From unknown Fri Jun 13 10:30:37 2025 X-Loop: help-debbugs@gnu.org Subject: bug#70645: Reliable HTTPS networking Resent-From: Christopher Baines Original-Sender: "Debbugs-submit" Resent-CC: bug-guile@gnu.org Resent-Date: Mon, 29 Apr 2024 10:53:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 70645 X-GNU-PR-Package: guile X-GNU-PR-Keywords: To: 70645@debbugs.gnu.org X-Debbugs-Original-To: bug-guile@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.171438793924496 (code B ref -1); Mon, 29 Apr 2024 10:53:02 +0000 Received: (at submit) by debbugs.gnu.org; 29 Apr 2024 10:52:19 +0000 Received: from localhost ([127.0.0.1]:56534 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s1OcM-0006N2-UB for submit@debbugs.gnu.org; Mon, 29 Apr 2024 06:52:19 -0400 Received: from lists.gnu.org ([2001:470:142::17]:51982) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s1OcL-0006Ms-DE for submit@debbugs.gnu.org; Mon, 29 Apr 2024 06:52:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s1Obr-0007U5-4T for bug-guile@gnu.org; Mon, 29 Apr 2024 06:51:47 -0400 Received: from mira.cbaines.net ([2a01:7e00:e000:2f8:fd4d:b5c7:13fb:3d27]) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1s1Obl-0005HR-VZ for bug-guile@gnu.org; Mon, 29 Apr 2024 06:51:43 -0400 Received: from localhost (unknown [212.132.255.10]) by mira.cbaines.net (Postfix) with ESMTPSA id B236A27BBE2 for ; Mon, 29 Apr 2024 11:51:39 +0100 (BST) Received: from felis (localhost.lan [127.0.0.1]) by localhost (OpenSMTPD) with ESMTP id 1fab5586 for ; Mon, 29 Apr 2024 10:51:39 +0000 (UTC) From: Christopher Baines User-Agent: mu4e 1.12.2; emacs 29.3 Date: Mon, 29 Apr 2024 11:51:36 +0100 Message-ID: <875xw01lxj.fsf@cbaines.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: pass client-ip=2a01:7e00:e000:2f8:fd4d:b5c7:13fb:3d27; envelope-from=mail@cbaines.net; helo=mira.cbaines.net X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 0.9 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.1 (/) --=-=-= Content-Type: text/plain For years now I've been trying to work out how to do reliable HTTPS networking with Guile, where reliable just means that it can't hang indefinitely. After a few wrong turns, I believe the way to do this is use non-blocking ports as that combined with suspendable ports in Guile allows you to provide current-read-waiter/current-write-waiter procedures that will timeout at some point. I think the final hurdle is to get tls-wrap in (web client) to support Asynchronous operation with GnuTLS [1] and I think there are only a couple of things missing. make-session needs passing connection-flag/nonblock and error/again plus error/interrupted exceptions need handling for the handshake using the information from record-get-direction about whether Guile should wait to write or read. 1: https://gnutls.org/manual/html_node/Asynchronous-operation.html I think I forgot to move things forward after guile-gnutls 4.0.0 released with record-get-direction, so I'm opening this bug to try and keep track of things. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAmYve7hfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh aW5lcy5uZXQACgkQXiijOwuE9XfnlhAArWnkH3YMqRxXbe+91T772lJq7LEto6EX bWXZB01e2NuinHvzNzM60CVVlb7/WQ/+F5fuK+/bYNI0zYqyYHsPaZfK5NXMsVRi SqvLmuhFGsEe7Lsf7nTWFeDf14J/2W3Pwa+ZzHI007R1iX/rBXARtWUSD0xPoHza 1cOsPT0R4PSi/EG413DYtxL/3d07MoFso5B0Am1IxrnxlL2PwaYuuw74h8qNjKpR SqkV3DrAeXrboURtWSZMEOwaH85nHu+S3RxNi0PF0fvK2WLU89m/B/RHcD/ujrX8 vcRiNiceha30uiCPynWcvBWGp5Rl9a15R3CGOL39Qqx+SgFBpXKb7hjwF/eCc69K jUTYtWc4krZaDCDQ5gsHXPFBdv0YMEQ/FCwoMQKE8HbSQor4sJdgFroQPh1XRsDm 2Odx/4+9pUTN2Q2PLHyps0vy96FZnkPU84nO3BZX/Bm9XXPsxc3hoQVJ8h05ljV/ DuavaHHJ1neJjK8R30Ex8J6F/jl3MHRSr7SXD3GN+pUcR0/jJnnkVWHqM4lGdrVa