From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: joaotavora@gmail.com (=?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?=) Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 10 May 2013 12:50:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 14380 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: 14380@debbugs.gnu.org X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.13681901841885 (code B ref -1); Fri, 10 May 2013 12:50:02 +0000 Received: (at submit) by debbugs.gnu.org; 10 May 2013 12:49:44 +0000 Received: from localhost ([127.0.0.1]:35433 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Uamlb-0000UD-5f for submit@debbugs.gnu.org; Fri, 10 May 2013 08:49:44 -0400 Received: from eggs.gnu.org ([208.118.235.92]:38019) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UamlX-0000Tl-Gs for submit@debbugs.gnu.org; Fri, 10 May 2013 08:49:41 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UamlL-0002hg-UO for submit@debbugs.gnu.org; Fri, 10 May 2013 08:49:29 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-99.2 required=5.0 tests=BAYES_50,FREEMAIL_FROM, USER_IN_WHITELIST autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([208.118.235.17]:36305) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UamlL-0002hc-RD for submit@debbugs.gnu.org; Fri, 10 May 2013 08:49:27 -0400 Received: from eggs.gnu.org ([208.118.235.92]:49376) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UamlK-0005FZ-7u for bug-gnu-emacs@gnu.org; Fri, 10 May 2013 08:49:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UamlI-0002h9-Dg for bug-gnu-emacs@gnu.org; Fri, 10 May 2013 08:49:26 -0400 Received: from mail3.siscog.pt ([195.23.29.18]:49771) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UamlI-0002gx-1b for bug-gnu-emacs@gnu.org; Fri, 10 May 2013 08:49:24 -0400 Received: from smtps.lisboa.siscog (lximaps01.siscog.com [::ffff:194.100.100.99]) by mail3.siscog.pt with esmtp; Fri, 10 May 2013 13:49:21 +0100 id 0001E065.518CECD1.00001BC1 Received: from BELMONTE (belmonte.siscog.com [194.100.100.149]) by smtps.lisboa.siscog (Postfix) with ESMTP id 1E0226D2AE for ; Fri, 10 May 2013 13:49:21 +0100 (WEST) From: joaotavora@gmail.com (=?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?=) Date: Fri, 10 May 2013 13:49:20 +0100 Message-ID: Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 208.118.235.17 X-Spam-Score: -6.1 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.1 (------) Here's a emacs -Q recipe: $ emacs -Q M-x eval-expression RET (setq gnus-select-method '(nnimap "imaps.mycompany.com")) RET M-x gnus An error pops up: nnimap (imaps.mycompany.com) open error: ''gnutls-cli' is not recognized as an internal or external command, In the *Message* buffer, we can see at at least one tls command succeeded Opening connection to imaps.mycompany.com via tls... gnutls.c: [1] (Emacs) GnuTLS library not found Opening TLS connection to `imaps.mycompany.com'... Opening TLS connection with `gnutls-cli --insecure -p 993 imaps.mycompany.com'...failed Opening TLS connection with `gnutls-cli --insecure -p 993 imaps.mycompany.com --protocols ssl3'...failed Opening TLS connection with `openssl s_client -connect imaps.mycompany.com:993 -no_ssl2 -ign_eof'...done Opening TLS connection to `imaps.mycompany.com'...done nnimap (imaps.mycompany.com) open error: ''gnutls-cli' is not recognized as an internal or external command, '. Continue? (y or n) n This works fine, on the same server with linux. My analysis and possible fix is as follows: The problem is that `network-stream-open-tls' returns invalid information in its final form: (list stream (network-stream-get-response stream start eoc) (network-stream-command stream capability-command eoc) 'tls) This is turn is because code immediately preceding it ;; If we're using tls.el, we have to delete the output from ;; openssl/gnutls-cli. (when (and (null use-builtin-gnutls) eoc) (network-stream-get-response stream start eoc) (goto-char (point-min)) (when (re-search-forward eoc nil t) (goto-char (match-beginning 0)) (delete-region (point-min) (line-beginning-position)))) is not really doing what it says it's doing: it's not deleting enough input, and the search for capabilities actually returns the IMAP greeting. This in turn is related to the CRLF lineendings that the function `open-tls-stream' running under w32 only (in linux it doesn't happen) inserts in the process buffer before the end of the tls handshake. The code in `network-stream-open-tls' for getting rid of useless starting output deletes up to the first CRLF (and apparently it should do so just once, since other CRLF's are legitimate). But if fails and catches a very early CRLF which is still part of the now useless TLS handshake. The search performed by (network-stream-command stream capability-command eoc) doesn't work. That said, a reasonable way to fix this might be adding a line (delete-region (point-min) (point)) as the first form in the body of the `when'. This is because `open-tls-stream' apparently guarantees that point will be left where the tls handshake ended, as per its code snippet and comment: (if start-of-data ;; move point to start of client data (goto-char start-of-data)) Alternalively, make `open-tls-stream' do that itself in the end. I'm doing just that with. (defadvice open-tls-stream (after dont-forget-to-erase-buffer-up-to-point activate) (delete-region (point-min) (point))) Or maybe improve searches by `network-stream-get-response' or be smarter when deleting output. Here's the contents of the nnimap process buffer. Notice the CRLFs. 'gnutls-cli' is not recognized as an internal or external command, operable program or batch file. Process *nnimap* exited abnormally with code 1 'gnutls-cli' is not recognized as an internal or external command, operable program or batch file. Process *nnimap* exited abnormally with code 1 depth=0 C = PT, L = Lisboa, O = SISCOG.COM, OU = IMAP server, CN = *.siscog.com, emailAddress = suporte@siscog.pt verify error:num=18:self signed certificate verify return:1 depth=0 C = PT, L = Lisboa, O = SISCOG.COM, OU = IMAP server, CN = *.siscog.com, emailAddress = suporte@siscog.pt verify return:1 CONNECTED(00000003) --- Certificate chain 0 s:/C=PT/L=Lisboa/O=SISCOG.COM/OU=IMAP server/CN=*.siscog.com/emailAddress=suporte@siscog.pt i:/C=PT/L=Lisboa/O=SISCOG.COM/OU=IMAP server/CN=*.siscog.com/emailAddress=suporte@siscog.pt --- Server certificate -----BEGIN CERTIFICATE----- [elided] -----END CERTIFICATE----- subject=/C=PT/L=Lisboa/O=SISCOG.COM/OU=IMAP server/CN=*.siscog.com/emailAddress=suporte@siscog.pt issuer=/C=PT/L=Lisboa/O=SISCOG.COM/OU=IMAP server/CN=*.siscog.com/emailAddress=suporte@siscog.pt --- No client certificate CA names sent --- SSL handshake has read 1240 bytes and written 518 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: zlib compression Expansion: zlib compression SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 9334E31E9FD9A90C9D301227A2799EB8210AAC9FFD583B6597251744CB6EBFB3 Session-ID-ctx: Master-Key: 7A5A40FEFC3A3493C9AFC4B80BCB044FAC48C94E0B4DE6E35035866F90EC78FFDE18D1B40E93B125F4F3F73468A9D5F0 Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Compression: 1 (zlib compression) Start Time: 1368189548 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) --- * OK Dovecot ready. In GNU Emacs 24.3.1 (i386-mingw-nt5.1.2600) of 2013-03-17 on MARVIN Windowing system distributor `Microsoft Corp.', version 5.1.2600 Configured using: `configure --with-gcc (4.7) --cflags -ID:/devel/emacs/libs/libXpm-3.5.8/include -ID:/devel/emacs/libs/libXpm-3.5.8/src -ID:/devel/emacs/libs/libpng-dev_1.4.3-1/include -ID:/devel/emacs/libs/zlib-dev_1.2.5-2/include -ID:/devel/emacs/libs/giflib-4.1.4-1/include -ID:/devel/emacs/libs/jpeg-6b-4/include -ID:/devel/emacs/libs/tiff-3.8.2-1/include -ID:/devel/emacs/libs/gnutls-3.0.9/include -ID:/devel/emacs/libs/libiconv-1.13.1-1-dev/include -ID:/devel/emacs/libs/libxml2-2.7.8/include/libxml2' Important settings: value of $LANG: C.UTF-8 locale-coding-system: cp1252 default enable-multibyte-characters: t From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Eli Zaretskii Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 10 May 2013 14:02:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: joaotavora@gmail.com (=?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?=) Cc: 14380@debbugs.gnu.org Reply-To: Eli Zaretskii Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136819450017493 (code B ref 14380); Fri, 10 May 2013 14:02:01 +0000 Received: (at 14380) by debbugs.gnu.org; 10 May 2013 14:01:40 +0000 Received: from localhost ([127.0.0.1]:35701 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UantE-0004Y5-Fg for submit@debbugs.gnu.org; Fri, 10 May 2013 10:01:40 -0400 Received: from mtaout21.012.net.il ([80.179.55.169]:55837) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UantA-0004Xa-T9 for 14380@debbugs.gnu.org; Fri, 10 May 2013 10:01:38 -0400 Received: from conversion-daemon.a-mtaout21.012.net.il by a-mtaout21.012.net.il (HyperSendmail v2007.08) id <0MML004005IXVV00@a-mtaout21.012.net.il> for 14380@debbugs.gnu.org; Fri, 10 May 2013 17:00:27 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout21.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MML0046T5KRN3D0@a-mtaout21.012.net.il>; Fri, 10 May 2013 17:00:27 +0300 (IDT) Date: Fri, 10 May 2013 17:00:10 +0300 From: Eli Zaretskii In-reply-to: Message-id: <83ppwzaqad.fsf@gnu.org> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: QUOTED-PRINTABLE X-012-Sender: halo1@inter.net.il References: X-Spam-Score: 0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.2 (-) > From: joaotavora@gmail.com (Jo=E3o T=E1vora) > Date: Fri, 10 May 2013 13:49:20 +0100 >=20 >=20 > (list stream > (network-stream-get-response stream start eoc) > (network-stream-command stream capability-command eoc) > 'tls) >=20 > This is turn is because code immediately preceding it >=20 > ;; If we're using tls.el, we have to delete the output from > ;; openssl/gnutls-cli. > (when (and (null use-builtin-gnutls) > eoc) > (network-stream-get-response stream start eoc) > (goto-char (point-min)) > (when (re-search-forward eoc nil t) > (goto-char (match-beginning 0)) > (delete-region (point-min) (line-beginning-position)))) >=20 > is not really doing what it says it's doing: it's not deleting enou= gh > input, and the search for capabilities actually returns the IMAP > greeting. Why don't you use the built-in gnutls? This is the recommended way o= f using GnuTLS on Windows. Or did I misunderstand your analysis? From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 10 May 2013 16:02:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: Eli Zaretskii Cc: 14380@debbugs.gnu.org Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.13682016688467 (code B ref 14380); Fri, 10 May 2013 16:02:02 +0000 Received: (at 14380) by debbugs.gnu.org; 10 May 2013 16:01:08 +0000 Received: from localhost ([127.0.0.1]:35812 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Uapkp-0002CW-E4 for submit@debbugs.gnu.org; Fri, 10 May 2013 12:01:07 -0400 Received: from mail-pa0-f49.google.com ([209.85.220.49]:53368) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Uapkm-0002CF-AK for 14380@debbugs.gnu.org; Fri, 10 May 2013 12:01:06 -0400 Received: by mail-pa0-f49.google.com with SMTP id bi5so3055658pad.36 for <14380@debbugs.gnu.org>; Fri, 10 May 2013 09:00:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:cc:content-type:content-transfer-encoding; bh=oLu+9EBDKlyvi3q/LDoNY6S6wFKkkqUvt2gm/RqAoCo=; b=Bk7p81/a/NjmytRPVrmuUUWuZyHPms1/DRkr2IMSHL3FaCUbrYizjx4arSrvBKXnnu 18J4zTvE4NYUybPQON+M+9toUjdg+Dki87xSolrLNY98v51Xzc+v0jY1taJp2MaOtdry o3JNdG7mODQpzxRK7ulBZL/Foj5kWQczEOxLt9xveirs0VCVpGwt4ALfYQD+AZOzxS7j lswtvyEXIF3hczQYip5QqQHd0KTp7pqxE469K2vML6iNGI5W6+AThSaRo7fmChNAP8p9 XZkpxgfgMQ+sx1wJaVyaEEr3ybcsxVdfr5x3yNLNj8l7rbmJxNUUkSYYf+uFbdAi1LO3 w8Og== X-Received: by 10.66.144.98 with SMTP id sl2mr18634847pab.92.1368201652637; Fri, 10 May 2013 09:00:52 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.219.137 with HTTP; Fri, 10 May 2013 09:00:32 -0700 (PDT) In-Reply-To: <83ppwzaqad.fsf@gnu.org> References: <83ppwzaqad.fsf@gnu.org> From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Date: Fri, 10 May 2013 17:00:32 +0100 Message-ID: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) More or less, you didn't misunderstand my analysis, but I didn't use built-in tls because its not the default (I did see some references to it, and the function seems to be fboundp (whereas in linux its not) but the code path didn't lead that way for some reason). With emacs -Q, setting gnus-select-method that way and then doing M-x gnus fails. If the builtin tls fixes this and its the "recommended way" it should be the default no? Maybe it *is* the default but emacs -Q possibly configured itself to use some external gnutls and configure itself after it. I'm using cygwin, so that might be the case. In that case, this might be seen as a cygwin bug, in which case I apologize for the noise. btw: how to I configure emacs to use builtin gnutls? J On Fri, May 10, 2013 at 3:00 PM, Eli Zaretskii wrote: > > > From: joaotavora@gmail.com (Jo=E3o T=E1vora) > > Date: Fri, 10 May 2013 13:49:20 +0100 > > > > > > (list stream > > (network-stream-get-response stream start eoc) > > (network-stream-command stream capability-command eoc) > > 'tls) > > > > This is turn is because code immediately preceding it > > > > ;; If we're using tls.el, we have to delete the output from > > ;; openssl/gnutls-cli. > > (when (and (null use-builtin-gnutls) > > eoc) > > (network-stream-get-response stream start eoc) > > (goto-char (point-min)) > > (when (re-search-forward eoc nil t) > > (goto-char (match-beginning 0)) > > (delete-region (point-min) (line-beginning-position)))) > > > > is not really doing what it says it's doing: it's not deleting enough > > input, and the search for capabilities actually returns the IMAP > > greeting. > > Why don't you use the built-in gnutls? This is the recommended way of > using GnuTLS on Windows. > > Or did I misunderstand your analysis? -- Jo=E3o T=E1vora From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Eli Zaretskii Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Fri, 10 May 2013 17:18:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Cc: 14380@debbugs.gnu.org Reply-To: Eli Zaretskii Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136820627728234 (code B ref 14380); Fri, 10 May 2013 17:18:01 +0000 Received: (at 14380) by debbugs.gnu.org; 10 May 2013 17:17:57 +0000 Received: from localhost ([127.0.0.1]:35856 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UaqxB-0007LL-2Y for submit@debbugs.gnu.org; Fri, 10 May 2013 13:17:57 -0400 Received: from mtaout21.012.net.il ([80.179.55.169]:41635) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Uaqx8-0007L9-Ms for 14380@debbugs.gnu.org; Fri, 10 May 2013 13:17:55 -0400 Received: from conversion-daemon.a-mtaout21.012.net.il by a-mtaout21.012.net.il (HyperSendmail v2007.08) id <0MML00500E37W100@a-mtaout21.012.net.il> for 14380@debbugs.gnu.org; Fri, 10 May 2013 20:17:42 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout21.