From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Konstantin Kliakhandler Newsgroups: gmane.emacs.bugs Subject: bug#23759: 25.1.50; Date: Sat, 2 Jul 2016 03:09:43 +0300 Message-ID: References: <87y46ahz23.fsf@gmail.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary=089e013d1d86c21fa505369becbb X-Trace: ger.gmane.org 1467419008 28937 80.91.229.3 (2 Jul 2016 00:23:28 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sat, 2 Jul 2016 00:23:28 +0000 (UTC) To: 23759@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sat Jul 02 02:23:18 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1bJ8iJ-0007WV-Ue for geb-bug-gnu-emacs@m.gmane.org; Sat, 02 Jul 2016 02:23:16 +0200 Original-Received: from localhost ([::1]:36355 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bJ8iJ-0003rk-6z for geb-bug-gnu-emacs@m.gmane.org; Fri, 01 Jul 2016 20:23:15 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:57062) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bJ8iA-0003rS-RY for bug-gnu-emacs@gnu.org; Fri, 01 Jul 2016 20:23:08 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bJ8i6-0001RF-HX for bug-gnu-emacs@gnu.org; Fri, 01 Jul 2016 20:23:05 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:50147) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bJ8i6-0001RB-AD for bug-gnu-emacs@gnu.org; Fri, 01 Jul 2016 20:23:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1bJ8i6-0007qh-1S for bug-gnu-emacs@gnu.org; Fri, 01 Jul 2016 20:23:02 -0400 X-Loop: help-debbugs@gnu.org In-Reply-To: <87y46ahz23.fsf@gmail.com> Resent-From: Konstantin Kliakhandler Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 02 Jul 2016 00:23:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 23759 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Original-Received: via spool by 23759-submit@debbugs.gnu.org id=B23759.146741894830115 (code B ref 23759); Sat, 02 Jul 2016 00:23:01 +0000 Original-Received: (at 23759) by debbugs.gnu.org; 2 Jul 2016 00:22:28 +0000 Original-Received: from localhost ([127.0.0.1]:34251 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bJ8hX-0007pf-LL for submit@debbugs.gnu.org; Fri, 01 Jul 2016 20:22:28 -0400 Original-Received: from mail-wm0-f46.google.com ([74.125.82.46]:36738) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bJ8Vd-0007Uu-Jg for 23759@debbugs.gnu.org; Fri, 01 Jul 2016 20:10:10 -0400 Original-Received: by mail-wm0-f46.google.com with SMTP id f126so43093257wma.1 for <23759@debbugs.gnu.org>; Fri, 01 Jul 2016 17:10:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=slumpy-org.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=RmWE7K1twMEoxuqb5t9gi0w6wDp61ttFKH6mbhpDP8M=; b=SjzwyzYAQwNaekQQttFczB3mwjs0Qv5gDgn2vjROQ7SzkeLAniQMdJ8rV9veE3N/dA cAx3WeiHoLz+JpGB5nxdINnqAyB1DoZZLpHeRu5X5f3DKvjLpGJpJzW55rUJX8pyBwKb yqWEp+AKyAQlpbnAUmRpx+bnb5MNxts41xHDlKjnn7kFjuCDH+PmQl9Segfm1wJJU8PA VVK/Xvb/2Dt3dEAIB8WJ04YP/ET6ptNigAEJ2zbp7r+urohTGAq9aoMDM3odhTdCwzll teBsjYs6ORhP2LC2JAPJjz4yWYpgimpl5NjQwF/I724S7a0MfY4wPaZ0Rsk7xi1Ks9Ee 8Zdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=RmWE7K1twMEoxuqb5t9gi0w6wDp61ttFKH6mbhpDP8M=; b=k14HlLWLV9gOjGZCUFOK87t4xkJrCd4/1kRLE2Ifpy6VnnwIgzW+EH89F76yRuQCzH 