civodul pushed a commit to branch master
in repository guile.
commit bcba2132849bc395f716910e27a9273d1a152a9b
Author: Ludovic Courtès <l...@gnu.org>
AuthorDate: Fri Jan 10 12:11:45 2020 +0100
web: Continue handshake upon TLS warning alerts.
This is a backport of Guix commit 7b9ac883ea62a816afbfa747c1377dc273c15c20.
* module/web/client.scm (tls-wrap): Catch 'gnutls-error' around
'handshake'. Upon ERROR/WARNING-ALERT-RECEIVED, print a message and
call 'handshake'.
---
module/web/client.scm | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/module/web/client.scm b/module/web/client.scm
index 3761eb5..74fc855 100644
--- a/module/web/client.scm
+++ b/module/web/client.scm
@@ -125,7 +125,22 @@ host name without trailing dot."
;;(set-log-level! 10)
;;(set-log-procedure! log)
- (handshake session)
+ (catch 'gnutls-error
+ (lambda ()
+ (handshake session))
+ (lambda (key err proc . rest)
+ (cond ((eq? err error/warning-alert-received)
+ ;; Like Wget, do no stop upon non-fatal alerts such as
+ ;; 'alert-description/unrecognized-name'.
+ (format (current-error-port)
+ "warning: TLS warning alert received: ~a~%"
+ (alert-description->string (alert-get session)))
+ (handshake session))
+ (else
+ ;; XXX: We'd use 'gnutls_error_is_fatal' but (gnutls) doesn't
+ ;; provide a binding for this.
+ (apply throw key err proc rest)))))
+
;; FIXME: It appears that session-record-port is entirely
;; sufficient; it's already a port. The only value of this code is
;; to keep a reference on "port", to keep it alive! To fix this we
