From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Elias Oltmanns Newsgroups: gmane.emacs.devel,gmane.emacs.gnus.general Subject: Re: [Patch] Make tls.el support certificate verification Date: Fri, 16 Nov 2007 18:22:52 +0100 Message-ID: <87d4uaksur.fsf@denkblock.local> References: <877imqtdhb.fsf@denkblock.local> <87zlzc35bh.fsf@mocca.josefsson.org> <87ps063ixd.fsf@mocca.josefsson.org> <87zlxo4lwr.fsf@denkblock.local> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1195233829 24064 80.91.229.12 (16 Nov 2007 17:23:49 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 16 Nov 2007 17:23:49 +0000 (UTC) Cc: ding@gnus.org To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Nov 16 18:23:54 2007 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1It4uz-0003Ng-DY for ged-emacs-devel@m.gmane.org; Fri, 16 Nov 2007 18:23:49 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1It4um-0004ax-4g for ged-emacs-devel@m.gmane.org; Fri, 16 Nov 2007 12:23:36 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1It4uj-0004aW-DI for emacs-devel@gnu.org; Fri, 16 Nov 2007 12:23:33 -0500 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1It4ug-0004Zs-Tr for emacs-devel@gnu.org; Fri, 16 Nov 2007 12:23:33 -0500 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1It4ug-0004Zp-Q5 for emacs-devel@gnu.org; Fri, 16 Nov 2007 12:23:30 -0500 Original-Received: from main.gmane.org ([80.91.229.2] helo=ciao.gmane.org) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1It4ug-0003fM-6x for emacs-devel@gnu.org; Fri, 16 Nov 2007 12:23:30 -0500 Original-Received: from list by ciao.gmane.org with local (Exim 4.43) id 1It4uS-0002Mh-5c for emacs-devel@gnu.org; Fri, 16 Nov 2007 17:23:16 +0000 Original-Received: from pd9e85068.dip.t-dialin.net ([217.232.80.104]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 16 Nov 2007 17:23:16 +0000 Original-Received: from eo by pd9e85068.dip.t-dialin.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 16 Nov 2007 17:23:16 +0000 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 53 Original-X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: pd9e85068.dip.t-dialin.net User-Agent: Gnus/5.110007 (No Gnus v0.7) Cancel-Lock: sha1:q7s/GjUCfkoAT/md+SkTbRLL9tI= X-detected-kernel: by monty-python.gnu.org: Linux 2.6, seldom 2.4 (older, 4) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:83355 gmane.emacs.gnus.general:65703 Archived-At: Hi Reiner, Reiner Steib wrote: > On Thu, Nov 08 2007, Elias Oltmanns wrote: > >> Simon Josefsson wrote: >>> Let's wait for copyright papers and then apply the patch in both >>> CVS's. >> >> Papers have been signed and receipt has been acknowledged. Please >> apply. > > Thanks. > >> Could someone please look at [1] and [2] as well? These patches are bug >> fixes and recent bug reports wrt agentised servers (see [3]) seem to be >> related. > > Could you please provide ChangeLog entries for these patches? Well, I sent ChangeLog entries a week ago (see [1] and [2]) but nothing has shown up in cvs yet. The same applies to my tls.el patch although I'm probably to be blamed for that since I haven't provided a ChangeLog entry for that one yet. So, here it goes: --8<---------------cut here---------------start------------->8--- * tls.el: Check certificates against trusted root certificates. Also, provide an option to check if GNU TLS complained about a mismatch between the hostname provided in the certificate and the name of the host connnecting to. New (customizable) variables are: tls-checktrust, tls-untrusted, tls-hostmismatch. --8<---------------cut here---------------end--------------->8--- BTW: It has happened several times in the past that messages I sent to the ding list went (seemingly) unnoticed. This is particularly annoying if the message actually contains a ready made patch to fix a bug and all I'm asking for is to review the patch and tell me what's wrong with it so it can be committed eventually. Curiously enough, the message I finally got a response to (the one that started this thread) was about adding a new feature rather than fixing a bug in existing code. It also strikes me that this message went to both, the ding list as well as emacs-devel. This makes me wonder whether I should generally send patches to the emacs-devel list rather than the ding list even if they concern the gnus trunk. Or should I just Cc one of the Gnus developers instead? In that case, is there a source where I can see who is maintaining which part of Gnus? Regards, Elias [1] [2]