From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Lars Ingebrigtsen Newsgroups: gmane.emacs.bugs Subject: bug#31946: 27.0.50; The NSM should warn about more TLS problems Date: Sun, 08 Jul 2018 20:36:58 +0200 Message-ID: <8736wtmv5h.fsf@mouse.gnus.org> References: <87fu1apchn.fsf@gmail.com> <87sh4zlr6e.fsf@gmail.com> <871scdoli3.fsf@mouse.gnus.org> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: blaine.gmane.org 1531074966 8909 195.159.176.226 (8 Jul 2018 18:36:06 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sun, 8 Jul 2018 18:36:06 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) Cc: 31946@debbugs.gnu.org To: Noam Postavsky Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sun Jul 08 20:36:02 2018 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fcEXQ-00028Z-NO for geb-bug-gnu-emacs@m.gmane.org; Sun, 08 Jul 2018 20:36:00 +0200 Original-Received: from localhost ([::1]:37881 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fcEZX-0008VF-ML for geb-bug-gnu-emacs@m.gmane.org; Sun, 08 Jul 2018 14:38:11 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:38970) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fcEZR-0008Uy-4e for bug-gnu-emacs@gnu.org; Sun, 08 Jul 2018 14:38:06 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fcEZO-0005Nj-1e for bug-gnu-emacs@gnu.org; Sun, 08 Jul 2018 14:38:05 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:43509) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fcEZN-0005NP-Tx for bug-gnu-emacs@gnu.org; Sun, 08 Jul 2018 14:38:01 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1fcEZN-0005UK-NX for bug-gnu-emacs@gnu.org; Sun, 08 Jul 2018 14:38:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Lars Ingebrigtsen Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sun, 08 Jul 2018 18:38:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 31946 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Original-Received: via spool by 31946-submit@debbugs.gnu.org id=B31946.153107502921039 (code B ref 31946); Sun, 08 Jul 2018 18:38:01 +0000 Original-Received: (at 31946) by debbugs.gnu.org; 8 Jul 2018 18:37:09 +0000 Original-Received: from localhost ([127.0.0.1]:51406 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fcEYX-0005TH-A7 for submit@debbugs.gnu.org; Sun, 08 Jul 2018 14:37:09 -0400 Original-Received: from hermes.netfonds.no ([80.91.224.195]:36237) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fcEYV-0005T9-HX for 31946@debbugs.gnu.org; Sun, 08 Jul 2018 14:37:08 -0400 Original-Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=marnie) by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1fcEYS-0003CW-S1; Sun, 08 Jul 2018 20:37:06 +0200 In-Reply-To: <871scdoli3.fsf@mouse.gnus.org> (Lars Ingebrigtsen's message of "Sun, 08 Jul 2018 16:22:28 +0200") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:148356 Archived-At: And this it the patch. It'd have to be cleaned up and autoconfiged, of course, if this turns out to be the way to go. (And who's responsibility is it to clean up the data in &issuer anyway? I can't use gnutls_free, because the datum itself shouldn't be freed...) diff --git a/src/gnutls.c b/src/gnutls.c index dfbbecfc87..69b64ae96d 100644 --- a/src/gnutls.c +++ b/src/gnutls.c @@ -1031,6 +1031,16 @@ gnutls_certificate_details (gnutls_x509_crt_t cert) } /* Issuer. */ +#if 1 + { + gnutls_datum_t issuer; + err = gnutls_x509_crt_get_issuer_dn3 (cert, &issuer, 0); + if (err >= GNUTLS_E_SUCCESS) + res = nconc2 (res, list2 (intern (":issuer"), + make_string ((char *) issuer.data, + issuer.size))); + } +#else buf_size = 0; err = gnutls_x509_crt_get_issuer_dn (cert, NULL, &buf_size); check_memory_full (err); @@ -1044,6 +1054,7 @@ gnutls_certificate_details (gnutls_x509_crt_t cert) make_string (dn, buf_size))); xfree (dn); } +#endif /* Validity. */ { @@ -1062,6 +1073,16 @@ gnutls_certificate_details (gnutls_x509_crt_t cert) } /* Subject. */ +#if 1 + { + gnutls_datum_t subject; + err = gnutls_x509_crt_get_dn3 (cert, &subject, 0); + if (err >= GNUTLS_E_SUCCESS) + res = nconc2 (res, list2 (intern (":subject"), + make_string ((char *) subject.data, + subject.size))); + } +#else buf_size = 0; err = gnutls_x509_crt_get_dn (cert, NULL, &buf_size); check_memory_full (err); @@ -1075,6 +1096,7 @@ gnutls_certificate_details (gnutls_x509_crt_t cert) make_string (dn, buf_size))); xfree (dn); } +#endif /* SubjectPublicKeyInfo. */ { -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no