From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=)
Newsgroups: gmane.emacs.bugs
Subject: bug#25061: consider adding %COMPAT to default gnutls priority string
Date: Thu, 01 Dec 2016 21:25:29 +0100
Message-ID: <87fum7o0qu.fsf@gnu.org>
References: <87zikiwpl6.fsf@igalia.com> <878trzo5ys.fsf@lifelogs.com>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Trace: blaine.gmane.org 1480623973 23575 195.159.176.226 (1 Dec 2016 20:26:13 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Thu, 1 Dec 2016 20:26:13 +0000 (UTC)
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)
Cc: 25061@debbugs.gnu.org
To: Andy Wingo <wingo@igalia.com>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Thu Dec 01 21:26:09 2016
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1cCXvk-0005Xc-47
	for geb-bug-gnu-emacs@m.gmane.org; Thu, 01 Dec 2016 21:26:08 +0100
Original-Received: from localhost ([::1]:58772 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1cCXvn-0001XN-LL
	for geb-bug-gnu-emacs@m.gmane.org; Thu, 01 Dec 2016 15:26:11 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:42702)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1cCXvi-0001X4-8r
	for bug-gnu-emacs@gnu.org; Thu, 01 Dec 2016 15:26:07 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1cCXve-00081M-B1
	for bug-gnu-emacs@gnu.org; Thu, 01 Dec 2016 15:26:06 -0500
Original-Received: from debbugs.gnu.org ([208.118.235.43]:33733)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1cCXve-00081F-7E
	for bug-gnu-emacs@gnu.org; Thu, 01 Dec 2016 15:26:02 -0500
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1cCXvd-0003CD-V6
	for bug-gnu-emacs@gnu.org; Thu, 01 Dec 2016 15:26:01 -0500
X-Loop: help-debbugs@gnu.org
Resent-From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=)
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Thu, 01 Dec 2016 20:26:01 +0000
Resent-Message-ID: <handler.25061.B25061.148062394212259@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 25061
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
Original-Received: via spool by 25061-submit@debbugs.gnu.org id=B25061.148062394212259
	(code B ref 25061); Thu, 01 Dec 2016 20:26:01 +0000
Original-Received: (at 25061) by debbugs.gnu.org; 1 Dec 2016 20:25:42 +0000
Original-Received: from localhost ([127.0.0.1]:49132 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cCXvK-0003Bf-BG
	for submit@debbugs.gnu.org; Thu, 01 Dec 2016 15:25:42 -0500
Original-Received: from eggs.gnu.org ([208.118.235.92]:51443)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <ludo@gnu.org>) id 1cCXvI-0003BS-Uw
	for 25061@debbugs.gnu.org; Thu, 01 Dec 2016 15:25:41 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1cCXvA-0007jF-GY
	for 25061@debbugs.gnu.org; Thu, 01 Dec 2016 15:25:35 -0500
Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:55527)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1cCXvA-0007jA-Cq; Thu, 01 Dec 2016 15:25:32 -0500
Original-Received: from reverse-83.fdn.fr ([80.67.176.83]:53724 helo=pluto)
	by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
	(Exim 4.82) (envelope-from <ludo@gnu.org>)
	id 1cCXv9-0005wd-Q6; Thu, 01 Dec 2016 15:25:32 -0500
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: 11 Frimaire an 225 de la =?UTF-8?Q?R=C3=A9volution?=
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-unknown-linux-gnu
In-Reply-To: <878trzo5ys.fsf@lifelogs.com> (Ted Zlatanov's message of "Thu, 01
	Dec 2016 13:32:43 -0500")
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 208.118.235.43
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
	the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-gnu-emacs/>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Original-Sender: "bug-gnu-emacs"
	<bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.bugs:126370
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/126370>

Ted Zlatanov <tzz@lifelogs.com> skribis:

> On Tue, 29 Nov 2016 11:24:53 +0100 Andy Wingo <wingo@igalia.com> wrote:=20
>
> AW> There have been reports of errors from people using melpa and so on
> AW> which manifest themselves as:
>
> AW>     gnutls.c: [0] (Emacs) fatal error: The TLS connection was non-pro=
perly terminated.
> ...
> AW> So, as Ludovic suggests in his message, a workaround might be:
>
> AW>     (setq gnutls-algorithm-priority "NORMAL:%COMPAT")
>
> AW> See Ludovic's message for some justification.  Just an idea.  I have
> AW> been trying to reproduce the problem that people report locally as so=
me
> AW> TLS errors but I have not been able to.
>
> We could break down %COMPAT to all its components and find which ones
> are causing the issue.

%DUMBFW may be that option (info "(gnutls) Priority Strings"):

--8<---------------cut here---------------start------------->8---
%DUMBFW                          will add a private extension
                                 with bogus data that make the
                                 client hello exceed 512 bytes.
                                 This avoids a black hole
                                 behavior in some firewalls.
                                 This is the [_rfc7685_] client
                                 hello padding extension, also
                                 enabled with %COMPAT.
--8<---------------cut here---------------end--------------->8---

(Somehow I don=E2=80=99t recall seeing it back in the day.)

Ludo=E2=80=99.