From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Noam Postavsky Newsgroups: gmane.emacs.bugs Subject: bug#34937: [PATCH] update user docs for emacs-gnutls; tofu and program vs built-in Date: Tue, 16 Apr 2019 20:23:28 -0400 Message-ID: <87bm15xywv.fsf@gmail.com> References: <20190321162620.85383-1-tara@anne.cat> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="267931"; mail-complaints-to="usenet@blaine.gmane.org" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) Cc: 34937@debbugs.gnu.org To: Tara Sawyer Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Wed Apr 17 02:24:14 2019 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([209.51.188.17]) by blaine.gmane.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1hGYN3-0017UM-Ty for geb-bug-gnu-emacs@m.gmane.org; Wed, 17 Apr 2019 02:24:14 +0200 Original-Received: from localhost ([127.0.0.1]:44538 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hGYN2-0004vo-W7 for geb-bug-gnu-emacs@m.gmane.org; Tue, 16 Apr 2019 20:24:13 -0400 Original-Received: from eggs.gnu.org ([209.51.188.92]:36340) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hGYMw-0004vg-Lb for bug-gnu-emacs@gnu.org; Tue, 16 Apr 2019 20:24:07 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hGYMu-0006cn-Oi for bug-gnu-emacs@gnu.org; Tue, 16 Apr 2019 20:24:06 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:53506) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hGYMs-0006cU-E2 for bug-gnu-emacs@gnu.org; Tue, 16 Apr 2019 20:24:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hGYMs-0003lb-8J for bug-gnu-emacs@gnu.org; Tue, 16 Apr 2019 20:24:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Noam Postavsky Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Wed, 17 Apr 2019 00:24:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 34937 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 34937-submit@debbugs.gnu.org id=B34937.155546061914449 (code B ref 34937); Wed, 17 Apr 2019 00:24:02 +0000 Original-Received: (at 34937) by debbugs.gnu.org; 17 Apr 2019 00:23:39 +0000 Original-Received: from localhost ([127.0.0.1]:38817 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hGYMT-0003kw-Qd for submit@debbugs.gnu.org; Tue, 16 Apr 2019 20:23:39 -0400 Original-Received: from mail-qt1-f181.google.com ([209.85.160.181]:40561) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hGYMR-0003kb-Ss for 34937@debbugs.gnu.org; Tue, 16 Apr 2019 20:23:36 -0400 Original-Received: by mail-qt1-f181.google.com with SMTP id x12so25485336qts.7 for <34937@debbugs.gnu.org>; Tue, 16 Apr 2019 17:23:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=D1Xe+BjQjivnbkJ/8WHUi/VsNwHyq32te6i5G+etm9U=; b=pc8IL+5TlP8ADsJY2MlV7DObA6MPi+q7JojP+4DiOdxVw01kxlDtPs87yE8+YaeYSc WXLfQ+WkDTlgEEZEWhhaYMugXvi1jPaLgyzyKqtXQ9Dh0xs/CU3ePIG/x2Eo7sg6b2pv d8cmd5/bbkJs2vo/dCY9CPIWHezLKSnEOWB4Zrr4nMDB9kzhB3doaNrKo4YeHlv+whpJ KsKhN7DNbuYLo5qqOKfJ+ERHdtDrlKJ3VgH6mnahucTC6QuIjezp1VEtflqmsJpuipxJ dRZMUtJ3L4e4/B8Ogj2GmmrM9dV1J/c3KrrKRpqIFKj7IUz1Yg+8kw5opBtaBcYBxFQf Terg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=D1Xe+BjQjivnbkJ/8WHUi/VsNwHyq32te6i5G+etm9U=; b=i/ji7ndEwW+B7+spjenI9n3t+WPV86uuQzHQcXPpmQ8vp0fGOt9dF+BTsQja3BJJBG zIcw/I9NX4HAtwVVyh61FyrsDmuOzzvm4saUi8FSDpAVhjvZ5VTbmiAZVISlwhz1ie1C w7P3tuFgseEwa7mgzu3yjj4tymEP1oK7D/DhXXvwBOBnl002w5AewNh+GO3heePoa52m 1EXUEgnQspdXf8B+ph4d9eJixadQ5hb6Nwa9gdtTmuQtA1XhQFeplmZU64Le0+bGoOdt e4GxteGoeQW9jnKZ2rqJUFjKZlKOJdrhkymYG/VUlw2JKPcz7nIFfHbSNbGccQahfzkn pODw== X-Gm-Message-State: APjAAAVsBLtUzaPWUSNscR+6zdOgtAtao4DuNQUAurN0FGeq0cMrA0mO CbT6OUJRKr7MpQNsVv7/Vvc7NSk6 X-Google-Smtp-Source: APXvYqxEaA/Ye0nGdJv16dwOtCOTz2DMCPbSuFRZQvex4jiPvgUFiBCdY36oouyiN0FlWEFXO/C7Zw== X-Received: by 2002:a0c:d1d0:: with SMTP id k16mr67195666qvh.59.1555460610185; Tue, 16 Apr 2019 17:23:30 -0700 (PDT) Original-Received: from minid (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34]) by smtp.googlemail.com with ESMTPSA id x184sm21029675qke.35.2019.04.16.17.23.29 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 16 Apr 2019 17:23:29 -0700 (PDT) In-Reply-To: <20190321162620.85383-1-tara@anne.cat> (Tara Sawyer's message of "Thu, 21 Mar 2019 09:26:20 -0700") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:157753 Archived-At: Tara Sawyer writes: > +To debug GnuTLS problems, first check the messages buffer, and then > +check the function below @code{gnutls-log-level} > + > +If GnuTLS is not available as a built-in (@code{gnutls-available-p} > +returns an empty list (), emacs will call out to the @code{gnutls-cli} > +program to perform TLS connections. If you need to modify > +the command it calls you can do this with the variable > +@code{tls-program}. > +For example, if you want to pin a certificate and use Trust On First > +Use(TOFU), then something like this: > + @code{(add-to-list 'tls-program "gnutls-cli --tofu --x509cafile %t -p > + %p %h ")} > + will probably serve you well. tls.el is getting obsoleted in Emacs 27 (see Bug#31457), so I don't think we want to add documentation about it. Basically, you should only be using it if you really know what you're doing already.