From unknown Mon Aug 18 14:16:25 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#20908 <20908@debbugs.gnu.org> To: bug#20908 <20908@debbugs.gnu.org> Subject: Status: 25.0.50; gnutls-negotiate error "Invalid format operation %u" Reply-To: bug#20908 <20908@debbugs.gnu.org> Date: Mon, 18 Aug 2025 21:16:25 +0000 retitle 20908 25.0.50; gnutls-negotiate error "Invalid format operation %u" reassign 20908 emacs submitter 20908 lo2net severity 20908 normal thanks From debbugs-submit-bounces@debbugs.gnu.org Sat Jun 27 01:59:24 2015 Received: (at submit) by debbugs.gnu.org; 27 Jun 2015 05:59:24 +0000 Received: from localhost ([127.0.0.1]:58595 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Z8j98-000447-RV for submit@debbugs.gnu.org; Sat, 27 Jun 2015 01:59:23 -0400 Received: from eggs.gnu.org ([208.118.235.92]:59843) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Z8hE7-0001Db-6G for submit@debbugs.gnu.org; Fri, 26 Jun 2015 23:56:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Z8hE0-0008EQ-Vv for submit@debbugs.gnu.org; Fri, 26 Jun 2015 23:56:17 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00, FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:54820) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z8hE0-0008EM-Sd for submit@debbugs.gnu.org; Fri, 26 Jun 2015 23:56:16 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:45116) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z8hDz-00064E-S5 for bug-gnu-emacs@gnu.org; Fri, 26 Jun 2015 23:56:16 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Z8hDw-0008DL-La for bug-gnu-emacs@gnu.org; Fri, 26 Jun 2015 23:56:15 -0400 Received: from mail-qc0-x235.google.com ([2607:f8b0:400d:c01::235]:36743) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z8hDw-0008DE-GN for bug-gnu-emacs@gnu.org; Fri, 26 Jun 2015 23:56:12 -0400 Received: by qczu9 with SMTP id u9so7802122qcz.3 for ; Fri, 26 Jun 2015 20:56:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:message-id:mime-version:content-type; bh=gG8xzPya84z7ImVfLJlAi9Z+2o4X+eBAWaetwbzzOcE=; b=gDUc64CqQ3feNgEgUAuujzU7KLXKMzYZEcQ4lhRvZvSxFR57jgIGy4MT4/76QKm3Y+ Bb8PpfQyFGFm0qJ1m/LNHrkcUpm3sTdPsNCI8YO3q7KGeXKknvoSgSWnLFEI7V2TXB5N 7aDhWrJLrDk7UksV+eH9vErtfLw/Yr9aATVLM3AIKt2f4WsotQNEO4y6nZOjmTEoBX5R zthNdwUN8Kcy22+6L75SQFU+vzizdjx5NwK0rXUDMB3juuUPbmdUtROKiVtzBBjrOiZ8 3PQhMDmfI37WPMdcYxGJNyMXwyGl53zOfD5NW4syc2KDtR5MmEv3LG/U/kJi1MQtvDG+ 0g5A== X-Received: by 10.140.108.201 with SMTP id j67mr6735009qgf.83.1435377371752; Fri, 26 Jun 2015 20:56:11 -0700 (PDT) Received: from StormPC.yourcompany.com (ec2-54-159-240-135.compute-1.amazonaws.com. [54.159.240.135]) by mx.google.com with ESMTPSA id z81sm8023935qkg.44.2015.06.26.20.56.06 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 26 Jun 2015 20:56:11 -0700 (PDT) From: lo2net To: bug-gnu-emacs@gnu.org Subject: 25.0.50; gnutls-negotiate error "Invalid format operation %u" Date: Sat, 27 Jun 2015 11:55:43 +0800 Message-ID: <87bng1yfcw.fsf@gmail.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -3.8 (---) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Sat, 27 Jun 2015 01:59:21 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.8 (---) --=-=-= Content-Type: text/plain Hi all, I've got a problem: when using (gnutls-negotiate :verify-error t) to initialize a SSL/TLS connection , server has an expired certificate cause gnutls-boot signal an error "Invalid format operation %u", apparently it's not related to gnutls-error. So digging into the source code, here is the error signal: src/gnutls.c:1511 if (verify_error_all || !NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error))) { emacs_gnutls_deinit (proc); error ("Certificate validation failed %s, verification code %u", c_hostname, peer_verification); } After checking elisp manual and source code, function Fformat(error call it to format string) does not support '%u', here should using '%d' instead. I made a simple patch for this: --=-=-= Content-Type: text/plain Content-Disposition: attachment; filename=0001-gnutls-boot-fix-error-Invalid-format-operation-u-whe.patch Content-Description: 