From debbugs-submit-bounces@debbugs.gnu.org Wed Dec 25 04:16:01 2013 Received: (at submit) by debbugs.gnu.org; 25 Dec 2013 09:16:01 +0000 Received: from localhost ([127.0.0.1]:40569 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1VvkZJ-0005Ks-MI for submit@debbugs.gnu.org; Wed, 25 Dec 2013 04:16:01 -0500 Received: from eggs.gnu.org ([208.118.235.92]:46194) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1VvkZE-0005Fu-H7 for submit@debbugs.gnu.org; Wed, 25 Dec 2013 04:15:56 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VvkZ8-0004dI-3Y for submit@debbugs.gnu.org; Wed, 25 Dec 2013 04:15:52 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: ** X-Spam-Status: No, score=2.8 required=5.0 tests=BAYES_50,LONGWORDS autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:37369) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VvkZ8-0004dE-10 for submit@debbugs.gnu.org; Wed, 25 Dec 2013 04:15:46 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47871) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VvkZ2-0002ej-9b for bug-gnu-emacs@gnu.org; Wed, 25 Dec 2013 04:15:45 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VvkYw-0004bS-2B for bug-gnu-emacs@gnu.org; Wed, 25 Dec 2013 04:15:40 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:36437) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VvkYv-0004b2-F8 for bug-gnu-emacs@gnu.org; Wed, 25 Dec 2013 04:15:33 -0500 Received: from 46.156.155.141.tmi.telenormobil.no ([46.156.155.141] helo=building.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1VvkYe-0003YL-VT for bug-gnu-emacs@gnu.org; Wed, 25 Dec 2013 10:15:17 +0100 From: Lars Ingebrigtsen To: bug-gnu-emacs@gnu.org Subject: 24.3.50; Irrelevant warnings from gnutls Date: Wed, 25 Dec 2013 10:09:21 +0100 Message-ID: <87vbydjnzy.fsf@building.gnus.org> MIME-Version: 1.0 Content-Type: text/plain X-MailScanner-ID: 1VvkYe-0003YL-VT X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-SpamScore: s X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1388567717.40308@8AIBD/ADNsLRlpMw94eg6A X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -3.2 (---) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.2 (---) When a TLS server shuts down the connection to Emacs (for instance, when timing out a https connection), Emacs gives this ominous warning: gnutls.c: [0] (Emacs) fatal error: The TLS connection was non-properly terminated. Normal network connections don't give any warnings, so TLS connections shouldn't, either. In GNU Emacs 24.3.50.5 (x86_64-unknown-linux-gnu, GTK+ Version 3.8.2) of 2013-12-25 on building.gnus.org Bzr revision: 115738 cyd@gnu.org-20131225030511-ru56hhc243pxja04 Windowing system distributor `Fedora Project', version 11.0.11402000 Important settings: value of $LANG: en_GB.utf8 value of $XMODIFIERS: @im=ibus locale-coding-system: utf-8-unix Major mode: Messages Minor modes in effect: erc-list-mode: t erc-menu-mode: t erc-autojoin-mode: t erc-ring-mode: t erc-networks-mode: t erc-pcomplete-mode: t erc-track-mode: t erc-track-minor-mode: t erc-match-mode: t erc-button-mode: t erc-fill-mode: t erc-stamp-mode: t erc-netsplit-mode: t erc-irccontrols-mode: t erc-noncommands-mode: t erc-move-to-prompt-mode: t erc-readonly-mode: t diff-auto-refine-mode: t tooltip-mode: t electric-indent-mode: t mouse-wheel-mode: t file-name-shadow-mode: t global-font-lock-mode: t font-lock-mode: t blink-cursor-mode: t auto-composition-mode: t auto-encryption-mode: t auto-compression-mode: t buffer-read-only: t line-number-mode: t Recent input: e e z e SPC i s SPC o v e r SPC t o SPC i b e SPC i n s t a l l e d . C-c C-c d q g . d q s g . d q q l 1 0 n n SPC n n SPC n n SPC n n n n H-o H-o M-x C-g C-x b b l C-g M-x l a r s - e r / n i c k SPC / n i c k SPC l m i n H-o H-o H-o H-o H-o C-x v = C-x o C-x 1 C-x b * G g q l l 1 0 h n n n SPC SPC SPC SPC SPC SPC q n n n n P SPC SPC SPC SPC q n n n C-g 1 0 SPC H-o C-x b * s M C-x b T s k SPC t s k C-x b C-SPC C-e M-w M-> M-x r e p o r Recent messages: Reading active file from archive via nnfolder...done Reading active file via nndraft...done Checking new news...done Contacting host: news.ycombinator.com:443 Contacting host: bits.blogs.nytimes.com:80 Quit getting the articles to read Quit gnutls.c: [0] (Emacs) fatal error: The TLS connection was non-properly terminated. Mark set [2 times] Making completion list... Load-path shadows: /home/larsi/mgnus/lisp/hex-util hides /home/larsi/src/emacs/trunk/lisp/hex-util /home/larsi/mgnus/lisp/md4 hides /home/larsi/src/emacs/trunk/lisp/md4 /home/larsi/mgnus/lisp/format-spec hides /home/larsi/src/emacs/trunk/lisp/format-spec /home/larsi/mgnus/lisp/password-cache hides /home/larsi/src/emacs/trunk/lisp/password-cache /home/larsi/mgnus/lisp/color hides /home/larsi/src/emacs/trunk/lisp/color /home/larsi/mgnus/lisp/dns-mode hides /home/larsi/src/emacs/trunk/lisp/textmodes/dns-mode /home/larsi/mgnus/lisp/sasl-digest hides /home/larsi/src/emacs/trunk/lisp/net/sasl-digest /home/larsi/mgnus/lisp/hmac-md5 hides /home/larsi/src/emacs/trunk/lisp/net/hmac-md5 /home/larsi/mgnus/lisp/sasl-ntlm hides /home/larsi/src/emacs/trunk/lisp/net/sasl-ntlm /home/larsi/mgnus/lisp/dns hides /home/larsi/src/emacs/trunk/lisp/net/dns /home/larsi/mgnus/lisp/hmac-def hides /home/larsi/src/emacs/trunk/lisp/net/hmac-def /home/larsi/mgnus/lisp/sasl hides /home/larsi/src/emacs/trunk/lisp/net/sasl /home/larsi/mgnus/lisp/sasl-cram hides /home/larsi/src/emacs/trunk/lisp/net/sasl-cram /home/larsi/mgnus/lisp/ntlm hides /home/larsi/src/emacs/trunk/lisp/net/ntlm /home/larsi/mgnus/lisp/tls hides /home/larsi/src/emacs/trunk/lisp/net/tls /home/larsi/mgnus/lisp/dig hides /home/larsi/src/emacs/trunk/lisp/net/dig /home/larsi/mgnus/lisp/netrc hides /home/larsi/src/emacs/trunk/lisp/net/netrc /home/larsi/mgnus/lisp/uudecode hides /home/larsi/src/emacs/trunk/lisp/mail/uudecode /home/larsi/mgnus/lisp/hashcash hides /home/larsi/src/emacs/trunk/lisp/mail/hashcash /home/larsi/mgnus/lisp/binhex hides /home/larsi/src/emacs/trunk/lisp/mail/binhex /home/larsi/mgnus/lisp/gnus-sieve hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-sieve /home/larsi/mgnus/lisp/gnus hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus /home/larsi/mgnus/lisp/nnmh hides /home/larsi/src/emacs/trunk/lisp/gnus/nnmh /home/larsi/mgnus/lisp/nndir hides /home/larsi/src/emacs/trunk/lisp/gnus/nndir /home/larsi/mgnus/lisp/gnus-kill hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-kill /home/larsi/mgnus/lisp/deuglify hides /home/larsi/src/emacs/trunk/lisp/gnus/deuglify /home/larsi/mgnus/lisp/mm-archive hides /home/larsi/src/emacs/trunk/lisp/gnus/mm-archive /home/larsi/mgnus/lisp/gnus-gravatar hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-gravatar /home/larsi/mgnus/lisp/mm-decode hides /home/larsi/src/emacs/trunk/lisp/gnus/mm-decode /home/larsi/mgnus/lisp/yenc hides /home/larsi/src/emacs/trunk/lisp/gnus/yenc /home/larsi/mgnus/lisp/mm-extern hides /home/larsi/src/emacs/trunk/lisp/gnus/mm-extern /home/larsi/mgnus/lisp/qp hides /home/larsi/src/emacs/trunk/lisp/gnus/qp /home/larsi/mgnus/lisp/gnus-diary hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-diary /home/larsi/mgnus/lisp/gnus-fun hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-fun /home/larsi/mgnus/lisp/gnus-vm hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-vm /home/larsi/mgnus/lisp/registry hides /home/larsi/src/emacs/trunk/lisp/gnus/registry /home/larsi/mgnus/lisp/nnrss hides /home/larsi/src/emacs/trunk/lisp/gnus/nnrss /home/larsi/mgnus/lisp/rfc2231 hides /home/larsi/src/emacs/trunk/lisp/gnus/rfc2231 /home/larsi/mgnus/lisp/mml-sec hides /home/larsi/src/emacs/trunk/lisp/gnus/mml-sec /home/larsi/mgnus/lisp/gssapi hides /home/larsi/src/emacs/trunk/lisp/gnus/gssapi /home/larsi/mgnus/lisp/gnus-bookmark hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-bookmark /home/larsi/mgnus/lisp/nnagent hides /home/larsi/src/emacs/trunk/lisp/gnus/nnagent /home/larsi/mgnus/lisp/gnus-topic hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-topic /home/larsi/mgnus/lisp/gnus-bcklg hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-bcklg /home/larsi/mgnus/lisp/gnus-uu hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-uu /home/larsi/mgnus/lisp/nnbabyl hides /home/larsi/src/emacs/trunk/lisp/gnus/nnbabyl /home/larsi/mgnus/lisp/gnus-ml hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-ml /home/larsi/mgnus/lisp/nnmbox hides /home/larsi/src/emacs/trunk/lisp/gnus/nnmbox /home/larsi/mgnus/lisp/nnvirtual hides /home/larsi/src/emacs/trunk/lisp/gnus/nnvirtual /home/larsi/mgnus/lisp/rfc1843 hides /home/larsi/src/emacs/trunk/lisp/gnus/rfc1843 /home/larsi/mgnus/lisp/sieve-mode hides /home/larsi/src/emacs/trunk/lisp/gnus/sieve-mode /home/larsi/mgnus/lisp/nnregistry hides /home/larsi/src/emacs/trunk/lisp/gnus/nnregistry /home/larsi/mgnus/lisp/gravatar hides /home/larsi/src/emacs/trunk/lisp/gnus/gravatar /home/larsi/mgnus/lisp/score-mode hides /home/larsi/src/emacs/trunk/lisp/gnus/score-mode /home/larsi/mgnus/lisp/gnus-notifications hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-notifications /home/larsi/mgnus/lisp/rtree hides /home/larsi/src/emacs/trunk/lisp/gnus/rtree /home/larsi/mgnus/lisp/gnus-mh hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-mh /home/larsi/mgnus/lisp/mail-parse hides /home/larsi/src/emacs/trunk/lisp/gnus/mail-parse /home/larsi/mgnus/lisp/mm-uu hides /home/larsi/src/emacs/trunk/lisp/gnus/mm-uu /home/larsi/mgnus/lisp/nnmairix hides /home/larsi/src/emacs/trunk/lisp/gnus/nnmairix /home/larsi/mgnus/lisp/gnus-agent hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-agent /home/larsi/mgnus/lisp/message hides /home/larsi/src/emacs/trunk/lisp/gnus/message /home/larsi/mgnus/lisp/gnus-async hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-async /home/larsi/mgnus/lisp/spam-report hides /home/larsi/src/emacs/trunk/lisp/gnus/spam-report /home/larsi/mgnus/lisp/mm-encode hides /home/larsi/src/emacs/trunk/lisp/gnus/mm-encode /home/larsi/mgnus/lisp/smime hides /home/larsi/src/emacs/trunk/lisp/gnus/smime /home/larsi/mgnus/lisp/mm-url hides /home/larsi/src/emacs/trunk/lisp/gnus/mm-url /home/larsi/mgnus/lisp/smiley hides /home/larsi/src/emacs/trunk/lisp/gnus/smiley /home/larsi/mgnus/lisp/plstore hides /home/larsi/src/emacs/trunk/lisp/gnus/plstore /home/larsi/mgnus/lisp/nngateway hides /home/larsi/src/emacs/trunk/lisp/gnus/nngateway /home/larsi/mgnus/lisp/gnus-picon hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-picon /home/larsi/mgnus/lisp/gnus-range hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-range /home/larsi/mgnus/lisp/mailcap hides /home/larsi/src/emacs/trunk/lisp/gnus/mailcap /home/larsi/mgnus/lisp/gnus-sync hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-sync /home/larsi/mgnus/lisp/sieve hides /home/larsi/src/emacs/trunk/lisp/gnus/sieve /home/larsi/mgnus/lisp/nntp hides /home/larsi/src/emacs/trunk/lisp/gnus/nntp /home/larsi/mgnus/lisp/gnus-logic hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-logic /home/larsi/mgnus/lisp/rfc2047 hides /home/larsi/src/emacs/trunk/lisp/gnus/rfc2047 /home/larsi/mgnus/lisp/mml2015 hides /home/larsi/src/emacs/trunk/lisp/gnus/mml2015 /home/larsi/mgnus/lisp/gnus-html hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-html /home/larsi/mgnus/lisp/gnus-undo hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-undo /home/larsi/mgnus/lisp/utf7 hides /home/larsi/src/emacs/trunk/lisp/gnus/utf7 /home/larsi/mgnus/lisp/gmm-utils hides /home/larsi/src/emacs/trunk/lisp/gnus/gmm-utils /home/larsi/mgnus/lisp/gnus-icalendar hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-icalendar /home/larsi/mgnus/lisp/gnus-salt hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-salt /home/larsi/mgnus/lisp/mml-smime hides /home/larsi/src/emacs/trunk/lisp/gnus/mml-smime /home/larsi/mgnus/lisp/mm-view hides /home/larsi/src/emacs/trunk/lisp/gnus/mm-view /home/larsi/mgnus/lisp/gnus-demon hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-demon /home/larsi/mgnus/lisp/gnus-cus hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-cus /home/larsi/mgnus/lisp/nnmaildir hides /home/larsi/src/emacs/trunk/lisp/gnus/nnmaildir /home/larsi/mgnus/lisp/gnus-art hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-art /home/larsi/mgnus/lisp/sieve-manage hides /home/larsi/src/emacs/trunk/lisp/gnus/sieve-manage /home/larsi/mgnus/lisp/gnus-group hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-group /home/larsi/mgnus/lisp/gnus-msg hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-msg /home/larsi/mgnus/lisp/spam-stat hides /home/larsi/src/emacs/trunk/lisp/gnus/spam-stat /home/larsi/mgnus/lisp/mml hides /home/larsi/src/emacs/trunk/lisp/gnus/mml /home/larsi/mgnus/lisp/rfc2104 hides /home/larsi/src/emacs/trunk/lisp/gnus/rfc2104 /home/larsi/mgnus/lisp/gnus-registry hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-registry /home/larsi/mgnus/lisp/nnheader hides /home/larsi/src/emacs/trunk/lisp/gnus/nnheader /home/larsi/mgnus/lisp/compface hides /home/larsi/src/emacs/trunk/lisp/gnus/compface /home/larsi/mgnus/lisp/nnnil hides /home/larsi/src/emacs/trunk/lisp/gnus/nnnil /home/larsi/mgnus/lisp/mml1991 hides /home/larsi/src/emacs/trunk/lisp/gnus/mml1991 /home/larsi/mgnus/lisp/mail-prsvr hides /home/larsi/src/emacs/trunk/lisp/gnus/mail-prsvr /home/larsi/mgnus/lisp/ecomplete hides /home/larsi/src/emacs/trunk/lisp/gnus/ecomplete /home/larsi/mgnus/lisp/gnus-win hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-win /home/larsi/mgnus/lisp/nneething hides /home/larsi/src/emacs/trunk/lisp/gnus/nneething /home/larsi/mgnus/lisp/nndoc hides /home/larsi/src/emacs/trunk/lisp/gnus/nndoc /home/larsi/mgnus/lisp/gnus-srvr hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-srvr /home/larsi/mgnus/lisp/nnoo hides /home/larsi/src/emacs/trunk/lisp/gnus/nnoo /home/larsi/mgnus/lisp/spam hides /home/larsi/src/emacs/trunk/lisp/gnus/spam /home/larsi/mgnus/lisp/nnfolder hides /home/larsi/src/emacs/trunk/lisp/gnus/nnfolder /home/larsi/mgnus/lisp/messcompat hides /home/larsi/src/emacs/trunk/lisp/gnus/messcompat /home/larsi/mgnus/lisp/html2text hides /home/larsi/src/emacs/trunk/lisp/gnus/html2text /home/larsi/mgnus/lisp/starttls hides /home/larsi/src/emacs/trunk/lisp/gnus/starttls /home/larsi/mgnus/lisp/auth-source hides /home/larsi/src/emacs/trunk/lisp/gnus/auth-source /home/larsi/mgnus/lisp/canlock hides /home/larsi/src/emacs/trunk/lisp/gnus/canlock /home/larsi/mgnus/lisp/pop3 hides /home/larsi/src/emacs/trunk/lisp/gnus/pop3 /home/larsi/mgnus/lisp/gnus-score hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-score /home/larsi/mgnus/lisp/mm-util hides /home/larsi/src/emacs/trunk/lisp/gnus/mm-util /home/larsi/mgnus/lisp/gnus-sum hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-sum /home/larsi/mgnus/lisp/nndiary hides /home/larsi/src/emacs/trunk/lisp/gnus/nndiary /home/larsi/mgnus/lisp/gnus-start hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-start /home/larsi/mgnus/lisp/gnus-int hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-int /home/larsi/mgnus/lisp/rfc2045 hides /home/larsi/src/emacs/trunk/lisp/gnus/rfc2045 /home/larsi/mgnus/lisp/gnus-cache hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-cache /home/larsi/mgnus/lisp/nnweb hides /home/larsi/src/emacs/trunk/lisp/gnus/nnweb /home/larsi/mgnus/lisp/mail-source hides /home/larsi/src/emacs/trunk/lisp/gnus/mail-source /home/larsi/mgnus/lisp/gnus-eform hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-eform /home/larsi/mgnus/lisp/gnus-mlspl hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-mlspl /home/larsi/mgnus/lisp/gnus-util hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-util /home/larsi/mgnus/lisp/mm-partial hides /home/larsi/src/emacs/trunk/lisp/gnus/mm-partial /home/larsi/mgnus/lisp/nnimap hides /home/larsi/src/emacs/trunk/lisp/gnus/nnimap /home/larsi/mgnus/lisp/.dir-locals hides /home/larsi/src/emacs/trunk/lisp/gnus/.dir-locals /home/larsi/mgnus/lisp/nnir hides /home/larsi/src/emacs/trunk/lisp/gnus/nnir /home/larsi/mgnus/lisp/gnus-spec hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-spec /home/larsi/mgnus/lisp/legacy-gnus-agent hides /home/larsi/src/emacs/trunk/lisp/gnus/legacy-gnus-agent /home/larsi/mgnus/lisp/gnus-cite hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-cite /home/larsi/mgnus/lisp/gnus-dup hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-dup /home/larsi/mgnus/lisp/spam-wash hides /home/larsi/src/emacs/trunk/lisp/gnus/spam-wash /home/larsi/mgnus/lisp/ietf-drums hides /home/larsi/src/emacs/trunk/lisp/gnus/ietf-drums /home/larsi/mgnus/lisp/nnml hides /home/larsi/src/emacs/trunk/lisp/gnus/nnml /home/larsi/mgnus/lisp/nnmail hides /home/larsi/src/emacs/trunk/lisp/gnus/nnmail /home/larsi/mgnus/lisp/nndraft hides /home/larsi/src/emacs/trunk/lisp/gnus/nndraft /home/larsi/mgnus/lisp/nnspool hides /home/larsi/src/emacs/trunk/lisp/gnus/nnspool /home/larsi/mgnus/lisp/gnus-setup hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-setup /home/larsi/mgnus/lisp/gnus-ems hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-ems /home/larsi/mgnus/lisp/gnus-draft hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-draft /home/larsi/mgnus/lisp/flow-fill hides /home/larsi/src/emacs/trunk/lisp/gnus/flow-fill /home/larsi/mgnus/lisp/mm-bodies hides /home/larsi/src/emacs/trunk/lisp/gnus/mm-bodies /home/larsi/mgnus/lisp/gnus-delay hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-delay /home/larsi/mgnus/lisp/gnus-dired hides /home/larsi/src/emacs/trunk/lisp/gnus/gnus-dired /home/larsi/mgnus/lisp/time-date hides /home/larsi/src/emacs/trunk/lisp/calendar/time-date /home/larsi/mgnus/lisp/parse-time hides /home/larsi/src/emacs/trunk/lisp/calendar/parse-time Features: (shadow emacsbug shr-color color timezone erc-list erc-menu erc-join erc-ring erc-networks erc-pcomplete pcomplete comint erc-track erc-match erc-button erc-fill erc-stamp erc-netsplit erc-goodies erc erc-backend erc-compat crm debbugs-gnu debbugs soap-client warnings nndoc url-handlers thingatpt mailalias smtpmail sendmail ecomplete bug-reference vc-annotate whitespace diff-mode easy-mmode vc vc-dispatcher etags ring edebug misearch multi-isearch vc-bzr pp descr-text help-mode url-file url-dired sgml-mode eww qp url-http url-gw url-auth url-queue shr gnus-html browse-url xml url-cache flow-fill mm-archive mule-util sort smiley ansi-color gnus-cite gnus-async gnus-dup gnus-ml gmane spam-gmane dns mm-url disp-table gnus-fun gnus-mdrtn gnus-topic nndraft nnmh utf-7 nnimap utf7 nnfolder parse-time netrc gnutls network-stream starttls tls nnir spam-report spam spam-stat gnus-uu yenc gnus-agent gnus-srvr gnus-score score-mode nnvirtual gnus-msg gnus-art mm-uu mml2015 epg-config mm-view mml-smime smime dig nntp gnus-cache gnus-sum nnoo gnus-group gnus-undo nnmail mail-source gnus-start gnus-spec gnus-int gnus-range message format-spec rfc822 mml easymenu mml-sec mm-decode mm-bodies mm-encode mail-parse rfc2231 rfc2047 rfc2045 ietf-drums mailabbrev gmm-utils mailheader gnus-win gnus-load gnus gnus-ems gnus-compat url url-proxy url-privacy url-expand url-methods url-history url-cookie url-domsuf url-util url-parse auth-source eieio byte-opt bytecomp byte-compile cconv eieio-core password-cache url-vars mailcap nnheader gnus-util mail-utils mm-util help-fns mail-prsvr wid-edit package ido flyspell ispell dired cl-macs gv add-log mail-extr jka-compr cl cl-loaddefs cl-lib time-date tooltip electric uniquify ediff-hook vc-hooks lisp-float-type mwheel x-win x-dnd tool-bar dnd fontset image regexp-opt fringe tabulated-list newcomment lisp-mode prog-mode register page menu-bar rfn-eshadow timer select scroll-bar mouse jit-lock font-lock syntax facemenu font-core frame cham georgian utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao korean japanese hebrew greek romanian slovak czech european ethiopic indian cyrillic chinese case-table epa-hook jka-cmpr-hook help simple abbrev minibuffer nadvice loaddefs button faces cus-face macroexp files text-properties overlay sha1 md5 base64 format env code-pages mule custom widget hashtable-print-readable backquote make-network-process gfilenotify dynamic-setting system-font-setting font-render-setting move-toolbar gtk x-toolkit x multi-tty emacs) -- (domestic pets only, the antidote for overdose, milk.) bloggy blog http://lars.ingebrigtsen.no/ From debbugs-submit-bounces@debbugs.gnu.org Tue Jan 07 18:45:42 2014 Received: (at 16253) by debbugs.gnu.org; 7 Jan 2014 23:45:42 +0000 Received: from localhost ([127.0.0.1]:41688 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W0gL4-0001Ti-CL for submit@debbugs.gnu.org; Tue, 07 Jan 2014 18:45:42 -0500 Received: from mail-qe0-f47.google.com ([209.85.128.47]:57432) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W0gKy-0001TU-Mw for 16253@debbugs.gnu.org; Tue, 07 Jan 2014 18:45:36 -0500 Received: by mail-qe0-f47.google.com with SMTP id 5so1107683qeb.34 for <16253@debbugs.gnu.org>; Tue, 07 Jan 2014 15:45:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=k6pIbI910zG+obudpMe1fzFufC4ToeBca4i9uzRTRcM=; b=aTS9KhSAo1O5O+b31WOTBJbaud7Tt/fxQNHpNDH9f/G3+E5RJtBv/+e270gYu6oUzl vIcLg7RLudtpkBYtyXBPsZkMtFBMAf0S447168Scv2iMYmIv6Fhb6fAvIqeZQmnENYf8 yFQuLptFrqdVtwNpFdtKfjmOpYv366zxs/hpw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=k6pIbI910zG+obudpMe1fzFufC4ToeBca4i9uzRTRcM=; b=DTsuKG6EsQJeRY0vgN+j7eOmeIML65L7z89MuU1fIcfZRR5IA2sUnPv6ZIc7y1irEg kDw9I5/HN+iiXDSgiShIlQkcocJvWlULPiwfF95KALbOLra354Xak9GaL15Xb0UTRdnC SscAGHHtCRDThIdvEYdHAdZmdIVzrGg33Wx9VkDrTyE7zmP8A1ga/Jh8QKsACYdX1ri8 YSYBBTA4X3IpOg+zqMlhKPRfdCG3OJAlMm6DhEzDs3StGAHjf0/JShrcd0bb3mGC1ZKf FWXRA+/4aC9nt5v4PlTUuvp2DrWCF5eD5Q5hhJn2eSbgg5z3sE0D9haRl6eQmXjY806Y d+jA== X-Gm-Message-State: ALoCoQmzZyjX+T2p0U+YDoAQrq96A2arN2k0zjjrkgdHCIudc7XS4YEpv4XsLXZzK59lyY08Dj2n X-Received: by 10.229.105.9 with SMTP id r9mr192800811qco.12.1389138331918; Tue, 07 Jan 2014 15:45:31 -0800 (PST) Received: from flea.lifelogs.com (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id q2sm103310004qer.22.2014.01.07.15.45.31 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 07 Jan 2014 15:45:31 -0800 (PST) From: Ted Zlatanov To: Lars Ingebrigtsen Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <87vbydjnzy.fsf@building.gnus.