[Help-gnutls] non-existing CA bundle

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri Apr 8 02:09:28 CEST 2005

On Friday 08 April 2005 00:02, Daniel Stenberg wrote:
> Hi
> I've made an obervation that looks like a bug to me:
> I have a test case that sets a ca cert bundle like this:
>     /* set the trusted CA cert bundle file */
>    rc = gnutls_certificate_set_x509_trust_file(cred,
>                                                cafile,
>                                                GNUTLS_X509_FMT_PEM);
> The cafile points to a file name of a file that doesn't exist.
> This then returns -64 properly indicating a file error.
> If I then proceed (ignoring the error) and later make a gnutls_handshake(),
> it will never succeed. It seems to only return GNUTLS_E_AGAIN for a very
> long time. (I'm using non-blocking sockets).

This looks strange.. Could  you use something like:
static void tls_log_func(int level, const char *str)
    fprintf(stderr, "|<%d>| %s", level, str);

and after global_init()

and send the output?

Nikos Mavrogiannopoulos

More information about the Gnutls-help mailing list