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MML00555EPHKYG0@a-mtaout21.012.net.il>; Fri, 10 May 2013 20:17:41 +0300 (IDT) Date: Fri, 10 May 2013 20:17:25 +0300 From: Eli Zaretskii In-reply-to: Message-id: <83haiabvq2.fsf@gnu.org> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: QUOTED-PRINTABLE X-012-Sender: halo1@inter.net.il References: <83ppwzaqad.fsf@gnu.org> X-Spam-Score: 0.2 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.2 (-) > From: Jo=E3o T=E1vora > Date: Fri, 10 May 2013 17:00:32 +0100 > Cc: 14380@debbugs.gnu.org >=20 > If the builtin tls fixes this and its the "recommended way" it shou= ld > be the default no? It _is_ the default, AFAIK, but you need to install the GnuTLS libraries (DLLs) for it to work. Try installing this one: http://sourceforge.net/projects/ezwinports/files/gnutls-3.0.9-w32-b= in.zip/download > btw: how to I configure emacs to use builtin gnutls? I think you just need to install the above (and restart Emacs, if it'= s already running). From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Fri, 10 May 2013 20:45:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Eli Zaretskii Cc: 14380@debbugs.gnu.org Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136821868830546 (code B ref 14380); Fri, 10 May 2013 20:45:02 +0000 Received: (at 14380) by debbugs.gnu.org; 10 May 2013 20:44:48 +0000 Received: from localhost ([127.0.0.1]:35946 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UauBM-0007wd-37 for submit@debbugs.gnu.org; Fri, 10 May 2013 16:44:48 -0400 Received: from mail-pa0-f45.google.com ([209.85.220.45]:55431) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UauBJ-0007wT-N1 for 14380@debbugs.gnu.org; Fri, 10 May 2013 16:44:46 -0400 Received: by mail-pa0-f45.google.com with SMTP id lj1so3194715pab.32 for <14380@debbugs.gnu.org>; Fri, 10 May 2013 13:44:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:cc:content-type:content-transfer-encoding; bh=e6ss3W3Z5Irvdd+DxBFPETwD0ey0yQeOatqlzjati/w=; b=SCsTxVRwSox7y//rWQjsA6Vc3f3aZP2HFKI+4Qd77hMN07+82aSHL8Bv8nEWgjG1He E3pF321cT/QseuR3JBIkj0fY0EoqcEOtk+PgVD0TI6QTWyTD8KAxxSY/ybC8V+bQpRZb fDLaYm25FwiB+WZydrZiRRVBmB10OkpOoP/djn7Uk8jxqABFwIO0yCOx/WPhLkXoUskM 4l5dz5Z/Y7ZLvYVJAh3xkyWo3QROEkdnRElpoVP6X2C9yiuZ0wWknhzIm9dg/J6WLM7m rA9/7yTlRH3H0IsQ3MvURqKhBMHnNViCRKCGhCKusGpeHUvI2gpKWi5Qzr5qi7jwhmfR hTuw== X-Received: by 10.68.113.101 with SMTP id ix5mr19018276pbb.142.1368218672690; Fri, 10 May 2013 13:44:32 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.219.137 with HTTP; Fri, 10 May 2013 13:44:12 -0700 (PDT) In-Reply-To: <83haiabvq2.fsf@gnu.org> References: <83ppwzaqad.fsf@gnu.org> <83haiabvq2.fsf@gnu.org> From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Date: Fri, 10 May 2013 21:44:12 +0100 Message-ID: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) OK, I see. Honestly I thought builtin tls was some kind of tls library in elisp. Needing external libraries doesn't make it very builtin :-), but that's just my opinion. In any case, my description shows how it "almost worked" with whatever tls client it found (it was probably cygwin's, but I didn't check). You might want to avoid these bug reports by fixing it the way I suggested or some other way. Or not. All is OK from my part. Thanks for the support, Jo=E3o On Fri, May 10, 2013 at 6:17 PM, Eli Zaretskii wrote: >> From: Jo=E3o T=E1vora >> Date: Fri, 10 May 2013 17:00:32 +0100 >> Cc: 14380@debbugs.gnu.org >> >> If the builtin tls fixes this and its the "recommended way" it should >> be the default no? > > It _is_ the default, AFAIK, but you need to install the GnuTLS > libraries (DLLs) for it to work. Try installing this one: > > http://sourceforge.net/projects/ezwinports/files/gnutls-3.0.9-w32-bin.z= ip/download > >> btw: how to I configure emacs to use builtin gnutls? > > I think you just need to install the above (and restart Emacs, if it's > already running). --=20 Jo=E3o T=E1vora From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Eli Zaretskii Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sat, 11 May 2013 07:07:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Cc: 14380@debbugs.gnu.org Reply-To: Eli Zaretskii Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.13682560123898 (code B ref 14380); Sat, 11 May 2013 07:07:02 +0000 Received: (at 14380) by debbugs.gnu.org; 11 May 2013 07:06:52 +0000 Received: from localhost ([127.0.0.1]:36173 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ub3tL-00010o-UT for submit@debbugs.gnu.org; Sat, 11 May 2013 03:06:52 -0400 Received: from mtaout22.012.net.il ([80.179.55.172]:32948) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ub3tG-00010Q-P0 for 14380@debbugs.gnu.org; Sat, 11 May 2013 03:06:49 -0400 Received: from conversion-daemon.a-mtaout22.012.net.il by a-mtaout22.012.net.il (HyperSendmail v2007.08) id <0MMM00J00H1W9Z00@a-mtaout22.012.net.il> for 14380@debbugs.gnu.org; Sat, 11 May 2013 10:06:30 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout22.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MMM00IYYH2UZT40@a-mtaout22.012.net.il>; Sat, 11 May 2013 10:06:30 +0300 (IDT) Date: Sat, 11 May 2013 10:06:15 +0300 From: Eli Zaretskii In-reply-to: Message-id: <83bo8iatco.fsf@gnu.org> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: QUOTED-PRINTABLE X-012-Sender: halo1@inter.net.il References: <83ppwzaqad.fsf@gnu.org> <83haiabvq2.fsf@gnu.org> X-Spam-Score: 0.2 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.2 (-) > From: Jo=E3o T=E1vora > Date: Fri, 10 May 2013 21:44:12 +0100 > Cc: 14380@debbugs.gnu.org >=20 > OK, I see. >=20 > Honestly I thought builtin tls was some kind of tls library in elis= p. > Needing external libraries doesn't make it very builtin :-), but > that's just my opinion. It's builtin in the sense that it does not need external programs. > In any case, my description shows how it "almost worked" with whate= ver > tls client it found (it was probably cygwin's, but I didn't check). > You might want to avoid these bug reports by fixing it the way I > suggested or some other way. Or not. All is OK from my part. The native Windows build of Emacs doesn't work very well with an external tls client, because their interaction is through signals, which are not supported by Windows. From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 In-Reply-To: Resent-From: Ted Zlatanov Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Fri, 17 May 2013 13:13:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: 14380@debbugs.gnu.org X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Reply-To: bug-gnu-emacs@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.136879638122185 (code B ref -1); Fri, 17 May 2013 13:13:02 +0000 Received: (at submit) by debbugs.gnu.org; 17 May 2013 13:13:01 +0000 Received: from localhost ([127.0.0.1]:48623 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UdKSx-0005ll-MQ for submit@debbugs.gnu.org; Fri, 17 May 2013 09:13:00 -0400 Received: from eggs.gnu.org ([208.118.235.92]:57649) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UdKSu-0005lH-4m for submit@debbugs.gnu.org; Fri, 17 May 2013 09:12:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UdKST-00008R-9c for submit@debbugs.gnu.org; Fri, 17 May 2013 09:12:34 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-99.8 required=5.0 tests=BAYES_50, RCVD_IN_DNSWL_NONE, RP_MATCHES_RCVD,USER_IN_WHITELIST autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([208.118.235.17]:51856) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UdKST-00008L-6h for submit@debbugs.gnu.org; Fri, 17 May 2013 09:12:29 -0400 Received: from eggs.gnu.org ([208.118.235.92]:40707) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UdKSO-0008IW-HR for bug-gnu-emacs@gnu.org; Fri, 17 May 2013 09:12:29 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UdKSJ-00006W-RW for bug-gnu-emacs@gnu.org; Fri, 17 May 2013 09:12:24 -0400 Received: from plane.gmane.org ([80.91.229.3]:36400) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UdKSJ-00006P-LH for bug-gnu-emacs@gnu.org; Fri, 17 May 2013 09:12:19 -0400 Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1UdKSH-0004gQ-Ah for bug-gnu-emacs@gnu.org; Fri, 17 May 2013 15:12:17 +0200 Received: from pool-72-93-26-80.bstnma.east.verizon.net ([72.93.26.80]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 17 May 2013 15:12:17 +0200 Received: from tzz by pool-72-93-26-80.bstnma.east.verizon.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 17 May 2013 15:12:17 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: bug-gnu-emacs@gnu.org From: Ted Zlatanov Date: Fri, 17 May 2013 09:12:05 -0400 Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos Lines: 24 Message-ID: <878v3d92e2.fsf@lifelogs.com> References: <83ppwzaqad.fsf@gnu.org> <83haiabvq2.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: pool-72-93-26-80.bstnma.east.verizon.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux) Cancel-Lock: sha1:mzYhW+2kGy+cp6P7noBdvL4IHDs= X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 208.118.235.17 X-Spam-Score: -5.0 (-----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.9 (------) On Fri, 10 May 2013 21:44:12 +0100 João Távora wrote: JT> Honestly I thought builtin tls was some kind of tls library in elisp. JT> Needing external libraries doesn't make it very builtin :-), but JT> that's just my opinion. Implementing TLS in ELisp is possible, sure, but it would be extremely slow and there's considerable risk in reimplementing that protocol. We chose to use GnuTLS instead, which is a fast reliable C implementation and is available for W32 and all our other platforms. JT> In any case, my description shows how it "almost worked" with whatever JT> tls client it found (it was probably cygwin's, but I didn't check). JT> You might want to avoid these bug reports by fixing it the way I JT> suggested or some other way. Or not. All is OK from my part. I've seen dozens of bugs related to "almost working" external TLS binaries on all platforms. It was one of the reasons I did the initial GnuTLS integration with Emacs. My vote is to require GnuTLS with Emacs and to only support it, but there are some questions there, mainly for W32 and Mac OS X: do we auto-update GnuTLS? What happens when the GnuTLS we install conflicts with another system install? And so on... Ted From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: [gmane.emacs.bugs] bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sat, 18 May 2013 13:07:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Ted Zlatanov Cc: 14380@debbugs.gnu.org, Eli Zaretskii Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136888239925171 (code B ref 14380); Sat, 18 May 2013 13:07:01 +0000 Received: (at 14380) by debbugs.gnu.org; 18 May 2013 13:06:39 +0000 Received: from localhost ([127.0.0.1]:50116 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UdgqM-0006Xv-KH for submit@debbugs.gnu.org; Sat, 18 May 2013 09:06:39 -0400 Received: from mail-pa0-f54.google.com ([209.85.220.54]:57850) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UdgqI-0006XN-SS for 14380@debbugs.gnu.org; Sat, 18 May 2013 09:06:36 -0400 Received: by mail-pa0-f54.google.com with SMTP id kx1so4371188pab.41 for <14380@debbugs.gnu.org>; Sat, 18 May 2013 06:06:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:cc:content-type:content-transfer-encoding; bh=ElXaJKesF1raqvvr2AkoOkB+kQgP+pUnPv8lbwPbXDc=; b=EhydpjNyEF7fLWfeUktSRUpYD9vopjxdVa9SSFxK6PmSb3a3D+57cTBMGcBwLdQuSj b8P1Ff1m8eWSYnfESVvz9b0SA8JyJqXWszP+DsVfjGFX+2yO7pgEfPZWWex4SF+VC8Je PYVcIfOniAgILmvFUbtWBbucbsmTQVdjirLRpFEJTFt4vLe/jaQqy59rBMpczCzgch+X v4l4ds+9FP2ZQ0//9nmuc5oliSZagRCZ+fqemxuPGo9d6dG8QSWSFnLuVYHir0BGjim8 