GNU bug report logs - #10904
24.0.93; Infinite loop in GnuTLS code during Gnus nnimap-initiated SSL handshake

Previous Next

Full log

View this message in rfc822 format

From: Ted Zlatanov <tzz <at> lifelogs.com>
To: 10904 <at> debbugs.gnu.org
Subject: bug#10904: 24.0.93; Infinite loop in GnuTLS code during Gnus nnimap-initiated SSL handshake
Date: Thu, 02 Jun 2016 10:21:12 -0400

On Fri, 05 Feb 2016 18:26:46 +1100 Lars Ingebrigtsen <larsi <at> gnus.org> wrote: 

LI> Hm.  But then those stores parameters should be used the next time in
LI> network-stream, and it doesn't have access to those stored parameters.

Specific security-related could be saved in network-security.data on the
fly. This would serve the use case of "I just want to override this
right now."

They could also be provided by auth-source.el, so you could say

    server specialserver priority-string "PERFORMANCE"

This would serve the use case of "I want to override the priority string
every time but without customizing variables".

Finally, `gnutls-algorithm-priority' can be extended similarly to
`gnutls-verify-error' to work per host. So that would provide for the
third use case of the Customize user.

I think the better way is to make a top-level `gnutls-boot-parameters'
variable that has all the relevant settings per host, and make the
function `gnutls-boot-parameters' simply look inside that variable (the
name may not be right). Then we could obsolete
`gnutls-algorithm-priority', `gnutls-verify-error' and
`gnutls-min-prime-bits' in favor of that variable, and provide the
corresponding auth-source.el glue so the settings could also be
retrieved from auth-source.

Ted

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.