GNU bug report logs - #49055
28.0.50; [PATCH] De-obfuscate gnutls_handshake loop

Previous Next

Package: emacs;

Reported by: dick.r.chiang <at> gmail.com

Date: Wed, 16 Jun 2021 01:12:01 UTC

Severity: normal

Tags: patch

Found in version 28.0.50

Fixed in version 28.1

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

Message #19 received at 49055 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Lars Ingebrigtsen <larsi <at> gnus.org>
Cc: 49055 <at> debbugs.gnu.org, dick.r.chiang <at> gmail.com
Subject: Re: bug#49055: 28.0.50; [PATCH] De-obfuscate gnutls_handshake loop
Date: Sat, 19 Jun 2021 16:47:58 +0300

> From: Lars Ingebrigtsen <larsi <at> gnus.org>
> Cc: dick.r.chiang <at> gmail.com,  49055 <at> debbugs.gnu.org
> Date: Sat, 19 Jun 2021 15:40:19 +0200
> 
> Eli Zaretskii <eliz <at> gnu.org> writes:
> 
> >> I think that makes sense, so I've now applied your patch to Emacs 28.
> >
> > The code wasn't really 100% equivalent, though.
> 
> No -- it looped in two different ways, but staring at the code, I
> convinced myself that it should be functionally equivalent.
> 
> I may be misreading the code, though.

What bothers me:

  . the gnutls_error_is_fatal call is missing from the new code
  . the negative values of 'ret' (if they are significant) aren't
    tested anymore
  . the condition of GNUTLS_E_INTERRUPTED is tested only once, and
    immediately causes the outer while-loop to be abandoned

I'd love to see some rationale for these differences.  For example,
the last difference seems to have a potential of causing failure of
handshaking if the user happens to type some input (in GUI sessions),
or C-g in text-mode sessions, at some opportune moment.
This bug report was last modified 4 years and 30 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.