[gnutls-dev] Bug#386530: sits waiting for server reponse in socket_bye

Simon Josefsson simon at josefsson.org
Sun May 27 16:10:28 CEST 2007


Andreas Metzler <ametzler at downhill.at.eu.org> writes:

> Hello,
> this is http://bugs.debian.org/386530 submitted by "Robert Millan
> [ackstorm]" <rmillan at ackstorm.es>:
>
> On 2006-09-08 "Robert Millan [ackstorm]" <rmillan at ackstorm.es> wrote:
>> Package: gnutls-bin
>> Severity: normal
>> Tags: patch upstream
>
>> Some servers (e.g. IIS) don't send a reply to gnutls_bye's close request.  This
>> causes socket_bye to sit waiting for input from peer that never comes.
>
>> Since socket_bye is going to close the connection, we don't need to wait for
>> it anyway.  My attached patch replaces GNUTLS_SHUT_RDWR with GNUTLS_SHUT_WR,
>> which seems to archieve that.
>
>> Note: this patch has already been sent to upstream (bug-gnutls at gnu.org)
>
>
> I have stumbled upon this when browsing through gnutls' Debian's bug
> and it still seems to be open in 1.7.x. Due to bug-gnutls at gnu.org
> being non-public I do not know whether this has already been
> discussed.

I recall discussing this, but I can't find it in my bug-gnutls folder.
That is all the more reason to make that alias publicly archived--I've
done so now, bug-gnutls at gnu.org should go to gnutls-dev at gnupg.org,
although I have yet to test it.

However, I'm not convinced this is the right fix.  I believe the servers
are buggy here, and changing gnutls seems the wrong response.

What we may want to do is to improve the behaviour when we encounter a
buggy server, which may include some kind of timeout or similar.
However, if the server closed the connection, I think it should be
possible to detect this, and then we can print a message.

To work on this, I need a way to reproduce it though.  Do you know of a
server that exhibit this behaviour that we can use?

Thanks,
Simon

> cu andreas
>
> diff -ur gnutls13-1.4.2.old/src/cli.c gnutls13-1.4.2/src/cli.c
> --- gnutls13-1.4.2.old/src/cli.c	2006-07-10 23:09:45.000000000 +0200
> +++ gnutls13-1.4.2/src/cli.c	2006-09-08 11:02:52.000000000 +0200
> @@ -1084,7 +1084,7 @@
>      if (socket->secure)
>      {
>          do
> -            ret = gnutls_bye (socket->session, GNUTLS_SHUT_RDWR);
> +            ret = gnutls_bye (socket->session, GNUTLS_SHUT_WR);
>          while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
>          if (ret < 0)
>              fprintf (stderr, "*** gnutls_bye() error: %s\n",
>
> _______________________________________________
> Gnutls-dev mailing list
> Gnutls-dev at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnutls-dev




More information about the Gnutls-devel mailing list