FwEDDmnT0MWhBcwT4SfBu1gknmBGhIoH64NaqH8EMiubz35J6T5LgnyA49c1OuMG 5px8aOVaMqaTVRpE7fLTXdNXBOZ97cxF1caz4MpWD76W2Mz8XcJ+GGK3pnn9eabm n2FtXs4JOXU= =GopD -----END PGP SIGNATURE----- --=-=-=-- From unknown Fri Jun 13 10:30:37 2025 X-Loop: help-debbugs@gnu.org Subject: bug#70645: [PATCH 2/2] web: Handle non-blocking ports in tls-wrap. Resent-From: Christopher Baines Original-Sender: "Debbugs-submit" Resent-CC: bug-guile@gnu.org Resent-Date: Mon, 29 Apr 2024 11:58:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 70645 X-GNU-PR-Package: guile X-GNU-PR-Keywords: To: 70645@debbugs.gnu.org Received: via spool by 70645-submit@debbugs.gnu.org id=B70645.17143918756298 (code B ref 70645); Mon, 29 Apr 2024 11:58:02 +0000 Received: (at 70645) by debbugs.gnu.org; 29 Apr 2024 11:57:55 +0000 Received: from localhost ([127.0.0.1]:56844 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s1Pdq-0001dR-Vr for submit@debbugs.gnu.org; Mon, 29 Apr 2024 07:57:55 -0400 Received: from mira.cbaines.net ([212.71.252.8]:43400) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s1Pdn-0001dK-3D for 70645@debbugs.gnu.org; Mon, 29 Apr 2024 07:57:54 -0400 Received: from localhost (unknown [212.132.255.10]) by mira.cbaines.net (Postfix) with ESMTPSA id 13FBE27BBE9 for <70645@debbugs.gnu.org>; Mon, 29 Apr 2024 12:57:30 +0100 (BST) Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id bd4edad6 for <70645@debbugs.gnu.org>; Mon, 29 Apr 2024 11:57:29 +0000 (UTC) From: Christopher Baines Date: Mon, 29 Apr 2024 12:57:29 +0100 Message-ID: <20240429115729.7228-2-mail@cbaines.net> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20240429115729.7228-1-mail@cbaines.net> References: <20240429115729.7228-1-mail@cbaines.net> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) As described in the GnuTLS documentation on Asynchronous operation, GNUTLS_NONBLOCK should be passed to gnutls_init, and the Guile equivalent is passing connection-flag/nonblock to make-session. Additionally, error/again or error/interrupted should lead to a retry of the handshake, after waiting for the appropriate I/O on the port. As record-get-direction is new in Guile-GnuTLS, specifically check if this is defined. * module/web/client.scm (tls-wrap): Call make-session with connection-flag/nonblock if the port is non-blocking, and handle waiting for I/O when performing the handshake. --- module/web/client.scm | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/module/web/client.scm b/module/web/client.scm index f26b5d259..caf8e5f35 100644 --- a/module/web/client.scm +++ b/module/web/client.scm @@ -33,6 +33,7 @@ (define-module (web client) #:use-module (rnrs bytevectors) + #:use-module (ice-9 suspendable-ports) #:use-module (ice-9 binary-ports) #:use-module (ice-9 copy-tree) #:use-module (ice-9 iconv) @@ -225,7 +226,14 @@ host name without trailing dot." (load-gnutls) - (let ((session (make-session connection-end/client)) + (let ((session + (apply + make-session + (cons connection-end/client + (if (zero? (logand O_NONBLOCK (fcntl port F_GETFL))) + '() + ;; If the port is non-blocking, tell GnuTLS + (list connection-flag/nonblock))))) (ca-certs (x509-certificate-directory))) ;; Some servers such as 'cloud.github.com' require the client to support ;; the 'SERVER NAME' extension. However, 'set-session-server-name!' is @@ -261,7 +269,19 @@ host name without trailing dot." (lambda () (handshake session)) (lambda (key err proc . rest) - (cond ((eq? err error/warning-alert-received) + (cond ((and + (or (eq? err error/again) + (eq? err error/interrupted)) + (module-defined? (resolve-interface '(gnutls)) + 'record-get-direction)) ; Guile-GnuTLS >= 4.0.0 + (if (= 0 (record-get-direction