Tue, 05 May 2015 09:53:02 GMT)
Full text and
rfc822 format available.
Message #40 received at 20465 <at> debbugs.gnu.org (full text, mbox):
On Mon, 04 May 2015 20:52:47 -0400 Glenn Morris <rgm <at> gnu.org> wrote:
GM> git show emacs-24.4-1962-gccae04f
GM> works fine for me.
GM> (ccae04f205db7cffa0f247a463272f6c5af77122 if you prefer.)
I've been using Git for years and didn't know this notation was built-in
for `git show'. I kept trying `git show gccae04f' etc. and also looked
through the `git log -p src/gnutls.c' history but didn't notice this
commit. Thank you for explaining.
GM> It's why I merged this report with #18208 5 days ago, thus closing it.
Cool, thanks! I didn't see that in gmane.emacs.bugs and didn't think to check.
GM> Presumably the desire was to indicate that the fixing commit came *after* 24.4.
OK; understood. A commit ID would have been less confusing to me.
Ted
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Tue, 05 May 2015 10:40:04 GMT)
Full text and
rfc822 format available.
Message #43 received at 20465 <at> debbugs.gnu.org (full text, mbox):
> GM> git show emacs-24.4-1962-gccae04f
>
> GM> works fine for me.
>
> GM> (ccae04f205db7cffa0f247a463272f6c5af77122 if you prefer.)
>
> I've been using Git for years and didn't know this notation was built-in
> for `git show'. I kept trying `git show gccae04f' etc. and also looked
> through the `git log -p src/gnutls.c' history but didn't notice this
> commit. Thank you for explaining.
I learned something today!
From the `gitrevisions(7)' manual:
<describeOutput>, e.g. v1.7.4.2-679-g3bee7fb
Output from git describe; i.e. a closest tag, optionally followed by a dash and a number of commits, followed by a dash, a g, and an
abbreviated object name.
In fact:
$ git describe --tags ccae04f205db7cffa0f247a463272f6c5af77122
emacs-24.4-1962-gccae04f
And:
$ git show emacs-24.4-1962-gccae04f
Then shows the commit.
That's interesting!
I couldn't test the fix yet because I don't want to learn how to build
Emacs just now. Instead, I'll wait for the next release (lazy, I know).
I'll send the e-mail that closes the issue.
Thanks!
>
> GM> It's why I merged this report with #18208 5 days ago, thus closing it.
>
> Cool, thanks! I didn't see that in gmane.emacs.bugs and didn't think to check.
>
> GM> Presumably the desire was to indicate that the fixing commit came *after* 24.4.
>
> OK; understood. A commit ID would have been less confusing to me.
>
> Ted
--
Leandro Facchinetti <me <at> leafac.com>
https://www.leafac.com
GPG key: 3DF3D583
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Tue, 05 May 2015 10:42:01 GMT)
Full text and
rfc822 format available.
Message #46 received at 20465 <at> debbugs.gnu.org (full text, mbox):
Fixed.
GNU bug Tracking System writes:
> Thank you for filing a new bug report with debbugs.gnu.org.
>
> This is an automatically generated reply to let you know your message
> has been received.
>
> Your message is being forwarded to the package maintainers and other
> interested parties for their attention; they will reply in due course.
>
> Your message has been sent to the package maintainer(s):
> bug-gnu-emacs <at> gnu.org
>
> If you wish to submit further information on this problem, please
> send it to 20465 <at> debbugs.gnu.org.
>
> Please do not send mail to help-debbugs <at> gnu.org unless you wish
> to report a problem with the Bug-tracking system.
--
Leandro Facchinetti <me <at> leafac.com>
https://www.leafac.com
GPG key: 3DF3D583
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Tue, 05 May 2015 10:42:02 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Tue, 05 May 2015 10:51:03 GMT)
Full text and
rfc822 format available.
Message #52 received at 20465 <at> debbugs.gnu.org (full text, mbox):
Ted Zlatanov <tzz <at> lifelogs.com> writes:
> I've been using Git for years and didn't know this notation was built-in
Please read git help revisions.
Andreas.
--
Andreas Schwab, schwab <at> linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Tue, 05 May 2015 14:15:03 GMT)
Full text and
rfc822 format available.
Message #55 received at 20465 <at> debbugs.gnu.org (full text, mbox):
Ted Zlatanov <tzz <at> lifelogs.com> writes:
> I am either unable to copy and paste or unable to pull some revisions or
> otherwise blind, because I can't find that commit ID. Sorry to be a pest
> but could you give the full hash, as `git log' would show it?
"git show emacs-24.4-1962-gccae04f" works for me :
commit ccae04f205db7cffa0f247a463272f6c5af77122
Date: Wed Nov 26 22:56:57 2014 +0100
Fwiw, emacs-24.4-1962-gccae04f is the kind of output given by
"git describe --tags". The constituents are:
- emacs-24.4 : a tag name
- 1962 : IIRC this is the number of commits since the tag
- g : I don't know why this letter is here. I guess its sole purpose is to
*not* be a hex digit.
- ccae04f : first few digits of the commit hash.
HTH,
--
Nicolas
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#20465
; Package
emacs
.
(Tue, 05 May 2015 14:29:02 GMT)
Full text and
rfc822 format available.
Message #58 received at 20465 <at> debbugs.gnu.org (full text, mbox):
On Tue, 05 May 2015 16:15:58 +0200 Nicolas Richard <theonewiththeevillook <at> yahoo.fr> wrote:
NR> Fwiw, emacs-24.4-1962-gccae04f is the kind of output given by
NR> "git describe --tags". The constituents are:
NR> - emacs-24.4 : a tag name
NR> - 1962 : IIRC this is the number of commits since the tag
NR> - g : I don't know why this letter is here. I guess its sole purpose is to
NR> *not* be a hex digit.
NR> - ccae04f : first few digits of the commit hash.
Aha, that `g' is what threw me. I didn't notice it was not a hex
digit--`git show ccae04f' works perfectly when you omit the `g'. Thanks
to everyone for the patient explanations.
Thanks
Ted
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Wed, 03 Jun 2015 11:24:05 GMT)
Full text and
rfc822 format available.
This bug report was last modified 8 years and 327 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.