[Help-gnutls] non-existing CA bundle

Daniel Stenberg daniel at haxx.se
Fri Apr 8 00:02:06 CEST 2005


I've made an obervation that looks like a bug to me:

I have a test case that sets a ca cert bundle like this:

    /* set the trusted CA cert bundle file */
   rc = gnutls_certificate_set_x509_trust_file(cred,

The cafile points to a file name of a file that doesn't exist.

This then returns -64 properly indicating a file error.

If I then proceed (ignoring the error) and later make a gnutls_handshake(), it 
will never succeed. It seems to only return GNUTLS_E_AGAIN for a very long 
time. (I'm using non-blocking sockets).

It doesn't seem like the right behaviour. I think it would either return an 
error more or less right away, or it would do the handshake properly...

Or am I just not understanding things?

          -=- Daniel Stenberg -=- http://daniel.haxx.se -=-
   ech`echo xiun|tr nu oc|sed 'sx\([sx]\)\([xoi]\)xo un\2\1 is xg'`ol

More information about the Gnutls-help mailing list