session)) + ((current-read-waiter) port) + ((current-write-waiter) port)) + + ;; These errors are expected and just signal that + ;; GnuTLS was interrupted, so don't count the retry + (loop retries)) + ((eq? err error/warning-alert-received) ;; Like Wget, do no stop upon non-fatal alerts such as ;; 'alert-description/unrecognized-name'. (format (current-error-port) -- 2.41.0 From unknown Fri Jun 13 10:30:37 2025 X-Loop: help-debbugs@gnu.org Subject: bug#70645: [PATCH 1/2] Allow specifying the socket style for open-socket-for-uri. References: <875xw01lxj.fsf@cbaines.net> In-Reply-To: <875xw01lxj.fsf@cbaines.net> Resent-From: Christopher Baines Original-Sender: "Debbugs-submit" Resent-CC: bug-guile@gnu.org Resent-Date: Mon, 29 Apr 2024 11:58:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 70645 X-GNU-PR-Package: guile X-GNU-PR-Keywords: To: 70645@debbugs.gnu.org Received: via spool by 70645-submit@debbugs.gnu.org id=B70645.17143918806307 (code B ref 70645); Mon, 29 Apr 2024 11:58:02 +0000 Received: (at 70645) by debbugs.gnu.org; 29 Apr 2024 11:58:00 +0000 Received: from localhost ([127.0.0.1]:56846 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s1Pdv-0001df-Hv for submit@debbugs.gnu.org; Mon, 29 Apr 2024 07:57:59 -0400 Received: from mira.cbaines.net ([2a01:7e00:e000:2f8:fd4d:b5c7:13fb:3d27]:59679) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s1Pdn-0001dL-JS for 70645@debbugs.gnu.org; Mon, 29 Apr 2024 07:57:55 -0400 Received: from localhost (unknown [212.132.255.10]) by mira.cbaines.net (Postfix) with ESMTPSA id 0D48127BBE2 for <70645@debbugs.gnu.org>; Mon, 29 Apr 2024 12:57:30 +0100 (BST) Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id e06042ca for <70645@debbugs.gnu.org>; Mon, 29 Apr 2024 11:57:29 +0000 (UTC) From: Christopher Baines Date: Mon, 29 Apr 2024 12:57:28 +0100 Message-ID: <20240429115729.7228-1-mail@cbaines.net> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Since this allows specifying additional behaviours for the socket through using SOCK_CLOEXEC and/or SOCK_NONBLOCK (when bitwise or'ed with SOCK_STREAM). Note that Guile/guile-gnutls currently doesn't support performing the TLS handshake on a non-blocking socket, so this currently won't work. * module/web/client.scm (open-socket-for-uri): Allow specifying the socket style. --- module/web/client.scm | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/module/web/client.scm b/module/web/client.scm index 6c54c5021..f26b5d259 100644 --- a/module/web/client.scm +++ b/module/web/client.scm @@ -317,9 +317,12 @@ host name without trailing dot." (read-response port)) (define* (open-socket-for-uri uri-or-string - #:key (verify-certificate? #t)) + #:key (verify-certificate? #t) + (socket-style SOCK_STREAM)) "Return an open input/output port for a connection to URI-OR-STRING. -When VERIFY-CERTIFICATE? is true, verify HTTPS server certificates." +When VERIFY-CERTIFICATE? is true, verify HTTPS server certificates. +SOCKET-STYLE defaults to SOCK_STREAM, and can be bitwise or'ed with +options like SOCK_CLOEXEC or SOCK_NONBLOCK." (define uri (ensure-uri-reference uri-or-string)) (define https? @@ -346,7 +349,9 @@ When VERIFY-CERTIFICATE? is true, verify HTTPS server certificates." (let* ((ai (car addresses)) (s (with-fluids ((%default-port-encoding #f)) ;; Restrict ourselves to TCP. - (socket (addrinfo:fam ai) SOCK_STREAM IPPROTO_IP)))) + (socket (addrinfo:fam ai) + socket-style + IPPROTO_IP)))) (catch 'system-error (lambda () (connect s (addrinfo:addr ai)) -- 2.41.0 From unknown Fri Jun 13 10:30:37 2025 X-Loop: help-debbugs@gnu.org Subject: bug#70645: Reliable HTTPS networking Resent-From: Christopher Baines Original-Sender: "Debbugs-submit" Resent-CC: bug-guile@gnu.org Resent-Date: Mon, 