From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: "Roland Winkler" Newsgroups: gmane.emacs.bugs Subject: bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). Date: Thu, 19 Apr 2012 06:04:13 -0500 Message-ID: <20367.61741.640831.184941@gargle.gargle.HOWL> References: <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Trace: dough.gmane.org 1334833501 20568 80.91.229.3 (19 Apr 2012 11:05:01 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Thu, 19 Apr 2012 11:05:01 +0000 (UTC) Cc: 11267@debbugs.gnu.org To: Glenn Morris Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Thu Apr 19 13:04:59 2012 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1SKpAW-0007cU-Dn for geb-bug-gnu-emacs@m.gmane.org; Thu, 19 Apr 2012 13:04:56 +0200 Original-Received: from localhost ([::1]:60036 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SKpAV-0008SS-OI for geb-bug-gnu-emacs@m.gmane.org; Thu, 19 Apr 2012 07:04:55 -0400 Original-Received: from eggs.gnu.org ([208.118.235.92]:43231) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SKpAQ-0008S0-94 for bug-gnu-emacs@gnu.org; Thu, 19 Apr 2012 07:04:54 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1SKpAK-0007fO-0a for bug-gnu-emacs@gnu.org; Thu, 19 Apr 2012 07:04:49 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:39920) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SKpAJ-0007fI-TW for bug-gnu-emacs@gnu.org; Thu, 19 Apr 2012 07:04:43 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.72) (envelope-from ) id 1SKpAc-0003GH-05 for bug-gnu-emacs@gnu.org; Thu, 19 Apr 2012 07:05:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: "Roland Winkler" Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 19 Apr 2012 11:05:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 11267 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 11267-submit@debbugs.gnu.org id=B11267.133483348012506 (code B ref 11267); Thu, 19 Apr 2012 11:05:01 +0000 Original-Received: (at 11267) by debbugs.gnu.org; 19 Apr 2012 11:04:40 +0000 Original-Received: from localhost ([127.0.0.1]:40954 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1SKpAF-0003Ff-K6 for submit@debbugs.gnu.org; Thu, 19 Apr 2012 07:04:40 -0400 Original-Received: from fencepost.gnu.org ([208.118.235.10]:50374 ident=Debian-exim) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1SKpAD-0003FW-1y for 11267@debbugs.gnu.org; Thu, 19 Apr 2012 07:04:37 -0400 Original-Received: from dhcp096221.uni-regensburg.de ([132.199.96.221]:55271 helo=regnitz) by fencepost.gnu.org with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1SKp9s-0001Sx-O2; Thu, 19 Apr 2012 07:04:17 -0400 In-Reply-To: <6mwr5d6l6e.fsf@fencepost.gnu.org> X-Mailer: VM 8.2 trial under 24.0.95.1 (x86_64-unknown-linux-gnu) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:59252 Archived-At: On Wed Apr 18 2012 Glenn Morris wrote: > > Despite these error messages, Emacs is sending the mails I want to > > send. In that sense, I cannot tell how relevant these error messages are. > > Me neither. I think it means it is falling back to a non-encrypted > connection. You can try setting gnutls-min-prime-bits. > > If that is so, the error message should probably say something along > those lines. You are right. The "fatal error" disappears if I set gnutls-min-prime-bits to 256. Yet this choice was just a guess based on the custom declaration of this variable that suggests a value of 512. I would appreciate if someone more knowledgable could review the error messages that I have seen such that they become more helpful for a nonexpert. Also it would be great if the docstring of gnutls-min-prime-bits was more precise. - What is the default value used for min-prime-bits if gnutls-min-prime-bits is nil? - What are reasonable values for this variable such that a safe client-server handshake remains possible, if one needs to customize this variable? (Or the other way round: if a server wants to use a prime that is too small, it might really be the better solution to contact its sysadmin. Yet I couldn't tell when a prime falls below such a threshold.) Thanks, Roland