GNU bug report logs - #39800
(web client) gracelessly handles premature TLS connection termination

Previous Next

Package: guile;

Reported by: "franco.rcr <at> gmail.com" <franco.rcr <at> gmail.com>

Date: Wed, 26 Feb 2020 15:22:02 UTC

Severity: normal

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: "franco.rcr <at> gmail.com" <franco.rcr <at> gmail.com>
To: bug-guile <at> gnu.org
Subject: gnutls guile bug receiving https data
Date: Wed, 26 Feb 2020 16:20:09 +0100

Hello,
I installed gnutls for guile and checked the gnutls module with this 
simple code:


;;Guile version 3.0 and gnutls  from git

,show version
GNU Guile 3.0.0.15-ff14b7

(gnutls-version)
$6 = "3.6.12"

;;Now, submitting this simple https request, you get an exception
(http-request "https://www.google.com")
ice-9/boot-9.scm:1669:16: In procedure raise-exception:
Throw to key `gnutls-error' with args `(#<gnutls-error-enum La 
connessione TLS non è stata terminata in modo corretto.> 
read_from_session_record_port)'.

;;instead, without https there are no errors
(http-request "http://www.google.com") ;;works fine.


The error happens only on https://www.google.com and does not throw with 
a lot of other https web sites.
Furthermore the error is not throw if the method is HEAD, so it is 
related to the data part of the https answer.
I tried to enter in the internal implementation of the http web client 
but after some tests I decided to do some simple tests at application level.
I rewrote the get-bytevector-all, with a loop that reads one byte per 
time and the error was thrown anyway.
I catched the error and I've got the complete answer from the google web 
server.
In the following there is my applicative solution, where I rewrote the 
get-bytevector-all by adding the error checking and specifiyng to 
http-request that the data has to be returned as a port (#:streaming? #t).


;;A macro to catch errors
(define-syntax my-noerr
  (syntax-rules ()
    ((_ __error-return exp ...)
     (let
         ((__st #f))
       (catch #t
         (lambda() exp ...)
         (lambda (k . p) __error-return))))))

;;The rewriting of get-bytevector-all
(defun get-bytevector-all (port)
  (u8-list->bytevector (let loop ((port port))
     (let ((v (my-noerr (eof-object) (get-u8 port))))
       (if (eof-object? v)
       #nil
       (cons v (loop port)))))))

;;the piece of code that now gives the correct result
  (let-values (((a b)(http-request "https://www.google.com" 
#:streaming? #t)))
    (bytevector->string (get-bytevector-all b) "ISO-8859-1"))

As conclusion I can say that web modules read correctly the http answers 
and, with some (one for me, the google web site) https sites there is a 
misinterpretation of EOF in the layer between http and https.

Franco.
This bug report was last modified 5 years and 134 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.