29 Apr 2024 12:06:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 70645 X-GNU-PR-Package: guile X-GNU-PR-Keywords: To: 70645@debbugs.gnu.org Received: via spool by 70645-submit@debbugs.gnu.org id=B70645.17143923446667 (code B ref 70645); Mon, 29 Apr 2024 12:06:01 +0000 Received: (at 70645) by debbugs.gnu.org; 29 Apr 2024 12:05:44 +0000 Received: from localhost ([127.0.0.1]:56888 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s1PlP-0001jT-Rm for submit@debbugs.gnu.org; Mon, 29 Apr 2024 08:05:44 -0400 Received: from mira.cbaines.net ([212.71.252.8]:43402) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s1PlL-0001jN-VX for 70645@debbugs.gnu.org; Mon, 29 Apr 2024 08:05:42 -0400 Received: from localhost (unknown [212.132.255.10]) by mira.cbaines.net (Postfix) with ESMTPSA id 2E1C327BBE2 for <70645@debbugs.gnu.org>; Mon, 29 Apr 2024 13:05:19 +0100 (BST) Received: from felis (localhost.lan [127.0.0.1]) by localhost (OpenSMTPD) with ESMTP id 7b1416ce for <70645@debbugs.gnu.org>; Mon, 29 Apr 2024 12:05:18 +0000 (UTC) From: Christopher Baines In-Reply-To: <875xw01lxj.fsf@cbaines.net> (Christopher Baines's message of "Mon, 29 Apr 2024 11:51:36 +0100") References: <875xw01lxj.fsf@cbaines.net> User-Agent: mu4e 1.12.2; emacs 29.3 Date: Mon, 29 Apr 2024 13:05:16 +0100 Message-ID: <87r0eoz85f.fsf@cbaines.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain Christopher Baines writes: > For years now I've been trying to work out how to do reliable HTTPS > networking with Guile, where reliable just means that it can't hang > indefinitely. > > After a few wrong turns, I believe the way to do this is use > non-blocking ports as that combined with suspendable ports in Guile > allows you to provide current-read-waiter/current-write-waiter > procedures that will timeout at some point. > > I think the final hurdle is to get tls-wrap in (web client) to support > Asynchronous operation with GnuTLS [1] and I think there are only a > couple of things missing. make-session needs passing > connection-flag/nonblock and error/again plus error/interrupted > exceptions need handling for the handshake using the information from > record-get-direction about whether Guile should wait to write or read. > > 1: https://gnutls.org/manual/html_node/Asynchronous-operation.html > > I think I forgot to move things forward after guile-gnutls 4.0.0 > released with record-get-direction, so I'm opening this bug to try and > keep track of things. I've now sent a couple of patches. The first is a re-send of [2], but with some docstring improvements. I can't find any reference in the Guile docs at least to the bitwise or'ing of options with the socket style, so while it seems to work, I'm a bit unsure about that. 2: https://lists.gnu.org/archive/html/guile-devel/2023-07/msg00025.html The second patch makes the changes inside of tls-wrap. There's also this patch [3] here to make get-bytevector-all non-blocking, and that's relevant here as it's used in read-response-body. 3: https://lists.gnu.org/archive/html/guile-devel/2023-07/msg00023.html --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAmYvjPxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh aW5lcy5uZXQACgkQXiijOwuE9XdT4g/+J/fQ1b/uNPXq4EULmQ4x7RWhdkW+7HCL 1Eq4R29f886lcB2lcKyg8/t9Epd89FESg7GQDbY5qJB23gCyoccmA0wRLmRBAhIq VZo9Ftkqe4CEnCRl7ngghiadv9ncUtoF2ZvfQrsP8u1Dqf948z1YVSmkyUrdfi6e NPtiPXLOdKSRBYkBGaURCOLpgTPCTtJ3BZWQoCxIFZcGJ4saajp5ykbKMDhgJPsh UovVYGwljPIpPcp4MhWMPd6uSwo6QWqjW2zeMLRt7NYgYdtWzOt3Bfe60jQ7cykI Zhr51SknuL1xIe+DTUNANHaWIDPo4GCNVTp8MEZorlL59EC4u2gvnOZQaZJhIoip /zoB7C94CgtvWFsk2e+7/5HLALYYP7uiSq5hzggBeoxwG+58J6xyxOxap7bOg950 Oixj75PSZkHEnVCa+C50Fo2cYURLorp0/iymnjOp8klPRfg2eQa28KE6Zqu3NGOi 