0001-gnutls-boot-fix-error-Invalid-format-operation-u-whe.patch >From d046b24f7cee1b30e45dd094c0299304cfd7c270 Mon Sep 17 00:00:00 2001 From: lo2net Date: Thu, 25 Jun 2015 17:00:03 +0800 Subject: [PATCH] gnutls-boot: fix error "Invalid format operation %u" when certificate validation fail --- src/gnutls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/gnutls.c b/src/gnutls.c index cab2404..6a2c873 100644 --- a/src/gnutls.c +++ b/src/gnutls.c @@ -1512,7 +1512,7 @@ one trustfile (usually a CA bundle). */) || !NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error))) { emacs_gnutls_deinit (proc); - error ("Certificate validation failed %s, verification code %u", + error ("Certificate validation failed %s, verification code %d", c_hostname, peer_verification); } else -- 1.9.5.msysgit.1 --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sat Jun 27 04:05:31 2015 Received: (at 20908-done) by debbugs.gnu.org; 27 Jun 2015 08:05:31 +0000 Received: from localhost ([127.0.0.1]:58686 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Z8l7C-0007i0-SP for submit@debbugs.gnu.org; Sat, 27 Jun 2015 04:05:31 -0400 Received: from mtaout20.012.net.il ([80.179.55.166]:49903) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Z8l7A-0007hF-Tb for 20908-done@debbugs.gnu.org; Sat, 27 Jun 2015 04:05:29 -0400 Received: from conversion-daemon.a-mtaout20.012.net.il by a-mtaout20.012.net.il (HyperSendmail v2007.08) id <0NQL00900FIKDL00@a-mtaout20.012.net.il> for 20908-done@debbugs.gnu.org; Sat, 27 Jun 2015 11:05:22 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout20.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0NQL009V1FSYBG50@a-mtaout20.012.net.il>; Sat, 27 Jun 2015 11:05:22 +0300 (IDT) Date: Sat, 27 Jun 2015 11:05:19 +0300 From: Eli Zaretskii Subject: Re: bug#20908: 25.0.50; gnutls-negotiate error "Invalid format operation %u" In-reply-to: <87bng1yfcw.fsf@gmail.com> X-012-Sender: halo1@inter.net.il To: lo2net Message-id: <837fqpd1a8.fsf@gnu.org> References: <87bng1yfcw.fsf@gmail.com> X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: 20908-done Cc: 20908-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list Reply-To: Eli Zaretskii List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) > From: lo2net > Date: Sat, 27 Jun 2015 11:55:43 +0800 > > I've got a problem: when using (gnutls-negotiate :verify-error t) to initialize a SSL/TLS > connection , server has an expired certificate cause gnutls-boot signal > an error "Invalid format operation %u", apparently it's not related to > gnutls-error. So digging into the source > code, here is the error signal: > > src/gnutls.c:1511 > > if (verify_error_all > || !NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error))) > { > emacs_gnutls_deinit (proc); > error ("Certificate validation failed %s, verification code %u", > c_hostname, peer_verification); > } > > After checking elisp manual and source code, function Fformat(error call > it to format string) does not > support '%u', here should using '%d' instead. > > I made a simple patch for this: Thanks. I used %x instead of %d in the change I just pushed, because the peer_verification value is actually a bitwise OR of the various bits, so displaying it in hex will make its interpretation easier. With that, I'm marking this bug done. From debbugs-submit-bounces@debbugs.gnu.org Sat Jun 27 08:39:15 2015 Received: (at 20908-done) by debbugs.gnu.org; 27 Jun 2015 12:39:15 +0000 Received: from localhost ([127.0.0.1]:58873 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Z8pO6-0003cc-Gw for submit@debbugs.gnu.org; Sat, 27 Jun 2015 08:39:15 -0400 Received: from mail-yk0-f176.google.com ([209.85.160.176]:34767) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Z8pO4-0003cM-Jz for 20908-done@debbugs.gnu.org; Sat, 27 Jun 2015 08:39:13 -0400 Received: by ykfy125 with SMTP id y125so80184014ykf.1 for <20908-done@debbugs.gnu.org>; Sat, 27 Jun 2015 05:39:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=j9AUn7tZ2jtC5vzaqV4oxBGyZH5J15DmA7ORlxjA6N0=; b=BH3ZwMPWir1nLGD4ijRt4j5r03TrFKbphI7aupb+C/tkRB96Vp5g7j17Nm6pemHGIW 