13NyZFzYe68MjrkV86FH+aJbW2Z2S+DVo8LnDFn8bf2IkjbS1mPEN4r7ixR/5l7uZNXU bpAVXXcb0kHozoJJkQbl9a5bjdyyN8oC2wU3t0xjWdINylXj4CfQ4SSNN6emtKEmlRRW GR4g4nzyHhWDLTwCK54JVvhMBCdrLr+JhA8svGmibYRJVQlAKDfrYCYSETQKakbVBW50 Bg3qA6CQLx0J9WPUk+MMxsNGD9jqZt4UJ7bVUsBw1ihkPkOq6hxKdD17a5AepIgO+//5 uG9A== X-Gm-Message-State: ALyK8tK3+U6d7ifc0gEvnCVSkD/3daDWXcFBma0/pDoBHt0Jpjli/bQvkoPqBi+8QLhQvyG6AsOwNi+xDqxW1tiN X-Received: by 10.194.175.231 with SMTP id cd7mr576765wjc.19.1467418203513; Fri, 01 Jul 2016 17:10:03 -0700 (PDT) Original-Received: by 10.28.99.214 with HTTP; Fri, 1 Jul 2016 17:09:43 -0700 (PDT) X-Mailman-Approved-At: Fri, 01 Jul 2016 20:22:25 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:120270 Archived-At: --089e013d1d86c21fa505369becbb Content-Type: multipart/alternative; boundary=089e013d1d86c21fa105369becb9 --089e013d1d86c21fa105369becb9 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hello, I am using emacs on OSX 10.12 from https://emacsformacosx.com/builds: (emacs-version) "GNU Emacs 25.1.50.1 (x86_64-apple-darwin13.4.0, NS appkit-1265.21 Version 10.9.5 (Build 13F1603)) of 2016-05-30" And experience the same problem when running emacs -Q. Furthermore, I diagnosed the cause to be incorrect building of formatted-cmd in open-tls-stream from the given arguments. Attached is a patch that fixes the problem on my end. To make the patch smaller, I did not reindent the whole function - I hope this is alright. Finally, I'd like to reply to: > Fran gmail.com> writes: > If Cygwin is installed, open-tls-stream works, because gnutls-cli and > openssl > > are available. It has worked for some time. I routinely use this featur= e > to > > enable ERC to connect to servers using TLS using function erc-tls. > At some point, tls.el will be deprecated. Why aren't you just using > Emacs with the built-in TLS support? In my honest opinion, a feature is either deprecated or not, and while it is not yet deprecated, bugs should not be ignored. I hope you would agree at least to the point of testing the patch and incorporating it if it works well :-) Fuller description of the problem and the fix: The problem: `open-tls-stream' replaces %t with exactly one element, which is nil if none of gnutls-trustfiles is readable, and the first element of gnutls-trustfiles is more than one is readable. The Solution: In the patch I make the test iterate on all the trustfiles as a user might have more than one relevant. In addition, I made the default setting for tls-program have entries that do not explicitly specify the trustfile. One thing to note here perhaps, is that if (gnutls-trustfiles) returns an empty list and one has the %t substitution in one of the tls-program entries, then that entry will not be run at all. I feel that this is reasonable since by setting --x509cafile nil one makes gnutls-cli fail anyway. Finally, I'm experiencing the above behavior, as far as I can tell, by default in e.g. erc-tls. What is the proper way to move to the built in TLS? Is it likely to be something in my config or in the implementation of ERC? Thanks, Kosta --=20 Konstantin Kliakhandler http://slumpy.org )=C2=B0) )=C2=B0( (=C2=B0( --089e013d1d86c21fa105369becb9 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hello,