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Tue, 07 Jan 2014 18:47:12 -0500 In-Reply-To: <87vbydjnzy.fsf@building.gnus.org> (Lars Ingebrigtsen's message of "Wed, 25 Dec 2013 10:09:21 +0100") Message-ID: <87mwj7bbi7.fsf@flea.lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 16253 Cc: 16253@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On Wed, 25 Dec 2013 10:09:21 +0100 Lars Ingebrigtsen wrote: LI> When a TLS server shuts down the connection to Emacs (for instance, when LI> timing out a https connection), Emacs gives this ominous warning: LI> gnutls.c: [0] (Emacs) fatal error: The TLS connection was non-properly terminated. LI> Normal network connections don't give any warnings, so TLS connections LI> shouldn't, either. I added this: #ifdef HAVE_GNUTLS3 /* Function to log a simple audit message. */ static void gnutls_audit_log_function (gnutls_session_t session, const char* string) { if (global_gnutls_log_level >= 1) { message ("gnutls.c: [audit] %s", string); } } #endif ... #ifdef HAVE_GNUTLS3 fn_gnutls_global_set_audit_log_function (gnutls_audit_log_function); #endif ...so if this is an auditing message, you should see the "[audit]" prefix. Since you don't, either you're on GnuTLS 2.x (unlikely) or GnuTLS is saying it's a very high priority message that shouldn't be filtered out. I could add special handling for this specific message but is that the right thing to do? Ted From debbugs-submit-bounces@debbugs.gnu.org Sat Jan 18 12:30:05 2014 Received: (at 16253) by debbugs.gnu.org; 18 Jan 2014 17:30:05 +0000 Received: from localhost ([127.0.0.1]:56324 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W4Zie-0005It-86 for submit@debbugs.gnu.org; Sat, 18 Jan 2014 12:30:04 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:35204) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W4Zib-0005I1-5C for 16253@debbugs.gnu.org; Sat, 18 Jan 2014 12:30:01 -0500 Received: from [204.14.154.233] (helo=building.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1W4ZiN-0001q5-6h for 16253@debbugs.gnu.org; Sat, 18 Jan 2014 18:29:47 +0100 From: Lars Ingebrigtsen To: 16253@debbugs.gnu.org Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls References: <87vbydjnzy.fsf@building.gnus.org> <87mwj7bbi7.fsf@flea.lifelogs.com> Date: Sat, 18 Jan 2014 09:29:15 -0800 In-Reply-To: <87mwj7bbi7.fsf@flea.lifelogs.com> (Ted Zlatanov's message of "Tue, 07 Jan 2014 18:47:12 -0500") Message-ID: <87y52di4gk.fsf@building.gnus.org> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-MailScanner-ID: 1W4ZiN-0001q5-6h X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1390670987.79218@FEvjzxqQ4W5p4p6uZoiiXA X-Spam-Status: No X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 16253 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Ted Zlatanov writes: > ...so if this is an auditing message, you should see the "[audit]" > prefix. Since you don't, either you're on GnuTLS 2.x (unlikely) or > GnuTLS is saying it's a very high priority message that shouldn't be > filtered out. Let's see: [larsi@building src]$ ldd emacs | grep tls libgnutls.so.28 => /lib64/libgnutls.so.28 (0x0000003f64e00000) That's gnutls 2.8, I guess? This is on a laptop running Fedora 19. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog http://lars.ingebrigtsen.no/ From debbugs-submit-bounces@debbugs.gnu.org Sat Jan 18 12:58:29 2014 Received: (at 16253) by debbugs.gnu.org; 18 Jan 2014 17:58:29 +0000 Received: from localhost ([127.0.0.1]:56332 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W4aA5-0006Ag-7y for submit@debbugs.gnu.org; Sat, 18 Jan 2014 12:58:29 -0500 Received: from mtaout20.012.net.il ([80.179.55.166]:39724) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W4a9z-0006AQ-SK for 16253@debbugs.gnu.org; Sat, 18 Jan 2014 12:58:24 -0500 Received: from conversion-daemon.a-mtaout20.012.net.il by a-mtaout20.012.net.il (HyperSendmail v2007.08) id <0MZL00I00Z441700@a-mtaout20.012.net.il> for 16253@debbugs.gnu.org; Sat, 18 Jan 2014 19:57:44 +0200 (IST) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout20.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MZL00H79Z88Q680@a-mtaout20.012.net.il>; Sat, 18 Jan 2014 19:57:44 +0200 (IST) Date: Sat, 18 Jan 2014 19:57:47 +0200 From: Eli Zaretskii Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls In-reply-to: <87y52di4gk.fsf@building.gnus.org> X-012-Sender: halo1@inter.net.il To: Lars Ingebrigtsen Message-id: <83eh45jhpg.fsf@gnu.org> References: <87vbydjnzy.fsf@building.gnus.org> <87mwj7bbi7.fsf@flea.lifelogs.com> <87y52di4gk.fsf@building.gnus.org> X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: 16253 Cc: 16253@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list Reply-To: Eli Zaretskii List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) > From: Lars Ingebrigtsen > Date: Sat, 18 Jan 2014 09:29:15 -0800 > > [larsi@building src]$ ldd emacs | grep tls > libgnutls.so.28 => /lib64/libgnutls.so.28 (0x0000003f64e00000) > > That's gnutls 2.8, I guess? No, it should be gnutls 3.x, probably 3.0.x. 28 = 32 - 4 is the API version. From debbugs-submit-bounces@debbugs.gnu.org Sat Jan 18 13:07:33 2014 Received: (at 16253) by debbugs.gnu.org; 18 Jan 2014 18:07:33 +0000 Received: from localhost ([127.0.0.1]:56336 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W4aIv-0006Qt-7P for submit@debbugs.gnu.org; Sat, 18 Jan 2014 13:07:33 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:50765) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W4aIt-0006Qi-6V for 16253@debbugs.gnu.org; Sat, 18 Jan 2014 13:07:31 -0500 Received: from [204.14.154.233] (helo=building.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1W4aIe-0002G4-NP for 16253@debbugs.gnu.org; Sat, 18 Jan 2014 19:07:17 +0100 From: Lars Ingebrigtsen To: 16253@debbugs.gnu.org Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls References: <87vbydjnzy.fsf@building.gnus.org> <87mwj7bbi7.fsf@flea.lifelogs.com> <87y52di4gk.fsf@building.gnus.org> Date: Sat, 18 Jan 2014 10:06:45 -0800 In-Reply-To: <87y52di4gk.fsf@building.gnus.org> (Lars Ingebrigtsen's message of "Sat, 18 Jan 2014 09:29:15 -0800") Message-ID: <87eh45i2q2.fsf@building.gnus.org> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-MailScanner-ID: 1W4aIe-0002G4-NP X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1390673237.38673@mI7p//Ak+jBUJoKT49dTqA X-Spam-Status: No X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 16253 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Speaking of irrelevant messages. I just got this: gnutls.c: [0] (Emacs) fatal error: An unexpected TLS handshake packet was received. gnutls.el: (err=[-19] An unexpected TLS handshake packet was received.) boot: (:priority NORMAL :hostname i.chzbgr.com :loglevel 0 :min-prime-bits 256 :trustfiles (/etc/pki/tls/certs/ca-bundle.crt) :crlfiles nil :keylist nil :verify-flags nil :verify-error nil :callbacks nil) Errors like this are to be expected (the server just closes the connection for some reason or other). The URL library should deal with this without bothering the user with these warnings... -- (domestic pets only, the antidote for overdose, milk.) bloggy blog http://lars.ingebrigtsen.no/ From debbugs-submit-bounces@debbugs.gnu.org Mon Jan 20 11:09:43 2014 Received: (at 16253) by debbugs.gnu.org; 20 Jan 2014 16:09:43 +0000 Received: from localhost ([127.0.0.1]:58506 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W5HPv-0005rW-Os for submit@debbugs.gnu.org; Mon, 20 Jan 2014 11:09:43 -0500 Received: from mail-qc0-f181.google.com ([209.85.216.181]:35313) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W5HPq-0005rI-AD for 16253@debbugs.gnu.org; Mon, 20 Jan 2014 11:09:37 -0500 Received: by mail-qc0-f181.google.com with SMTP id e9so5986419qcy.26 for <16253@debbugs.gnu.org>; Mon, 20 Jan 2014 08:09:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=2zilT6tZq136CCF6/fduSIAUQqJCE+ZI9PvGDJP1t0w=; b=cp19NPpj1Zu1d+N7EDY3wpIB2JtXOC/8ha6vb6qGV0zWESMyFHuhDJFkV88QQ7bvPe wCiO43jC78137bV2ixY19MiWbntg9mRIm0u5RHbGTFKka1rx3kq+HqrNoxNkutBC1vme Qp2C7QBTKColgLTeL6/bOTYhPR1/WKx7M58BU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=2zilT6tZq136CCF6/fduSIAUQqJCE+ZI9PvGDJP1t0w=; b=LNpNtO2AuxEDUVRbiDMRk2oG3YBGsX+q3vU2c9gXuy/GL/EDoolZ9h8meyQySeUWmo EZ1fugQwpw/kgb0YF9F7+/NutQVvPFUH+tK1CbrmEo4a/C2dgVWMB572wRjJIZh0W29o z31HfwofLwZF3A5oC1QRlYjaG9oPibc2RTBAtO6ZtlZfLC96rIkiBxL7gihR9MIPGCWR M4VFJDJOEk48oTDQXc9gvv5fPh02M+zW1gcn4MljBtVRfmmQgm2stnv4PUvETm/ML7m1 QjJB1OJgB8Ui1bcywt9ybIqqWDG0/RY8MG/Ik9ZbLqEzcw6jfcoGvURTuAnn/0l2wTKE wy/Q== X-Gm-Message-State: ALoCoQmP0f6rTR/TYUx43neUDOd9QpkqhH5iSw1etqI2pP4eRsxG4LLelGp6Xd6QViFFqE5J61SO X-Received: by 10.224.70.84 with SMTP id c20mr28798606qaj.48.1390234173926; Mon, 20 Jan 2014 08:09:33 -0800 (PST) Received: from flea.lifelogs.com (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id g52sm700566qgg.9.2014.01.20.08.09.33 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 Jan 2014 08:09:33 -0800 (PST) From: Ted Zlatanov To: Lars Ingebrigtsen Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <87vbydjnzy.fsf@building.gnus.org> <87mwj7bbi7.fsf@flea.lifelogs.com> <87y52di4gk.fsf@building.gnus.org> <87eh45i2q2.fsf@building.gnus.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Mon, 20 Jan 2014 11:11:29 -0500 In-Reply-To: <87eh45i2q2.fsf@building.gnus.org> (Lars Ingebrigtsen's message of "Sat, 18 Jan 2014 10:06:45 -0800") Message-ID: <87mwiqpr9q.fsf@flea.lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 16253 Cc: 16253@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On Sat, 18 Jan 2014 10:06:45 -0800 Lars Ingebrigtsen wrote: LI> Speaking of irrelevant messages. I just got this: LI> gnutls.c: [0] (Emacs) fatal error: An unexpected TLS handshake packet was received. LI> gnutls.el: (err=[-19] An unexpected TLS handshake packet was LI> received.) boot: (:priority NORMAL :hostname i.chzbgr.com :loglevel 0 LI> :min-prime-bits 256 :trustfiles (/etc/pki/tls/certs/ca-bundle.crt) LI> :crlfiles nil :keylist nil :verify-flags nil :verify-error nil LI> :callbacks nil) LI> Errors like this are to be expected (the server just closes the LI> connection for some reason or other). The URL library should deal with LI> this without bothering the user with these warnings... The URL library can't trap these. GnuTLS considers them highest priority, so blocking them out would block most useful log information. I'm not sure what to do without breaking things or complicating the configuration significantly. Ted From debbugs-submit-bounces@debbugs.gnu.org Mon Jan 20 11:10:03 2014 Received: (at 16253) by debbugs.gnu.org; 20 Jan 2014 16:10:03 +0000 Received: from localhost ([127.0.0.1]:58509 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W5HQE-0005sB-Jm for submit@debbugs.gnu.org; Mon, 20 Jan 2014 11:10:02 -0500 Received: from mail-qe0-f51.google.com ([209.85.128.51]:60902) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W5HQ8-0005rw-JZ for 16253@debbugs.gnu.org; Mon, 20 Jan 2014 11:09:56 -0500 Received: by mail-qe0-f51.google.com with SMTP id d4so449242qej.38 for <16253@debbugs.gnu.org>; Mon, 20 Jan 2014 08:09:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=dqmeaEsteMnGpd3XHxD2ee5VVSGOA6SKGMyYNKaxdZo=; b=ttKIWBuxzH6dzWi17aiv7KXC/q01pG1ZdkzOpPz8YCKvtGZkN26TTRVxRBmSUk3eE/ B6gFT5Y/pgN0Rh8UTBH/ZPvDS8AxzIUdTHeho7iApQ+8AFHeAFQvxV4Ua0K5iopl/QUG ts7UyuYGY9ZoogxJNZ9mxf6xT6HMdTMSa0JZk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=dqmeaEsteMnGpd3XHxD2ee5VVSGOA6SKGMyYNKaxdZo=; b=BjoLJDOvxRMxwg7F5q1CFHIyyobHTdeBzs5A1Nm3u4ogGVmUNzikU8TioQIRY19VV7 pV3jNQDTOOoT+Z5HnM/4o4wEWEyN4iQzI81IZUfzzAjWt2vtOI0UyC7qzvCOUGyC8oWN OGjRfvwMavRp0pUvLGzPvUTJd762Ai4UA+mpeLKDa3+kobtJtJ9Jir4bbgEGO+1druqX aZWlPQWZMTVaBlDNcBy6eYRxv8DgbLDhl+BRyhPVhVW/WXDEg6cJ7YLCZWiAjR3iykdI WEgYUTa6M9gOlSutkKgFz2wKghJ6c5jAIOe8BnaAKUc+jx0bJHLRRLfuuYGBSMm2llLq uK/w== X-Gm-Message-State: ALoCoQmVZZKZin2yxuyo0lreXHo1+pNaXNfRDdEJaRvgjpTvTGNDXoO3+n8viUG/YD6lDa6y0DdI X-Received: by 10.224.111.195 with SMTP id t3mr29553797qap.2.1390234192336; Mon, 20 Jan 2014 08:09:52 -0800 (PST) Received: from flea.lifelogs.com (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id w8sm1646137qag.15.2014.01.20.08.09.51 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 Jan 2014 08:09:51 -0800 (PST) From: Ted Zlatanov To: Eli Zaretskii Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <87vbydjnzy.fsf@building.gnus.org> <87mwj7bbi7.fsf@flea.lifelogs.com> <87y52di4gk.fsf@building.gnus.org> <83eh45jhpg.fsf@gnu.