[gnutls-dev] gnutls 1.7.17 and greater do not work with mutt anymore

Simon Josefsson simon at josefsson.org
Mon Aug 27 16:07:41 CEST 2007 

Andreas Metzler <ametzler at downhill.at.eu.org> writes:

> The patch below seems to have *triggered* it, reverting it makes
> 1.7.1[78] work. The 1mio$question is probably what causes an unknown
> error (code seems to be 21) in the first place.

The problem was that gnutls_error_is_fatal was called with a positive
value.  This probably indicates a mutt bug (investigation appreciated),
but it seems like a safe approach to apply the patch below so I did
that.

I'll roll a new rc-release soon.

/Simon

commit 1d12c895fda4a65071dbfcc1f1fa3c9abce24686
Author: Simon Josefsson <simon at josefsson.org>
Date:   Mon Aug 27 16:04:57 2007 +0200

    Doc fix.

diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c
index 150e23a..2c8afd4 100644
--- a/lib/gnutls_errors.c
+++ b/lib/gnutls_errors.c
@@ -265,6 +265,8 @@ static const gnutls_error_entry error_algorithms[] = {
   * This is only useful if you are dealing with errors from the
   * record layer or the handshake layer.
   *
+  * For positive @error values, 0 is returned.
+  *
   **/
 int
 gnutls_error_is_fatal (int error)

commit fc9a8c420d86c226442f4f8c8cb9b6f4e29e47f2
Author: Simon Josefsson <simon at josefsson.org>
Date:   Mon Aug 27 15:59:51 2007 +0200

    Have gnutls_error_is_fatal return 0 on positive "errors".
    Would fix bug reported by Andreas Metzler
    <ametzler at downhill.at.eu.org> in
    <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2293
    see also <http://bugs.debian.org/439640>.

diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c
index 0e28275..150e23a 100644
--- a/lib/gnutls_errors.c
+++ b/lib/gnutls_errors.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation
+ * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007 Free Software Foundation
  *
  * Author: Nikos Mavroyanopoulos
  *
@@ -271,7 +271,13 @@ gnutls_error_is_fatal (int error)
 {
   int ret = 1;
 
+  /* Input sanitzation.  Positive values are not errors at all, and
+     definitely not fatal. */
+  if (error > 0)
+    return 0;
+
   GNUTLS_ERROR_ALG_LOOP (ret = p->fatal);
+
   return ret;
 }

More information about the Gnutls-dev mailing list