HknEBHo6HcGGA67ngiSb6w7ZOCVGHBgjdx2O4Mfdq7aGYJNqCPYXkoDfnaFdco9mFVAa wqaw== X-Received: by 10.68.113.101 with SMTP id ix5mr53088658pbb.142.1368882367308; Sat, 18 May 2013 06:06:07 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.219.137 with HTTP; Sat, 18 May 2013 06:05:47 -0700 (PDT) In-Reply-To: <87k3mw79iv.fsf@lifelogs.com> References: <87k3mw79iv.fsf@lifelogs.com> From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Date: Sat, 18 May 2013 14:05:47 +0100 Message-ID: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.1 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) On Sat, May 18, 2013 at 1:33 PM, Ted Zlatanov wrote: > Sorry, I forgot to CC the two of you and the post just went to the bug > list. I didn't know if you'd see it so this is just a courtesy CC. > > Ted > > > > ---------- Forwarded message ---------- > From: Ted Zlatanov > To: 14380@debbugs.gnu.org > Cc: > Date: Fri, 17 May 2013 09:12:05 -0400 > Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap se= rvers on w32 > On Fri, 10 May 2013 21:44:12 +0100 Jo=E3o T=E1vora = wrote: > > JT> Honestly I thought builtin tls was some kind of tls library in elisp. > JT> Needing external libraries doesn't make it very builtin :-), but > JT> that's just my opinion. > > Implementing TLS in ELisp is possible, sure, but it would be extremely > slow and there's considerable risk in reimplementing that protocol. We > chose to use GnuTLS instead, which is a fast reliable C implementation > and is available for W32 and all our other platforms. lol, I wasn't suggesting implementing it in elisp at all, I just read built-in and assumed in was either statically linked in C or elisp. The point it that needing external libraries which are not always bundled doesn't make it very "builtin". But naming things, along with cache invalidation, is a a hard problem in programming :-) > I've seen dozens of bugs related to "almost working" external TLS > binaries on all platforms. Yes, but have you looked closely at this particular one? The point is rathe= r to increase robustness. That is, `open-tls-stream` could/should promise to cleanup the process buffer of its handshake garbage, so that future functions that use that resource don't see it and don't get confused by it. I'm assuming they don't need to see it, I might be wrong. But if I'm right and that fix is performed then you've effectively extended "imap just works" the set of W32 emacs users who type "M-x gnus" on a vanilla emacs in a system with some cygwin installation in PATH. Maybe it's a small set but I'm in it (when I'm at work). > GnuTLS integration with Emacs. My vote is to require GnuTLS with Emacs > and to only support it, but there are some questions there, mainly for > W32 and Mac OS X: do we auto-update GnuTLS? What happens when the > GnuTLS we install conflicts with another system install? And so on... That's all fine, I guess. I vote for that too :-) Thanks, Jo=E3o From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Ted Zlatanov Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sun, 19 May 2013 03:18:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= , Eli Zaretskii Cc: 14380@debbugs.gnu.org, emacs-devel@gnu.org Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136893347518242 (code B ref 14380); Sun, 19 May 2013 03:18:01 +0000 Received: (at 14380) by debbugs.gnu.org; 19 May 2013 03:17:55 +0000 Received: from localhost ([127.0.0.1]:50942 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Udu8A-0004kA-NV for submit@debbugs.gnu.org; Sat, 18 May 2013 23:17:55 -0400 Received: from mail-gg0-f177.google.com ([209.85.161.177]:45195) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Udu88-0004jn-9y for 14380@debbugs.gnu.org; Sat, 18 May 2013 23:17:53 -0400 Received: by mail-gg0-f177.google.com with SMTP id r4so1064894ggn.22 for <14380@debbugs.gnu.org>; Sat, 18 May 2013 20:17:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=x-received:from:to:cc:subject:organization:references:x-face :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type:content-transfer-encoding; bh=C8X8nNHAzGNfl/ehV5j6PIpckDXYYlWArBNDLpv5+XQ=; b=lDURJv4krHABLqHUd26YrbTCpdYMMzoa5PKmc3i/ul4Wlj1KdJ7K2av22z7AgZkish H6NMp4qjqRs0d0ZIO0C/WTmH4r7/T3e7oRDrXKs4p5vRH3BCVfnXGgPCboB4F1/yMdIu 344WVhT1zSDC5tVpIS0rc0g4iFKlW6BvayQyM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:from:to:cc:subject:organization:references:x-face :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type:content-transfer-encoding :x-gm-message-state; bh=C8X8nNHAzGNfl/ehV5j6PIpckDXYYlWArBNDLpv5+XQ=; b=KEhwLNcpLS4iItZX8WTdGw7givhGUgZ7uSAxWcaf9QGA1Jebz0EVwpKswFbc/9ndf4 v4egRz53+CxHveZ0aztJF5Z0EF877YXJLFacqExM3s1VStdgMFDgNvW8YZ6u4SRHxjpm Q3TBVQUtdMfn/h6RtG7tcQB0qaziBKFvOyrm0KVUPPRt7qPK+juvkMVjClP56ttLi6Nj NTjrCPsIC/bXlDV7jU8Bs+WxSN+IB3SXGCjQWRUTBsu/BHDmgw59hVBy+NjuAJ2JnPgP dWAkEpI9xyEVzfvqKvYq4xAWQ+TfKc4bm8DlhNsdw3J8O6pbc7NjP/PjQoS1a8iBxCiO BADQ== X-Received: by 10.236.138.79 with SMTP id z55mr30477992yhi.104.1368933441907; Sat, 18 May 2013 20:17:21 -0700 (PDT) Received: from heechee (pool-72-93-26-80.bstnma.east.verizon.net. [72.93.26.80]) by mx.google.com with ESMTPSA id m64sm11230089yhj.21.2013.05.18.20.17.13 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Sat, 18 May 2013 20:17:21 -0700 (PDT) From: Ted Zlatanov Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos References: <87k3mw79iv.fsf@lifelogs.com> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Sat, 18 May 2013 23:17:02 -0400 In-Reply-To: ("=?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?="'s message of "Sat, 18 May 2013 14:05:47 +0100") Message-ID: <87zjvr64lt.fsf_-_@lifelogs.com> User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Gm-Message-State: ALoCoQnE4mnQnNdJeDo7tyz2jZJ3Hp9uYMVv38yIrG/A7fjWs76s/XpV7rv9jfMeNJtv0ISlyZ9D X-Spam-Score: -2.6 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) (CC to emacs-devel as I think this discussion is relevant there) On Sat, 18 May 2013 14:05:47 +0100 Jo=E3o T=E1vora w= rote:=20 JT> The point [is] that needing external libraries which are not always JT> bundled doesn't make it very "builtin". I'm not bringing GnuTLS into the Emacs source tree, which is the only other way to make it built-in functionality. I understand there are issues with external dependencies and in fact I asked that we bundle the GnuTLS W32 DLLs with the W32 Emacs builds. That led to a long discussions about how that makes security our responsibility and how we then need to deal with GnuTLS updates, and I didn't have a strong desire to become a W32 distribution expert since I barely know that platform. No one else picked it up, and there we are with "install it yourself" as the recommended way to get GnuTLS to work on W32. >> I've seen dozens of bugs related to "almost working" external TLS >> binaries on all platforms. JT> Yes, but have you looked closely at this particular one? The point is r= ather JT> to increase robustness. That is, `open-tls-stream` could/should promise JT> to cleanup the process buffer of its handshake garbage, so that future JT> functions that use that resource don't see it and don't get confused by= it. JT> I'm assuming they don't need to see it, I might be wrong. I'm not able to fix this bug or work on bugs in the external SSL/TLS suppor= t. JT> But if I'm right and that fix is performed then you've effectively exte= nded JT> "imap just works" the set of W32 emacs users who type "M-x gnus" on a JT> vanilla emacs in a system with some cygwin installation in PATH. Maybe = it's JT> a small set but I'm in it (when I'm at work). Wouldn't you rather get GnuTLS to work by default? Otherwise we serve the use case "I have no secure transport, so let me use a hack by default." >> GnuTLS integration with Emacs. My vote is to require GnuTLS with Emacs >> and to only support it, but there are some questions there, mainly for >> W32 and Mac OS X: do we auto-update GnuTLS? What happens when the >> GnuTLS we install conflicts with another system install? And so on... JT> That's all fine, I guess. I vote for that too :-) The big problem for me is that I don't have the time or platform knowledge to write a GnuTLS auto-installer and updater for those two problematic platforms. The GnuTLS developers don't want to provide this service either. Who will be responsible to it? What happens when a security vulnerability hits the DLLs we distribute with Emacs? My proposal would be to push out the next Emacs bundled with the latest GnuTLS DLLs, only support GnuTLS, provide users with instructions on updating them, and treat GnuTLS vulnerabilities as Emacs vulnerabilities. This is not ideal but IMO better than the current situation. Ted From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sun, 19 May 2013 11:47:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Ted Zlatanov Cc: 14380@debbugs.gnu.org, Eli Zaretskii , emacs-devel@gnu.org Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136896397229372 (code B ref 14380); Sun, 19 May 2013 11:47:01 +0000 Received: (at 14380) by debbugs.gnu.org; 19 May 2013 11:46:12 +0000 Received: from localhost ([127.0.0.1]:51225 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ue241-0007da-0F for submit@debbugs.gnu.org; Sun, 19 May 2013 07:46:10 -0400 Received: from mail-da0-f52.google.com ([209.85.210.52]:49542) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ue23x-0007d5-CH for 14380@debbugs.gnu.org; Sun, 19 May 2013 07:46:07 -0400 Received: by mail-da0-f52.google.com with SMTP id o9so3314777dan.11 for <14380@debbugs.gnu.org>; Sun, 19 May 2013 04:45:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:cc:content-type:content-transfer-encoding; bh=LsTKTSwdhGbq3G7MWDnas4tn1AyMwy+txOO3AeKEUBE=; b=dwZoNe1Ul8jQyScPqOVMZ0FEiFoIWJoabJsepr5sHVRcVdHNy8uLRb2b6f/icu9Eol 2CWegUic3URTY6HmTidc5/mo9ONCXqu0PMRN84BNVfWjNza0P9tWQk6icZeS32ZXKTcH p3bhbg9krRy+G53okFzyU6O6hkHnKGmmokyIaPY0QuZ0TqK/RvI5e/68AW0/Gk1KYTwT Yu9GI30UEd0hDSzF0UCQ9DH00CZWLZ+YGl2NSP4fdTXNMiY+u6unk0Ge0UUwrRF6/5N4 tzTpTyrTS2EKZphqBR37ab+5gb2S40unWem9Am7sNLt2onZ+L49MgIr/fa/qECjRqGe2 7TPQ== X-Received: by 10.68.189.8 with SMTP id ge8mr40906502pbc.199.1368963932287; Sun, 19 May 2013 04:45:32 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.219.137 with HTTP; Sun, 19 May 2013 04:45:12 -0700 (PDT) In-Reply-To: <87zjvr64lt.fsf_-_@lifelogs.com> References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Date: Sun, 19 May 2013 12:45:12 +0100 Message-ID: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.1 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) On Sun, May 19, 2013 at 4:17 AM, Ted Zlatanov wrote: > GnuTLS W32 DLLs with the W32 Emacs builds. That led to a long > discussions about how that makes security our responsibility and how we I see. Indeed, bundling security stuff with your app is increasing its responsibility manifold. > Wouldn't you rather get GnuTLS to work by default? Otherwise we serve > the use case "I have no secure transport, so let me use a hack by > default." I don't understand. What is the hack here? External binary for TLS? But yes, GnuTLS by default is certainly better... > service either. Who will be responsible to it? What happens when a > security vulnerability hits the DLLs we distribute with Emacs? > > My proposal would be to push out the next Emacs bundled with the latest > GnuTLS DLLs, only support GnuTLS, provide users with instructions on > updating them, and treat GnuTLS vulnerabilities as Emacs > vulnerabilities. This is not ideal but IMO better than the current > situation. ... but then you have all these headaches. The fix I proposed aims for the status quo, that is: make external TLS binary support slightly more robust. My test case is even smaller: * W32 * cygwin carrying the responsibility burden * vanilla emacs working with tls/imap/gnus. Thanks for the time spent in analysing this, --=20 Jo=E3o T=E1vora From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Eli Zaretskii Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sun, 19 May 2013 15:34:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Ted Zlatanov Cc: 14380@debbugs.gnu.org, joaotavora@gmail.com Reply-To: Eli Zaretskii Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136897760625788 (code B ref 14380); Sun, 19 May 2013 15:34:01 +0000 Received: (at 14380) by debbugs.gnu.org; 19 May 2013 15:33:26 +0000 Received: from localhost ([127.0.0.1]:51536 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ue5by-0006hr-0P for submit@debbugs.gnu.org; Sun, 19 May 2013 11:33:26 -0400 Received: from mtaout23.012.net.il ([80.179.55.175]:48118) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ue5bv-0006hV-AF for 14380@debbugs.gnu.org; Sun, 19 May 2013 11:33:24 -0400 Received: from conversion-daemon.a-mtaout23.012.net.il by a-mtaout23.012.net.il (HyperSendmail v2007.08) id <0MN100C00XQWEB00@a-mtaout23.012.net.il> for 14380@debbugs.gnu.org; Sun, 19 May 2013 18:32:49 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout23.