* bug#13877: 24.3; gnutls.el: Enable Certificate Checks
@ 2013-03-05 10:40 Moritz Ulrich
2013-03-05 16:51 ` Glenn Morris
0 siblings, 1 reply; 4+ messages in thread
From: Moritz Ulrich @ 2013-03-05 10:40 UTC (permalink / raw)
To: 13877
Currently, gnutls.el doesn't check certificate signatures when used via
`open-network-stream' with :type 'tls or `open-gnutls-stream'.
This is caused by the following code from `open-gnutls-stream'
(gnutls.el:110):
--8<---------------cut here---------------start------------->8---
(gnutls-negotiate :process (open-network-stream name buffer host service)
:type 'gnutls-x509pki
:hostname host)
--8<---------------cut here---------------end--------------->8---
There is NO way to set :verify-host, :verify-flags, etc. for this call
to `gnutls-negotiate' when using gnutls via high-level functions like
`open-network-stream'.
I consider this a bug, as Emacs won't check any certificates and
therefore allow man in the middle attacks without even documenting this.
It should at least be possible to pass :verify-* from
`open-network-stream' down to `gnutls-negotiate'. That would be a simple
yet effective solution.
In GNU Emacs 24.3.1 (x86_64-apple-darwin11.4.2, NS apple-appkit-1138.51)
of 2013-03-05 on Moritzs-MacBook-Air
Windowing system distributor `Apple', version 10.3.1138
Configured using:
`configure '--prefix=/usr/local/Cellar/emacs/24.3-rc1' '--without-dbus'
'--enable-locallisppath=/usr/local/share/emacs/site-lisp'
'--infodir=/usr/local/Cellar/emacs/24.3-rc1/share/info/emacs'
'--with-ns' '--disable-ns-self-contained' '--with-gnutls' '--with-jpeg'
'--with-xml2' '--with-imagemagick' 'CC=cc''
<#secure method=pgpmime mode=sign>
--
Moritz Ulrich
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#13877: 24.3; gnutls.el: Enable Certificate Checks
2013-03-05 10:40 bug#13877: 24.3; gnutls.el: Enable Certificate Checks Moritz Ulrich
@ 2013-03-05 16:51 ` Glenn Morris
2013-03-14 12:19 ` bug#13374: " Ted Zlatanov
0 siblings, 1 reply; 4+ messages in thread
From: Glenn Morris @ 2013-03-05 16:51 UTC (permalink / raw)
To: Moritz Ulrich; +Cc: 13877
Moritz Ulrich wrote:
> Currently, gnutls.el doesn't check certificate signatures when used via
> `open-network-stream' with :type 'tls or `open-gnutls-stream'.
Please see http://debbugs.gnu.org/13374
It was considered too complicated to fix this properly for 24.3.
> There is NO way to set :verify-host, :verify-flags, etc. for this call
> to `gnutls-negotiate' when using gnutls via high-level functions like
> `open-network-stream'.
>
> I consider this a bug, as Emacs won't check any certificates and
> therefore allow man in the middle attacks without even documenting this.
>
> It should at least be possible to pass :verify-* from
> `open-network-stream' down to `gnutls-negotiate'. That would be a simple
> yet effective solution.
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#13374: bug#13877: 24.3; gnutls.el: Enable Certificate Checks
2013-03-05 16:51 ` Glenn Morris
@ 2013-03-14 12:19 ` Ted Zlatanov
2013-03-27 13:20 ` Ted Zlatanov
0 siblings, 1 reply; 4+ messages in thread
From: Ted Zlatanov @ 2013-03-14 12:19 UTC (permalink / raw)
To: Glenn Morris; +Cc: 13374, 13877
On Tue, 05 Mar 2013 11:51:33 -0500 Glenn Morris <rgm@gnu.org> wrote:
GM> Moritz Ulrich wrote:
>> Currently, gnutls.el doesn't check certificate signatures when used via
>> `open-network-stream' with :type 'tls or `open-gnutls-stream'.
GM> Please see http://debbugs.gnu.org/13374
GM> It was considered too complicated to fix this properly for 24.3.
>> There is NO way to set :verify-host, :verify-flags, etc. for this call
>> to `gnutls-negotiate' when using gnutls via high-level functions like
>> `open-network-stream'.
>>
>> I consider this a bug, as Emacs won't check any certificates and
>> therefore allow man in the middle attacks without even documenting this.
>>
>> It should at least be possible to pass :verify-* from
>> `open-network-stream' down to `gnutls-negotiate'. That would be a simple
>> yet effective solution.
I would like to fix this properly now that 24.3 is out, but perhaps the
emacs-devel mailing list is a better place to work on it?
Ted
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#13374: bug#13877: 24.3; gnutls.el: Enable Certificate Checks
2013-03-14 12:19 ` bug#13374: " Ted Zlatanov
@ 2013-03-27 13:20 ` Ted Zlatanov
0 siblings, 0 replies; 4+ messages in thread
From: Ted Zlatanov @ 2013-03-27 13:20 UTC (permalink / raw)
To: Glenn Morris, Moritz Ulrich; +Cc: 13374, 13877
On Thu, 14 Mar 2013 08:19:09 -0400 Ted Zlatanov <tzz@lifelogs.com> wrote:
TZ> On Tue, 05 Mar 2013 11:51:33 -0500 Glenn Morris <rgm@gnu.org> wrote:
GM> Moritz Ulrich wrote:
>>> Currently, gnutls.el doesn't check certificate signatures when used via
>>> `open-network-stream' with :type 'tls or `open-gnutls-stream'.
GM> Please see http://debbugs.gnu.org/13374
GM> It was considered too complicated to fix this properly for 24.3.
TZ> I would like to fix this properly now that 24.3 is out, but perhaps the
TZ> emacs-devel mailing list is a better place to work on it?
I started the discussion in emacs-devel. Please contribute your ideas
and opinions.
Ted
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2013-03-27 13:20 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-03-05 10:40 bug#13877: 24.3; gnutls.el: Enable Certificate Checks Moritz Ulrich
2013-03-05 16:51 ` Glenn Morris
2013-03-14 12:19 ` bug#13374: " Ted Zlatanov
2013-03-27 13:20 ` Ted Zlatanov
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).