[Help-gnutls] non-existing CA bundle
Nikos Mavrogiannopoulos
nmav at gnutls.org
Fri Apr 8 02:09:28 CEST 2005
On Friday 08 April 2005 00:02, Daniel Stenberg wrote:
> Hi
>
> I've made an obervation that looks like a bug to me:
>
> I have a test case that sets a ca cert bundle like this:
>
> /* set the trusted CA cert bundle file */
> rc = gnutls_certificate_set_x509_trust_file(cred,
> cafile,
> GNUTLS_X509_FMT_PEM);
>
> The cafile points to a file name of a file that doesn't exist.
> This then returns -64 properly indicating a file error.
> If I then proceed (ignoring the error) and later make a gnutls_handshake(),
> it will never succeed. It seems to only return GNUTLS_E_AGAIN for a very
> long time. (I'm using non-blocking sockets).
This looks strange.. Could you use something like:
static void tls_log_func(int level, const char *str)
{
fprintf(stderr, "|<%d>| %s", level, str);
}
and after global_init()
gnutls_global_set_log_function(tls_log_func);
gnutls_global_set_log_level(2);
and send the output?
--
Nikos Mavrogiannopoulos
More information about the Gnutls-help
mailing list