I am using emacs= on OSX 10.12 from https://emacsformacosx.com/builds:=C2=A0

(emacs-version)
"GNU Emacs 25.1.50.1 (x86= _64-apple-darwin13.4.0, NS appkit-1265.21 Version 10.9.5 (Build 13F1603))
=C2=A0of 2016-05-30"

And exper= ience the same problem when running emacs -Q. Furthermore, I diagnosed the = cause to be incorrect building of formatted-cmd in open-tls-stream from the= given arguments. Attached is a patch that fixes the problem on my end. To = make the patch smaller, I did not reindent the whole function - I hope this= is alright.=C2=A0

Finally, I'd like to reply = to:
=C2=A0
Fran <flitterio <at> gmail.com> writes:
> If Cygwin is installed, open-tls-stream works= , because gnutls-cli and openssl
> are available. It has worked for s= ome time. I routinely use this feature to
> enable ERC to connect to = servers using TLS using function erc-tls.
=C2=A0
At some point, tls.el will b= e deprecated. Why aren't you just using
Emacs with the built-in TLS= support?

In my honest opinion, a feature i= s either deprecated or not, and while it is not yet deprecated, bugs should= not be ignored. I hope you would agree at least to the point of testing th= e patch and incorporating it if it works well :-)

= Fuller description of the problem and the fix:

The= problem: `open-tls-stream' replaces %t with exactly one element, which= is nil if none of gnutls-trustfiles is readable, and the first element of = gnutls-trustfiles is more than one is readable.
The Solution: In = the patch I make the test iterate on all the trustfiles as a user might hav= e more than one relevant. In addition, I made the default setting for tls-p= rogram have entries that do not explicitly specify the trustfile.

One thing to note here perhaps, is that if (gnutls-trustfil= es) returns an empty list and one has the %t substitution in one of the tls= -program entries, then that entry will not be run at all. I feel that this = is reasonable since by setting --x509cafile nil one makes gnutls-cli fail a= nyway.=C2=A0

Finally, I'm experiencing the abo= ve behavior, as far as I can tell, by default in e.g. erc-tls. What is the = proper way to move to the built in TLS? Is it likely to be something in my = config or in the implementation of ERC?

Than= ks,
Kosta

--089e013d1d86c21fa105369becb9-- --089e013d1d86c21fa505369becbb Content-Type: application/octet-stream; name="0001-tls-Make-open-tls-stream-try-all-gnutls-trustfiles-a.patch" Content-Disposition: attachment; filename="0001-tls-Make-open-tls-stream-try-all-gnutls-trustfiles-a.patch" Content-Transfer-Encoding: base64 X-Attachment-Id: f_iq4elcyt0 RnJvbSAwNTdmYzkxNThlODE2ZTUyMjBiOTMwM2EyYjYzNGVhYjFkN2M3MzVlIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBLb25zdGFudGluIEtsaWFraGFuZGxlciA8a29zdGFAc2x1bXB5 Lm9yZz4KRGF0ZTogU2F0LCAyIEp1bCAyMDE2IDAyOjQyOjMzICswMzAwClN1YmplY3Q6IFtQQVRD SF0gdGxzOiBNYWtlIG9wZW4tdGxzLXN0cmVhbSB0cnkgYWxsIGdudXRscy10cnVzdGZpbGVzIGFu ZCBzZXQKIGJldHRlciBkZWZhdWx0IHRscy1wcm9ncmFtCgpUaGlzIGZpeGVzIHRoZSBidWcgcmVw b3J0ZWQgaW4gaHR0cHM6Ly9saXN0cy5nbnUub3JnL2FyY2hpdmUvaHRtbC9idWctZ251LWVtYWNz LzIwMTYtMDYvbXNnMDA1NTMuaHRtbAoKKiBsaXNwL25ldC90bHMuZWwgKG9wZW4tdGxzLXN0cmVh bSk6IEl0ZXJhdGUgb24gYWxsIGZvdW5kCiAgZ251dGxzLXRydXN0ZmlsZXMgaW5zdGVhZCBvZiBz dGlja2luZyB3aXRoIHRoZSBmaXJzdCBvbmUgZm91bmQKCih0bHMtcHJvZ3JhbSk6IFNldCB0aGUg ZGVmYXVsdCB0byBhIGxpc3QgdGhhdCBpbmNsdWRlcyBib3RoCmdudXRscy10cnVzdGZpbGVzIHN1 YnN0aXR1dGlvbiBhbmQgd2l0aG91dCBpdC4KLS0tCiBsaXNwL25ldC90bHMuZWwgfCAyNSArKysr KysrKysrKysrKysrKy0tLS0tLS0tCiAxIGZpbGUgY2hhbmdlZCwgMTcgaW5zZXJ0aW9ucygrKSwg OCBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS9saXNwL25ldC90bHMuZWwgYi9saXNwL25ldC90 bHMuZWwKaW5kZXggZjEyMTlmZC4uNzg5MGFjMCAxMDA2NDQKLS0tIGEvbGlzcC9uZXQvdGxzLmVs CisrKyBiL2xpc3AvbmV0L3Rscy5lbApAQCAtNzcsOSArNzcsMTEgQEAgYW5kIGBnbnV0bHMtY2xp JyAodmVyc2lvbiAyLjAuMSkgb3V0cHV0LiIKICAgOmdyb3VwICd0bHMpCiAKIChkZWZjdXN0b20g dGxzLXByb2dyYW0KLSAgJygiZ251dGxzLWNsaSAtLXg1MDljYWZpbGUgJXQgLXAgJXAgJWgiCisg ICcoImdudXRscy1jbGkgLXAgJXAgJWgiCisgICAgImdudXRscy1jbGkgLS14NTA5Y2FmaWxlICV0 IC1wICVwICVoIgogICAgICJnbnV0bHMtY2xpIC0teDUwOWNhZmlsZSAldCAtcCAlcCAlaCAtLXBy b3RvY29scyBzc2wzIgotICAgICJvcGVuc3NsIHNfY2xpZW50IC1jb25uZWN0ICVoOiVwIC1ub19z c2wyIC1pZ25fZW9mIikKKyAgICAib3BlbnNzbCBzX2NsaWVudCAtY29ubmVjdCAlaDolcCAtbm9f c3NsMiAtaWduX2VvZiIKKyAgICAib3BlbnNzbCBzX2NsaWVudCAtQ0FmaWxlICV0IC1jb25uZWN0 ICVoOiVwIC1ub19zc2wyIC1pZ25fZW9mIikKICAgIkxpc3Qgb2Ygc3RyaW5ncyBjb250YWluaW5n IGNvbW1hbmRzIHRvIHN0YXJ0IFRMUyBzdHJlYW0gdG8gYSBob3N0LgogRWFjaCBlbnRyeSBpbiB0 aGUgbGlzdCBpcyB0cmllZCB1bnRpbCBhIGNvbm5lY3Rpb24gaXMgc3VjY2Vzc2Z1bC4KICVoIGlz IHJlcGxhY2VkIHdpdGggdGhlIHNlcnZlciBob3N0bmFtZSwgJXAgd2l0aCB0aGUgcG9ydCB0bwpA QCAtOTMsMTQgKzk1LDE4IEBAIHN1Y2Nlc3NmdWwgbmVnb3RpYXRpb24uIgogICA6dHlwZQogICAn KGNob2ljZQogICAgIChjb25zdCA6dGFnICJEZWZhdWx0IGxpc3Qgb2YgY29tbWFuZHMiCi0JICAg