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MN100C97XUP9350@a-mtaout23.012.net.il>; Sun, 19 May 2013 18:32:49 +0300 (IDT) Date: Sun, 19 May 2013 18:32:37 +0300 From: Eli Zaretskii In-reply-to: <87zjvr64lt.fsf_-_@lifelogs.com> X-012-Sender: halo1@inter.net.il Message-id: <83r4h3vvca.fsf@gnu.org> References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> X-Spam-Score: 0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.2 (-) [I removed emacs-devel.] > From: Ted Zlatanov > Cc: 14380@debbugs.gnu.org, emacs-devel@gnu.org > Date: Sat, 18 May 2013 23:17:02 -0400 > > (CC to emacs-devel as I think this discussion is relevant there) There's no reason: all the people who you'd like to reach read the bug list as well. > The big problem for me is that I don't have the time or platform > knowledge to write a GnuTLS auto-installer and updater for those two > problematic platforms. The GnuTLS developers don't want to provide this > service either. Who will be responsible to it? What happens when a > security vulnerability hits the DLLs we distribute with Emacs? > > My proposal would be to push out the next Emacs bundled with the latest > GnuTLS DLLs, only support GnuTLS, provide users with instructions on > updating them, and treat GnuTLS vulnerabilities as Emacs > vulnerabilities. This is not ideal but IMO better than the current > situation. I see no problems with the current situation. Installing precompiled GnuTLS from a zip file is a snap. From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Eli Zaretskii Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sun, 19 May 2013 15:45:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Cc: 14380@debbugs.gnu.org, tzz@lifelogs.com Reply-To: Eli Zaretskii Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136897830127221 (code B ref 14380); Sun, 19 May 2013 15:45:02 +0000 Received: (at 14380) by debbugs.gnu.org; 19 May 2013 15:45:01 +0000 Received: from localhost ([127.0.0.1]:51550 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ue5nA-00074q-72 for submit@debbugs.gnu.org; Sun, 19 May 2013 11:45:01 -0400 Received: from mtaout21.012.net.il ([80.179.55.169]:43573) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ue5n7-00074M-1e for 14380@debbugs.gnu.org; Sun, 19 May 2013 11:44:58 -0400 Received: from conversion-daemon.a-mtaout21.012.net.il by a-mtaout21.012.net.il (HyperSendmail v2007.08) id <0MN100800XTLUL00@a-mtaout21.012.net.il> for 14380@debbugs.gnu.org; Sun, 19 May 2013 18:44:18 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout21.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MN1008CLYDQVL10@a-mtaout21.012.net.il>; Sun, 19 May 2013 18:44:15 +0300 (IDT) Date: Sun, 19 May 2013 18:44:02 +0300 From: Eli Zaretskii In-reply-to: Message-id: <83ppwnvut9.fsf@gnu.org> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: QUOTED-PRINTABLE X-012-Sender: halo1@inter.net.il References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> X-Spam-Score: 0.2 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.2 (-) > From: Jo=E3o T=E1vora > Date: Sun, 19 May 2013 12:45:12 +0100 > Cc: Eli Zaretskii , 14380@debbugs.gnu.org, emacs-deve= l@gnu.org >=20 > The fix I proposed aims for the status quo, that is: make external > TLS binary support slightly more robust. I already said at lest twice in this thread: THIS WON'T WORK on Windows (except in Cygwin Emacs). The communications between the external TLS client and Emacs are via signals, which aren't really supported by Windows. Solving this was one of the main reasons for incorporating GnuTLS into Emacs. I don't really understand what are we still discussing here. Let me describe how the current situation looks from my POV: . Emacs can be built with GnuTLS support if GnuTLS is installed on the end-user's machine, and that end user builds her own Emacs. This is the same as on Unix. I hope no one will say this is "not built-in". . Windows users get special treatment in that precompiled binaries of Emacs are available for those who cannot or won't build their own. These precompiled binaries are built with GnuTLS support to begin with. . As yet another bonus for Windows users, Emacs will happily start and run even if GnuTLS is not found on the end-user's machine; however, TLS will not be available in that case, of course (Emacs will announce that if required to use TLS). So now you tell me how come these two bonuses are somehow regarded as deficiencies? Would it be better not to produce binaries at all, or let them abort with a fatal error if GnuTLS is not installed? Installing GnuTLS boils down to unzipping a single zip archive. How hard can that be for someone who uses Emacs?? From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sun, 19 May 2013 17:59:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Eli Zaretskii Cc: 14380@debbugs.gnu.org, tzz@lifelogs.com Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136898632312576 (code B ref 14380); Sun, 19 May 2013 17:59:01 +0000 Received: (at 14380) by debbugs.gnu.org; 19 May 2013 17:58:43 +0000 Received: from localhost ([127.0.0.1]:51679 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ue7sW-0003Gg-92 for submit@debbugs.gnu.org; Sun, 19 May 2013 13:58:42 -0400 Received: from mail-pd0-f176.google.com ([209.85.192.176]:54761) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ue7sT-0003GL-M9 for 14380@debbugs.gnu.org; Sun, 19 May 2013 13:58:38 -0400 Received: by mail-pd0-f176.google.com with SMTP id r11so1428948pdi.21 for <14380@debbugs.gnu.org>; Sun, 19 May 2013 10:58:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:cc:content-type:content-transfer-encoding; bh=s703Ivsnk/y0XF3T54D6XL98hgTS6JWhP4IoDFJ78vc=; b=z/+vu4Q7oKQSEaXFhJAWU+Pz52NZn993mj8DNYJQ3P56mynTGamLR/6SO9VGd8Jmjm 9FOV0mTS4JrDOt+ZIFLL0w42bWjJG0gG1b+sQ8qxhlxD63FXW1DDhksE9tjiRKtWd/qa 3fktkZSbHno13WUVELvTIIv9kKkda7pjok0leWUj4reCPTQjLyWJ9ZtHT2R+2dtVZ4ih uN6VS9mHU7kfjXLCrc0oM/YWN6JmTRlYBR733CGP/0kc9T36Fk9B/U57VCAum3C70840 z4mpu8cqcF5MJ8/qnch9tXsU5sEvPHlYIc5hbPceXsCiYrG41rDTBFMldUn+UosAtrhw LQww== X-Received: by 10.66.248.228 with SMTP id yp4mr57348513pac.158.1368986283331; Sun, 19 May 2013 10:58:03 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.219.137 with HTTP; Sun, 19 May 2013 10:57:43 -0700 (PDT) In-Reply-To: <83ppwnvut9.fsf@gnu.org> References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <83ppwnvut9.fsf@gnu.org> From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Date: Sun, 19 May 2013 18:57:43 +0100 Message-ID: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) On Sun, May 19, 2013 at 4:44 PM, Eli Zaretskii wrote: >> From: Jo=E3o T=E1vora >> Date: Sun, 19 May 2013 12:45:12 +0100 >> Cc: Eli Zaretskii , 14380@debbugs.gnu.org, emacs-devel@gnu= .org >> >> The fix I proposed aims for the status quo, that is: make external >> TLS binary support slightly more robust. > > I already said at lest twice in this thread: THIS WON'T WORK on > Windows (except in Cygwin Emacs). The communications between the Look, there's no need to shout. I'm not using Cygwin emacs, I'm using regular W32 binaries and am not even sure what tls binary emacs found or how. It appears to be: "openssl s_client -connect imaps.mycompany.com:993 -no_ssl2 -ign_eof" My analysis of the code of `network-stream-open-tls' revealed (as do the comments) that it tries to cleanup the process buffer of previous garbage left there = by `open-tls-stream` (who nonetheless tries to place point correctly in the process buffer) I'm **guessing** "openssl" is a cygwin binary, I didn't even check that. I **reported** a bug since I considered unexpected behaviour occurred even = with the cleanest of "emacs -Q" run. I **suggested** a fix because of two reasons: (1) I tried it and it worked and has been working since (2) in the context of the interaction between the two functions `network-stream-open-tls' and `open-tls-stream' it seemed reasonable that the latter cleans up after itself. Maybe, in my reduced usage of gnus, I haven't gotten to a situation where things would break because of signal handling or whatever. Lucky me. When things do break, I'll happily unzip dlls, I have nothing against that. Thanks for all the info, feel free to close the bug if you haven't already Over and out, Jo=E3o From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Eli Zaretskii Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sun, 19 May 2013 19:03:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Cc: 14380@debbugs.gnu.org, tzz@lifelogs.com Reply-To: Eli Zaretskii Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136899016920376 (code B ref 14380); Sun, 19 May 2013 19:03:01 +0000 Received: (at 14380) by debbugs.gnu.org; 19 May 2013 19:02:49 +0000 Received: from localhost ([127.0.0.1]:51750 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ue8sa-0005Ia-T9 for submit@debbugs.gnu.org; Sun, 19 May 2013 15:02:49 -0400 Received: from mtaout22.012.net.il ([80.179.55.172]:37255) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ue8sY-0005IF-RY for 14380@debbugs.gnu.org; Sun, 19 May 2013 15:02:48 -0400 Received: from conversion-daemon.a-mtaout22.012.net.il by a-mtaout22.012.net.il (HyperSendmail v2007.08) id <0MN200E007IADV00@a-mtaout22.012.net.il> for 14380@debbugs.gnu.org; Sun, 19 May 2013 22:01:28 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout22.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MN200EX97IF7E20@a-mtaout22.012.net.il>; Sun, 19 May 2013 22:01:28 +0300 (IDT) Date: Sun, 19 May 2013 22:01:16 +0300 From: Eli Zaretskii In-reply-to: Message-id: <83hahyx08z.fsf@gnu.org> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: QUOTED-PRINTABLE X-012-Sender: halo1@inter.net.il References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <83ppwnvut9.fsf@gnu.org> X-Spam-Score: -1.2 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.2 (-) > From: Jo=E3o T=E1vora > Date: Sun, 19 May 2013 18:57:43 +0100 > Cc: tzz@lifelogs.com, 14380@debbugs.gnu.org >=20 > On Sun, May 19, 2013 at 4:44 PM, Eli Zaretskii wrote= : > >> From: Jo=E3o T=E1vora > >> Date: Sun, 19 May 2013 12:45:12 +0100 > >> Cc: Eli Zaretskii , 14380@debbugs.gnu.org, emacs-d= evel@gnu.org > >> > >> The fix I proposed aims for the status quo, that is: make extern= al > >> TLS binary support slightly more robust. > > > > I already said at lest twice in this thread: THIS WON'T WORK on > > Windows (except in Cygwin Emacs). The communications between the >=20 > Look, there's no need to shout. I'm sorry, but after saying that twice, what other methods do I have to make sure I'm heard? > I'm not using Cygwin emacs, I'm using regular W32 binaries That's exactly what I was talking about: an external tls client will not work with a native w32 Emacs. > When things do break, I'll happily unzip dlls, I have nothing again= st that. I suggest you do this without waiting for things to break. The built-in GnuTLS support does work on Windows, there are several happy users of it here. Why have a partial solution when you can have a complete one? From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Ted Zlatanov Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sun, 19 May 2013 23:07:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Cc: 14380@debbugs.gnu.org, Eli Zaretskii , emacs-devel@gnu.org Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136900476515285 (code B ref 14380); Sun, 19 May 2013 23:07:02 +0000 Received: (at 14380) by debbugs.gnu.org; 19 May 2013 23:06:05 +0000 Received: from localhost ([127.0.0.1]:51964 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UeCg0-0003yP-Cl for submit@debbugs.gnu.org; Sun, 19 May 2013 19:06:05 -0400 Received: from mail-gg0-f182.google.com ([209.85.161.182]:39122) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UeCfx-0003xl-6N for 14380@debbugs.gnu.org; Sun, 19 May 2013 19:06:02 -0400 Received: by mail-gg0-f182.google.com with SMTP id q2so712761ggc.41 for <14380@debbugs.gnu.org>; Sun, 19 May 2013 16:05:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=x-received:from:to:cc:subject:organization:references:x-face :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type:content-transfer-encoding; bh=I1kelOJDawq7wl+pJcsZt2sokS0GlPZGCm+czMHNRJo=; b=l7gyx4z/dtnXEpjUBV2EgN+kiUKVRRsNIrVS0fwc85e0wXmtovNbg8xxK+PfP1r/Ag IuBmsWbdWK2gU1TkqN6TDZCFl7a/F0qZPf6bQrkEnpwgnzeWKWH0ToAeWjDBK1zToqXN iBnjJZceVCFj8kaSZ8HOsmF1f1iZ6h6SbWU2E= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:from:to:cc:subject:organization:references:x-face :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type:content-transfer-encoding :x-gm-message-state; bh=I1kelOJDawq7wl+pJcsZt2sokS0GlPZGCm+czMHNRJo=; b=OfNWoF9Mn22PpwWnJnYozRrLHVN6KuZI6HfgsRlwPsZxxWaPaTa6CdfGv7oWhjywqY z6LROVmPzzXXxYcOCJ5NV9cdy5zxYb+lr0f9i/JZpEknNemf2VdxXbEuqG4DKVnwDiZJ RGVuM9EIM2qiK1+eQ/sRZ2PwlDsqE9zkC9iEUSp0UxGCgb9DoIa7tekOKPivJ567vHYM MRJhFQG/5QgWDCUh6EwgRvyxlhOYNpIgdUlsQpdjy5vGmzL0w2N2i/2uu6/aI435Tio1 MvgvBLhqVfvZEx6bFzP4ROhywTRb1CgYQDht2QcU1qIW9p41PsTTs/FdeL3i4CKaezW1 Gg7g== X-Received: by 10.236.25.165 with SMTP id z25mr32927395yhz.56.1369004725843; Sun, 19 May 2013 16:05:25 -0700 (PDT) Received: from heechee (pool-72-93-26-80.bstnma.east.verizon.net. [72.93.26.80]) by mx.google.com with ESMTPSA id i21sm36089107yhl.15.2013.05.19.16.05.23 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Sun, 19 May 2013 16:05:24 -0700 (PDT) From: Ted Zlatanov Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Sun, 19 May 2013 19:05:22 -0400 In-Reply-To: ("=?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?