From: Ted Zlatanov <tzz@lifelogs.com>
To: Eli Zaretskii <eliz@gnu.org>
Cc: wingo@igalia.com, 25061@debbugs.gnu.org, ludo@gnu.org,
michael.albinus@gmx.de, larsi@gnus.org
Subject: bug#25061: consider adding %COMPAT to default gnutls priority string
Date: Wed, 06 Sep 2017 15:32:42 -0400 [thread overview]
Message-ID: <877exbhbc5.fsf@lifelogs.com> (raw)
In-Reply-To: <8360d1yzvj.fsf@gnu.org> (Eli Zaretskii's message of "Sat, 02 Sep 2017 16:49:20 +0300")
On Sat, 02 Sep 2017 16:49:20 +0300 Eli Zaretskii <eliz@gnu.org> wrote:
>> From: Ted Zlatanov <tzz@lifelogs.com>
>> Date: Mon, 13 Feb 2017 11:04:55 -0500
>>
>> On Fri, 10 Feb 2017 16:51:39 +0100 Andy Wingo <wingo@igalia.com> wrote:
>>
AW> I tried checking (had to remember what I was doing to begin with!) and
AW> was not able to reproduce the original problem, and therefore couldn't
AW> test NORMAL:%COMPAT or NORMAL:%DUMBFW :/ Sorry :/
>>
AW> I was trying to just do this:
>>
AW> ;; uncomment to test original proposed workaround
AW> ;; (setq gnutls-algorithm-priority "NORMAL:%COMPAT")
AW> (setq gnutls-log-level 2)
AW> (url-retrieve "https://mirror.hydra.gnu.org/"
AW> #'(lambda (status)
AW> (message "success")))
>>
AW> and evaluating that last form a number of times. Not very scientific :P
AW> I was unable to reproduce the problem though.
>>
>> Thanks, Andy.
>>
>> We were just talking with Michael about connection-specific settings;
>> this is a perfect use case. It will be one of the first things we use
>> for testing. So that will resolve the need for per-connection
>> adjustments, and we can focus on just the default value.
>>
>> Does anyone think we should add %COMPAT or %DUMBFW to the default
>> priority string? Without definitive proof that it will help, I'm not
>> sure we should, but I'm open to comments. Either way, we'll document it.
EZ> Any progress on this one, Ted? This bug currently blocks the release
EZ> of Emacs 26.1, so could we please expedite its resolution, whatever
EZ> that is?
Unfortunately I wasn't able to get to the connection-specific settings,
so right now we have to make these changes globally.
We've had no followup on this from anyone else and it's not easily
reproducible. Using %COMPAT for everyone could open them to old
vulnerabilities.
I'd rather stay with the current defaults and defer the rest of the work
to when connection-specific settings are available. I'm not sure of the
right place to discuss these settings--maybe a new section will be
needed once connection-specific settings exist.
So that's my vote; please add yours.
Thanks
Ted
next prev parent reply other threads:[~2017-09-06 19:32 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-29 10:24 bug#25061: consider adding %COMPAT to default gnutls priority string Andy Wingo
2016-12-01 18:32 ` Ted Zlatanov
2016-12-01 20:25 ` Ludovic Courtès
2016-12-01 21:44 ` Ted Zlatanov
2017-01-24 22:48 ` Lars Ingebrigtsen
2017-01-30 8:01 ` Ludovic Courtès
2017-02-10 15:51 ` Andy Wingo
2017-02-13 16:04 ` Ted Zlatanov
2017-09-02 13:49 ` Eli Zaretskii
2017-09-06 19:32 ` Ted Zlatanov [this message]
2017-09-07 7:18 ` Michael Albinus
2017-09-14 21:11 ` Ted Zlatanov
2017-09-15 6:05 ` Eli Zaretskii
2017-12-02 17:36 ` Eli Zaretskii
2017-12-09 23:50 ` Ted Zlatanov
2017-12-10 7:04 ` Eli Zaretskii
2017-12-10 13:29 ` Ted Zlatanov
2017-12-10 14:12 ` Eli Zaretskii
2017-12-11 15:03 ` Ted Zlatanov
2017-12-11 15:40 ` Eli Zaretskii
2017-12-15 4:18 ` Ted Zlatanov
2017-12-16 23:25 ` Philipp Stephani
2017-12-16 23:34 ` Ted Zlatanov
2017-12-17 3:39 ` Eli Zaretskii
2017-12-17 15:17 ` Eli Zaretskii
2017-12-19 17:46 ` Ted Zlatanov
2017-12-17 17:52 ` Philipp Stephani
2017-12-10 9:31 ` Michael Albinus
2017-12-18 17:16 ` Kaushal Modi
2017-12-18 19:52 ` Philipp Stephani
2017-12-19 17:47 ` Ted Zlatanov
2017-12-19 22:00 ` Kaushal Modi
2017-12-20 1:08 ` Ted Zlatanov
2017-12-20 11:41 ` Robert Pluim
2017-12-20 16:09 ` Eli Zaretskii
2017-12-21 13:20 ` Kaushal Modi
2017-12-21 13:26 ` Ted Zlatanov
2017-12-20 11:48 ` Kaushal Modi
2017-12-20 12:54 ` Andy Moreton
2017-12-20 13:16 ` Andy Moreton
2017-12-20 16:19 ` Eli Zaretskii
2017-12-20 16:38 ` Andy Moreton
2017-12-21 1:15 ` Ted Zlatanov
2017-12-21 1:39 ` Ted Zlatanov
2017-12-21 8:30 ` Robert Pluim
2017-12-21 13:12 ` Ted Zlatanov
2017-12-21 16:20 ` Eli Zaretskii
2017-12-21 10:54 ` Andy Moreton
2017-12-21 16:26 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=877exbhbc5.fsf@lifelogs.com \
--to=tzz@lifelogs.com \
--cc=25061@debbugs.gnu.org \
--cc=eliz@gnu.org \
--cc=larsi@gnus.org \
--cc=ludo@gnu.org \
--cc=michael.albinus@gmx.de \
--cc=wingo@igalia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.