1y1ZtLe5CvU5KMtDWIfUiuv2Z91ZPUcDc1DJWiBEUTNnLJi9urZoD/riB2RLdOcE VNOOa85u6e2hpmIyq9hMJQ5gkym+cM/GcwWQeZ9+OzGSt0tGYE2WtW4HDYCAYgMy Xpor39OsNRbqrZt+6PTe5hgB8RKjJZCMQbs15IhUbZiXqinAt/8p/ugzri+cnQFP cIIJ1Yk6RIE= =WnA5 -----END PGP SIGNATURE----- --=-=-=-- From unknown Fri Jun 13 10:30:37 2025 X-Loop: help-debbugs@gnu.org Subject: bug#70645: Reliable HTTPS networking Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: bug-guile@gnu.org Resent-Date: Wed, 26 Feb 2025 15:16:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 70645 X-GNU-PR-Package: guile X-GNU-PR-Keywords: To: Christopher Baines Cc: 70645@debbugs.gnu.org Received: via spool by 70645-submit@debbugs.gnu.org id=B70645.174058293731004 (code B ref 70645); Wed, 26 Feb 2025 15:16:02 +0000 Received: (at 70645) by debbugs.gnu.org; 26 Feb 2025 15:15:37 +0000 Received: from localhost ([127.0.0.1]:54778 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tnJ8L-00083y-Bi for submit@debbugs.gnu.org; Wed, 26 Feb 2025 10:15:37 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:54994) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1tnJ8H-00083Z-9k for 70645@debbugs.gnu.org; Wed, 26 Feb 2025 10:15:34 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tnJ8A-0007mB-NT; Wed, 26 Feb 2025 10:15:27 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To: From; bh=7U9mn4evcU6CqKgJFrHK+Y2JUrDZ1jHLRvLxL7Hb7SY=; b=VhoBcGj4W37Y0DzA4+MD /IcWZ1DAfe03AXSSiLGfntkg1ixvfTMPbexuv2EO80mRMwnqm3qJtC/m9WnGTEllAKAMKF2cdEWK+ CXMqDWAtc4WUuwE0K8W3irtlnABZ5yUK2rLEVWnr8hLUIYYo/Xxcb68WyTiMOBcTalB9l1w0F8sJm uuj/kWncoIj/S5wTR0Kcg/ES7Ro0aH2FP2xAWhQ6qUAGL9UyiGRriQQmsdbYxomq0xHhEc/fwbdzu 0iy0cUtRoscKxkn2Lnqjs/ymQM6Qyc2TP4iQxbmOklHG93MpE6iFzOglCixMzsyMkvK2WBA/SLYZf rcmmySbumwazLw==; From: Ludovic =?UTF-8?Q?Court=C3=A8s?= In-Reply-To: <20240429115729.7228-2-mail@cbaines.net> (Christopher Baines's message of "Mon, 29 Apr 2024 12:57:29 +0100") References: <20240429115729.7228-1-mail@cbaines.net> <20240429115729.7228-2-mail@cbaines.net> Date: Wed, 26 Feb 2025 16:15:05 +0100 Message-ID: <87r03k3fgm.fsf_-_@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Christopher Baines skribis: > As described in the GnuTLS documentation on Asynchronous operation, > GNUTLS_NONBLOCK should be passed to gnutls_init, and the Guile > equivalent is passing connection-flag/nonblock to make-session. > > Additionally, error/again or error/interrupted should lead to a retry of > the handshake, after waiting for the appropriate I/O on the port. As > record-get-direction is new in Guile-GnuTLS, specifically check if this > is defined. > > * module/web/client.scm (tls-wrap): Call make-session with > connection-flag/nonblock if the port is non-blocking, and handle waiting > for I/O when performing the handshake. [...] > + (let ((session > + (apply > + make-session > + (cons connection-end/client > + (if (zero? (logand O_NONBLOCK (fcntl port F_GETFL))) > + '() > + ;; If the port is non-blocking, tell GnuTLS > + (list connection-flag/nonblock))))) You can avoid =E2=80=98cons=E2=80=99 here: (apply make-session connection-end/client (if =E2=80=A6 '() (list =E2=80=A6))) > + (cond ((and > + (or (eq? err error/again) > + (eq? err error/interrupted)) > + (module-defined? (resolve-interface '(gnutls)) > + 'record-get-direction)) ; Guile-GnuTL= S >=3D 4.0.0 > + (if (=3D 0 (record-get-direction session)) > + ((current-read-waiter) port) > + ((current-write-waiter) port)) Should EINTR (error/interrupted) really be treated in the same way as EAGAIN? That looks fishy. Also, this only addresses handshake, but what about =E2=80=98error/again=E2= =80=99 raise while transferring data over the session record port? Thanks, Ludo=E2=80=99 =E2=80=9Cbetter late than never=E2=80=9D.