From unknown Tue Aug 19 10:02:40 2025 X-Loop: help-debbugs@gnu.org Subject: bug#17061: 24.3.50; Gnus fails for self-signed certs when gnutls-verify-error is t Resent-From: Jens Lechtenboerger Original-Sender: "Debbugs-submit" Resent-CC: bugs@gnus.org Resent-Date: Fri, 21 Mar 2014 19:43:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 17061 X-GNU-PR-Package: gnus X-GNU-PR-Keywords: To: 17061@debbugs.gnu.org X-Debbugs-Original-To: submit@debbugs.gnu.org (The Gnus Bugfixing Girls + Boys) Received: via spool by submit@debbugs.gnu.org id=B.139543092826951 (code B ref -1); Fri, 21 Mar 2014 19:43:02 +0000 Received: (at submit) by debbugs.gnu.org; 21 Mar 2014 19:42:08 +0000 Received: from localhost ([127.0.0.1]:43881 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WR5KR-00070d-IC for submit@debbugs.gnu.org; Fri, 21 Mar 2014 15:42:07 -0400 Received: from mx1.mailbox.org ([80.241.60.212]:34060) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WR5KO-00070S-Rr for submit@debbugs.gnu.org; Fri, 21 Mar 2014 15:42:05 -0400 Received: from smtp1.mailbox.org (smtp1.mailbox.org [80.241.60.240]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.mailbox.org (Postfix) with ESMTPS id CC7CE40008 for ; Fri, 21 Mar 2014 20:42:03 +0100 (CET) X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp1.mailbox.org ([80.241.60.240]) by gerste.heinlein-support.de (gerste.heinlein-support.de [91.198.250.173]) (amavisd-new, port 10030) with ESMTP id bnpiX6YEeluv for ; Fri, 21 Mar 2014 20:42:02 +0100 (CET) From: Jens Lechtenboerger OpenPGP: id=0xA142FD84; url=http://www.informationelle-selbstbestimmung-im-internet.de/A142FD84.asc Date: Fri, 21 Mar 2014 20:42:01 +0100 Message-ID: <86vbv7jq46.fsf@informationelle-selbstbestimmung-im-internet.de> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) Hi there, when gnutls-verify-error is t, Gnus fails to establish connections to servers with self-signed certificates. This is to be expected, but I do not get any information about certificate problems at all. Gnus just fails silently and reports the server as offline in the *Server* buffer. This happens when Gnus upgrades the connection via STARTTLS as well as when I request TLS via nntp-open-tls-stream, e.g., for gmane: (setq gnutls-verify-error t gnus-select-method '(nntp "news.gmane.org" (nntp-open-connection-function nntp-open-tls-stream) (nntp-port-number 563) (nntp-address "news.gmane.org"))) I believe that some notification is necessary. Thanks Jens P.S. Output of gnus-bug: Ma Gnus v0.10 GNU Emacs 24.3.50.1 (i686-pc-linux-gnu, GTK+ Version 2.20.1) of 2014-03-21 on pcwi7557 From unknown Tue Aug 19 10:02:40 2025 X-Loop: help-debbugs@gnu.org Subject: bug#17061: 24.3.50; Gnus fails for self-signed certs when gnutls-verify-error is t Resent-From: Lars Ingebrigtsen Original-Sender: "Debbugs-submit" Resent-CC: bugs@gnus.org Resent-Date: Tue, 24 Jan 2017 23:51:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 17061 X-GNU-PR-Package: gnus X-GNU-PR-Keywords: To: Jens Lechtenboerger Cc: 17061@debbugs.gnu.org Received: via spool by 17061-submit@debbugs.gnu.org id=B17061.148530185411938 (code B ref 17061); Tue, 24 Jan 2017 23:51:01 +0000 Received: (at 17061) by debbugs.gnu.org; 24 Jan 2017 23:50:54 +0000 Received: from localhost ([127.0.0.1]:41146 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWArW-00036U-9Z for submit@debbugs.gnu.org; Tue, 24 Jan 2017 18:50:54 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:51986) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWArV-00036N-5b for 17061@debbugs.gnu.org; Tue, 24 Jan 2017 18:50:53 -0500 Received: from 2.150.49.21.tmi.telenormobil.no ([2.150.49.21] helo=mouse) by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1cWArS-0006Ad-ED; Wed, 25 Jan 2017 00:50:52 +0100 From: Lars Ingebrigtsen References: <86vbv7jq46.fsf@informationelle-selbstbestimmung-im-internet.de> Date: Wed, 25 Jan 2017 00:50:44 +0100 In-Reply-To: <86vbv7jq46.fsf@informationelle-selbstbestimmung-im-internet.de> (Jens Lechtenboerger's message of "Fri, 21 Mar 2014 20:42:01 +0100") Message-ID: <87lgu0augb.fsf@gnus.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Jens Lechtenboerger writes: > when gnutls-verify-error is t, Gnus fails to establish connections > to servers with self-signed certificates. This is to be expected, > but I do not get any information about certificate problems at all. > Gnus just fails silently and reports the server as offline in the > *Server* buffer. Aren't there any messages from the gnutls layer saying what happened? I don't think there's any good mechanism to report these errors back up to the application layer... or is there? -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no From unknown Tue Aug 19 10:02:40 2025 X-Loop: help-debbugs@gnu.org Subject: bug#17061: 24.3.50; Gnus fails for self-signed certs when gnutls-verify-error is t Resent-From: Jens Lechtenboerger Original-Sender: "Debbugs-submit" Resent-CC: bugs@gnus.org Resent-Date: Wed, 25 Jan 2017 18:31:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 17061 X-GNU-PR-Package: gnus X-GNU-PR-Keywords: To: Lars Ingebrigtsen Cc: 17061@debbugs.gnu.org Received: via spool by 17061-submit@debbugs.gnu.org id=B17061.14853690366525 (code B ref 17061); Wed, 25 Jan 2017 18:31:01 +0000 Received: (at 17061) by debbugs.gnu.org; 25 Jan 2017 18:30:36 +0000 Received: from localhost ([127.0.0.1]:43309 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWSL5-0001hA-Ux for submit@debbugs.gnu.org; Wed, 25 Jan 2017 13:30:36 -0500 Received: from mx2.mailbox.org ([80.241.60.215]:51701) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWSL4-0001gw-2V for 17061@debbugs.gnu.org; Wed, 25 Jan 2017 13:30:34 -0500 Received: from smtp1.mailbox.org (smtp1.mailbox.org [80.241.60.240]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx2.mailbox.org (Postfix) with ESMTPS id AB2F444E0C; Wed, 25 Jan 2017 19:30:27 +0100 (CET) X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp1.mailbox.org ([80.241.60.240]) by hefe.heinlein-support.de (hefe.heinlein-support.de [91.198.250.172]) (amavisd-new, port 10030) with ESMTP id ZLHu-kc1LhkZ; Wed, 25 Jan 2017 19:30:25 +0100 (CET) From: Jens Lechtenboerger References: <86vbv7jq46.fsf@informationelle-selbstbestimmung-im-internet.de> <87lgu0augb.fsf@gnus.org> OpenPGP: id=0xA142FD84; url=https://www.informationelle-selbstbestimmung-im-internet.de/A142FD84.asc Date: Wed, 25 Jan 2017 19:30:23 +0100 In-Reply-To: <87lgu0augb.fsf@gnus.org> (Lars Ingebrigtsen's message of "Wed, 25 Jan 2017 00:50:44 +0100") Message-ID: <87y3xzhu0w.fsf@informationelle-selbstbestimmung-im-internet.de> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On 2017-01-25, at 00:50, Lars Ingebrigtsen wrote: > Jens Lechtenboerger writes: > >> when gnutls-verify-error is t, Gnus fails to establish connections >> to servers with self-signed certificates. This is to be expected, >> but I do not get any information about certificate problems at all. >> Gnus just fails silently and reports the server as offline in the >> *Server* buffer. > > Aren't there any messages from the gnutls layer saying what happened? > > I don't think there's any good mechanism to report these errors back up > to the application layer... or is there? I don=E2=80=99t have 24.3.50 around any more. More recent versions (24.5.1, 26.x) indeed show a reasonable certificate warning message and ask whether to continue. Best wishes Jens From unknown Tue Aug 19 10:02:40 2025 X-Loop: help-debbugs@gnu.org Subject: bug#17061: 24.3.50; Gnus fails for self-signed certs when gnutls-verify-error is t Resent-From: Lars Ingebrigtsen Original-Sender: "Debbugs-submit" Resent-CC: bugs@gnus.org Resent-Date: Wed, 25 Jan 2017 18:33:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 17061 X-GNU-PR-Package: gnus X-GNU-PR-Keywords: To: Jens Lechtenboerger Cc: 17061@debbugs.gnu.org Received: via spool by 17061-submit@debbugs.gnu.org id=B17061.14853691496808 (code B ref 17061); Wed, 25 Jan 2017 18:33:02 +0000 Received: (at 17061) by debbugs.gnu.org; 25 Jan 2017 18:32:29 +0000 Received: from localhost ([127.0.0.1]:43335 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWSMv-0001lk-6C for submit@debbugs.gnu.org; Wed, 25 Jan 2017 13:32:29 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:43194) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWSMt-0001ld-Nu for 17061@debbugs.gnu.org; Wed, 25 Jan 2017 13:32:28 -0500 Received: from 2.150.50.220.tmi.telenormobil.no ([2.150.50.220] helo=mouse) by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1cWSMr-0003DX-2z; Wed, 25 Jan 2017 19:32:27 +0100 From: Lars Ingebrigtsen In-Reply-To: <87y3xzhu0w.fsf@informationelle-selbstbestimmung-im-internet.de> (Jens Lechtenboerger's message of "Wed, 25 Jan 2017 19:30:23 +0100") Date: Wed, 25 Jan 2017 19:32:10 +0100 Message-ID: <87tw8nng7p.fsf@gnus.org> References: <86vbv7jq46.fsf@informationelle-selbstbestimmung-im-internet.de> <87lgu0augb.fsf@gnus.org> <87y3xzhu0w.fsf@informationelle-selbstbestimmung-im-internet.de> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Jens Lechtenboerger writes: > I dont have 24.3.50 around any more. More recent versions (24.5.1, > 26.x) indeed show a reasonable certificate warning message and ask > whether to continue. Great; closing. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no From debbugs-submit-bounces@debbugs.gnu.org Wed Jan 25 13:32:36 2017 Received: (at control) by debbugs.gnu.org; 25 Jan 2017 18:32:36 +0000 Received: from localhost ([127.0.0.1]:43338 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWSN2-0001m4-DD for submit@debbugs.gnu.org; Wed, 25 Jan 2017 13:32:36 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:43202) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWSN1-0001lw-6o for control@debbugs.gnu.org; Wed, 25 Jan 2017 13:32:35 -0500 Received: from 2.150.50.220.tmi.telenormobil.no ([2.150.50.220] helo=mouse) by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1cWSMz-0003pw-0s for control@debbugs.gnu.org; Wed, 25 Jan 2017 19:32:34 +0100 From: Lars Ingebrigtsen To: control@debbugs.gnu.org Subject: control message for bug #17061 Message-ID: <87sho7ng7m.fsf@totally-fudged-out-message-id> Date: Wed, 25 Jan 2017 19:32:27 +0100 User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) close 17061