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Mon, 20 Jan 2014 11:11:47 -0500 In-Reply-To: <83eh45jhpg.fsf@gnu.org> (Eli Zaretskii's message of "Sat, 18 Jan 2014 19:57:47 +0200") Message-ID: <87iotepr98.fsf@flea.lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 16253 Cc: Lars Ingebrigtsen , 16253@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On Sat, 18 Jan 2014 19:57:47 +0200 Eli Zaretskii wrote: >> From: Lars Ingebrigtsen >> Date: Sat, 18 Jan 2014 09:29:15 -0800 >> >> [larsi@building src]$ ldd emacs | grep tls >> libgnutls.so.28 => /lib64/libgnutls.so.28 (0x0000003f64e00000) >> >> That's gnutls 2.8, I guess? EZ> No, it should be gnutls 3.x, probably 3.0.x. 28 = 32 - 4 is the API EZ> version. I'm not sure, but my earlier comment stands :) Ted From debbugs-submit-bounces@debbugs.gnu.org Mon Jan 20 15:20:47 2014 Received: (at 16253) by debbugs.gnu.org; 20 Jan 2014 20:20:47 +0000 Received: from localhost ([127.0.0.1]:58733 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W5LKw-0006wj-3x for submit@debbugs.gnu.org; Mon, 20 Jan 2014 15:20:46 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:59662) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1W5LKs-0006wZ-GL for 16253@debbugs.gnu.org; Mon, 20 Jan 2014 15:20:44 -0500 Received: from [64.55.78.101] (helo=building.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1W5LKd-0003VJ-Cj for 16253@debbugs.gnu.org; Mon, 20 Jan 2014 21:20:27 +0100 From: Lars Ingebrigtsen To: 16253@debbugs.gnu.org Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls References: <87vbydjnzy.fsf@building.gnus.org> <87mwj7bbi7.fsf@flea.lifelogs.com> <87y52di4gk.fsf@building.gnus.org> <87eh45i2q2.fsf@building.gnus.org> <87mwiqpr9q.fsf@flea.lifelogs.com> Date: Mon, 20 Jan 2014 12:19:52 -0800 In-Reply-To: <87mwiqpr9q.fsf@flea.lifelogs.com> (Ted Zlatanov's message of "Mon, 20 Jan 2014 11:11:29 -0500") Message-ID: <87r4829ziv.fsf@building.gnus.org> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-MailScanner-ID: 1W5LKd-0003VJ-Cj X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1390854028.3002@qn/tFLXENxd/j5/tF1BiOg X-Spam-Status: No X-Spam-Score: 0.6 (/) X-Debbugs-Envelope-To: 16253 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.6 (/) Ted Zlatanov writes: > The URL library can't trap these. GnuTLS considers them highest > priority, so blocking them out would block most useful log information. Useful to whom? It's probably useful when developing applications that talk TLS, but it's not useful to the user who's just trying to read a web page. If you're reading a page, and you're loading a picture that fails, Emacs should display a "failed download" image, not spew TLS-level errors to the user. The user isn't interested. So I think that, basically, no TLS errors should be displayed to the user. At least I haven't seen one yet that's been useful to me as a user. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog http://lars.ingebrigtsen.no/ From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 09 21:34:09 2014 Received: (at 16253) by debbugs.gnu.org; 10 Feb 2014 02:34:09 +0000 Received: from localhost ([127.0.0.1]:33000 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCghB-0002bq-Ir for submit@debbugs.gnu.org; Sun, 09 Feb 2014 21:34:09 -0500 Received: from mail-qc0-f175.google.com ([209.85.216.175]:33697) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCgh6-0002bO-IT for 16253@debbugs.gnu.org; Sun, 09 Feb 2014 21:34:04 -0500 Received: by mail-qc0-f175.google.com with SMTP id x13so9566895qcv.20 for <16253@debbugs.gnu.org>; Sun, 09 Feb 2014 18:34:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=CiGPlmUW1eBGULUgdWhTq0QQE5t21/giJkluTwM8spU=; b=bnNvv1b73047ya+XCNHoyq0EK5uiT5eiSrjo7q8J+FNCtgUn8y6gUv+CYe8jA/hMiR grjBC3N/wVKMs8NVENh/+QtdLTjn6BPiwG9dOtsBk8YaAIA9NdqPjoji959O8qQg63P4 /Zi4UVYQ44rfr4OHa4jTcVP+eMafYC5on6XB4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=CiGPlmUW1eBGULUgdWhTq0QQE5t21/giJkluTwM8spU=; b=UFZ+zjtCKnbDUJiXyA9f/aaFDqw1HISWOIUanlAhk++WwqEJg+1PogukeCO6Bs1sd+ HbhtsjZtebmZE+5K/MVSHINSff4GupInh3fwTXXJ2ml54sAHui6Anv8pkpmC06B7wLAU 327dpt6Vg/swik4cxqlhB3mIo/jB+7T8jSBk8Uh6A5gFNju0sCLh0CGDPr7VbR9BjnqW N4bTaOWyBVFbMzR8azLEp7rMlKiOro4HDzaH07pBj8y1koRPssnKTkiI0Li2syohniO0 gr9Pc3eEACQP4tBEVGeZn6w12komd91OOCh9iLvNq3/qdpFzDKx0niW4JoRnV6thtAxh O5mA== X-Gm-Message-State: ALoCoQmyhFjz4tkL3Q7SFGTlPsqOQbQUF7/oQ/+hwMNXdRIZQkMpDq9+gLCLi6N5Mpijcw85fP49 X-Received: by 10.224.53.198 with SMTP id n6mr43268927qag.41.1391999640142; Sun, 09 Feb 2014 18:34:00 -0800 (PST) Received: from flea (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id f5sm38507183qas.11.2014.02.09.18.33.58 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Sun, 09 Feb 2014 18:33:58 -0800 (PST) From: Ted Zlatanov To: Lars Ingebrigtsen Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <87vbydjnzy.fsf@building.gnus.org> <87mwj7bbi7.fsf@flea.lifelogs.com> <87y52di4gk.fsf@building.gnus.org> <87eh45i2q2.fsf@building.gnus.org> <87mwiqpr9q.fsf@flea.lifelogs.com> <87r4829ziv.fsf@building.gnus.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Sun, 09 Feb 2014 21:34:06 -0500 In-Reply-To: <87r4829ziv.fsf@building.gnus.org> (Lars Ingebrigtsen's message of "Mon, 20 Jan 2014 12:19:52 -0800") Message-ID: <87sirr8zmp.fsf@lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 16253 Cc: 16253@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On Mon, 20 Jan 2014 12:19:52 -0800 Lars Ingebrigtsen wrote: LI> Ted Zlatanov writes: >> The URL library can't trap these. GnuTLS considers them highest >> priority, so blocking them out would block most useful log information. LI> Useful to whom? It's probably useful when developing applications that LI> talk TLS, but it's not useful to the user who's just trying to read a LI> web page. LI> If you're reading a page, and you're loading a picture that fails, Emacs LI> should display a "failed download" image, not spew TLS-level errors to LI> the user. The user isn't interested. LI> So I think that, basically, no TLS errors should be displayed to the LI> user. At least I haven't seen one yet that's been useful to me as a LI> user. OK. I will log them to a special " *TLS errors*" buffer. That's a good balance. Doing that from C is not obvious, compared to the standard `message' function. Any hints? Should I just call `Fget-buffer-create' and call functions to append to the returned buffer Lisp_Object, or is there a magical equivalent? Also, I think we should add that buffer, plus the version of GnuTLS and the priority string, to bug reports. WDYT? Thanks Ted From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 09 21:39:31 2014 Received: (at 16253) by debbugs.gnu.org; 10 Feb 2014 02:39:31 +0000 Received: from localhost ([127.0.0.1]:33022 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCgmQ-0002m1-RM for submit@debbugs.gnu.org; Sun, 09 Feb 2014 21:39:31 -0500 Received: from mail-qc0-f176.google.com ([209.85.216.176]:40434) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCgmI-0002lW-Fb for 16253@debbugs.gnu.org; Sun, 09 Feb 2014 21:39:26 -0500 Received: by mail-qc0-f176.google.com with SMTP id e16so9603982qcx.7 for <16253@debbugs.gnu.org>; Sun, 09 Feb 2014 18:39:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=guskNnvG7QbVxhUlCbBOpTPfT9PRYqzmedC8RBZ/PtY=; b=a8F5zT317lmkVqXh3Nex7fTsdWsMLyG44Gp2alJt8MeH3tK6wmtcbm00BcXCgGsGl0 EAJCiUaC06nHsXvl0q+zoakQdqsgCbUnPeyEYICq9/Bli9LHVMHkIGIuPToujcls19uB Ou0iwIVvz5JZFkQAO2mBsx0KJzj2NIuQYsAGg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=guskNnvG7QbVxhUlCbBOpTPfT9PRYqzmedC8RBZ/PtY=; b=TvOACf2otmsn0TFSQNpl1Lu0739XFh6SH4e2n7jLFbyruMQAwO2/rEuApfPNo+SVHJ 7ymYA0683jKMsWHBTxSLSbNhAjsMeDoZouV9vvziZXguONpbHkvdtKKT0gbMXLf2ai6N g+gTR8IrxGFFQ+JcNXjWz77B3qeTpepIain0YuHS0Ox/QDCDMk3RRDfVvfaEfQdQKT/V Z8usUhjiBt/dxcdgAF8Kk4IEo43kBR7CFqad05JFmvx2Ucsw3OCnvfmQfWxqto6Y+UQv 6rsLODWnc11YD9UCVzHTwE7NYcX2RAaqS22+OLrqQ3RgDOuVXw5+PlFckFCuKlEuSury wbaw== X-Gm-Message-State: ALoCoQmDe8baZPtBSkJaGOv/x9v3m9NWEsZB81oU/IaxGugkm4VKPzD2dsZY/iTOYPXLAzjpqPIz X-Received: by 10.140.22.39 with SMTP id 36mr31802110qgm.59.1391999961913; Sun, 09 Feb 2014 18:39:21 -0800 (PST) Received: from flea (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id w9sm38570203qax.3.2014.02.09.18.39.20 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Sun, 09 Feb 2014 18:39:20 -0800 (PST) From: Ted Zlatanov To: n.mavrogiannopoulos@gmail.com, winkler@gnu.org Subject: Re: bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Sun, 09 Feb 2014 21:39:28 -0500 In-Reply-To: (n. mavrogiannopoulos's message of "Fri, 18 May 2012 04:38:01 -0700 (PDT)") Message-ID: <87ob2f8zdr.fsf@lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 16253 Cc: 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, 11267@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On Fri, 18 May 2012 04:38:01 -0700 (PDT) n.mavrogiannopoulos@gmail.com wrote: nm> On Tuesday, May 15, 2012 10:24:56 AM UTC+2, Ted Zlatanov wrote: >> On Sun, 13 May 2012 21:04:24 +0200 Lars Magne Ingebrigtsen wrote: >> LMI> "Roland Winkler" writes: >> >> Also, it would be good (though I don't know whether a generic answer >> >> is possible) to give some guidance on "reasonable" values for >> >> `gnutls-min-prime-bits' as compared to cases where it would be >> >> better to contact the sysadmin of the server requesting a change in >> >> the setup of the server. >> LMI> Yeah. And I think `gnutls-min-prime-bits' should default to whatever LMI> that "reasonable" is, because there's apparently quite a few servers out LMI> there that has less bits than whatever the GnuTLS default is. Which LMI> isn't a very good user experience. >> >> I'm OK with lowering it to 256. nm> Note that Diffie-Hellman group of 256-bits means that the communication can be nm> decrypted by someone that stored the session. The default minimum nm> accepted value in gnutls is already weak according to [0] (727 bits) nm> but a good balance between security and compatibility. (other nm> implementations like NSS have similar limits). nm> If you need to support weaker servers you could warn your users of the consequences. nm> [0]. http://www.keylength.com/en/3/ Hi Nikos, We've continued the discussion in bug#15057 (about the min prime bits) and bug#16253 (about the logging). I've copied all three bug trackers on this e-mail. I hope that helps connect them for searches and when we close them. Roland, if you are satisfied with the direction taken in those bugs, we can probably close this one. Thanks Ted From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 09 22:02:46 2014 Received: (at 16253) by debbugs.gnu.org; 10 Feb 2014 03:02:46 +0000 Received: from localhost ([127.0.0.1]:33076 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCh8v-0004ao-E4 for submit@debbugs.gnu.org; Sun, 09 Feb 2014 22:02:45 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:53716) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCh8t-0004ad-2q for 16253@debbugs.gnu.org; Sun, 09 Feb 2014 22:02:43 -0500 Received: from [204.14.154.233] (helo=building.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1WCh8e-0004jP-VL for 16253@debbugs.gnu.org; Mon, 10 Feb 2014 04:02:29 +0100 From: Lars Ingebrigtsen To: 16253@debbugs.gnu.org Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls References: <87vbydjnzy.fsf@building.gnus.org> <87mwj7bbi7.fsf@flea.lifelogs.com> <87y52di4gk.fsf@building.gnus.org> <87eh45i2q2.fsf@building.gnus.org> <87mwiqpr9q.fsf@flea.lifelogs.com> <87r4829ziv.fsf@building.gnus.org> <87sirr8zmp.fsf@lifelogs.com> Date: Sun, 09 Feb 2014 19:01:16 -0800 In-Reply-To: <87sirr8zmp.fsf@lifelogs.com> (Ted Zlatanov's message of "Sun, 09 Feb 2014 21:34:06 -0500") Message-ID: <87lhxjwu0z.fsf@building.gnus.org> User-Agent: Gnus/5.13001 (Ma Gnus v0.10) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-MailScanner-ID: 1WCh8e-0004jP-VL X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1392606149.41731@Pr19PpEjuyUyrvSpsXWwsw X-Spam-Status: No X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 16253 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Ted Zlatanov writes: > OK. I will log them to a special " *TLS errors*" buffer. That's a good > balance. Yeah, that would be good. And perhaps limit the size of the buffer. > Doing that from C is not obvious, compared to the standard `message' > function. Any hints? Should I just call `Fget-buffer-create' and > call functions to append to the returned buffer Lisp_Object, or is there > a magical equivalent? I just had a look at message_dolog (which puts data into the *Messages* buffer). It didn't look pretty... Is all that really necessary? > Also, I think we should add that buffer, plus the version of GnuTLS and > the priority string, to bug reports. WDYT? For all Emacs bug reports? Hm... -- (domestic pets only, the antidote for overdose, milk.) bloggy blog http://lars.ingebrigtsen.no/ From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 09 22:06:45 2014 Received: (at 16253) by debbugs.gnu.org; 10 Feb 2014 03:06:45 +0000 Received: from localhost ([127.0.0.1]:33084 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WChCm-0004hZ-Ce for submit@debbugs.gnu.org; Sun, 09 Feb 2014 22:06:44 -0500 Received: from fencepost.gnu.org ([208.118.235.10]:35548) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WChCk-0004hL-A4; Sun, 09 Feb 2014 22:06:42 -0500 Received: from 162-229-45-114.lightspeed.cicril.sbcglobal.net ([162.229.45.114]:53714 helo=regnitz) by fencepost.gnu.org with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1WChCj-0003So-Ak; Sun, 09 Feb 2014 22:06:41 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <21240.16957.410641.502622@gargle.gargle.HOWL> Date: Sun, 9 Feb 2014 21:06:37 -0600 From: "Roland Winkler" To: Ted Zlatanov Subject: Re: bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). In-Reply-To: <87ob2f8zdr.fsf@lifelogs.com> References: <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> X-Mailer: VM 8.2 trial under 24.3.1 (x86_64-unknown-linux-gnu) X-Spam-Score: -5.6 (-----) X-Debbugs-Envelope-To: 16253 Cc: 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, n.mavrogiannopoulos@gmail.com, 11267@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.6 (-----) On Sun Feb 9 2014 Ted Zlatanov wrote: > Roland, if you are satisfied with the direction taken in those > bugs, we can probably close this one. I am still a bit confused concerning a "reasonable minimal value" for gnutls-min-prime-bits. Is 256 a value that I can feel comfortable about? Since this was made the default, I did not see again any error messages. But I cannot judge whether this means "all is OK". Part of the problem is certainly that most users do not even know that there is such a customizable user variable. So one can only hope that the default *is* reasonable. From debbugs-submit-bounces@debbugs.gnu.org Mon Feb 10 05:42:40 2014 Received: (at 16253) by debbugs.gnu.org; 10 Feb 2014 10:42:40 +0000 Received: from localhost ([127.0.0.1]:39177 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCoJw-0006Vz-PS for submit@debbugs.gnu.org; Mon, 10 Feb 2014 05:42:40 -0500 Received: from mail-qc0-f170.google.com ([209.85.216.170]:64824) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCoJr-0006Vf-3M for 16253@debbugs.gnu.org; Mon, 10 Feb 2014 05:42:35 -0500 Received: by mail-qc0-f170.google.com with SMTP id e9so10254928qcy.15 for <16253@debbugs.gnu.org>; Mon, 10 Feb 2014 02:42:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=vsJro4nwlsBj2aH94DLdb7WqZHp48DRF76HY1eSGpVo=; b=MwPhqlMvj2FPgd0h59O/Ww/cQ2coNDe2IUTndtnQAw+QT4+jSHiGQFwRRQwNG4TAhf U6LZWBlBsNg0f+G3n3xoSMos86a5c020MxHr9wespgK5reYstL7TIU1sQu2osm9NjE4n xFxJA2OuBzeho4yIWGNWqq2ubZ1ufDjafo1QY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=vsJro4nwlsBj2aH94DLdb7WqZHp48DRF76HY1eSGpVo=; b=gfifErpwhz8+v7EP88CcVRFjb2BgZpXkKQQv59GDZVjhhJjKP4meEUtjaO5puCcLNm vIaOjFpvvIeqcBUzjnZDYukWZbU1lQtbBlBh1b1v6XPlGq5wplLOMRv8Rsy2FmdXE53c EK/0VMhpfTfeJ9bjsMb4+EgwenWhpqLKWiqZjlgebh8McF/Lo8c9WYR9qBqb64hAxDyb 7eE3t5YQ/SCno/nOcl+i8wI8yy/wIYztoaHvHYgZhKBRFz/CtX+KiWi+8OA+ZcYj01EA QSva1+uNtbrhok18Qhl8U0TjtrehhvaEsG2eyUxtE7QdXb7PKilGXWI/BKKVSpOeH4vf rYsA== X-Gm-Message-State: ALoCoQl89hWqO/Ap2lUnK2yMKv9uDspJEcVgaFtxFGNQLfLCgdoXQN3pYW9Z6HmDAUKmcyxuZOfC X-Received: by 10.224.122.20 with SMTP id j20mr46968354qar.82.1392028945448; Mon, 10 Feb 2014 02:42:25 -0800 (PST) Received: from flea (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id r7sm23169230qgr.17.2014.02.10.02.42.23 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Mon, 10 Feb 2014 02:42:24 -0800 (PST) From: Ted Zlatanov To: Lars Ingebrigtsen Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <87vbydjnzy.fsf@building.gnus.org> <87mwj7bbi7.fsf@flea.lifelogs.com> <87y52di4gk.fsf@building.gnus.org> <87eh45i2q2.fsf@building.gnus.org> <87mwiqpr9q.fsf@flea.lifelogs.com> <87r4829ziv.fsf@building.gnus.org> <87sirr8zmp.fsf@lifelogs.com> <87lhxjwu0z.fsf@building.gnus.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Mon, 10 Feb 2014 05:42:32 -0500 In-Reply-To: <87lhxjwu0z.fsf@building.gnus.org> (Lars Ingebrigtsen's message of "Sun, 09 Feb 2014 19:01:16 -0800") Message-ID: <87k3d38d0n.fsf@lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 16253 Cc: 16253@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On Sun, 09 Feb 2014 19:01:16 -0800 Lars Ingebrigtsen wrote: LI> Ted Zlatanov writes: >> OK. I will log them to a special " *TLS errors*" buffer. That's a good >> balance. LI> Yeah, that would be good. And perhaps limit the size of the buffer. It rarely gets annoyingly big, but OK... 50K messages? >> Doing that from C is not obvious, compared to the standard `message' >> function. Any hints? Should I just call `Fget-buffer-create' and >> call functions to append to the returned buffer Lisp_Object, or is there >> a magical equivalent? LI> I just had a look at message_dolog (which puts data into the *Messages* LI> buffer). It didn't look pretty... Is all that really necessary? Not for my usage, definitely. I can call the usual ELisp functions, I just want to know if there's a convenient C shortcut. >> Also, I think we should add that buffer, plus the version of GnuTLS and >> the priority string, to bug reports. WDYT? LI> For all Emacs bug reports? Hm... Yes, if GnuTLS is enabled. We already sent the messages (from *Messages*) and the default is not very verbose. Ted From debbugs-submit-bounces@debbugs.gnu.org Mon Feb 10 05:52:28 2014 Received: (at 16253) by debbugs.gnu.org; 10 Feb 2014 10:52:28 +0000 Received: from localhost ([127.0.0.1]:39192 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCoTT-0006mR-6O for submit@debbugs.gnu.org; Mon, 10 Feb 2014 05:52:27 -0500 Received: from mail-qc0-f180.google.com ([209.85.216.180]:57896) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCoTN-0006ls-MF for 16253@debbugs.gnu.org; Mon, 10 Feb 2014 05:52:25 -0500 Received: by mail-qc0-f180.google.com with SMTP id i17so10211046qcy.39 for <16253@debbugs.gnu.org>; Mon, 10 Feb 2014 02:52:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=D8pTzJK38fxWd09M1Y8I9T/aHD98fh5Bh6eNV7qTQyI=; b=EijRegSnY/dRD3eWqFNWqmfjxXSTGtZR5js2aSAt558fhW2MgtJkDxZHVdnWD0UN4R tYRGWhMjQo/R6xc1Zk+a6zoD78KJ3Hu6bwbMEsO65ucpB3kod1cth7Q8cr9pc36/4U50 Ox/vVuq+iIbAybX3PRo6JWhcDB2oRnIBIk0uA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=D8pTzJK38fxWd09M1Y8I9T/aHD98fh5Bh6eNV7qTQyI=; b=kVn+yKnybyX278Qup72VUso3vKSHIMOUQO+8djbrmULb87PH1CbIlJHI3xIjks1zow Y+PCN6o7QzZ6YPF58gk9hM0M/FODE3o6oD41GjO3CwtpGREBZ2xYTcwJ1BgAqHgyQNiX cTfgc53tkuMKR31KbajFvC2QayTmZumXvbsvlFq8cwhjNLPliynn7Ja0S5v+vpwDvoV6 YsakZqJ9XsTngOYSXQdDtM9RTfIUL5mGG5eszxKIK6GHmTqz60m6Bo8zH9hJTBBxRd8p /VKRM0jODTv7u+eJjM8rMR02G17itR7AZh2AbILS250wC9TXrDiGw2LtnCkoSHDiLFhC bNJg== X-Gm-Message-State: ALoCoQnL58wZ/YMsSxJinrVINcT8aOosjLWeCKSpVWPhGUc5sF96loHXhFDyjS8C3q/YZx5mMdR7 X-Received: by 10.224.167.19 with SMTP id o19mr35269484qay.77.1392029536177; Mon, 10 Feb 2014 02:52:16 -0800 (PST) Received: from flea (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id 67sm23199898qgr.15.2014.02.10.02.52.15 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Mon, 10 Feb 2014 02:52:15 -0800 (PST) From: Ted Zlatanov To: Lars Ingebrigtsen Subject: Re: bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits, bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <87iozfl001.fsf@thinkpad.tsdh.org> <87li24zpg1.fsf@flea.lifelogs.com> <87lhxx6kr0.fsf@building.gnus.org> <871tzbaf1n.fsf@lifelogs.com> <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> <21240.16957.410641.502622@gargle.gargle.HOWL> <87ppmvwu5h.fsf@building.gnus.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Mon, 10 Feb 2014 05:52:23 -0500 In-Reply-To: <87ppmvwu5h.fsf@building.gnus.org> (Lars Ingebrigtsen's message of "Sun, 09 Feb 2014 18:58:34 -0800, Mon, 10 Feb 2014 09:28:09 +0100") Message-ID: <87d2iv8ck8.fsf@lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 16253 Cc: Nikos Mavrogiannopoulos , Roland Winkler , 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, 11267@debbugs.gnu.org, Tassilo Horn X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On Mon, 10 Feb 2014 09:28:09 +0100 Nikos Mavrogiannopoulos wrote: NM> On Mon, Feb 10, 2014 at 4:06 AM, Roland Winkler wrote: >> I am still a bit confused concerning a "reasonable minimal value" >> for gnutls-min-prime-bits. Is 256 a value that I can feel >> comfortable about? NM> No. 256-bit DH is a bit harder than rot13 as encryption. I'd suggest NM> not to set the minimum acceptable size and let gnutls decide instead. NM> For broken servers that use very small sizes, you could disable the NM> DHE ciphersuites as described in the previous mails. On Sun, 09 Feb 2014 18:58:34 -0800 Lars Ingebrigtsen wrote: LI> Ted Zlatanov writes: >> See http://thread.gmane.org/gmane.network.gnutls.general/3181/focus=3299 >> >> Try, first of all, appending `!DHE-RSA:!DHE-DSS' to your GnuTLS priority >> string to disable DHE. ECDHE will not have the minimum bits message, >> ever, IIUC. LI> But aren't there lots of (or some) servers that only supports DHE and LI> not ECDHE? There's no way to know until you connect, that's the heart of the problem. So IIUC you'd have to either be potentially insecure all the time (DHE enabled) or potentially fail connecting to some servers. I think the latter is the better option as a default, as long as we make it clear (not in a *GnuTLS log* buffer but with `message' so it shows up in the echo region and in STDERR in batch mode) that * the connection was rejected because the remote requires a lower level of security * how to try allowing the less-secure connection (perhaps a simple command to automate this, or even a clickable button, would be nicer than asking the user to `customize-variable'). The original discussion sort of settled on magically reopening the connection with less security but I think that might be a disservice to the users. * why it's smarter to ask the server admin to upgrade their TLS implementation Fitting all of that in a short readable message might be a challenge, hence the button suggestion, but that's not ideal either. Ted From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 11 00:11:04 2014 Received: (at 16253) by debbugs.gnu.org; 11 Feb 2014 05:11:04 +0000 Received: from localhost ([127.0.0.1]:42337 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WD5cd-0004ra-P1 for submit@debbugs.gnu.org; Tue, 11 Feb 2014 00:11:04 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:33876) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WD5cX-0004qy-6i; Tue, 11 Feb 2014 00:11:01 -0500 Received: from [204.14.154.233] (helo=building.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1WD5cH-0006E7-MJ; Tue, 11 Feb 2014 06:10:42 +0100 From: Lars Ingebrigtsen To: Nikos Mavrogiannopoulos Subject: Re: bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits, bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). References: <87iozfl001.fsf@thinkpad.tsdh.org> <87li24zpg1.fsf@flea.lifelogs.com> <87lhxx6kr0.fsf@building.gnus.org> <871tzbaf1n.fsf@lifelogs.com> <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> <21240.16957.410641.502622@gargle.gargle.HOWL> <87ppmvwu5h.fsf@building.gnus.org> <87d2iv8ck8.fsf@lifelogs.com> Date: Mon, 10 Feb 2014 21:09:25 -0800 In-Reply-To: <87d2iv8ck8.fsf@lifelogs.com> (Ted Zlatanov's message of "Mon, 10 Feb 2014 05:52:23 -0500") Message-ID: <87ppmup75m.fsf@building.gnus.org> User-Agent: Gnus/5.13001 (Ma Gnus v0.10) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-MailScanner-ID: 1WD5cH-0006E7-MJ X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1392700242.5987@nRN+9mreSxIwvY8/BRkaBw X-Spam-Status: No X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 16253 Cc: 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, Roland Winkler , 11267@debbugs.gnu.org, Tassilo Horn X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Ted Zlatanov writes: > LI> But aren't there lots of (or some) servers that only supports DHE and > LI> not ECDHE? > > There's no way to know until you connect, that's the heart of the > problem. So IIUC you'd have to either be potentially insecure all the > time (DHE enabled) or potentially fail connecting to some servers. I thought TLS worked like this: 1) You connect to a server. 2) A server says what encryption methods it supports 3) You choose one, and start talking in that method. So things like browsers have a pre-defined list of methods, in descending order of what they consider "more safe", so that ECDHE is used if available, etc. > I think the latter is the better option as a default, as long as we make > it clear (not in a *GnuTLS log* buffer but with `message' so it shows up > in the echo region and in STDERR in batch mode) that > > * the connection was rejected because the remote requires a lower level > of security I've basically never ever seen Firefox say "you can't talk to this server, because the TLS is too weak". Neither should Emacs. (Emacs, being Emacs, might offer as an option a way to restrict all TLS connections to a smaller set of algorithms/levels, but that should not be the default.) > * how to try allowing the less-secure connection (perhaps a simple > command to automate this, or even a clickable button, would be nicer > than asking the user to `customize-variable'). The original discussion > sort of settled on magically reopening the connection with less security > but I think that might be a disservice to the users. We would always try to get the most secure TLS connection possible, so I don't quite understand "reconnect"... > * why it's smarter to ask the server admin to upgrade their TLS > implementation > > Fitting all of that in a short readable message might be a challenge, > hence the button suggestion, but that's not ideal either. If the user has explicitly said "don't talk unless it has teh haxors leet mode", then that's not necessary, I would have thought. But I might be misunderstanding the problem completely. >"? -- (domestic pets only, the antidote for overdose, milk.) bloggy blog http://lars.ingebrigtsen.no/ From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 11 05:35:50 2014 Received: (at 16253) by debbugs.gnu.org; 11 Feb 2014 10:35:51 +0000 Received: from localhost ([127.0.0.1]:45772 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDAgt-00053u-4m for submit@debbugs.gnu.org; Tue, 11 Feb 2014 05:35:50 -0500 Received: from mail-qa0-f45.google.com ([209.85.216.45]:44320) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDAge-00052s-SK; Tue, 11 Feb 2014 05:35:36 -0500 Received: by mail-qa0-f45.google.com with SMTP id ii20so11304727qab.18 for ; Tue, 11 Feb 2014 02:35:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=WKGmOGwyUBlnzQRX2+iXQWHZDk1OFGvxzxoUj9Xp19o=; b=C28shBYYdJTepHilZ2gaR/E/O5FXQKF4iRfYg/2yqrVeqC4vghc5li47ymFSV0EiA9 Mem1pdhBDKhRButENvrSazj4x+FjZxXPkas4H4r0shxcWKk8b9thETOEAkL6pemmVEzx Kafjd18d+9citgdBVF1wfdcDIqr1sWQKnBtga2fvVYJYFFVNu01ucyFsMLjRxWKY0HJq dKrAnq7hXkyPaKWlJ2KgTpJvYE1pIiyTHMz1b4jDRYVO5Il6HfPZ4IQ4EozFkhJg6kbC 5hXkcJKxjmw0MTY7xd5A4g1M+gG5dn4v9MOd5qGsHAUqNyu2fSv1GVPdcoAStQxdGDSf GmHg== MIME-Version: 1.0 X-Received: by 10.224.46.130 with SMTP id j2mr55450881qaf.7.1392114927241; Tue, 11 Feb 2014 02:35:27 -0800 (PST) Received: by 10.229.58.137 with HTTP; Tue, 11 Feb 2014 02:35:27 -0800 (PST) In-Reply-To: <87ppmup75m.fsf@building.gnus.org> References: <87iozfl001.fsf@thinkpad.tsdh.org> <87li24zpg1.fsf@flea.lifelogs.com> <87lhxx6kr0.fsf@building.gnus.org> <871tzbaf1n.fsf@lifelogs.com> <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> <21240.16957.410641.502622@gargle.gargle.HOWL> <87ppmvwu5h.fsf@building.gnus.org> <87d2iv8ck8.fsf@lifelogs.com> <87ppmup75m.fsf@building.gnus.org> Date: Tue, 11 Feb 2014 11:35:27 +0100 Message-ID: Subject: Re: bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits, bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). From: Nikos Mavrogiannopoulos To: Lars Ingebrigtsen Content-Type: text/plain; charset=ISO-8859-1 X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 16253 Cc: 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, Roland Winkler , 11267@debbugs.gnu.org, Tassilo Horn X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On Tue, Feb 11, 2014 at 6:09 AM, Lars Ingebrigtsen wrote: > Ted Zlatanov writes: >> LI> But aren't there lots of (or some) servers that only supports DHE and >> LI> not ECDHE? >> There's no way to know until you connect, that's the heart of the >> problem. So IIUC you'd have to either be potentially insecure all the >> time (DHE enabled) or potentially fail connecting to some servers. > I thought TLS worked like this: > 1) You connect to a server. > 2) A server says what encryption methods it supports > 3) You choose one, and start talking in that method. (let's suppose that the chosen method is DHE) 4) The server presents its DHE parameters and you realize that they are not acceptable. 5) Cannot do anything except abort the session, disable support for DHE and go to (1). >> I think the latter is the better option as a default, as long as we make >> it clear (not in a *GnuTLS log* buffer but with `message' so it shows up >> in the echo region and in STDERR in batch mode) that >> * the connection was rejected because the remote requires a lower level >> of security > I've basically never ever seen Firefox say "you can't talk to this > server, because the TLS is too weak". Neither should Emacs. Firefox in the past would happily connect to a server offering weak parameters. This is changing now: https://bugzilla.mozilla.org/show_bug.cgi?id=587234 So instead of emacs replicating what the insecure versions of firefox did, it could provide security by default. regards, Nikos From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 11 09:22:04 2014 Received: (at 16253) by debbugs.gnu.org; 11 Feb 2014 14:22:05 +0000 Received: from localhost ([127.0.0.1]:46069 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDEDo-0001OA-P0 for submit@debbugs.gnu.org; Tue, 11 Feb 2014 09:22:04 -0500 Received: from mail-qc0-f171.google.com ([209.85.216.171]:42541) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDEDj-0001Nm-DT for 16253@debbugs.gnu.org; Tue, 11 Feb 2014 09:21:59 -0500 Received: by mail-qc0-f171.google.com with SMTP id n7so13211587qcx.30 for <16253@debbugs.gnu.org>; Tue, 11 Feb 2014 06:21:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=6Vm7HcEWYE9bypWOgxlLIqMT9QOLbjGfkGh21mHiECo=; b=VDZ2OUZq5ue/+pJx6WWqxqBJ+4Lgu5V8/2w13PPSwG6xA8HUbCeFuEn/UFOvJWTNjZ pifcEnoIyyanTW5lZR52E2i4B7MIUM/DRP5sAoQYI7t5ZFYNqhvyPis1Le1t32s+G+Vn XfbLUPq8BESwhOiOWMCAIwDeH2mOligCfFiHg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=6Vm7HcEWYE9bypWOgxlLIqMT9QOLbjGfkGh21mHiECo=; b=ZpuzPWqlMnWs9HOTB+NNnsOYAygE1rXswBEx24GtXqM2C1qWkVFtCYXXAaB8shAjsU 1CuRvwhPz8E8JU7leL+SrEcKDyc2/YaTWM+jxLhTNQfKMB5MCrwPtaRxElHLLnxPvz22 F+aCuwsuAbr6maxjx+0sKzZMxnmsw5X4l6yQUtqbej3GVv28UyGszItnEb41Y5l1aC5g dDr4JsIzIzPVaq2Zh+0PfXxYz6iqdOe1nkdyooWUT2saunKsLriBKPzqv3/nhJRhK/YA cAbBFxkv9zki2SUOBqNgSv7d87Uxrs49ZPmawNCwVEhpn2L/MbnJjdIuwMP48QSRYBWB ZyOQ== X-Gm-Message-State: ALoCoQkzBqtjmj9+gwF2+cbyFrVZAI5PBwPFf7ahWYcqmBXqEO/5TZzNjh4a8nSPGSR/SrXyGbJ4 X-Received: by 10.224.167.19 with SMTP id o19mr46890414qay.77.1392128509928; Tue, 11 Feb 2014 06:21:49 -0800 (PST) Received: from flea (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id a5sm53271625qae.2.2014.02.11.06.21.48 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Tue, 11 Feb 2014 06:21:49 -0800 (PST) From: Ted Zlatanov To: Lars Ingebrigtsen Subject: Re: bug#11267: bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits, bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <87iozfl001.fsf@thinkpad.tsdh.org> <87li24zpg1.fsf@flea.lifelogs.com> <87lhxx6kr0.fsf@building.gnus.org> <871tzbaf1n.fsf@lifelogs.com> <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> <21240.16957.410641.502622@gargle.gargle.HOWL> <87ppmvwu5h.fsf@building.gnus.org> <87d2iv8ck8.fsf@lifelogs.com> <87ppmup75m.fsf@building.gnus.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Tue, 11 Feb 2014 09:21:58 -0500 In-Reply-To: <87ppmup75m.fsf@building.gnus.org> (Lars Ingebrigtsen's message of "Mon, 10 Feb 2014 21:09:25 -0800") Message-ID: <87mwhx686x.fsf@lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 16253 Cc: Nikos Mavrogiannopoulos , Roland Winkler , 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, 11267@debbugs.gnu.org, Tassilo Horn X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On Mon, 10 Feb 2014 21:09:25 -0800 Lars Ingebrigtsen wrote: LI> (Emacs, being Emacs, might offer as an option a way to restrict all TLS LI> connections to a smaller set of algorithms/levels, but that should not LI> be the default.) I think it should, as long as we make it easy to drop down the security, as I described: >> * how to try allowing the less-secure connection (perhaps a simple >> command to automate this, or even a clickable button, would be nicer >> than asking the user to `customize-variable'). The original discussion >> sort of settled on magically reopening the connection with less security >> but I think that might be a disservice to the users. LI> We would always try to get the most secure TLS connection possible, so I LI> don't quite understand "reconnect"... So my proposal is simply to provide two buttons "allow host X to connect with lower DHE security [temporarily] [permanently]" and when the button is clicked, customize `gnutls-algorithm-priority' to allow DHE to that specific host. `gnutls-negotiate' has to be changed slightly and the connection rejection from insecure hosts will need to be handled in gnutls.c and gnutls.el. I think that's as seamless as we can make it, especially noting that `gnutls-min-prime-bits' is deprecated since