="'s message of "Sun, 19 May 2013 12:45:12 +0100") Message-ID: <87txly4ll9.fsf@lifelogs.com> User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Gm-Message-State: ALoCoQnLHo9Yi1iGFKFsm2efI3qrKOMqptKJai8lgI/0xLnHUoRiR8c1J8B33O/s/ajSh27Px8ai X-Spam-Score: -2.6 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) On Sun, 19 May 2013 12:45:12 +0100 Jo=E3o T=E1vora w= rote:=20 JT> On Sun, May 19, 2013 at 4:17 AM, Ted Zlatanov wrote: >> Wouldn't you rather get GnuTLS to work by default? Otherwise we serve >> the use case "I have no secure transport, so let me use a hack by >> default." JT> I don't understand. What is the hack here? External binary for TLS? Using an external binary to transport SSL or TLS is a hack IMO. >> My proposal would be to push out the next Emacs bundled with the latest >> GnuTLS DLLs, only support GnuTLS, provide users with instructions on >> updating them, and treat GnuTLS vulnerabilities as Emacs >> vulnerabilities. This is not ideal but IMO better than the current >> situation. JT> ... but then you have all these headaches. It's a headache I'm willing to endure for the sake of Emacs users. The alternative, which Jo=E3o is enduring now, is to punt the problem. This is a question for the Emacs maintainers: do you agree with me on the above plan? It would mean changing the way Mac OS X and W32 Emacs builds are distributed, to include the GnuTLS libraries with the build, and we'd have to implement a way (perhaps through the ELPA) to distribute updates to these libraries. JT> The fix I proposed aims for the status quo, that is: make external JT> TLS binary support slightly more robust. My test case is even smaller: JT> * W32 JT> * cygwin carrying the responsibility burden JT> * vanilla emacs working with tls/imap/gnus. Did you propose a patch? I would commit a patch but can't write it despite your great description of the problem. Ted From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Juanma Barranquero Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Mon, 20 May 2013 02:11:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Ted Zlatanov Cc: 14380@debbugs.gnu.org, Eli Zaretskii , =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= , Emacs developers Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.13690158162781 (code B ref 14380); Mon, 20 May 2013 02:11:01 +0000 Received: (at 14380) by debbugs.gnu.org; 20 May 2013 02:10:16 +0000 Received: from localhost ([127.0.0.1]:52092 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UeFYF-0000ik-Of for submit@debbugs.gnu.org; Sun, 19 May 2013 22:10:16 -0400 Received: from mail-ee0-f47.google.com ([74.125.83.47]:40942) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UeFYD-0000iW-FB for 14380@debbugs.gnu.org; Sun, 19 May 2013 22:10:14 -0400 Received: by mail-ee0-f47.google.com with SMTP id t10so3624856eei.20 for <14380@debbugs.gnu.org>; Sun, 19 May 2013 19:09:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=jVvLF3B43cN9Dqgn8K1Et3+gb1ytPBt1XqHImkD1+T0=; b=eoAT/QPrE9LdDs75Hq7wbhxp44SsmvWBbadxisQcIfBu9Nk8y781T213fN00KByEwT WlZq2KY2g632lEsoaY+/cTEvr1WC6vTrRIuMr/3PpRu8jdZMQ/aN4Suz0kCLG1XedjdA mM2vUd5//tvZnAxR/LqRjdfRlNMOYckfC12QVwh6RPwetInn2nREdPz0N1qmkkf/v9WC ng7QNDKcc2I+911QugCY7fCtgfAaZ1GTHo1ng1D3UiqxqeLsefI6tAiV79FlQmDZ4len A3Nl9JP5Pl1qmyh8SgOHwJus7jSjy4l6DHp3qycogVn5QgFhU4ONkeJ6tMi/5h6Rhv1C nGKg== X-Received: by 10.14.5.5 with SMTP id 5mr160763037eek.21.1369015777389; Sun, 19 May 2013 19:09:37 -0700 (PDT) MIME-Version: 1.0 Received: by 10.15.93.130 with HTTP; Sun, 19 May 2013 19:08:57 -0700 (PDT) In-Reply-To: <87txly4ll9.fsf@lifelogs.com> References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <87txly4ll9.fsf@lifelogs.com> From: Juanma Barranquero Date: Mon, 20 May 2013 04:08:57 +0200 Message-ID: Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) On Mon, May 20, 2013 at 1:05 AM, Ted Zlatanov wrote: > It would mean changing the way Mac OS X and W32 Emacs > builds are distributed, to include the GnuTLS libraries with the build, > and we'd have to implement a way (perhaps through the ELPA) to > distribute updates to these libraries. Why would that be a good idea now if it wasn't seen as such before? J From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Ted Zlatanov Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Mon, 20 May 2013 13:58:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Eli Zaretskii Cc: 14380@debbugs.gnu.org, joaotavora@gmail.com Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.13690582542169 (code B ref 14380); Mon, 20 May 2013 13:58:02 +0000 Received: (at 14380) by debbugs.gnu.org; 20 May 2013 13:57:34 +0000 Received: from localhost ([127.0.0.1]:52925 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UeQaZ-0000YO-Bz for submit@debbugs.gnu.org; Mon, 20 May 2013 09:57:28 -0400 Received: from mail-gg0-f177.google.com ([209.85.161.177]:55824) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UeQaS-0000Xr-8P for 14380@debbugs.gnu.org; Mon, 20 May 2013 09:57:21 -0400 Received: by mail-gg0-f177.google.com with SMTP id r4so1309560ggn.22 for <14380@debbugs.gnu.org>; Mon, 20 May 2013 06:56:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=x-received:from:to:cc:subject:organization:references:x-face :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=TICkdgX+HgqPvHXdeQ39HEajsyFzXB/rGJZjFgicevk=; b=WkjGatHEZt/ga0+PjYMns1IjR8sJc1GaG2GVTpHcdmYdBTUv02hszGZg7SnHEOKSp1 Y2MDzn6UHt8wZ/2PMXTCSPMYZxPH3PpOtJnInez6/R1wroGKB7ANm0Mg6CQOXlHP/X6b QkGE22RudTXfIZedg51Iyvum/NmAYjTysQ6v8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:from:to:cc:subject:organization:references:x-face :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type:x-gm-message-state; bh=TICkdgX+HgqPvHXdeQ39HEajsyFzXB/rGJZjFgicevk=; b=l9f2PXbjvahapWOodOTxBQbBN8W+I5UBkHWHGXAnVnl2t5oqVgF+CZQLi+GH5hHMBn DiUO3ZZicAipyPZ4V73/vagXKUM/ijt3zHh1V5iMIEh4Q79yqyp/646JdXbwaIV57u8e QhGQtX01aX0nYLk2EtuyKFHVJE81MPQgaJ2gFGUJgBb3ax3aEwxsFrrtV+BoD0R1HSGZ v46pZsoHAfDiCD9iT8pigQUUH2LHTwcJc6yyo6f5Dgn6jLZb5mP2o/Tjgbd08ruaQz8d 2ol44ciKabzV3d6Sl+MFDIEPM/Nt8Z/psSesq7oflEyriIta+tusdQUdx51VfFa16hMv jLsw== X-Received: by 10.236.113.194 with SMTP id a42mr35004433yhh.139.1369058190670; Mon, 20 May 2013 06:56:30 -0700 (PDT) Received: from heechee (pool-72-93-26-80.bstnma.east.verizon.net. [72.93.26.80]) by mx.google.com with ESMTPSA id w62sm40425348yhd.27.2013.05.20.06.56.28 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Mon, 20 May 2013 06:56:29 -0700 (PDT) From: Ted Zlatanov Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <83r4h3vvca.fsf@gnu.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Mon, 20 May 2013 09:56:27 -0400 In-Reply-To: <83r4h3vvca.fsf@gnu.org> (Eli Zaretskii's message of "Sun, 19 May 2013 18:32:37 +0300") Message-ID: <878v394uwk.fsf@lifelogs.com> User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Gm-Message-State: ALoCoQmdrxOwq47eWL7nH4i08mm/yLyXko0zFydoTAv+9UPfwOz8pyXuDcs7j9a6dOTaujcUNYAP X-Spam-Score: -2.6 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) On Sun, 19 May 2013 18:32:37 +0300 Eli Zaretskii wrote: >> My proposal would be to push out the next Emacs bundled with the latest >> GnuTLS DLLs, only support GnuTLS, provide users with instructions on >> updating them, and treat GnuTLS vulnerabilities as Emacs >> vulnerabilities. This is not ideal but IMO better than the current >> situation. EZ> I see no problems with the current situation. Installing precompiled EZ> GnuTLS from a zip file is a snap. That's only a small part of the risk and responsibility we're shifting onto the Emacs users. Ted From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Eli Zaretskii Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Mon, 20 May 2013 16:30:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Ted Zlatanov Cc: 14380@debbugs.gnu.org, joaotavora@gmail.com Reply-To: Eli Zaretskii Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136906737430091 (code B ref 14380); Mon, 20 May 2013 16:30:02 +0000 Received: (at 14380) by debbugs.gnu.org; 20 May 2013 16:29:34 +0000 Received: from localhost ([127.0.0.1]:53197 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UeSxq-0007pI-4W for submit@debbugs.gnu.org; Mon, 20 May 2013 12:29:34 -0400 Received: from mtaout22.012.net.il ([80.179.55.172]:58340) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UeSxn-0007p2-Tu for 14380@debbugs.gnu.org; Mon, 20 May 2013 12:29:32 -0400 Received: from conversion-daemon.a-mtaout22.012.net.il by a-mtaout22.012.net.il (HyperSendmail v2007.08) id <0MN300700V3S2100@a-mtaout22.012.net.il> for 14380@debbugs.gnu.org; Mon, 20 May 2013 19:28:52 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout22.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MN3006OKV40WF40@a-mtaout22.012.net.il>; Mon, 20 May 2013 19:28:49 +0300 (IDT) Date: Mon, 20 May 2013 19:28:40 +0300 From: Eli Zaretskii In-reply-to: <878v394uwk.fsf@lifelogs.com> X-012-Sender: halo1@inter.net.il Message-id: <834ndxwr7r.fsf@gnu.org> References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <83r4h3vvca.fsf@gnu.org> <878v394uwk.fsf@lifelogs.com> X-Spam-Score: -1.2 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.2 (-) > From: Ted Zlatanov > Cc: 14380@debbugs.gnu.org, joaotavora@gmail.com > Date: Mon, 20 May 2013 09:56:27 -0400 > > On Sun, 19 May 2013 18:32:37 +0300 Eli Zaretskii wrote: > > >> My proposal would be to push out the next Emacs bundled with the latest > >> GnuTLS DLLs, only support GnuTLS, provide users with instructions on > >> updating them, and treat GnuTLS vulnerabilities as Emacs > >> vulnerabilities. This is not ideal but IMO better than the current > >> situation. > > EZ> I see no problems with the current situation. Installing precompiled > EZ> GnuTLS from a zip file is a snap. > > That's only a small part of the risk and responsibility we're shifting > onto the Emacs users. What risk? what responsibility? A user who installs software on her computer is already trusted with certain responsibilities, because a single mistyped command or a badly built package can easily shut down a perfectly healthy system for hours, if not days. Users install dozens of packages needed to create a workable environment for whatever they need to accomplish. Why is GnuTLS so special? And mind you, in view of the latest sparring between GnuTLS developers and the FSF (which I have no idea how ended, except that the license was downgraded a bit and the official site moved), I'm not even sure the FSF will agree to distribute GnuTLS with Emacs, on any platform. Why should Emacs development enter this minefield? And for what? for solving a non-existing problem of installing a simple package? Don't we have better places to apply our time and energy? Don't misunderstand me: if someone decides to provide regular builds of GnuTLS ready to be downloaded and installed, I will applaud that person. Heck, it will be one less duty for me, for starters, as far as the Windows binaries are concerned. But please don't represent this as a must for Emacs, because it isn't. From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Mon, 20 May 2013 22:09:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Ted Zlatanov Cc: 14380@debbugs.gnu.org, Eli Zaretskii , emacs-devel@gnu.org Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136908771310346 (code B ref 14380); Mon, 20 May 2013 22:09:01 +0000 Received: (at 14380) by debbugs.gnu.org; 20 May 2013 22:08:33 +0000 Received: from localhost ([127.0.0.1]:53471 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UeYFt-0002gp-9B for submit@debbugs.gnu.org; Mon, 20 May 2013 18:08:33 -0400 Received: from mail-pa0-f47.google.com ([209.85.220.47]:48798) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UeYFr-0002gV-BN for 14380@debbugs.gnu.org; Mon, 20 May 2013 18:08:32 -0400 Received: by mail-pa0-f47.google.com with SMTP id kl13so41618pab.6 for <14380@debbugs.gnu.org>; Mon, 20 May 2013 15:07:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=kEFXrELVk/eCi9rL0baBLyeUn2Ip8gaTA9VQ4Flwfd0=; b=v1RxHBHcFZrN8TLeyi4GtUcjnugc5+yyirJlYnZ2MYIqv5sa2USUItab0qWP5DLk9r 4uGUxiMpC2J4exfTavEXjTmtCLQw6d1+Pgb5jEbqju5wMZUrx4Vd/xNEXpXjpTHek5JH NqAFdTUCQ6dfmIHYZQExkUvil8NLvnIZ6xMd2vcLh4fL6BBsB5MQe6q1qHwc+BJqkhht 3OL+1Nmti4HyNfYH9pYDt2weU+5wvKP5QMPmcv8Joft7fRvT6gCDEDAfOu1SYtYvUimv 0a16GfPFDOngFMUDl5fWnWwzSDdi1UTVll78rG0V/zCHkZ7Zypk4CrEj0A9Uq8jVFJPC KAGA== X-Received: by 10.66.248.228 with SMTP id yp4mr64588pac.158.1369087670455; Mon, 20 May 2013 15:07:50 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.219.137 with HTTP; Mon, 20 May 2013 15:07:30 -0700 (PDT) In-Reply-To: <87txly4ll9.fsf@lifelogs.com> References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <87txly4ll9.fsf@lifelogs.com> From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Date: Mon, 20 May 2013 23:07:30 +0100 Message-ID: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) On Mon, May 20, 2013 at 12:05 AM, Ted Zlatanov wrote: > > Using an external binary to transport SSL or TLS is a hack IMO. I see, and reading a bit of tls.el it makes sense. It does all this crazy regexp searching... This is a hack in my book too, albeit one that's been working fine, > Did you propose a patch? I would commit a patch but can't write it > despite your great description of the problem. > Here is a patch that should be equivalent to the defadvice I'm using. As I said, it works for me. Also I didn't have a VC copy of emacs so I used `diff-buffer-with-file' diff -u -L /usr/local/share/emacs/24.3/lisp/net/tls.el.gz -L \#\ /tmp/jka-com1909LVh /tmp/buffer-content-1909lpt --- /usr/local/share/emacs/24.3/lisp/net/tls.el.gz +++ # @@ -286,7 +286,11 @@ (format "Host name in certificate doesn't \ match `%s'. Connect anyway? " host)))))) (setq done nil) - (delete-process process))) + (delete-process process)) + ;; delete all the informational messages that could + ;; confuse futures users of `buffer' + ;; + (delete-region (point-min) (point))) (message "Opening TLS connection to `%s'...