KCJnbnV0bHMtY2xpIC0teDUwOWNhZmlsZSAldCAtcCAlcCAlaCIKKwkgICAoImdudXRscy1jbGkg LXAgJXAgJWgiCisgICAgICAgICAgICAiZ251dGxzLWNsaSAtLXg1MDljYWZpbGUgJXQgLXAgJXAg JWgiCiAJICAgICJnbnV0bHMtY2xpIC0teDUwOWNhZmlsZSAldCAtcCAlcCAlaCAtLXByb3RvY29s cyBzc2wzIgorICAgICAgICAgICAgIm9wZW5zc2wgc19jbGllbnQgLWNvbm5lY3QgJWg6JXAgLW5v X3NzbDIgLWlnbl9lb2YiCiAJICAgICJvcGVuc3NsIHNfY2xpZW50IC1DQWZpbGUgJXQgLWNvbm5l Y3QgJWg6JXAgLW5vX3NzbDIgLWlnbl9lb2YiKSkKICAgICAobGlzdCA6dGFnICJDaG9vc2UgY29t bWFuZHMiCiAJICA6dmFsdWUKLQkgICgiZ251dGxzLWNsaSAtLXg1MDljYWZpbGUgJXQgLXAgJXAg JWgiCisJICAoImdudXRscy1jbGkgLXAgJXAgJWgiCisgICAgICAgICAgICJnbnV0bHMtY2xpIC0t eDUwOWNhZmlsZSAldCAtcCAlcCAlaCIKIAkgICAiZ251dGxzLWNsaSAtLXg1MDljYWZpbGUgJXQg LXAgJXAgJWggLS1wcm90b2NvbHMgc3NsMyIKLQkgICAib3BlbnNzbCBzX2NsaWVudCAtY29ubmVj dCAlaDolcCAtbm9fc3NsMiAtaWduX2VvZiIpCisgICAgICAgICAgICJvcGVuc3NsIHNfY2xpZW50 IC1jb25uZWN0ICVoOiVwIC1ub19zc2wyIC1pZ25fZW9mIgorCSAgICJvcGVuc3NsIHNfY2xpZW50 IC1DQWZpbGUgJXQgLWNvbm5lY3QgJWg6JXAgLW5vX3NzbDIgLWlnbl9lb2YiKQogCSAgKHNldCA6 aW5saW5lIHQKIAkgICAgICAgOzsgRklYTUU6IGFkZCBicmllZiBgOnRhZyAiLi4uIicgZGVzY3Jp cHRpb25zLgogCSAgICAgICA7OyAocmVwZWF0IDppbmxpbmUgdCA6dGFnICJPdGhlciIgKHN0cmlu ZykpCkBAIC0yMjcsMTIgKzIzMywxNSBAQCBGb3VydGggYXJnIFBPUlQgaXMgYW4gaW50ZWdlciBz cGVjaWZ5aW5nIGEgcG9ydCB0byBjb25uZWN0IHRvLiIKICAgICAod2l0aC1jdXJyZW50LWJ1ZmZl ciBidWZmZXIKICAgICAgIChtZXNzYWdlICJPcGVuaW5nIFRMUyBjb25uZWN0aW9uIHRvIGAlcycu Li4iIGhvc3QpCiAgICAgICAod2hpbGUgKGFuZCAobm90IGRvbmUpIChzZXRxIGNtZCAocG9wIGNt ZHMpKSkKLQkobGV0ICgocHJvY2Vzcy1jb25uZWN0aW9uLXR5cGUgdGxzLXByb2Nlc3MtY29ubmVj dGlvbi10eXBlKQorICAgICAgICAobGV0ICgodHJ1c3RmaWxlcyAoZ251dGxzLXRydXN0ZmlsZXMp KQorCSAgICAgICh0cnVzdGZpbGUgbmlsKSkKKyAgICAgICAgICAod2hpbGUgKGFuZCAobm90IGRv bmUpIChzZXRxIHRydXN0ZmlsZSAocG9wIHRydXN0ZmlsZXMpKSkKKyAgICAgICAgKGxldCAoKHBy b2Nlc3MtY29ubmVjdGlvbi10eXBlIHRscy1wcm9jZXNzLWNvbm5lY3Rpb24tdHlwZSkKIAkgICAg ICAoZm9ybWF0dGVkLWNtZAogCSAgICAgICAoZm9ybWF0LXNwZWMKIAkJY21kCiAJCShmb3JtYXQt c3BlYy1tYWtlCi0gICAgICAgICAgICAgICAgID90IChjYXIgKGdudXRscy10cnVzdGZpbGVzKSkK KyAgICAgICAgICAgICAgICAgP3QgdHJ1c3RmaWxlCiAJCSA/aCBob3N0CiAJCSA/cCAoaWYgKGlu dGVnZXJwIHBvcnQpCiAJCQkoaW50LXRvLXN0cmluZyBwb3J0KQpAQCAtMjY5LDcgKzI3OCw3IEBA IEZvdXJ0aCBhcmcgUE9SVCBpcyBhbiBpbnRlZ2VyIHNwZWNpZnlpbmcgYSBwb3J0IHRvIGNvbm5l Y3QgdG8uIgogCSAgICAgIChpZiBzdGFydC1vZi1kYXRhCiAJCSAgOzsgbW92ZSBwb2ludCB0byBz dGFydCBvZiBjbGllbnQgZGF0YQogCQkgIChnb3RvLWNoYXIgc3RhcnQtb2YtZGF0YSkpKQotCSAg ICAoc2V0cSBkb25lIHByb2Nlc3MpKSkpCisJICAgIChzZXRxIGRvbmUgcHJvY2VzcykpKSkpKQog ICAgICAgKHdoZW4gKGFuZCBkb25lCiAJCSAob3IKIAkJICAoYW5kIHRscy1jaGVja3RydXN0Ci0t IAoyLjcuNCAoQXBwbGUgR2l0LTY2KQoK --089e013d1d86c21fa505369becbb--