GnuTLS 3.1.7 (see http://www.gnutls.org/manual/gnutls.html#index-gnutls_005fdh_005fset_005fprime_005fbits). If we provide that simple UI, plus some help messaging, I think we can disable DHE by default. Based on Nikos' explanation, it seems to be the best way forward. Ted From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 11 17:49:14 2014 Received: (at 16253) by debbugs.gnu.org; 11 Feb 2014 22:49:14 +0000 Received: from localhost ([127.0.0.1]:47953 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDM8g-00054I-9P for submit@debbugs.gnu.org; Tue, 11 Feb 2014 17:49:14 -0500 Received: from fencepost.gnu.org ([208.118.235.10]:55277 ident=Debian-exim) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDM8d-00053z-0n; Tue, 11 Feb 2014 17:49:11 -0500 Received: from 162-229-45-114.lightspeed.cicril.sbcglobal.net ([162.229.45.114]:55799 helo=regnitz) by fencepost.gnu.org with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1WDM8b-0003sP-0V; Tue, 11 Feb 2014 17:49:09 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <21242.43234.861627.965636@gargle.gargle.HOWL> Date: Tue, 11 Feb 2014 16:49:06 -0600 From: "Roland Winkler" To: Ted Zlatanov Subject: Re: bug#11267: bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits, bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). In-Reply-To: <87mwhx686x.fsf@lifelogs.com> References: <87iozfl001.fsf@thinkpad.tsdh.org> <87li24zpg1.fsf@flea.lifelogs.com> <87lhxx6kr0.fsf@building.gnus.org> <871tzbaf1n.fsf@lifelogs.com> <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> <21240.16957.410641.502622@gargle.gargle.HOWL> <87ppmvwu5h.fsf@building.gnus.org> <87d2iv8ck8.fsf@lifelogs.com> <87ppmup75m.fsf@building.gnus.org> <87mwhx686x.fsf@lifelogs.com> X-Mailer: VM 8.2 trial under 24.3.1 (x86_64-unknown-linux-gnu) X-Spam-Score: -5.7 (-----) X-Debbugs-Envelope-To: 16253 Cc: Nikos Mavrogiannopoulos , 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, 11267@debbugs.gnu.org, Tassilo Horn , Lars Ingebrigtsen X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.7 (-----) On Tue Feb 11 2014 Ted Zlatanov wrote: > So my proposal is simply to provide two buttons "allow host X to > connect with lower DHE security [temporarily] [permanently]" and > when the button is clicked, customize `gnutls-algorithm-priority' > to allow DHE to that specific host. > > `gnutls-negotiate' has to be changed slightly and the connection > rejection from insecure hosts will need to be handled in gnutls.c > and gnutls.el. > > I think that's as seamless as we can make it, especially noting > that `gnutls-min-prime-bits' is deprecated since GnuTLS 3.1.7 (see > http://www.gnutls.org/manual/gnutls.html#index-gnutls_005fdh_005fset_005fprime_005fbits). > > If we provide that simple UI, plus some help messaging, I think we > can disable DHE by default. Based on Nikos' explanation, it seems > to be the best way forward. Whatever customizability will be provided (permanently or temporarily on the fly), I'd find it most important to have documentation that allows the user to put the choices into perspective. -- Is this feasible? Certainly, we cannot expect that the average user who is offered a pop-up menu with choices "allow host X to connect with lower DHE security [temporarily] [permanently]" that he can readily understand its implications and put it into perspective. (DHE security lower than what? Lower by how much? How insecure is that?) (According to Murphy's law, this selection will probably pop up most often, when the user is not in the mood to read long info pages...) Roland From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 11 18:54:57 2014 Received: (at 16253) by debbugs.gnu.org; 11 Feb 2014 23:54:57 +0000 Received: from localhost ([127.0.0.1]:47982 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDNAG-0006og-Fv for submit@debbugs.gnu.org; Tue, 11 Feb 2014 18:54:56 -0500 Received: from mail-qg0-f48.google.com ([209.85.192.48]:54443) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDNA6-0006o0-Cg for 16253@debbugs.gnu.org; Tue, 11 Feb 2014 18:54:52 -0500 Received: by mail-qg0-f48.google.com with SMTP id a108so310720qge.7 for <16253@debbugs.gnu.org>; Tue, 11 Feb 2014 15:54:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=DIluoanrtCxxnAlJT5gJfXWLmxp0Hvu7c4qkl1XJX8s=; b=siAQRtXFV/7E8nDW/B0HzftPFpM2pLNcxYC6ZxxxVF679jSogiohmfj4iaKRUKtias CdEU8XvDfGy+2KvGZVnejeoppltDAimMIrS87tHgI1YfeAIXW4fAfMO4fvU0JtKAt5DO JPdJyhE0poZbSq8fOkD46LT54in92vtuaA/tg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=DIluoanrtCxxnAlJT5gJfXWLmxp0Hvu7c4qkl1XJX8s=; b=H7lnk927o51PecWgRzA/hPpwBRrfOIgh9JLhVhpweVGIB/QZYDNb4WCzdzHFZV5yAe xnLequsmIgLQZoP0X3vpLyC99KGd2dcShv+Xkyo62TIsG2HjniMMWgyl2MUlEzBXgHyv NfA3Mxz/Y7TTYNBd0oKLAk1wUTO+zahdUlueCF8DuCq9EmxnJwNL1PRTzGHmXmeZJOb0 oL4LNJAeweX8El1acFgEWi2WzzGUgARI8MvDMmPND/98u6l4KXcl67UseuavgF7Dif5r 9KtFsvZXOXGHzGuxNbVJQKkOx3AexQmg8DmZHd/xzLgJAyOoUqDMgQtgv42bvUeXI9Jv 1chg== X-Gm-Message-State: ALoCoQnh581eGJ+yGs13bUXwMETqXvxRacKFZRE9yEW8oVDjhMqsSHGnGZjUPZCZtFCqFsffK10S X-Received: by 10.224.44.8 with SMTP id y8mr62881309qae.44.1392162880666; Tue, 11 Feb 2014 15:54:40 -0800 (PST) Received: from flea (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id 3sm57437362qan.15.2014.02.11.15.54.39 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Tue, 11 Feb 2014 15:54:40 -0800 (PST) From: Ted Zlatanov To: "Roland Winkler" Subject: Re: bug#11267: bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits, bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <87iozfl001.fsf@thinkpad.tsdh.org> <87lhxx6kr0.fsf@building.gnus.org> <871tzbaf1n.fsf@lifelogs.com> <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> <21240.16957.410641.502622@gargle.gargle.HOWL> <87ppmvwu5h.fsf@building.gnus.org> <87d2iv8ck8.fsf@lifelogs.com> <87ppmup75m.fsf@building.gnus.org> <87mwhx686x.fsf@lifelogs.com> <21242.43234.861627.965636@gargle.gargle.HOWL> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Tue, 11 Feb 2014 18:54:49 -0500 In-Reply-To: <21242.43234.861627.965636@gargle.gargle.HOWL> (Roland Winkler's message of "Tue, 11 Feb 2014 16:49:06 -0600") Message-ID: <8761ol5ho6.fsf@lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 16253 Cc: Nikos Mavrogiannopoulos , 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, 11267@debbugs.gnu.org, Tassilo Horn , Lars Ingebrigtsen X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) On Tue, 11 Feb 2014 16:49:06 -0600 "Roland Winkler" wrote: RW> On Tue Feb 11 2014 Ted Zlatanov wrote: >> So my proposal is simply to provide two buttons "allow host X to >> connect with lower DHE security [temporarily] [permanently]" and >> when the button is clicked, customize `gnutls-algorithm-priority' >> to allow DHE to that specific host. >> >> `gnutls-negotiate' has to be changed slightly and the connection >> rejection from insecure hosts will need to be handled in gnutls.c >> and gnutls.el. >> >> I think that's as seamless as we can make it, especially noting >> that `gnutls-min-prime-bits' is deprecated since GnuTLS 3.1.7 (see >> http://www.gnutls.org/manual/gnutls.html#index-gnutls_005fdh_005fset_005fprime_005fbits). >> >> If we provide that simple UI, plus some help messaging, I think we >> can disable DHE by default. Based on Nikos' explanation, it seems >> to be the best way forward. RW> Whatever customizability will be provided (permanently or RW> temporarily on the fly), I'd find it most important to have RW> documentation that allows the user to put the choices into RW> perspective. -- Is this feasible? Certainly, we cannot expect that RW> the average user who is offered a pop-up menu with choices "allow RW> host X to connect with lower DHE security [temporarily] RW> [permanently]" that he can readily understand its implications and RW> put it into perspective. (DHE security lower than what? Lower by RW> how much? How insecure is that?) I'm sure we can come up with more helpful messaging. Does it have to fit in 78 chars? Can we use buttons? If so, it could be like this, going over 78 but not too much: !! remote host X requires lower security [OK once] [OK always] [Cancel] [?] With the ? taking the user to more details: a help message or even the relevant section of gnutls.texi If we can use a multi-line message it becomes easier, certainly. The buttons could instead be a simple (y,Y,n,?) prompt. But that could be confusing to the inexperienced users we're trying to help. I need some guidance :) I don't know if this has been implemented in another part of Emacs or other packages. Thanks Ted From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 11 23:30:48 2014 Received: (at 16253) by debbugs.gnu.org; 12 Feb 2014 04:30:48 +0000 Received: from localhost ([127.0.0.1]:48129 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDRTD-00089P-NY for submit@debbugs.gnu.org; Tue, 11 Feb 2014 23:30:48 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:60185) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDRTA-000898-Qx; Tue, 11 Feb 2014 23:30:46 -0500 Received: from [204.14.154.233] (helo=building.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1WDRSv-0008O4-0S; Wed, 12 Feb 2014 05:30:29 +0100 From: Lars Ingebrigtsen To: Nikos Mavrogiannopoulos Subject: Re: bug#11267: bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits, bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). References: <87iozfl001.fsf@thinkpad.tsdh.org> <87li24zpg1.fsf@flea.lifelogs.com> <87lhxx6kr0.fsf@building.gnus.org> <871tzbaf1n.fsf@lifelogs.com> <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> <21240.16957.410641.502622@gargle.gargle.HOWL> <87ppmvwu5h.fsf@building.gnus.org> <87d2iv8ck8.fsf@lifelogs.com> <87ppmup75m.fsf@building.gnus.org> <87mwhx686x.fsf@lifelogs.com> Date: Tue, 11 Feb 2014 20:29:09 -0800 In-Reply-To: <87mwhx686x.fsf@lifelogs.com> (Ted Zlatanov's message of "Tue, 11 Feb 2014 09:21:58 -0500") Message-ID: <878uth2bu2.fsf@building.gnus.org> User-Agent: Gnus/5.13001 (Ma Gnus v0.10) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-MailScanner-ID: 1WDRSv-0008O4-0S X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1392784230.10113@Yh5Oe3YALCorsAjMNVXQuA X-Spam-Status: No X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 16253 Cc: 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, Roland Winkler , 11267@debbugs.gnu.org, Tassilo Horn X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Ted Zlatanov writes: > If we provide that simple UI, plus some help messaging, I think we can > disable DHE by default. Based on Nikos' explanation, it seems to be the > best way forward. But why would we disable DHE? Prefer ECDHE over DHE, certainly, but I don't understand disabling... -- (domestic pets only, the antidote for overdose, milk.) bloggy blog http://lars.ingebrigtsen.no/ From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 11 23:32:34 2014 Received: (at 16253) by debbugs.gnu.org; 12 Feb 2014 04:32:34 +0000 Received: from localhost ([127.0.0.1]:48141 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDRUv-0008DA-Lt for submit@debbugs.gnu.org; Tue, 11 Feb 2014 23:32:33 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:60197) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDRUt-0008Cr-Id; Tue, 11 Feb 2014 23:32:32 -0500 Received: from [204.14.154.233] (helo=building.