Skip to content

gnutls: report accurate error when TLS-SRP is not built-in #19365

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
vszakats wants to merge 2 commits into from
Closed

gnutls: report accurate error when TLS-SRP is not built-in #19365

vszakats wants to merge 2 commits into from

Conversation

@vszakats
Copy link
Member

@vszakats vszakats commented Nov 4, 2025
edited
Loading

With GnuTLS 3.8.0+ the build-time SRP feature detection always succeeds.
It's also disabled by default in these GnuTLS versions.

When using TLS-SRP without it being available in GnuTLS, report
the correct error code CURLE_NOT_BUILT_IN, replacing the out of memory
error reported before this patch.

Also add comments to autotools and cmake scripts about this feature
detection property.

Detecting it at build-time would need to run code which doesn't work
in cross-builds. Once curl requires 3.8.0 as minimum, the build-time
checks can be deleted.

# before:
curl: (27) gnutls_srp_allocate_client_cred() failed: An unimplemented or disabled feature has been requested.
# after:
curl: (4) GnuTLS: TLS-SRP support not built in: An unimplemented or disabled feature has been requested.

Ref: gnutls/gnutls@dab063f
Ref: gnutls/gnutls@a21e89e

@vszakats
build: add comment about TLS-SRP detection in GnuTLS 3.8.0+
ca9f6d5 
In these GnuTLS version the symbol-based TLS-SRP detection always
succeeds.

Ref: gnutls/gnutls@dab063f
@vszakats
gtls: handle not built-in
4586dce 
 ```
 # before:
 curl: (27) gnutls_srp_allocate_client_cred() failed: An unimplemented or disabled feature has been requested.

 # after:
 curl: (4) GnuTLS: TLS-SRP support not built in: An unimplemented or disabled feature has been requested.
 ```
@vszakats vszakats added the TLS label Nov 4, 2025
@vszakats vszakats changed the title gnutls: report correct error when TLS-SRP is not built-in gnutls: report accurate error when TLS-SRP is not built-in Nov 5, 2025
@vszakats vszakats closed this in 8e61495 Nov 6, 2025
@vszakats vszakats deleted the gnutlssrpdet branch November 6, 2025 10:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

TLS

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vszakats