From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Robert Pluim <rpluim@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: Network Security Manager merge time?
Date: Wed, 19 Nov 2014 21:06:15 +0100
Organization: not if I can help it
Message-ID: <827fyrx8eg.fsf@oracle.com>
References: <m3r3wzrwia.fsf@stories.gnus.org> <82r3wzxfp5.fsf@oracle.com>
	<m31tozjczj.fsf@stories.gnus.org> <82egszx92i.fsf@oracle.com>
	<m3ppcjge22.fsf@stories.gnus.org>
Reply-To: emacs-devel@gnu.org
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: ger.gmane.org 1416427703 13958 80.91.229.3 (19 Nov 2014 20:08:23 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 19 Nov 2014 20:08:23 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Nov 19 21:08:18 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1XrBY1-0005St-FB
	for ged-emacs-devel@m.gmane.org; Wed, 19 Nov 2014 21:08:17 +0100
Original-Received: from localhost ([::1]:60460 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1XrBY0-0005Vs-Vb
	for ged-emacs-devel@m.gmane.org; Wed, 19 Nov 2014 15:08:17 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:39191)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1XrBXf-0005T2-5o
	for emacs-devel@gnu.org; Wed, 19 Nov 2014 15:08:00 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1XrBXZ-0005ah-QJ
	for emacs-devel@gnu.org; Wed, 19 Nov 2014 15:07:55 -0500
Original-Received: from plane.gmane.org ([80.91.229.3]:43528)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1XrBXZ-0005aP-Jo
	for emacs-devel@gnu.org; Wed, 19 Nov 2014 15:07:49 -0500
Original-Received: from list by plane.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1XrBXY-0005KY-0d
	for emacs-devel@gnu.org; Wed, 19 Nov 2014 21:07:48 +0100
Original-Received: from vav06-1-78-207-202-9.fbx.proxad.net ([78.207.202.9])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Wed, 19 Nov 2014 21:07:48 +0100
Original-Received: from rpluim by vav06-1-78-207-202-9.fbx.proxad.net with local
	(Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Wed, 19 Nov 2014 21:07:48 +0100
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 111
Original-X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: vav06-1-78-207-202-9.fbx.proxad.net
Mail-Copies-To: never
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4.51 (cygwin)
Cancel-Lock: sha1:12fG3EkXtEi9U1GAW2EWX/plAaQ=
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 80.91.229.3
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:177812
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/177812>

Lars Magne Ingebrigtsen <larsi@gnus.org> writes:

> Robert Pluim <rpluim@gmail.com> writes:
>
>> I don't think I'm using TLS either:
>>
>>  gnus-secondary-select-methods
>>  '(
>>    (nntp "eternal"
>> 	 (nntp-address "news.eternal-september.org")))
>>
>> and my .authinfo entry specifies only nntp.
>
> It will upgrade via STARTTLS to encrypted automatically.
>
>> If I set nsm-security-level to 'low it all works.
>
> Hm.  What does
>
> (gnutls-peer-status 
>   (open-network-stream
>    "nntpd" (get-buffer-create "*nntp*") "news.eternal-september.org" "nntp"
>    :end-of-command "^\\([2345]\\|[.]\\).*\n"
>    :capability-command "HELP\r\n"
>    :success "^3"
>    :starttls-function
>    (lambda (capabilities)
>      (if (not (string-match "STARTTLS" capabilities))
>          nil
>        "STARTTLS\r\n"))))
>
> evaluate to for you?  (On different security levels.)

With low:

(:warnings ((:self-signed "certificate signer was not found (self-signed)") (:invalid "certificate could not be verified")) :certificate (:version 3 :serial-number "0f:79:de" :issuer "O=Root CA,OU=http://www.cacert.org,CN=CA Cert Signing Authority,EMAIL=support@cacert.org" :valid-from "2014-08-31" :valid-to "2015-02-27" :subject "CN=news.eternal-september.org" ...))

With paranoid:

Debugger entered--Lisp error: (wrong-type-argument processp nil)
  gnutls-peer-status(nil)
  eval((gnutls-peer-status (open-network-stream "nntpd" (get-buffer-create "*nntp*") "news.eternal-september.org" "nntp" :end-of-command "^\\([2345]\\|[.]\\).*\n" :capability-command "HELP\n" :success "^3" :starttls-function (function (lambda (capabilities) (if (not (string-match "STARTTLS" capabilities)) nil "STARTTLS\n"))))) nil)
  eval-last-sexp-1(nil)
  eval-last-sexp(nil)
  call-interactively(eval-last-sexp nil nil)
  command-execute(eval-last-sexp)

and *nntp* contains

200 mx02.eternal-september.org InterNetNews NNRP server INN 2.6.0 (20141110 snapshot) ready (posting ok)
100 Legal commands
  ARTICLE [message-ID|number]
  AUTHINFO USER name|PASS password|SASL mechanism [initial-response]|GENERIC program [argument ...]
  BODY [message-ID|number]
  CAPABILITIES [keyword]
  DATE
  GROUP newsgroup
  HDR header [message-ID|range]
  HEAD [message-ID|number]
  HELP
  IHAVE message-ID
  LAST
  LIST [ACTIVE [wildmat]|ACTIVE.TIMES [wildmat]|COUNTS [wildmat]|DISTRIB.PATS|DISTRIBUTIONS|HEADERS [MSGID|RANGE]|MODERATORS|MOTD|NEWSGROUPS [wildmat]|OVERVIEW.FMT|SUBSCRIPTIONS [wildmat]]
  LISTGROUP [newsgroup [range]]
  MODE READER
  NEWGROUPS [yy]yymmdd hhmmss [GMT]
  NEWNEWS wildmat [yy]yymmdd hhmmss [GMT]
  NEXT
  OVER [range]
  POST
  QUIT
  STARTTLS
  STAT [message-ID|number]
  XGTITLE [wildmat]
  XHDR header [message-ID|range]
  XOVER [range]
  XPAT header message-ID|range pattern [pattern ...]
Report problems to <usenet@eternal-september.org>.
.
382 Begin TLS negotiation now
100 Legal commands
  ARTICLE [message-ID|number]
  AUTHINFO USER name|PASS password|SASL mechanism [initial-response]|GENERIC program [argument ...]
  BODY [message-ID|number]
  CAPABILITIES [keyword]
  DATE
  GROUP newsgroup
  HDR header [message-ID|range]
  HEAD [message-ID|number]
  HELP
  IHAVE message-ID
  LAST
  LIST [ACTIVE [wildmat]|ACTIVE.TIMES [wildmat]|COUNTS [wildmat]|DISTRIB.PATS|DISTRIBUTIONS|HEADERS [MSGID|RANGE]|MODERATORS|MOTD|NEWSGROUPS [wildmat]|OVERVIEW.FMT|SUBSCRIPTIONS [wildmat]]
  LISTGROUP [newsgroup [range]]
  MODE READER
  NEWGROUPS [yy]yymmdd hhmmss [GMT]
  NEWNEWS wildmat [yy]yymmdd hhmmss [GMT]
  NEXT
  OVER [range]
  POST
  QUIT
  STARTTLS
  STAT [message-ID|number]
  XGTITLE [wildmat]
  XHDR header [message-ID|range]
  XOVER [range]
  XPAT header message-ID|range pattern [pattern ...]
Report problems to <usenet@eternal-september.org>.
.

Process nntpd<2> deleted