[gnutls-devel] Incompatibility between Emacs/gnutls and Emacs/cygwin-mount

Jeffrey J. Kosowsky jeff at kosowsky.org
Wed Oct 23 06:22:58 CEST 2013 

Jeffrey J. Kosowsky wrote at about 16:56:25 -0400 on Tuesday, October 22, 2013:
 > I am running Emacs 24.3.1 under Windows 7 on an Intel core 5 machine.
 > I loaded in the latest gnutls-3.2.4-win32 binaries fron gnutls.org.
 > 
 > I then ran:
 > (open-gnutls-stream "tls" "tls-buffer" "imap.gmail.com" "imaps")
 > 
 > which leads to a sudden, *fatal* emacs crash. Emacs gives me the
 > following error in the message line before immediately crashing the
 > entire emacs process: GnuTLS error: #<proces IMAP over SSL>, -64
 > 
 > The Windows crash both then gives me the following error:
 > Problem signature:
 >   Problem Event Name:	APPCRASH
 >   Application Name:		emacs.exe
 >   Application Version:	24.2.50.0
 >   Application Timestamp:		5037d090
 >   Fault Module Name:			libgnutls-28.dll
 >   Fault Module Version:			0.0.0.0
 >   Fault Module Timestamp:		501d8392
 >   Exception Code:				c0000005
 >   Exception Offset:				0000657e
 >   OS Version:					6.1.7601.2.1.0.768.3
 >   Locale ID:					1033
 >   Additional Information 1:		0a9e
 >   Additional Information 2:		0a9e372d3b4ad19135b953a78882e789
 >   Additional Information 3:		0a9e
 >   Additional Information 4:		0a9e372d3b4ad19135b953a78882e789
 > 
 > I found that the crash is caused by an incompatibility with the
 > cygwin-mount library and in particular by a call to the cygwin program
 > mount.exe. Indeed, settting /bin/mount.exe to /bin/true.exe eliminates
 > the crash.
 > 
 > I presume that the issue is due to an incompatibility (probably with
 > cygwin.dll). Note that I am running Cygwin 1.7.25 x86_64, so perhaps
 > it is either a version incompatibility or an architecture
 > incompatibility.
 > 
 > Any thoughts on how to debug and fix?
 > 
 > 
 > See here for a thread on the Emacs bug report...
 > 
 > https://groups.google.com/forum/#!searchin/gnu.emacs.bug/bug$2315648/gnu.emacs.bug/KUGJTx5XpNY/mtSgDn7v-W8J

OK... I think I figured out the problem.
The problem is that the Emacs Lisp file gnutls.el uses *nix style
paths in the definition of the variable gnutls-trustfiles.

(defcustom gnutls-trustfiles
  '(
    "/etc/ssl/certs/ca-certificates.crt" ; Debian, Ubuntu, Gentoo and Arch Linux
    "/etc/pki/tls/certs/ca-bundle.crt"   ; Fedora and RHEL
    "/etc/ssl/ca-bundle.pem"             ; Suse
    "/usr/ssl/certs/ca-bundle.crt"       ; Cygwin
    )

When cygwin-mount.el is loaded/activated, the Lisp-code properly parses
and recognizes these paths. However, presumably the C-code (which is
not affected by cygwin-mount.el) does not know how  to handle *nix
style paths and crashes Emacs. 

Indeed, if I set the final element to the Windows style path equivalent:
   "C:/cygwin/usr/ssl/certs/ca-bundle.crt"
then gnutls works fine without crashing. So, the problem clearly is
with *nix-style paths

Stepping through the *Lisp* code shows that the file paths are all
properly parsed when cygwin-mount is loaded/activated. Indeed,
file-exists-p properly recognizes the cygwin path
"/usr/ssl/certs/ca-bundle.crt" and returns nil on the other paths that
don't exist in a standard Cygwin setup.

Note that if cygwin-mount is not loaded/activated, then
"/usr/ssl/certs/ca-bundle.crt" (along with the other list elements)
fails the file-exists-p test in gnutls-negotiate so that 'trustfiles'
gets set to nil which explains why it doesn't crash in the case when
cygwin-mount is not used since trivially 'trustfiles' has no paths
associated with it.

So, basically, we have the following Catch-22. If cygwin-mount is not
loaded/activated, then the cert location for Cygwin is never found. If
cygwin-mount is activated then it causes a crash. The result being
that in Windows, no certs are ever loaded when using the default
definition of gnutls-trustfiles

Presumably the problem is that the C-code doesn't know how to deal
with a Cygwin (*nix) style path that has been properly recognized and
validated by the Lisp code (via cygwin-mount).

It seems like there are two potential solutions:

1. Use Windows-style paths in the definition of gnutls-trustfiles
   (this should work in Linux too, since Windows-style paths like
   "C:/usr/ssl/certs/ca-bundle.crt" will generally and appropriately
   fail the file-exists-p test)

2. Add cygwin-mount functionality to the C-code so that it can parse
   cygwin (Unix) style paths.

In any case, I imagine the C-code crashes because it sees a Unix-style
path while expecting a Windows style path... that being said the
C-code should be better behaved than that... at a minimum the code
should check to make sure the certificate file path is well-formed and
exists.

More information about the Gnutls-devel mailing list