318sjQdsGRoP5/cb8DXPU+JjQ9iA4RpnSe2UCjII3fkjDWy6a9huziRsxfuvSDOPUgr0 LKUTM1E585llObjhKgGB/GAX/HXfaE2fCGjcH4egxvPLT1UHOUhec0GoELCXWTw0b/jf oQmd4DExPKwsiLc/ruw+UK3aTYA2PhnTr0vJW3nfOurkZxAGT0UTHLjZPapvugUv1vHP WPY+k7Rwf7y3s0PAJvUOFeTgSM4FRqfs/NCo4m4xICRLRTB6dV78+FDrfzl0OGOt6oSD gbxg== MIME-Version: 1.0 X-Received: by 10.170.79.5 with SMTP id v5mr7882824ykv.15.1435408746971; Sat, 27 Jun 2015 05:39:06 -0700 (PDT) Received: by 10.37.195.6 with HTTP; Sat, 27 Jun 2015 05:39:06 -0700 (PDT) In-Reply-To: <837fqpd1a8.fsf@gnu.org> References: <87bng1yfcw.fsf@gmail.com> <837fqpd1a8.fsf@gnu.org> Date: Sat, 27 Jun 2015 20:39:06 +0800 Message-ID: Subject: Re: bug#20908: 25.0.50; gnutls-negotiate error "Invalid format operation %u" From: tao fang To: Eli Zaretskii Content-Type: multipart/alternative; boundary=001a113a08a27886a305197f2490 X-Spam-Score: -0.4 (/) X-Debbugs-Envelope-To: 20908-done Cc: 20908-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.4 (/) --001a113a08a27886a305197f2490 Content-Type: text/plain; charset=UTF-8 Okay, thanks! On Sat, Jun 27, 2015 at 4:05 PM, Eli Zaretskii wrote: > > From: lo2net > > Date: Sat, 27 Jun 2015 11:55:43 +0800 > > > > I've got a problem: when using (gnutls-negotiate :verify-error t) to > initialize a SSL/TLS > > connection , server has an expired certificate cause gnutls-boot signal > > an error "Invalid format operation %u", apparently it's not related to > > gnutls-error. So digging into the source > > code, here is the error signal: > > > > src/gnutls.c:1511 > > > > if (verify_error_all > > || !NILP (Fmember (QCgnutls_bootprop_trustfiles, > verify_error))) > > { > > emacs_gnutls_deinit (proc); > > error ("Certificate validation failed %s, verification code %u", > > c_hostname, peer_verification); > > } > > > > After checking elisp manual and source code, function Fformat(error call > > it to format string) does not > > support '%u', here should using '%d' instead. > > > > I made a simple patch for this: > > Thanks. I used %x instead of %d in the change I just pushed, because > the peer_verification value is actually a bitwise OR of the various > bits, so displaying it in hex will make its interpretation easier. > > With that, I'm marking this bug done. > --001a113a08a27886a305197f2490 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Okay, thanks!

On Sat, Jun 27, 2015 at 4:05 PM, Eli Zaretskii <eliz@gnu.org= > wrote:
> From: lo2net = <fangtao0901@gmail.com><= br> > Date: Sat, 27 Jun 2015 11:55:43 +0800
>
> I've got a problem: when using (gnutls-negotiate :verify-error t) = to initialize a SSL/TLS
> connection , server has an expired certificate cause gnutls-boot signa= l
> an error "Invalid format operation %u", apparently it's = not related to
> gnutls-error. So digging into the source
> code, here is the error signal:
>
> src/gnutls.c:1511
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0if (verify_error_all
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0|| !NILP (Fmember (QCgnutls_bo= otprop_trustfiles, verify_error)))
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0{
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0emacs_gnutls_deinit (proc);
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0error ("Certificate validation f= ailed %s, verification code %u",
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 c_hostname, pee= r_verification);
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0}
>
> After checking elisp manual and source code, function Fformat(error ca= ll
> it to format string) does not
> support '%u', here should using '%d' instead.
>
> I made a simple patch for this:

Thanks.=C2=A0 I used %x instead of %d in the change I just pushed, because<= br> the peer_verification value is actually a bitwise OR of the various
bits, so displaying it in hex will make its interpretation easier.

With that, I'm marking this bug done.

--001a113a08a27886a305197f2490-- From unknown Mon Aug 18 14:16:25 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Sun, 26 Jul 2015 11:24:04 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator