From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Jens Lechtenboerger Newsgroups: gmane.emacs.bugs Subject: bug#16978: 24.3; SSL/TLS with multiple man-in-the-middle vulnerabilities Date: Tue, 11 Mar 2014 18:04:25 +0100 Message-ID: <86mwgwu0o6.fsf@informationelle-selbstbestimmung-im-internet.de> References: <86siqqv938.fsf@informationelle-selbstbestimmung-im-internet.de> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1394557510 28158 80.91.229.3 (11 Mar 2014 17:05:10 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Tue, 11 Mar 2014 17:05:10 +0000 (UTC) Cc: 16978@debbugs.gnu.org To: Glenn Morris Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Tue Mar 11 18:05:19 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1WNQ7C-00051G-Eq for geb-bug-gnu-emacs@m.gmane.org; Tue, 11 Mar 2014 18:05:18 +0100 Original-Received: from localhost ([::1]:56553 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WNQ7C-00050m-23 for geb-bug-gnu-emacs@m.gmane.org; Tue, 11 Mar 2014 13:05:18 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:42898) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WNQ72-0004ye-Ui for bug-gnu-emacs@gnu.org; Tue, 11 Mar 2014 13:05:14 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WNQ6x-000549-1c for bug-gnu-emacs@gnu.org; Tue, 11 Mar 2014 13:05:08 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:60567) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WNQ6w-00053u-VW for bug-gnu-emacs@gnu.org; Tue, 11 Mar 2014 13:05:03 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1WNQ6w-0007OV-KD for bug-gnu-emacs@gnu.org; Tue, 11 Mar 2014 13:05:02 -0400 X-Loop: help-debbugs@gnu.org In-Reply-To: <86siqqv938.fsf@informationelle-selbstbestimmung-im-internet.de> Resent-From: Jens Lechtenboerger Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 11 Mar 2014 17:05:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 16978 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 16978-submit@debbugs.gnu.org id=B16978.139455747428370 (code B ref 16978); Tue, 11 Mar 2014 17:05:02 +0000 Original-Received: (at 16978) by debbugs.gnu.org; 11 Mar 2014 17:04:34 +0000 Original-Received: from localhost ([127.0.0.1]:33516 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WNQ6T-0007NW-Km for submit@debbugs.gnu.org; Tue, 11 Mar 2014 13:04:33 -0400 Original-Received: from moutng.kundenserver.de ([212.227.17.13]:60757) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WNQ6Q-0007NI-LW for 16978@debbugs.gnu.org; Tue, 11 Mar 2014 13:04:31 -0400 Original-Received: from PC (mnsr-4db0a1f9.pool.mediaWays.net [77.176.161.249]) by mrelayeu.kundenserver.de (node=mreue105) with ESMTP (Nemesis) id 0Mf1GD-1WY6QC3r6f-00OX7J; Tue, 11 Mar 2014 18:04:26 +0100 OpenPGP: id=0xA142FD84; url=http://www.informationelle-selbstbestimmung-im-internet.de/A142FD84.asc User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux) X-Provags-ID: V02:K0:5a2Hnnv9idcxxoopmy2eogGCP0eO61yMgwskz+diFR8 dQJO0JXC/EEyFrzVxUfytw1P1OdMi7KlTT17ZF6wb1quo+gR3i Joc1OAHOf90VC2G8SwNBiFQBS1wi7c1yq+oyaurZHAt+f2KxST O5u40Q2QWqG6uFLtgnx7+TJ5OxS5lAF/KSdaDkznjmstJqGBPP Dpqg602jzqpqWKlygTDVqnDPCseWOC4YDrawd2gJuE15PE5eFu 7+E4thGnUf6xlOfP2OU4WmYE7kcXGd9RXB9Cn3b8lYe4O5FNYp MSdQQ4PtdruFGxEtBr13P5a3dvTsfVWyUa0czF2xekKj56UaiK X68sufcaVC2ApS/sb7Kidf8QS/FLGCrfLtvDpuygqqfT1TF/yH QDYuTcFOCZhEA== X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:86744 Archived-At: On Mo, Mar 10 2014, Glenn Morris wrote: > Please see http://debbugs.gnu.org/13374 I wasn't aware of that, sorry. I'm now on GNU Emacs 24.3.50.1. I can't get gnutls-verify-error to work. So far I only tried that with NNTPS, not SMTP. If I set gnutls-verify-error to t, the TCP connection to port 563 is closed immediately (on the wire I see FIN/ACK immediately after the three-way handshake; no TLS related data at all). Afterwards, the server is shown as offline in the server buffer. gnus-server-open-server fails as long as gnutls-verify-error is t. imap.el is still using openssl's s_client. tls.el is still using the switch --insecure for gnutls-cli. Best wishes Jens