GNU bug report logs - #31946
27.0.50; The NSM should warn about more TLS problems

Previous Next

Package: emacs;

Reported by: Lars Ingebrigtsen <larsi <at> gnus.org>

Date: Sat, 23 Jun 2018 10:39:02 UTC

Severity: normal

Tags: fixed, security

Found in version 27.0.50

Fixed in version 27.1

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Eli Zaretskii <eliz <at> gnu.org>
To: Lars Ingebrigtsen <larsi <at> gnus.org>
Cc: 31946 <at> debbugs.gnu.org, wyuenho <at> gmail.com, npostavs <at> gmail.com
Subject: bug#31946: 27.0.50; The NSM should warn about more TLS problems
Date: Wed, 27 Jun 2018 18:16:08 +0300

> From: Lars Ingebrigtsen <larsi <at> gnus.org>
> Cc: 31946 <at> debbugs.gnu.org,  Noam Postavsky <npostavs <at> gmail.com>, Eli Zaretskii <eliz <at> gnu.org>
> Date: Wed, 27 Jun 2018 14:20:16 +0200
> 
> Speaking of which -- it's quite a mouthful to say:
> 
> (open-network-stream
>  "foo" nil "dh-composite.badssl.com" "https"
>  :tls-parameters (cons 'gnutls-x509pki (gnutls-boot-parameters
>                                         :hostname "dh-composite.badssl.com")))
> 
> I've been meaning to add a :tls keyword to `open-network-stream' that
> would make
> 
> (open-network-stream "foo" nil "dh-composite.badssl.com" "https" :tls t)
> 
> a short way to write the above.  I.e., the default TLS parameters (which
> is what you need in 99.9% of the cases) would be used if you just say
> :tls t.
> 
> Does that sound OK to you, Eli?

Sounds good, but does it really require a new property?  Why not a
special value of the existing :tls-parameters?  For example:

  (open-network-stream "foo" nil "dh-composite.badssl.com" "https"
                       :tls-parameters 'tls-defaults)
This bug report was last modified 5 years and 328 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.