GNU bug report logs - #15792
24.3; Builtin TLS support should enable certificate verification support by default

Previous Next

Package: emacs;

Reported by: Vincent Bernat <bernat <at> luffy.cx>

Date: Sat, 2 Nov 2013 18:45:02 UTC

Severity: important

Merged with 13374, 13877

Found in version 24.3

Done: Ted Zlatanov <tzz <at> lifelogs.com>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 15792 in the body.
You can then email your comments to 15792 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-gnu-emacs <at> gnu.org:
bug#15792; Package emacs. (Sat, 02 Nov 2013 18:45:03 GMT) Full text and rfc822 format available.
Acknowledgement sent to Vincent Bernat <bernat <at> luffy.cx>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs <at> gnu.org. (Sat, 02 Nov 2013 18:45:03 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Vincent Bernat <bernat <at> luffy.cx>
To: bug-gnu-emacs <at> gnu.org
Subject: 24.3;
 Builtin TLS support should enable certificate verification support by
 default
Date: Sat, 02 Nov 2013 16:05:21 +0100

Hi!

New builtin TLS support disables certificate verification by
default. This is a very bad practice and the default should be to check
for certificate validity.

Moreover, the end-user of a package using this builtin support has no
easy way to enable the verification of TLS certificates. For example,
Gnus does not provide anything to enable this and as a simple user, it
seems quite difficult to ensure that certificates are verified. And each
package has the responsability to enable this option. This is
cumbersome.

Previously, enabling/disabling certificate verification was easy. You
set `tls-program` variable to something that checks or don't check for
certificates. For gnutls-client, this was a matter of using or not using
the `--insecure` switch.

I didn't find a way to disable the builtin TLS support (other than to
recompile Emacs).

I propose:

 1. Verify the certificates by default.
 2. Prompt the user if there is a problem.
 3. Add the possibility to not check for certificates by default.

I can provide a patch for the first step but I have little Emacs-fu for
the other two parts (all the more that most of the code is in C).
-- 
Use variable names that mean something.
            - The Elements of Programming Style (Kernighan & Plauger)
Forcibly Merged 13374 13877 15792. Request was from Glenn Morris <rgm <at> gnu.org> to control <at> debbugs.gnu.org. (Sat, 02 Nov 2013 18:47:02 GMT) Full text and rfc822 format available.
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#15792; Package emacs. (Sat, 02 Nov 2013 18:50:02 GMT) Full text and rfc822 format available.

Message #10 received at 15792 <at> debbugs.gnu.org (full text, mbox):

From: Glenn Morris <rgm <at> gnu.org>
To: Vincent Bernat <bernat <at> luffy.cx>
Cc: 15792 <at> debbugs.gnu.org
Subject: Re: bug#15792: 24.3;
 Builtin TLS support should enable certificate verification support by
 default
Date: Sat, 02 Nov 2013 14:48:57 -0400

See http://debbugs.gnu.org/13374 and related discussion.
Reply sent to Vincent Bernat <bernat <at> luffy.cx>:
You have taken responsibility. (Sat, 02 Nov 2013 21:08:01 GMT) Full text and rfc822 format available.
Notification sent to Vincent Bernat <bernat <at> luffy.cx>:
bug acknowledged by developer. (Sat, 02 Nov 2013 21:08:02 GMT) Full text and rfc822 format available.

Message #15 received at 15792-close <at> debbugs.gnu.org (full text, mbox):

From: Vincent Bernat <bernat <at> luffy.cx>
To: Glenn Morris <rgm <at> gnu.org>
Cc: 15792-close <at> debbugs.gnu.org
Subject: Re: bug#15792: 24.3;
 Builtin TLS support should enable certificate verification support by
 default
Date: Sat, 02 Nov 2013 22:07:16 +0100

 ❦  2 novembre 2013 19:48 CET, Glenn Morris <rgm <at> gnu.org> :

> See http://debbugs.gnu.org/13374 and related discussion.

Thanks! Sorry for the duplicate, I didn't find this bug report.
-- 
printk("??? No FDIV bug? Lucky you...\n");
	2.2.16 /usr/src/linux/include/asm-i386/bugs.h
Reply sent to Vincent Bernat <bernat <at> luffy.cx>:
You have taken responsibility. (Sat, 02 Nov 2013 21:08:02 GMT) Full text and rfc822 format available.
Notification sent to Oleksii Shevchuk <alxchk <at> gmail.com>:
bug acknowledged by developer. (Sat, 02 Nov 2013 21:08:02 GMT) Full text and rfc822 format available.
Reply sent to Vincent Bernat <bernat <at> luffy.cx>:
You have taken responsibility. (Sat, 02 Nov 2013 21:08:03 GMT) Full text and rfc822 format available.
Notification sent to Moritz Ulrich <moritz <at> tarn-vedra.de>:
bug acknowledged by developer. (Sat, 02 Nov 2013 21:08:03 GMT) Full text and rfc822 format available.
Did not alter fixed versions and reopened. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Sat, 02 Nov 2013 21:11:01 GMT) Full text and rfc822 format available.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Thu, 16 Jan 2014 12:24:05 GMT) Full text and rfc822 format available.
This bug report was last modified 11 years and 207 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.