From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Robert Pluim Newsgroups: gmane.emacs.bugs Subject: bug#29977: gnutls-verify-error does not allow matching hostnames Date: Thu, 04 Jan 2018 16:17:54 +0100 Message-ID: <87k1wx7ivx.fsf@gmail.com> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: blaine.gmane.org 1515079037 17647 195.159.176.226 (4 Jan 2018 15:17:17 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Thu, 4 Jan 2018 15:17:17 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.90 (gnu/linux) Cc: Ted Zlatanov To: 29977@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Thu Jan 04 16:17:13 2018 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eX7GY-000451-5g for geb-bug-gnu-emacs@m.gmane.org; Thu, 04 Jan 2018 16:17:10 +0100 Original-Received: from localhost ([::1]:42909 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eX7IX-0004H2-0d for geb-bug-gnu-emacs@m.gmane.org; Thu, 04 Jan 2018 10:19:13 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:57225) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eX7IP-0004Gj-W0 for bug-gnu-emacs@gnu.org; Thu, 04 Jan 2018 10:19:06 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eX7IM-0004sk-5K for bug-gnu-emacs@gnu.org; Thu, 04 Jan 2018 10:19:05 -0500 Original-Received: from debbugs.gnu.org ([208.118.235.43]:55372) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1eX7IM-0004sO-0M for bug-gnu-emacs@gnu.org; Thu, 04 Jan 2018 10:19:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1eX7IL-0001ef-Oh for bug-gnu-emacs@gnu.org; Thu, 04 Jan 2018 10:19:01 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Robert Pluim Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 04 Jan 2018 15:19:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 29977 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Original-Received: via spool by submit@debbugs.gnu.org id=B.15150791016304 (code B ref -1); Thu, 04 Jan 2018 15:19:01 +0000 Original-Received: (at submit) by debbugs.gnu.org; 4 Jan 2018 15:18:21 +0000 Original-Received: from localhost ([127.0.0.1]:35819 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eX7Hf-0001da-KZ for submit@debbugs.gnu.org; Thu, 04 Jan 2018 10:18:21 -0500 Original-Received: from eggs.gnu.org ([208.118.235.92]:36851) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eX7Hd-0001dO-OZ for submit@debbugs.gnu.org; Thu, 04 Jan 2018 10:18:18 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eX7HV-0003iq-08 for submit@debbugs.gnu.org; Thu, 04 Jan 2018 10:18:12 -0500 Original-Received: from lists.gnu.org ([2001:4830:134:3::11]:37915) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eX7HU-0003iU-SA for submit@debbugs.gnu.org; Thu, 04 Jan 2018 10:18:08 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:55838) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eX7HO-0003wX-PF for bug-gnu-emacs@gnu.org; Thu, 04 Jan 2018 10:18:08 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eX7HL-0003Yb-7U for bug-gnu-emacs@gnu.org; Thu, 04 Jan 2018 10:18:02 -0500 Original-Received: from mail-wm0-x22f.google.com ([2a00:1450:400c:c09::22f]:38567) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1eX7HL-0003XS-01 for bug-gnu-emacs@gnu.org; Thu, 04 Jan 2018 10:17:59 -0500 Original-Received: by mail-wm0-x22f.google.com with SMTP id 64so4009301wme.3 for ; Thu, 04 Jan 2018 07:17:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:gmane-reply-to-list:date:message-id:user-agent :mime-version; bh=kOvCOWJsQzznm2UX93ecx2XD5N+Q9T1KRxx/XQOjR2E=; b=NlRdauGilPqPz6/th3Ey7mYPfHR2pI0LBKa9fFg2ogzb+jxiHr6+++K6QF0CPyOACg jO7ZvR6ukmCixbWMygBXOkhdrXP+jk58YWqJQXrI0lNeyT6Z6vqRodhjlMgdn8aRocAU H4u07on3YzgliXKfjI54tRUSmTtRW00WJ2WNzuwrnRRqLY7Fn/mS98MMHwaupSG9t8up vo35A9UjQMZp7wJ4fTci8AV4EaxL1vPz08LhDJM4uYW9gyGWye8otflyYYwAxTJHCARy nPFRVW5mYJh2MockR9lnS3ux+w/jRCEgh0XqwaaMbD5R0Is7eFvBVRBK+AwWv7bGuaef QpXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:gmane-reply-to-list:date :message-id:user-agent:mime-version; bh=kOvCOWJsQzznm2UX93ecx2XD5N+Q9T1KRxx/XQOjR2E=; b=L77XXqeYr53qYDzACk5D8qvSQFFlmnAXJzMv993v3c7NBzXF1nVQR1XCWCI5bBw3Yk lMETSkIYFnlQARPz0X2k/GSKNtNlo3eeSkWU+1AofCXWkl+oXn+RgH0/6EAB6UN959TH 69GA4Fz4hzTsG8aJZZ4HEzg6Es+KP6occOMHlS4syU4Ml9V/MeM+as7Kii8FuNUJ+Osi E++FzqjljRuOzKHfOpZlLyps7svCWc2R9ybxFxQSZfX1f1sOOJKbxmlbrUXZlXKwWm1z ztx+aPZ8vHlqP63ZCd12pIdrikwbh/u3Janest0Dfwcs+sIZ7/y0oEFpCphnggJTGrLl jV0A== X-Gm-Message-State: AKGB3mJnW45E6uM1UpRd5b2gQ4qQmyqJoaphU/psVSDpnKLcYF43PjTU 8KftH+ckXrsAVAgQcmWofyYWKppR X-Google-Smtp-Source: ACJfBovQ6dNCgL8mWqYPaFalepeHp9zDMHJ0E/GDx6wl1Qt96UHCtggWe40BnG03zdxfd7Aq0YiGSA== X-Received: by 10.80.146.81 with SMTP id j17mr7768871eda.159.1515079077745; Thu, 04 Jan 2018 07:17:57 -0800 (PST) Original-Received: from rpluim ([149.5.228.1]) by smtp.gmail.com with ESMTPSA id f53sm2364299ede.86.2018.01.04.07.17.55 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 04 Jan 2018 07:17:55 -0800 (PST) Gmane-Reply-To-List: yes X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:141770 Archived-At: --=-=-= Content-Type: text/plain (this is emacs-26) Given a gnutls-verify-error of '(("news.gmane.org" nil) (".*" (:trustfiles :hostname))) gnutls-boot-parameters will always use (:trustfiles :hostname) even though the intent is to turn off verification for news.gmane.org. Proposed patch converts this to first-match, which I think matches the intent of the variable. --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-Change-gnutls-verify-error-to-be-first-match.patch >From 2935008e42d956607bf1893ea6507db6202b3eb1 Mon Sep 17 00:00:00 2001 From: Robert Pluim Date: Thu, 4 Jan 2018 16:12:47 +0100 Subject: [PATCH] Change gnutls-verify-error to be first-match * lisp/net/gnutls.el (gnutls-boot-parameters): Convert to first-match for gnutls-verify-error rather than any-match --- lisp/net/gnutls.el | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/lisp/net/gnutls.el b/lisp/net/gnutls.el index 5afd5c5804..c8f4824b53 100644 --- a/lisp/net/gnutls.el +++ b/lisp/net/gnutls.el @@ -282,13 +282,9 @@ gnutls-log-level t) ;; if a list, look for hostname matches ((listp gnutls-verify-error) - (apply 'append - (mapcar - (lambda (check) - (when (string-match (nth 0 check) - hostname) - (nth 1 check))) - gnutls-verify-error))) + (cadr (cl-find-if #'(lambda (x) + (string-match (car x) hostname)) + gnutls-verify-error))) ;; else it's nil (t nil)))) (min-prime-bits (or min-prime-bits gnutls-min-prime-bits))) -- 2.16.0.rc0 --=-=-=--