%s" host (if done "done" "failed")) (when use-temp-buffer Jo=E3o --=20 Jo=E3o T=E1vora From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Ted Zlatanov Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Fri, 24 May 2013 19:50:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Eli Zaretskii Cc: 14380@debbugs.gnu.org, joaotavora@gmail.com Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136942497014471 (code B ref 14380); Fri, 24 May 2013 19:50:02 +0000 Received: (at 14380) by debbugs.gnu.org; 24 May 2013 19:49:30 +0000 Received: from localhost ([127.0.0.1]:60827 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UfxzV-0003lM-4U for submit@debbugs.gnu.org; Fri, 24 May 2013 15:49:29 -0400 Received: from mail-vb0-f48.google.com ([209.85.212.48]:63028) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UfxzS-0003l7-Gx for 14380@debbugs.gnu.org; Fri, 24 May 2013 15:49:28 -0400 Received: by mail-vb0-f48.google.com with SMTP id w8so2421706vbf.7 for <14380@debbugs.gnu.org>; Fri, 24 May 2013 12:48:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:x-face:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=bzfEycKQzPM1SfBRrNiki0lnlKrzFM436KIB86NfRSI=; b=Kh6WuSZ6guyOvbgnXYjt88IoGuyCTjHWm40vxcnFZLVxhqrKMUeS3iI4R/VV5E34FD gi+Li/WSRAwMwE69+gb/6yLcOExmhzK0wAdmX12rGWzSHnGgtmep5brgHvL+cvVilKm4 eoe9D3FfOPNbrJAD4vCzTtEcLvz7VZi4S5J80= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:to:cc:subject:organization:references:x-face:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type:x-gm-message-state; bh=bzfEycKQzPM1SfBRrNiki0lnlKrzFM436KIB86NfRSI=; b=blTBOteSVazF4IhlAy42f/aBE3CF3j+kM3CC2nHZ5AKLn7CgfAzjT3j19vbIL85VOW MtESpKEVA1hQQK3qpQ17HDQEDYO/Yn0JIud2m8RNs+f9ONq8go7sKoVdheJvDSsKr1CU sLT6b4N0pyzwqvtdbIuBxHC7/vVCA5h+mu81ksFtQRya36nep9ynoe7c4c/FyOEHxWEn HxSti0XWYG3PjdCLkLg/+ScmlpMDG2Af4GrQajdBA/xrwOT2yISifnn/3v2k/l6OKQzx QhpQiBiNpYCmxR2I7VGJpPBMhTULBgMKOEeCN0wo4mG+tdxznsiSaEBZPMZgdwL34X+Q 4IYw== X-Received: by 10.220.74.5 with SMTP id s5mr9728563vcj.5.1369424903977; Fri, 24 May 2013 12:48:23 -0700 (PDT) Received: from heechee (pool-72-93-26-80.bstnma.east.verizon.net. [72.93.26.80]) by mx.google.com with ESMTPSA id s6sm4979209vdj.5.2013.05.24.12.48.21 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Fri, 24 May 2013 12:48:22 -0700 (PDT) From: Ted Zlatanov Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <83r4h3vvca.fsf@gnu.org> <878v394uwk.fsf@lifelogs.com> <834ndxwr7r.fsf@gnu.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Fri, 24 May 2013 15:48:20 -0400 In-Reply-To: <834ndxwr7r.fsf@gnu.org> (Eli Zaretskii's message of "Mon, 20 May 2013 19:28:40 +0300") Message-ID: <87y5b417nf.fsf@lifelogs.com> User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Gm-Message-State: ALoCoQlgUu6+YXS8VW14oxO1rKAqoU/53vNfV5k52V4M0YCau3NhD/w1Qz/4SKLQz4XDmOXjMctO X-Spam-Score: 0.1 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) On Mon, 20 May 2013 19:28:40 +0300 Eli Zaretskii wrote: >> From: Ted Zlatanov >> Cc: 14380@debbugs.gnu.org, joaotavora@gmail.com >> Date: Mon, 20 May 2013 09:56:27 -0400 >> >> On Sun, 19 May 2013 18:32:37 +0300 Eli Zaretskii wrote: >> >> >> My proposal would be to push out the next Emacs bundled with the latest >> >> GnuTLS DLLs, only support GnuTLS, provide users with instructions on >> >> updating them, and treat GnuTLS vulnerabilities as Emacs >> >> vulnerabilities. This is not ideal but IMO better than the current >> >> situation. >> EZ> I see no problems with the current situation. Installing precompiled EZ> GnuTLS from a zip file is a snap. >> >> That's only a small part of the risk and responsibility we're shifting >> onto the Emacs users. EZ> What risk? what responsibility? The risk is that their version of GnuTLS is out of date. The responsibility is to update it regularly. EZ> A user who installs software on her computer is already trusted with EZ> certain responsibilities, because a single mistyped command or a badly EZ> built package can easily shut down a perfectly healthy system for EZ> hours, if not days. Users install dozens of packages needed to create EZ> a workable environment for whatever they need to accomplish. Why is EZ> GnuTLS so special? Installing and keeping GnuTLS up to date should not be the responsibility of the user. To put it another way, if you want that responsibility, you're in a very small percentage of the Emacs user population. Most users don't want it and will neglect it badly. EZ> And mind you, in view of the latest sparring between GnuTLS developers EZ> and the FSF (which I have no idea how ended, except that the license EZ> was downgraded a bit and the official site moved), I'm not even sure EZ> the FSF will agree to distribute GnuTLS with Emacs, on any platform. EZ> Why should Emacs development enter this minefield? That's a reasonable question. I think we have to face it regardless of the outcome of this discussion because Emacs depends on GnuTLS for SSL and TLS communications right now. As far as I know GnuTLS status is back to "kosher." EZ> And for what? for solving a non-existing problem of installing a EZ> simple package? Installing is easy. Keeping it up to date isn't. Security updates are tedious and tedious things get overlooked. EZ> Don't misunderstand me: if someone decides to provide regular builds EZ> of GnuTLS ready to be downloaded and installed, I will applaud that EZ> person. Heck, it will be one less duty for me, for starters, as far EZ> as the Windows binaries are concerned. But please don't represent EZ> this as a must for Emacs, because it isn't. I see it as a responsibility we're avoiding. But if we had these regular builds, how would the user know about a critical update he really must install? See here http://bugs.python.org/issue17425 for an example of how the Python community dealt with an security issue in the OpenSSL libraries they ship for Windows. I guess we have to answer the question of whether that's a standard we as Emacs developers should aspire to, or not. Ted From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Eli Zaretskii Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Fri, 24 May 2013 20:29:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Ted Zlatanov Cc: 14380@debbugs.gnu.org, joaotavora@gmail.com Reply-To: Eli Zaretskii Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.136942729523027 (code B ref 14380); Fri, 24 May 2013 20:29:01 +0000 Received: (at 14380) by debbugs.gnu.org; 24 May 2013 20:28:15 +0000 Received: from localhost ([127.0.0.1]:60894 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ufyay-0005zH-OT for submit@debbugs.gnu.org; Fri, 24 May 2013 16:28:13 -0400 Received: from mtaout23.012.net.il ([80.179.55.175]:39548) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ufyav-0005yy-Nm for 14380@debbugs.gnu.org; Fri, 24 May 2013 16:28:11 -0400 Received: from conversion-daemon.a-mtaout23.012.net.il by a-mtaout23.012.net.il (HyperSendmail v2007.08) id <0MNB00B00KPO1L00@a-mtaout23.012.net.il> for 14380@debbugs.gnu.org; Fri, 24 May 2013 23:27:05 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout23.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MNB00ANKKT5Y130@a-mtaout23.012.net.il>; Fri, 24 May 2013 23:27:05 +0300 (IDT) Date: Fri, 24 May 2013 23:27:07 +0300 From: Eli Zaretskii In-reply-to: <87y5b417nf.fsf@lifelogs.com> X-012-Sender: halo1@inter.net.il Message-id: <8338tcrun8.fsf@gnu.org> References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <83r4h3vvca.fsf@gnu.org> <878v394uwk.fsf@lifelogs.com> <834ndxwr7r.fsf@gnu.org> <87y5b417nf.fsf@lifelogs.com> X-Spam-Score: -1.2 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.2 (-) > From: Ted Zlatanov > Cc: 14380@debbugs.gnu.org, joaotavora@gmail.com > Date: Fri, 24 May 2013 15:48:20 -0400 > > EZ> What risk? what responsibility? > > The risk is that their version of GnuTLS is out of date. That happens with dozens of packages on each user's machine. There's nothing in GnuTLS that makes it unique in this regard. Moreover, the latest and greatest GnuTLS sometimes simply won't build on some systems. Like with the latest release, for example. How is it a good idea to upgrade to a version that is broken? And if the latest version is not always the one to upgrade to, then who will make the research required to tell users to which version to upgrade? You? I did that research for the single version whose Windows port I made available. I built it, fixed the build problems, tested it, fixed the problems revealed by that, and after doing all that I could in good faith tell people they can use that version without too much fear. Why is it safer for users to upgrade to a newer version than to stay with the one I tested? Shouldn't whoever wants to tell them to upgrade invest a similar effort in that newer version? If she doesn't, she is actually shifting the responsibility to the users anyway! > The responsibility is to update it regularly. Or not. Blindly upgrading could get users in trouble. > EZ> A user who installs software on her computer is already trusted with > EZ> certain responsibilities, because a single mistyped command or a badly > EZ> built package can easily shut down a perfectly healthy system for > EZ> hours, if not days. Users install dozens of packages needed to create > EZ> a workable environment for whatever they need to accomplish. Why is > EZ> GnuTLS so special? > > Installing and keeping GnuTLS up to date should not be the > responsibility of the user. Says you. But since there's no one else to pick up the gauntlet, that's where this responsibility will need to rest. If J.R. Hacker needs GnuTLS today, he has no one else but himself to rely on. All we, the Emacs developers, do is just talk. > To put it another way, if you want that responsibility, you're in a very > small percentage of the Emacs user population. Most users don't want it > and will neglect it badly. Again, nothing new or special here. > As far as I know GnuTLS status is back to "kosher." Not sure based on what you say this. > I see it as a responsibility we're avoiding. But if we had these > regular builds, how would the user know about a critical update he > really must install? > > See here http://bugs.python.org/issue17425 for an example of how the > Python community dealt with an security issue in the OpenSSL libraries > they ship for Windows. I guess we have to answer the question of > whether that's a standard we as Emacs developers should aspire to, or > not. I'm sorry, but you are expecting from the Emacs development something it can never provide in its present shape and form. Tracking security issues to this degree in even a single package is a very time consuming job. Unless we have several volunteers on board taking responsibility for the various packages which Emacs supports, what you seem to want is nothing more than a pipe dream. I don't see any such volunteers; in fact, I don't even see a single one. If we had such an individual, my year-old port would have been replaced by newer ones already. (Of course, the Windows build in GnuTLS is regularly broken, so it's not really easy, either.) Until that changes, all this talk is just a huge waste of energy. If you think this kind of effort is possible, how about if you present a complete realistic plan for having a secure Emacs, name individuals who would test the releases of those packages for security issues, and make sure any problems that are detected are promptly fixed on all platforms we support, etc.? Otherwise, let's just stop these endless discussions and admit that we don't have the resources to live up to it. From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 In-Reply-To: Resent-From: Ted Zlatanov Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Fri, 24 May 2013 22:23:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: 14380@debbugs.gnu.org X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Reply-To: bug-gnu-emacs@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.13694341556356 (code B ref -1); Fri, 24 May 2013 22:23:01 +0000 Received: (at submit) by debbugs.gnu.org; 24 May 2013 22:22:35 +0000 Received: from localhost ([127.0.0.1]:32837 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ug0Ne-0001eQ-9t for submit@debbugs.gnu.org; Fri, 24 May 2013 18:22:34 -0400 Received: from eggs.gnu.org ([208.118.235.92]:56531) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ug0Na-0001e0-FP for submit@debbugs.gnu.org; Fri, 24 May 2013 18:22:32 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Ug0MU-0002Dq-KB for submit@debbugs.gnu.org; Fri, 24 May 2013 18:21:27 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-100.3 required=5.0 tests=BAYES_50, RCVD_IN_DNSWL_NONE, RP_MATCHES_RCVD, T_TVD_FUZZY_SECURITIES, USER_IN_WHITELIST autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([208.118.235.17]:44480) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ug0MU-0002Dm-Gv for submit@debbugs.gnu.org; Fri, 24 May 2013 18:21:22 -0400 Received: from eggs.gnu.org ([208.118.235.92]:39622) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ug0MO-0008FJ-Da for bug-gnu-emacs@gnu.org; Fri, 24 May 2013 18:21:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Ug0MH-0002Bd-I6 for bug-gnu-emacs@gnu.org; Fri, 24 May 2013 18:21:16 -0400 Received: from plane.gmane.org ([80.91.229.3]:36143) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ug0MH-0002BT-8Y for bug-gnu-emacs@gnu.org; Fri, 24 May 2013 18:21:09 -0400 Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1Ug0MF-0004aS-ND for bug-gnu-emacs@gnu.org; Sat, 25 May 2013 00:21:07 +0200 Received: from pool-72-93-26-80.bstnma.east.verizon.net ([72.93.26.80]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 25 May 2013 00:21:07 +0200 Received: from tzz by pool-72-93-26-80.bstnma.east.verizon.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 25 May 2013 00:21:07 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: bug-gnu-emacs@gnu.org From: Ted Zlatanov Date: Fri, 24 May 2013 18:20:55 -0400 Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos Lines: 102 Message-ID: <87li7410l4.fsf@lifelogs.com> References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <83r4h3vvca.fsf@gnu.org> <878v394uwk.fsf@lifelogs.com> <834ndxwr7r.fsf@gnu.org> <87y5b417nf.fsf@lifelogs.com> <8338tcrun8.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: pool-72-93-26-80.bstnma.east.verizon.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux) Cancel-Lock: sha1:GiwHxah+TQwvI5DjdeJhPy9nPwo= X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 208.118.235.17 X-Spam-Score: -6.9 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.9 (------) On Fri, 24 May 2013 23:27:07 +0300 Eli Zaretskii wrote: >> From: Ted Zlatanov >> Cc: 14380@debbugs.gnu.org, joaotavora@gmail.com >> Date: Fri, 24 May 2013 15:48:20 -0400 >> EZ> What risk? what responsibility? >> >> The risk is that their version of GnuTLS is out of date. EZ> That happens with dozens of packages on each user's machine. There's EZ> nothing in GnuTLS that makes it unique in this regard. Yes, of course. I don't know the other packages we require to enable extra features on W32, sorry. I think GnuTLS is somewhat unique in this regard by being the only way to do secure communications with the outside world, but it's worth considering putting the other packages under the same mechanism as GnuTLS for installations and updates. EZ> Moreover, the latest and greatest GnuTLS sometimes simply won't build EZ> on some systems. Like with the latest release, for example. How is EZ> it a good idea to upgrade to a version that is broken? And if the EZ> latest version is not always the one to upgrade to, then who will make EZ> the research required to tell users to which version to upgrade? EZ> You? Yes, possibly. EZ> I did that research for the single version whose Windows port I made EZ> available. I built it, fixed the build problems, tested it, fixed the EZ> problems revealed by that, and after doing all that I could in good EZ> faith tell people they can use that version without too much fear. EZ> Why is it safer for users to upgrade to a newer version than to stay EZ> with the one I tested? Shouldn't whoever wants to tell them to EZ> upgrade invest a similar effort in that newer version? If she EZ> doesn't, she is actually shifting the responsibility to the users EZ> anyway! You're right. It's a lot of work. I appreciate it very much. I hope to be able to find the resources to make these reviews happen. >> Installing and keeping GnuTLS up to date should not be the >> responsibility of the user. EZ> Says you. But since there's no one else to pick up the gauntlet, EZ> that's where this responsibility will need to rest. If J.R. Hacker EZ> needs GnuTLS today, he has no one else but himself to rely on. All EZ> we, the Emacs developers, do is just talk. I like to ask before I make changes, hence my request for votes in emacs-devel. Sorry if it seems like empty talk to you. >> As far as I know GnuTLS status is back to "kosher." EZ> Not sure based on what you say this. Monitoring the GnuTLS mailing lists. I don't mean there are no issues, only that the FSF has not made a statement about changing its preference for GnuTLS. >> I see it as a responsibility we're avoiding. But if we had these >> regular builds, how would the user know about a critical update he >> really must install? >> >> See here http://bugs.python.org/issue17425 for an example of how the >> Python community dealt with an security issue in the OpenSSL libraries >> they ship for Windows. I guess we have to answer the question of >> whether that's a standard we as Emacs developers should aspire to, or >> not. EZ> I'm sorry, but you are expecting from the Emacs development something EZ> it can never provide in its present shape and form. Tracking security EZ> issues to this degree in even a single package is a very time EZ> consuming job. Unless we have several volunteers on board taking EZ> responsibility for the various packages which Emacs supports, what you EZ> seem to want is nothing more than a pipe dream. I don't see any such EZ> volunteers; in fact, I don't even see a single one. If we had such an EZ> individual, my year-old port would have been replaced by newer ones EZ> already. (Of course, the Windows build in GnuTLS is regularly broken, EZ> so it's not really easy, either.) Until that changes, all this talk EZ> is just a huge waste of energy. EZ> If you think this kind of effort is possible, how about if you present EZ> a complete realistic plan for having a secure Emacs, name individuals EZ> who would test the releases of those packages for security issues, and EZ> make sure any problems that are detected are promptly fixed on all EZ> platforms we support, etc.? Otherwise, let's just stop these endless EZ> discussions and admit that we don't have the resources to live up to EZ> it. I'm trying to get the work started by first and foremost deciding if Emacs as a project wants to do this at all. This is a decision for the maintainers and you've voted against it on emacs-devel, so let's see what the vote count is and what the maintainers say. If the maintainers are OK with this direction, I will start working on automating the builds (which will need your help initially, if you're willing, to replicate your build process), asking for volunteers, and packaging the libraries. I don't have a 5-year plan but hope to get far enough to make it something sustainable. Ted From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Eli Zaretskii Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sat, 25 May 2013 06:52:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: 14380@debbugs.gnu.org X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Reply-To: Eli Zaretskii Received: via spool by submit@debbugs.gnu.org id=B.136946467530898 (code B ref -1); Sat, 25 May 2013 06:52:02 +0000 Received: (at submit) by debbugs.gnu.org; 25 May 2013 06:51:15 +0000 Received: from localhost ([127.0.0.1]:33344 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ug8Jt-00082I-V6 for submit@debbugs.gnu.org; Sat, 25 May 2013 02:51:14 -0400 Received: from eggs.gnu.org ([208.118.235.92]:49582) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ug8Jj-00081U-9I for submit@debbugs.gnu.org; Sat, 25 May 2013 02:51:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Ug8Ia-0006nw-Uq for submit@debbugs.gnu.org; Sat, 25 May 2013 02:49:58 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-99.2 required=5.0 tests=BAYES_50, RCVD_IN_DNSWL_NONE, USER_IN_WHITELIST autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([208.118.235.17]:38202) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ug8Ia-0006nr-Ro for submit@debbugs.gnu.org; Sat, 25 May 2013 02:49:52 -0400 Received: from eggs.gnu.org ([208.118.235.92]:60912) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ug8IV-0004ge-QR for bug-gnu-emacs@gnu.org; Sat, 25 May 2013 02:49:52 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Ug8IQ-0006mp-D4 for bug-gnu-emacs@gnu.org; Sat, 25 May 2013 02:49:47 -0400 Received: from mtaout20.012.net.il ([80.179.55.166]:33854) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ug8IQ-0006mh-4w for bug-gnu-emacs@gnu.org; Sat, 25 May 2013 02:49:42 -0400 Received: from conversion-daemon.a-mtaout20.012.net.il by a-mtaout20.012.net.il (HyperSendmail v2007.08) id <0MNC00G00DH96500@a-mtaout20.012.net.il> for bug-gnu-emacs@gnu.org; Sat, 25 May 2013 09:49:40 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout20.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MNC00GA5DMS3Y50@a-mtaout20.012.net.il> for bug-gnu-emacs@gnu.org; Sat, 25 May 2013 09:49:40 +0300 (IDT) Date: Sat, 25 May 2013 09:49:43 +0300 From: Eli Zaretskii In-reply-to: <87li7410l4.fsf@lifelogs.com> X-012-Sender: halo1@inter.net.il Message-id: <83y5b3r1tk.fsf@gnu.org> References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <83r4h3vvca.fsf@gnu.org> <878v394uwk.fsf@lifelogs.com> <834ndxwr7r.fsf@gnu.org> <87y5b417nf.fsf@lifelogs.com> <8338tcrun8.fsf@gnu.org> <87li7410l4.fsf@lifelogs.com> X-detected-operating-system: by eggs.gnu.org: Solaris 10 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 208.118.235.17 X-Spam-Score: -8.0 (--------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -8.0 (--------) > From: Ted Zlatanov > Date: Fri, 24 May 2013 18:20:55 -0400 > > >> The risk is that their version of GnuTLS is out of date. > > EZ> That happens with dozens of packages on each user's machine. There's > EZ> nothing in GnuTLS that makes it unique in this regard. > > Yes, of course. I don't know the other packages we require to enable > extra features on W32, sorry. Those are the image libraries and libxml2. And, of course, any prerequisite packages needed to build those: zlib, libintl, libiconv, and the libraries, like libnettle, that GnuTLS depends on. > I think GnuTLS is somewhat unique in this regard by being the only > way to do secure communications with the outside world, but it's > worth considering putting the other packages under the same > mechanism as GnuTLS for installations and updates. Security is not just about secure communications. I'm sure you know that. > >> Installing and keeping GnuTLS up to date should not be the > >> responsibility of the user. > > EZ> Says you. But since there's no one else to pick up the gauntlet, > EZ> that's where this responsibility will need to rest. If J.R. Hacker > EZ> needs GnuTLS today, he has no one else but himself to rely on. All > EZ> we, the Emacs developers, do is just talk. > > I like to ask before I make changes, hence my request for votes in > emacs-devel. Sorry if it seems like empty talk to you. It is empty because it doesn't lead to any action. We've been talking about this for months already. > >> As far as I know GnuTLS status is back to "kosher." > > EZ> Not sure based on what you say this. > > Monitoring the GnuTLS mailing lists. The actual discussions were private, not on any public list. > I'm trying to get the work started by first and foremost deciding if > Emacs as a project wants to do this at all. This is a decision for the > maintainers and you've voted against it on emacs-devel, so let's see > what the vote count is and what the maintainers say. I think it's well beyond our capacities and resources, yes. From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Ted Zlatanov Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Wed, 05 Jun 2013 15:10:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Cc: 14380@debbugs.gnu.org, Eli Zaretskii , emacs-devel@gnu.org Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.13704449493510 (code B ref 14380); Wed, 05 Jun 2013 15:10:01 +0000 Received: (at 14380) by debbugs.gnu.org; 5 Jun 2013 15:09:09 +0000 Received: from localhost ([127.0.0.1]:52701 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UkFKm-0000uT-MQ for submit@debbugs.gnu.org; Wed, 05 Jun 2013 11:09:09 -0400 Received: from mail-qe0-f41.google.com ([209.85.128.41]:65074) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UkFKj-0000tg-IY for 14380@debbugs.gnu.org; Wed, 05 Jun 2013 11:09:06 -0400 Received: by mail-qe0-f41.google.com with SMTP id b4so1129301qen.28 for <14380@debbugs.gnu.org>; Wed, 05 Jun 2013 08:06:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:x-face:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type:content-transfer-encoding; bh=vAlI3cIo9RJ6sw7Mq3Kh8n9TS2xojBreiSCYZBp+fME=; b=INxBrgkmWepMwKaFoujmAA4AyUhBDHX2zs/DHdxUMj0WBxqpfRxo8Nfeaf7vOjAqPl 79nsJAFFFA383aVWbMaC+R/+8aslnhIcECnsi5w0+6g4RBkFgjv/ag7uE/4DJ89PkX5n bCxFGNZ2txIigrxoynHJddWKFsytBcaEJhU8I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:to:cc:subject:organization:references:x-face:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type:content-transfer-encoding :x-gm-message-state; bh=vAlI3cIo9RJ6sw7Mq3Kh8n9TS2xojBreiSCYZBp+fME=; b=fJ5soXGSPCx09C0PnMAHmY/YnCsO6CUXFQV297sZwuCKqjkhylAiVFeX2/j2kFiJac cU3zml8ISL8VoE3mhWh+Ig7gvXsmXukj9m0P64PIlPQBI1C9kduokJoGSQM+tI+ITyN6 O2H4JLVJgY6NCov1sJ6J9o6hY3RmbTdExzWokWF71J8JqbV/IxLAMmM1UskdIZIQ+qra K660QLl9t7iHzOklPdNnWzmgc2VYKLLRpHXDrcj5XrhPFloEBS3n3Mo2XCBYJlwiRq1C kfwpY+RRwhTUut6+if2IhY4VmlHv2+uP9Ysa65a5IFRpimfQt66oOs0IsQEKk2+lAuPH H2bg== X-Received: by 10.49.96.10 with SMTP id do10mr23359403qeb.23.1370444816087; Wed, 05 Jun 2013 08:06:56 -0700 (PDT) Received: from heechee (pool-72-93-26-80.bstnma.east.verizon.net. [72.93.26.80]) by mx.google.com with ESMTPSA id j2sm55255468qer.1.2013.06.05.08.06.54 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Wed, 05 Jun 2013 08:06:54 -0700 (PDT) From: Ted Zlatanov Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <87txly4ll9.fsf@lifelogs.com> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Wed, 05 Jun 2013 11:06:52 -0400 In-Reply-To: ("=?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?="'s message of "Mon, 20 May 2013 23:07:30 +0100") Message-ID: <87obbk1trn.fsf@lifelogs.com> User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Gm-Message-State: ALoCoQnqUTfLvkpWxG7XdDwT3EmuuTCrXI1XWX6X/zVhOdCzxlqUS07da3ta+TT+JlRHVqOFgr6U X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) On Mon, 20 May 2013 23:07:30 +0100 Jo=E3o T=E1vora w= rote:=20 JT> Here is a patch that should be equivalent to the defadvice I'm using. JT> As I said, it works for me. Also I didn't have a VC copy of emacs so I JT> used `diff-buffer-with-file' I applied something very similar. It's a tiny change so it doesn't require assignment papers. If you'd like to contribute to GNU Emacs or other GNU software in the future, I encourage you to file them. revno: 112858 timestamp: Wed 2013-06-05 11:03:37 -0400 message: (open-tls-stream): Remove unneeded buffer contents when opening the conne= ction. This change didn't break anything in my testing. Please test so I can close the bug if it's fixed for you. Ted diff -u -L /usr/local/share/emacs/24.3/lisp/net/tls.el.gz -L \#\ /tmp/jka-com1909LVh /tmp/buffer-content-1909lpt --- /usr/local/share/emacs/24.3/lisp/net/tls.el.gz +++ # @@ -286,7 +286,11 @@ (format "Host name in certificate doesn't \ match `%s'. Connect anyway? " host)))))) (setq done nil) - (delete-process process))) + (delete-process process)) + ;; delete all the informational messages that could + ;; confuse futures users of `buffer' + ;; + (delete-region (point-min) (point))) (message "Opening TLS connection to `%s'...%s" host (if done "done" "failed")) (when use-temp-buffer From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Glenn Morris Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Wed, 05 Jun 2013 16:45:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: 14380@debbugs.gnu.org Cc: Ted Zlatanov Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.137045069519247 (code B ref 14380); Wed, 05 Jun 2013 16:45:02 +0000 Received: (at 14380) by debbugs.gnu.org; 5 Jun 2013 16:44:55 +0000 Received: from localhost ([127.0.0.1]:52746 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UkGpS-00050N-40 for submit@debbugs.gnu.org; Wed, 05 Jun 2013 12:44:54 -0400 Received: from fencepost.gnu.org ([208.118.235.10]:56998 ident=Debian-exim) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UkGpO-00050F-TZ for 14380@debbugs.gnu.org; Wed, 05 Jun 2013 12:44:51 -0400 Received: from rgm by fencepost.gnu.org with local (Exim 4.71) (envelope-from ) id 1UkGnM-0005i4-RQ; Wed, 05 Jun 2013 12:42:44 -0400 From: Glenn Morris References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <87txly4ll9.fsf@lifelogs.com> <87obbk1trn.fsf@lifelogs.com> X-Spook: Saudi Arabia lock picking asset IMF supercomputer X-Ran: }tR*NsD/oEmf7 (Ted Zlatanov's message of "Wed, 05 Jun 2013 11:06:52 -0400") Message-ID: <2pr4ggecfv.fsf@fencepost.gnu.org> User-Agent: Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Spam-Score: -5.5 (-----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -7.4 (-------) Ted Zlatanov wrote: > I applied something very similar. It's a tiny change so it doesn't > require assignment papers. Thanks for applying it. If committing changes by others, please make the ChangeLog entry in their name, and use commit --author. And because this has a bug number, the ChangeLog entry can use that rather than an emacs-devel link. (Seems he already has an assignment BTW). From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Ted Zlatanov Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Wed, 05 Jun 2013 18:14:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Glenn Morris Cc: 14380@debbugs.gnu.org Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.1370455983846 (code B ref 14380); Wed, 05 Jun 2013 18:14:02 +0000 Received: (at 14380) by debbugs.gnu.org; 5 Jun 2013 18:13:03 +0000 Received: from localhost ([127.0.0.1]:52808 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UkICk-0000DL-89 for submit@debbugs.gnu.org; Wed, 05 Jun 2013 14:13:02 -0400 Received: from mail-qe0-f46.google.com ([209.85.128.46]:63192) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UkICi-0000Ca-B3 for 14380@debbugs.gnu.org; Wed, 05 Jun 2013 14:13:01 -0400 Received: by mail-qe0-f46.google.com with SMTP id w7so1281145qeb.33 for <14380@debbugs.gnu.org>; Wed, 05 Jun 2013 11:10:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:x-face:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=GhcaKPSxKlr8W/ouRWc0e+2WR3nrNABWfdcb1QTRbPo=; b=V8ZRQ9AlBndOxXQWf57JVtRzxw6HuXCu2icrAMLKPHN4BhTHxylIc5KuDYVmyHIhQZ 2iVTUpe+daLQFEUZ8SAPqwWAn/bOMyJGBYXDjB/kDsfuiYlpBpKG4fb2FEuVP+zSHC2U 77iKACiJSDKfBQTazqppv1egRmSqvrbwzihdw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:to:cc:subject:organization:references:x-face:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type:x-gm-message-state; bh=GhcaKPSxKlr8W/ouRWc0e+2WR3nrNABWfdcb1QTRbPo=; b=nIixhyDMVLgpY30IwCEFmJVZFb/A7RIvjEUZGx8dq0kVTH9WPpMeTZpIPLDRX53P2x TvQZWxkDH5MmQu4rH0NUKySzDLxoRIZmbWXyxjjBbCF1jOEixUPGUK+8AaAjQslufYTM XyijPfvi6djfF4USj4T59dnMXFMlPU5t/0wcVMVseK9u9bOAtMD1XIAM5iZe4bjDL0wV OuxamIDcinfm1ZL26Nx4oyRtcgymT57WPMyNMzJ3vdSoBYueD/BoKWzdy3+y7VVL3HxD n5M6d9iFYscXHpX47v7pRpcc7cufdTvZxAPSRqMvbjMrgLIfash9a3hSKDsYm2imxB5G 45VA== X-Received: by 10.229.107.134 with SMTP id b6mr8456634qcp.66.1370455850255; Wed, 05 Jun 2013 11:10:50 -0700 (PDT) Received: from heechee (pool-72-93-26-80.bstnma.east.verizon.net. [72.93.26.80]) by mx.google.com with ESMTPSA id j10sm73665872qeh.0.2013.06.05.11.10.48 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Wed, 05 Jun 2013 11:10:49 -0700 (PDT) From: Ted Zlatanov Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <87txly4ll9.fsf@lifelogs.com> <87obbk1trn.fsf@lifelogs.com> <2pr4ggecfv.fsf@fencepost.gnu.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Wed, 05 Jun 2013 14:10:47 -0400 In-Reply-To: <2pr4ggecfv.fsf@fencepost.gnu.org> (Glenn Morris's message of "Wed, 05 Jun 2013 12:42:44 -0400") Message-ID: <874ndcxwbc.fsf@lifelogs.com> User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Gm-Message-State: ALoCoQkTuaoAvJpUfPV511jUW+7yW0xhxxh78pYPS5OCU/pSwP/P+ZSu7rjU27oOO7P6Sh2N0DrC X-Spam-Score: -2.6 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -2.6 (--) On Wed, 05 Jun 2013 12:42:44 -0400 Glenn Morris wrote: GM> Ted Zlatanov wrote: >> I applied something very similar. It's a tiny change so it doesn't >> require assignment papers. GM> Thanks for applying it. If committing changes by others, please make the GM> ChangeLog entry in their name, and use commit --author. This must be a recent policy, or at least wasn't requested before. Sorry. GM> And because this has a bug number, the ChangeLog entry can use that GM> rather than an emacs-devel link. Right. Can you tell I haven't contributed in a while? :) Should I edit the ChangeLog with the bug number or just leave it alone now that it's wrong? Ted From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Thu, 06 Jun 2013 08:19:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: Ted Zlatanov Cc: 14380@debbugs.gnu.org, Eli Zaretskii , emacs-devel@gnu.org Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.137050671724723 (code B ref 14380); Thu, 06 Jun 2013 08:19:02 +0000 Received: (at 14380) by debbugs.gnu.org; 6 Jun 2013 08:18:37 +0000 Received: from localhost ([127.0.0.1]:53584 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UkVP2-0006Qi-Sf for submit@debbugs.gnu.org; Thu, 06 Jun 2013 04:18:37 -0400 Received: from mail-pd0-f169.google.com ([209.85.192.169]:35670) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1UkVOz-0006QM-V6 for 14380@debbugs.gnu.org; Thu, 06 Jun 2013 04:18:35 -0400 Received: by mail-pd0-f169.google.com with SMTP id y10so3052654pdj.28 for <14380@debbugs.gnu.org>; Thu, 06 Jun 2013 01:16:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=7fGufZqwgRdU1iu8AYRi0foozMlDPIteNR887FlegMY=; b=fh3nrfaqnpqeCIlcBjyP4B93UUCaqFkbLazNNVu/Erv0uSn1LHQd6iliKwt9B0x5jf VhJXupBpsi/a9xG/Qxq41X7bxTFYjfsk1qv0sUnNW5WAPrPl0zjjpLm+JBAF6irLLqjw PR1wpq/GbrGFP+nPb/cTPnCLT/z6/1WMtK0EqQvnp6jjDY8Uws3JiH8/Ct4BVVMl102O LWEO/N9u/M4izUri/cxs5Y8QrSVlHvjQkfpMZpxXFP/TTYaJrK4t3xki8Qx4lf092xLV XC1m9y8IA3QoUBuKbQsv0dhyJyoeU32uF5xqjmUiaput6fet2oZBOcDVBqre8Tzvzixk RlBw== X-Received: by 10.66.102.6 with SMTP id fk6mr16016156pab.184.1370506580008; Thu, 06 Jun 2013 01:16:20 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.231.36 with HTTP; Thu, 6 Jun 2013 01:15:59 -0700 (PDT) In-Reply-To: <87obbk1trn.fsf@lifelogs.com> References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <87txly4ll9.fsf@lifelogs.com> <87obbk1trn.fsf@lifelogs.com> From: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= Date: Thu, 6 Jun 2013 09:15:59 +0100 Message-ID: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) Thanks! To test, I will load just load the trunks "tls.el" in my existing W32 emacs. (I don't have time to get a windows emacs-building toolchain). As Stefan mentioned, I have already signed papers. Jo=E3o On Wed, Jun 5, 2013 at 4:06 PM, Ted Zlatanov wrote: > On Mon, 20 May 2013 23:07:30 +0100 Jo=E3o T=E1vora = wrote: > > JT> Here is a patch that should be equivalent to the defadvice I'm using. > JT> As I said, it works for me. Also I didn't have a VC copy of emacs so = I > JT> used `diff-buffer-with-file' > > I applied something very similar. It's a tiny change so it doesn't > require assignment papers. If you'd like to contribute to GNU Emacs or > other GNU software in the future, I encourage you to file them. > > revno: 112858 > timestamp: Wed 2013-06-05 11:03:37 -0400 > message: > (open-tls-stream): Remove unneeded buffer contents when opening the con= nection. > > This change didn't break anything in my testing. Please test so I can > close the bug if it's fixed for you. > > Ted > > diff -u -L /usr/local/share/emacs/24.3/lisp/net/tls.el.gz -L > \#\ /tmp/jka-com1909LVh > /tmp/buffer-content-1909lpt > --- /usr/local/share/emacs/24.3/lisp/net/tls.el.gz > +++ # > @@ -286,7 +286,11 @@ > (format "Host name in certificate doesn't \ > match `%s'. Connect anyway? " host)))))) > (setq done nil) > - (delete-process process))) > + (delete-process process)) > + ;; delete all the informational messages that could > + ;; confuse futures users of `buffer' > + ;; > + (delete-region (point-min) (point))) > (message "Opening TLS connection to `%s'...%s" > host (if done "done" "failed")) > (when use-temp-buffer > --=20 Jo=E3o T=E1vora From unknown Thu Jun 19 14:01:00 2025 X-Loop: help-debbugs@gnu.org Subject: bug#14380: 24.3; `network-stream-open-tls' fails in some imap servers on w32 Resent-From: Glenn Morris Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Sat, 08 Jun 2013 00:59:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 14380 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: To: 14380@debbugs.gnu.org Received: via spool by 14380-submit@debbugs.gnu.org id=B14380.137065309418734 (code B ref 14380); Sat, 08 Jun 2013 00:59:02 +0000 Received: (at 14380) by debbugs.gnu.org; 8 Jun 2013 00:58:14 +0000 Received: from localhost ([127.0.0.1]:57156 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ul7Ty-0004s7-G8 for submit@debbugs.gnu.org; Fri, 07 Jun 2013 20:58:14 -0400 Received: from fencepost.gnu.org ([208.118.235.10]:39037 ident=Debian-exim) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Ul7Tv-0004rw-3k for 14380@debbugs.gnu.org; Fri, 07 Jun 2013 20:58:11 -0400 Received: from rgm by fencepost.gnu.org with local (Exim 4.71) (envelope-from ) id 1Ul7Tr-0006lL-1a; Fri, 07 Jun 2013 20:58:07 -0400 From: Glenn Morris References: <87k3mw79iv.fsf@lifelogs.com> <87zjvr64lt.fsf_-_@lifelogs.com> <87txly4ll9.fsf@lifelogs.com> <87obbk1trn.fsf@lifelogs.com> <2pr4ggecfv.fsf@fencepost.gnu.org> <874ndcxwbc.fsf@lifelogs.com> X-Spook: Abbas Project Monarch $400 million in gold bullion Vince X-Ran: "wJz"~5}1s#D#"kV9*:p;SL|~o."zotUupcLSOP]>Rb\VEqZXw. (Ted Zlatanov's message of "Wed, 05 Jun 2013 14:10:47 -0400") Message-ID: User-Agent: Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Spam-Score: -5.5 (-----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -7.4 (-------) Ted Zlatanov wrote: > GM> Thanks for applying it. If committing changes by others, please make the > GM> ChangeLog entry in their name, and use commit --author. > > This must be a recent policy, or at least wasn't requested before. Sorry. The ChangeLog thing is very old. The --commit thing is less well advertised, but must be several years old by now I should think. > Should I edit the ChangeLog with the bug number or just leave it alone > now that it's wrong? It's always fine to improve ChangeLog entries after the fact. (I changed it.) From debbugs-submit-bounces@debbugs.gnu.org Mon Jun 17 19:04:24 2013 Received: (at control) by debbugs.gnu.org; 17 Jun 2013 23:04:24 +0000 Received: from localhost ([127.0.0.1]:51596 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1UoiTH-0004Gh-TS for submit@debbugs.gnu.org; Mon, 17 Jun 2013 19:04:24 -0400 Received: from fencepost.gnu.org ([208.118.235.10]:52499 ident=Debian-exim) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1UoiTF-0004GT-Lf for control@debbugs.gnu.org; Mon, 17 Jun 2013 19:04:22 -0400 Received: from rgm by fencepost.gnu.org with local (Exim 4.71) (envelope-from ) id 1UoiTF-0000DP-9D for control@debbugs.gnu.org; Mon, 17 Jun 2013 19:04:21 -0400 Date: Mon, 17 Jun 2013 19:04:21 -0400 Message-Id: Subject: control message for bug 14380 To: X-Mailer: mail (GNU Mailutils 2.1) From: Glenn Morris X-Spam-Score: -6.1 (------) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -6.1 (------) close 14380