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1WDRUf-0008PH-6h; Wed, 12 Feb 2014 05:32:17 +0100 From: Lars Ingebrigtsen To: "Roland Winkler" Subject: Re: bug#11267: bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits, bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). References: <87iozfl001.fsf@thinkpad.tsdh.org> <871tzbaf1n.fsf@lifelogs.com> <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> <21240.16957.410641.502622@gargle.gargle.HOWL> <87ppmvwu5h.fsf@building.gnus.org> <87d2iv8ck8.fsf@lifelogs.com> <87ppmup75m.fsf@building.gnus.org> <87mwhx686x.fsf@lifelogs.com> <21242.43234.861627.965636@gargle.gargle.HOWL> <8761ol5ho6.fsf@lifelogs.com> Date: Tue, 11 Feb 2014 20:30:58 -0800 In-Reply-To: <8761ol5ho6.fsf@lifelogs.com> (Ted Zlatanov's message of "Tue, 11 Feb 2014 18:54:49 -0500") Message-ID: <874n452br1.fsf@building.gnus.org> User-Agent: Gnus/5.13001 (Ma Gnus v0.10) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-MailScanner-ID: 1WDRUf-0008PH-6h X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1392784337.96077@NqBCDeFUHj7AXQwyWTJGrg X-Spam-Status: No X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 16253 Cc: 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, Nikos Mavrogiannopoulos , 11267@debbugs.gnu.org, Tassilo Horn X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Ted Zlatanov writes: > I'm sure we can come up with more helpful messaging. Does it have > to fit in 78 chars? Can we use buttons? If so, it could be like this, > going over 78 but not too much: > > !! remote host X requires lower security [OK once] [OK always] [Cancel] [?] Yeah, that would be nice. And, remember, somebody (ahem) also has to write code to handle invalid certificates. It could be done the same way. And if the user types "OK always" for this (and for invalid certificates), it should be stored using the customize functions. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog http://lars.ingebrigtsen.no/ From debbugs-submit-bounces@debbugs.gnu.org Wed Feb 12 12:11:54 2014 Received: (at 16253) by debbugs.gnu.org; 12 Feb 2014 17:11:54 +0000 Received: from localhost ([127.0.0.1]:49190 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDdLi-00062F-JT for submit@debbugs.gnu.org; Wed, 12 Feb 2014 12:11:54 -0500 Received: from mail-qc0-f177.google.com ([209.85.216.177]:60735) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WDdLV-00061M-JN for 16253@debbugs.gnu.org; Wed, 12 Feb 2014 12:11:46 -0500 Received: by mail-qc0-f177.google.com with SMTP id i8so15647602qcq.36 for <16253@debbugs.gnu.org>; Wed, 12 Feb 2014 09:11:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=8JdLPzd2z7pTMLLVmZ1ABbxe+o8xuHTlQ36kxIcOr6I=; b=ZSJHazg2rpmFZUWDq39mp5RVcDQ3Aw8DDTiGLgea7PFZKlsSTdtDmpCIDW3WXE6qZn LnjK9tPY5GjoeTXmoJps2l9JpPV+D7jGIgkVXqJQPxZDdZ9EDF0V73awyScKXqMcrK1O xeMpM89IHV7kYemfQmxEw5fLlaKKCtvo3/cvo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=8JdLPzd2z7pTMLLVmZ1ABbxe+o8xuHTlQ36kxIcOr6I=; b=fOLaTo32oQPEzzTEnSEzpis2eDpSlqIsFGODs3dUanHsYPzBdR3I9UrmsF3pd4o8cp jeLuOFY266vGc61BcnChST2kfoly+PFPdZCr3tF3y/p1LL3uP/0JJCbLEYOoKP5qKpFL FebpVZDEdp+ZSjbiG6k1XzRw3Vdhhkc9aHa5+27ONjQglm7lUG1PjEkH/hyaBKmz83+L ryWB4+8Ld37k+hvMI5rH6FhX/G1q+emPV0Xwf7HdP1sUqsPoDoYQlYumGbSWdcI58rs1 NpXQ/TxRD6ifkttlrgFSM7n3V701gjAqgCugv5m0RjfnROw0kcGGFugUujNhTf0uT0Km bEqw== X-Gm-Message-State: ALoCoQlnVoqOBkzDGK4fkWIFq2vqryCbMi6VBVi7viPeARUgtdItAKyoyO2m0uScdQdATss2Vxjf X-Received: by 10.229.90.199 with SMTP id j7mr52359078qcm.14.1392225092037; Wed, 12 Feb 2014 09:11:32 -0800 (PST) Received: from flea (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id y71sm34458039qgd.3.2014.02.12.09.11.30 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Wed, 12 Feb 2014 09:11:31 -0800 (PST) From: Ted Zlatanov To: Lars Ingebrigtsen Subject: Re: bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits, bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough) Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <87iozfl001.fsf@thinkpad.tsdh.org> <87lhxx6kr0.fsf@building.gnus.org> <871tzbaf1n.fsf@lifelogs.com> <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> <21240.16957.410641.502622@gargle.gargle.HOWL> <87ppmvwu5h.fsf@building.gnus.org> <87d2iv8ck8.fsf@lifelogs.com> <87ppmup75m.fsf@building.gnus.org> <87mwhx686x.fsf@lifelogs.com> <874n452br1.fsf@building.gnus.org> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Wed, 12 Feb 2014 12:11:41 -0500 In-Reply-To: <874n452br1.fsf@building.gnus.org> (Lars Ingebrigtsen's message of "Tue, 11 Feb 2014 20:30:58 -0800, Tue, 11 Feb 2014 20:29:09 -0800") Message-ID: <87k3d0gss2.fsf_-_@lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 16253 Cc: Nikos Mavrogiannopoulos , Roland Winkler , 15057@debbugs.gnu.org, 16253@debbugs.gnu.org, 11267@debbugs.gnu.org, Tassilo Horn X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) (I love how mangled the subject line became) On Tue, 11 Feb 2014 20:30:58 -0800 Lars Ingebrigtsen wrote: LI> Ted Zlatanov writes: >> I'm sure we can come up with more helpful messaging. Does it have >> to fit in 78 chars? Can we use buttons? If so, it could be like this, >> going over 78 but not too much: >> >> !! remote host X requires lower security [OK once] [OK always] [Cancel] [?] LI> Yeah, that would be nice. And, remember, somebody (ahem) also has to LI> write code to handle invalid certificates. It could be done the LI> same way. Yes, it's a similar UI. After 24.4. Is that available as a debbugs tag, "target-version=24.5" or something? LI> And if the user types "OK always" for this (and for invalid LI> certificates), it should be stored using the customize functions. Right. I feel Customize is the right place to put certificate exceptions. The user can set their custom.el file to be GnuPG-encrypted if they are concerned. >> If we provide that simple UI, plus some help messaging, I think we can >> disable DHE by default. Based on Nikos' explanation, it seems to be the >> best way forward. LI> But why would we disable DHE? Prefer ECDHE over DHE, certainly, but I LI> don't understand disabling... Nikos advocates (and I agree) that it's prudent to add "!DHE-RSA:!DHE-DSS" to the default priority string. We can make it easy for the user to remove that exclusion or make a specific exception as we've discussed. Ted From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 29 20:00:16 2014 Received: (at control) by debbugs.gnu.org; 30 Jul 2014 00:00:16 +0000 Received: from localhost ([127.0.0.1]:42383 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XCHJY-0007sq-1U for submit@debbugs.gnu.org; Tue, 29 Jul 2014 20:00:16 -0400 Received: from fencepost.gnu.org ([208.118.235.10]:53710 ident=Debian-exim) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XCHJW-0007qE-3t for control@debbugs.gnu.org; Tue, 29 Jul 2014 20:00:14 -0400 Received: from rgm by fencepost.gnu.org with local (Exim 4.71) (envelope-from ) id 1XCHJV-0003bp-8t for control@debbugs.gnu.org; Tue, 29 Jul 2014 20:00:13 -0400 Date: Tue, 29 Jul 2014 20:00:13 -0400 Message-Id: Subject: control message for bug 18148 To: X-Mailer: mail (GNU Mailutils 2.1) From: Glenn Morris X-Spam-Score: -5.7 (-----) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.7 (-----) forcemerge 16253 18148 From debbugs-submit-bounces@debbugs.gnu.org Mon Dec 08 14:58:46 2014 Received: (at 16253) by debbugs.gnu.org; 8 Dec 2014 19:58:46 +0000 Received: from localhost ([127.0.0.1]:58090 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xy4SA-0005OQ-Mv for submit@debbugs.gnu.org; Mon, 08 Dec 2014 14:58:46 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:41810) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xy4S5-0005O3-SO for 16253@debbugs.gnu.org; Mon, 08 Dec 2014 14:58:42 -0500 Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58] helo=stories.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1Xy4Rl-0005yw-8t for 16253@debbugs.gnu.org; Mon, 08 Dec 2014 20:58:17 +0100 From: Lars Magne Ingebrigtsen To: 16253@debbugs.gnu.org Subject: Re: bug#16253: 24.3.50; Irrelevant warnings from gnutls References: <87vbydjnzy.fsf@building.gnus.org> X-Now-Playing: David Bowie's _The Next Day_: "The Next Day" X-Hashcash: 1:23:141208:16253@debbugs.gnu.org::yCaNQFJx0qVCs7aB:0000000000000000000000000000000000000000jAE9 Date: Mon, 08 Dec 2014 20:58:16 +0100 In-Reply-To: <87vbydjnzy.fsf@building.gnus.org> (Lars Ingebrigtsen's message of "Wed, 25 Dec 2013 10:09:21 +0100") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-MailScanner-ID: 1Xy4Rl-0005yw-8t X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1418673497.36594@7jKBM3OHM2bMOvhZORvm7w X-Spam-Status: No X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 16253 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Lars Ingebrigtsen writes: > gnutls.c: [0] (Emacs) fatal error: The TLS connection was non-properly terminated. > > Normal network connections don't give any warnings, so TLS connections > shouldn't, either. I've now moved the fatal GnuTLS errors to level 1, so nothing is messaged by default. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no From debbugs-submit-bounces@debbugs.gnu.org Mon Dec 08 14:58:39 2014 Received: (at control) by debbugs.gnu.org; 8 Dec 2014 19:58:39 +0000 Received: from localhost ([127.0.0.1]:58088 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xy4S7-0005OB-EW for submit@debbugs.gnu.org; Mon, 08 Dec 2014 14:58:39 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:41812) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xy4S6-0005O4-MX for control@debbugs.gnu.org; Mon, 08 Dec 2014 14:58:39 -0500 Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58] helo=stories.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1Xy4Ro-0005z5-76 for control@debbugs.gnu.org; Mon, 08 Dec 2014 20:58:20 +0100 Date: Mon, 08 Dec 2014 20:58:19 +0100 Message-Id: To: control@debbugs.gnu.org From: Lars Magne Ingebrigtsen Subject: control message for bug #16253 X-MailScanner-ID: 1Xy4Ro-0005z5-76 X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1418673500.83048@6pHz1TVrSqop63s9eQXEtQ X-Spam-Status: No X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) tags 16253 fixed close 16253 25.1 From unknown Fri Aug 15 14:48:03 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Tue, 06 Jan 2015 12:24:06 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator From debbugs-submit-bounces@debbugs.gnu.org Tue Jan 10 12:56:34 2017 Received: (at control) by debbugs.gnu.org; 10 Jan 2017 17:56:34 +0000 Received: from localhost ([127.0.0.1]:49102 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cR0ew-0008Ga-Gi for submit@debbugs.gnu.org; Tue, 10 Jan 2017 12:56:34 -0500 Received: from eggs.gnu.org ([208.118.235.92]:59591) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cR0ev-0008GP-Gy for control@debbugs.gnu.org; Tue, 10 Jan 2017 12:56:33 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cR0ep-0003N1-No for control@debbugs.gnu.org; Tue, 10 Jan 2017 12:56:28 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-5.1 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:35055) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cR0ep-0003Mq-Kl for control@debbugs.gnu.org; Tue, 10 Jan 2017 12:56:27 -0500 Received: from rgm by fencepost.gnu.org with local (Exim 4.82) (envelope-from ) id 1cR0ep-0004j8-Ax for control@debbugs.gnu.org; Tue, 10 Jan 2017 12:56:27 -0500 Subject: control message for bug 25396 To: X-Mailer: mail (GNU Mailutils 2.99.98) Message-Id: From: Glenn Morris Date: Tue, 10 Jan 2017 12:56:27 -0500 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -8.2 (--------) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -8.2 (--------) unarchive 16253 forcemerge 16253 25396 From unknown Fri Aug 15 14:48:03 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Wed, 08 Feb 2017 12:24:03 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator