[gnutls-devel] Incompatibility between Emacs/gnutls and Emacs/cygwin-mount
Jeffrey J. Kosowsky
jeff at kosowsky.org
Wed Oct 23 06:22:58 CEST 2013
Jeffrey J. Kosowsky wrote at about 16:56:25 -0400 on Tuesday, October 22, 2013:
> I am running Emacs 24.3.1 under Windows 7 on an Intel core 5 machine.
> I loaded in the latest gnutls-3.2.4-win32 binaries fron gnutls.org.
> I then ran:
> (open-gnutls-stream "tls" "tls-buffer" "imap.gmail.com" "imaps")
> which leads to a sudden, *fatal* emacs crash. Emacs gives me the
> following error in the message line before immediately crashing the
> entire emacs process: GnuTLS error: #<proces IMAP over SSL>, -64
> The Windows crash both then gives me the following error:
> Problem signature:
> Problem Event Name: APPCRASH
> Application Name: emacs.exe
> Application Version: 18.104.22.168
> Application Timestamp: 5037d090
> Fault Module Name: libgnutls-28.dll
> Fault Module Version: 0.0.0.0
> Fault Module Timestamp: 501d8392
> Exception Code: c0000005
> Exception Offset: 0000657e
> OS Version: 6.1.7601.2.1.0.768.3
> Locale ID: 1033
> Additional Information 1: 0a9e
> Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
> Additional Information 3: 0a9e
> Additional Information 4: 0a9e372d3b4ad19135b953a78882e789
> I found that the crash is caused by an incompatibility with the
> cygwin-mount library and in particular by a call to the cygwin program
> mount.exe. Indeed, settting /bin/mount.exe to /bin/true.exe eliminates
> the crash.
> I presume that the issue is due to an incompatibility (probably with
> cygwin.dll). Note that I am running Cygwin 1.7.25 x86_64, so perhaps
> it is either a version incompatibility or an architecture
> Any thoughts on how to debug and fix?
> See here for a thread on the Emacs bug report...
OK... I think I figured out the problem.
The problem is that the Emacs Lisp file gnutls.el uses *nix style
paths in the definition of the variable gnutls-trustfiles.
"/etc/ssl/certs/ca-certificates.crt" ; Debian, Ubuntu, Gentoo and Arch Linux
"/etc/pki/tls/certs/ca-bundle.crt" ; Fedora and RHEL
"/etc/ssl/ca-bundle.pem" ; Suse
"/usr/ssl/certs/ca-bundle.crt" ; Cygwin
When cygwin-mount.el is loaded/activated, the Lisp-code properly parses
and recognizes these paths. However, presumably the C-code (which is
not affected by cygwin-mount.el) does not know how to handle *nix
style paths and crashes Emacs.
Indeed, if I set the final element to the Windows style path equivalent:
then gnutls works fine without crashing. So, the problem clearly is
with *nix-style paths
Stepping through the *Lisp* code shows that the file paths are all
properly parsed when cygwin-mount is loaded/activated. Indeed,
file-exists-p properly recognizes the cygwin path
"/usr/ssl/certs/ca-bundle.crt" and returns nil on the other paths that
don't exist in a standard Cygwin setup.
Note that if cygwin-mount is not loaded/activated, then
"/usr/ssl/certs/ca-bundle.crt" (along with the other list elements)
fails the file-exists-p test in gnutls-negotiate so that 'trustfiles'
gets set to nil which explains why it doesn't crash in the case when
cygwin-mount is not used since trivially 'trustfiles' has no paths
associated with it.
So, basically, we have the following Catch-22. If cygwin-mount is not
loaded/activated, then the cert location for Cygwin is never found. If
cygwin-mount is activated then it causes a crash. The result being
that in Windows, no certs are ever loaded when using the default
definition of gnutls-trustfiles
Presumably the problem is that the C-code doesn't know how to deal
with a Cygwin (*nix) style path that has been properly recognized and
validated by the Lisp code (via cygwin-mount).
It seems like there are two potential solutions:
1. Use Windows-style paths in the definition of gnutls-trustfiles
(this should work in Linux too, since Windows-style paths like
"C:/usr/ssl/certs/ca-bundle.crt" will generally and appropriately
fail the file-exists-p test)
2. Add cygwin-mount functionality to the C-code so that it can parse
cygwin (Unix) style paths.
In any case, I imagine the C-code crashes because it sees a Unix-style
path while expecting a Windows style path... that being said the
C-code should be better behaved than that... at a minimum the code
should check to make sure the certificate file path is well-formed and
More information about the Gnutls-devel