From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.bugs Subject: bug#23759: 25.1.50; 25.1.50; open-tls-stream creates malformed gnutls-cli command if trusted cert files don't exist Date: Fri, 08 Jul 2016 09:43:35 -0400 Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos Message-ID: <87bn28b5yw.fsf@lifelogs.com> References: <87y46ahz23.fsf@gmail.com> <87wpl0gnjf.fsf@lifelogs.com> <87k2gzhjjc.fsf_-_@lifelogs.com> <8760shcr2o.fsf@lifelogs.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1467985468 7461 80.91.229.3 (8 Jul 2016 13:44:28 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 8 Jul 2016 13:44:28 +0000 (UTC) Cc: 23759@debbugs.gnu.org, Noam Postavsky To: Konstantin Kliakhandler Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Jul 08 15:44:17 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1bLW4k-0003nh-Qw for geb-bug-gnu-emacs@m.gmane.org; Fri, 08 Jul 2016 15:44:15 +0200 Original-Received: from localhost ([::1]:45698 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bLW4k-0002aG-5j for geb-bug-gnu-emacs@m.gmane.org; Fri, 08 Jul 2016 09:44:14 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:40807) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bLW4d-0002Zw-KY for bug-gnu-emacs@gnu.org; Fri, 08 Jul 2016 09:44:08 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bLW4Z-0001Ho-GQ for bug-gnu-emacs@gnu.org; Fri, 08 Jul 2016 09:44:06 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:57753) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bLW4Y-0001HS-Hb for bug-gnu-emacs@gnu.org; Fri, 08 Jul 2016 09:44:03 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1bLW4Y-0000LW-CZ for bug-gnu-emacs@gnu.org; Fri, 08 Jul 2016 09:44:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Ted Zlatanov Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 08 Jul 2016 13:44:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 23759 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Original-Received: via spool by 23759-submit@debbugs.gnu.org id=B23759.14679854311301 (code B ref 23759); Fri, 08 Jul 2016 13:44:02 +0000 Original-Received: (at 23759) by debbugs.gnu.org; 8 Jul 2016 13:43:51 +0000 Original-Received: from localhost ([127.0.0.1]:41857 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bLW4N-0000Ku-B5 for submit@debbugs.gnu.org; Fri, 08 Jul 2016 09:43:51 -0400 Original-Received: from mail-pa0-f54.google.com ([209.85.220.54]:36061) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bLW4K-0000Kg-Ic for 23759@debbugs.gnu.org; Fri, 08 Jul 2016 09:43:49 -0400 Original-Received: by mail-pa0-f54.google.com with SMTP id hu1so796650pad.3 for <23759@debbugs.gnu.org>; Fri, 08 Jul 2016 06:43:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version; bh=fSyNwhnahH7aAmum02NP3xBqmlCpZRiCoyDFHNWJxfM=; b=reZF5tuEYruzCXRFtVztG51jJ/WxY0JXJjhTH6CKisKHF153v8wi++tHH1WwdadNMs /4NuxISv+i4uQJn1BXJjeZG3Pq1nf5rIjMknsHD/q/j78zPNyz81J6xfOL308O8j2Qa8 CeTBhlkDhPh3T3H5yqZbTNw4Ac0lCTYp8i9ag= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version; bh=fSyNwhnahH7aAmum02NP3xBqmlCpZRiCoyDFHNWJxfM=; b=ZEYnOdAbnmSwRyv4lqAiFr27F7KxLzZ99TbXv43PVag6Qu5w0pPgGKrIgVu1Qq4eBH 3PHuclpF2vZjsLWYrjxTzpnIh2U0nhnV5BdrkqsfRMSs0MhWVf9nkIsU19fOB48f2ChD +Uh8OnKBWGHkeJUl15EhacMYGn06yHltel/SzCIdZeg9fiaKUVU09SQdqd58hAJKgh3/ daXOTvGFXuJgjIdcfnK7TpMR3ByvIvsCvbl2GWauSpkL+PQ9brwuzOpTU1fgklo+H5oI gdhV5uvE47Uj3XxZ8thhYSY1C7c9tFhWSVB3xSwNUEQDr/5M2iqIe4cz96FJPFqu1j5T NKDg== X-Gm-Message-State: ALyK8tKIxQ01HV1i6LWuZ6JblpI0D5ObB872+D5KOeOfOPGdxEUItfMYN5/V5cCdmVO4FA== X-Received: by 10.67.21.144 with SMTP id hk16mr10311041pad.44.1467985422557; Fri, 08 Jul 2016 06:43:42 -0700 (PDT) Original-Received: from flea (c-98-229-60-157.hsd1.ma.comcast.net. [98.229.60.157]) by smtp.gmail.com with ESMTPSA id y6sm3380739pav.1.2016.07.08.06.43.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 08 Jul 2016 06:43:41 -0700 (PDT) X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes In-Reply-To: (Konstantin Kliakhandler's message of "Fri, 8 Jul 2016 01:40:13 +0300") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1.50 (gnu/linux) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:120624 Archived-At: On Fri, 8 Jul 2016 01:40:13 +0300 Konstantin Kliakhandler wrote: T> Perhaps there can be a way to say T> "if this %t is empty, remove the preceding --argument as well" T> in the format string? That would simplify the whole thing, like so: T> "gnutls-cli --x509cafile %T -p %p %h" T> ...becomes "gnutls-cli -p PORT HOST" T> when the %T parameter is nil. Just an idea... KK> I toyed with this idea, and even implemented something of the sort, but KK> from a bit different different direction - I added another replacement KK> variable - %c - and made the list tls-program now contain pairs with KK> (string . value-of-c), e.g. ("gnutls-cli %c %T -p %p %h" . "--x509cafile") KK> have both %c and %T replaced (together) as appropriate. KK> The problem with this approach is, what about people who customized this KK> setting? So, I made it backward compatible with the old standard. KK> Eventually however, it turned into a an ugly big mess due to the backward KK> compatability and I decided against submitting. KK> There is a similar problem of backward compatibility in your approach - KK> what if someone customized it in such a way that wasn't expecting an KK> argument to be removed, and it would create a vulnerability in their setup? KK> I also don't see a simple way to do it nicely, but have no objections on KK> those grounds, of course. Hmm, right, yeah... well %t is always preceded by an argument, right? So maybe the backwards-compatible solution is that if %t is nil, delete the preceding option? Another option is to throw an error when %t is nil, explaining what happened and how to fix it. That's not a terrible inconvenience for the user, compared to running an insecure connection unknowingly. I slightly prefer this. KK> Finally, I would do the patch but am uncertain whether it would be better KK> to wait for your results from emacs-devel and remove the ssl3 bit as well KK> (or just go ahead and do it). Let me know and I'll send the appropriate KK> patch. Go ahead and remove it, we have agreement that it's a Bad Thing. Thank you! Ted