From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Robert Pluim <rpluim@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: [PATCH] GnuTLS support on Woe32
Date: Mon, 07 Mar 2011 13:03:44 +0100
Organization: not if I can help it
Message-ID: <pkn1v2j6stb.fsf@this.is.really.invalid>
References: <87ipvwl1nx.wl%claudio.bley@gmail.com> <83oc5ogp89.fsf@gnu.org>
	<pknsjuzs7bk.fsf@this.is.really.invalid>
	<pkntyffyztj.fsf@this.is.really.invalid> <87ei6jxkbt.fsf@lifelogs.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1299499526 5683 80.91.229.12 (7 Mar 2011 12:05:26 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Mon, 7 Mar 2011 12:05:26 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Mar 07 13:05:19 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1PwZBf-0007PN-73
	for ged-emacs-devel@m.gmane.org; Mon, 07 Mar 2011 13:05:19 +0100
Original-Received: from localhost ([127.0.0.1]:42425 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1PwZBe-0007Lw-EF
	for ged-emacs-devel@m.gmane.org; Mon, 07 Mar 2011 07:05:18 -0500
Original-Received: from [140.186.70.92] (port=42263 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PwZBX-0007GE-9l
	for emacs-devel@gnu.org; Mon, 07 Mar 2011 07:05:14 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1PwZBT-0003XX-Si
	for emacs-devel@gnu.org; Mon, 07 Mar 2011 07:05:11 -0500
Original-Received: from lo.gmane.org ([80.91.229.12]:46905)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1PwZBT-0003XK-Mt
	for emacs-devel@gnu.org; Mon, 07 Mar 2011 07:05:07 -0500
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1PwZBR-0007Ld-Rc
	for emacs-devel@gnu.org; Mon, 07 Mar 2011 13:05:05 +0100
Original-Received: from lns-bzn-49f-81-56-191-143.adsl.proxad.net ([81.56.191.143])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Mon, 07 Mar 2011 13:05:05 +0100
Original-Received: from rpluim by lns-bzn-49f-81-56-191-143.adsl.proxad.net with local
	(Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Mon, 07 Mar 2011 13:05:05 +0100
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 36
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: lns-bzn-49f-81-56-191-143.adsl.proxad.net
Mail-Copies-To: never
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (cygwin)
Cancel-Lock: sha1:Fn4QPY6nWdxVDi02eUVCwiZuWBI=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:136832
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/136832>

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Mon, 07 Mar 2011 11:44:56 +0100 Robert Pluim <rpluim@gmail.com> wrote: 
>
> RP> I modify that comment: builtin TLS support works for me if I set
> RP> 'trustfiles' to nil in gnutls-negotiate, instead of
> RP> "/etc/ssl/certs/ca-certificates.crt", which I don't have.  What is that
> RP> file, and why do I need it all of a sudden? (builtin TLS worked fine for
> RP> me several months ago).
>
> Let us know what the file should be on your platform, if you know.

I wish I did. This is on cygwin, is there a CA bundle you can install
there?

>  This
> is the CA bundle which determines if the signers of any presented
> certificates can be trusted.  I think Emacs should have its own default
> bundle and the user should be able to override to their own preference.

Yes, that would be good.

> I'll add code to test for the file's existence and to customize that file.
>
> RP> PS The error message I got could be improved: "Err [-64] File not found"
> RP> is not really helpful
>
> This error is coming from the GnuTLS library.  It only reports errors
> numerically so gnutls.c needs to be improved to present the error better.

Actually, I'm not sure gnutls.c can do much in that case except show the
parameters it passed to GnuTLS.

Thanks

Robert