From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Michael Albinus Newsgroups: gmane.emacs.devel Subject: Re: emacs-25 eaa0058: Improve documentation of 'gnutls-verify-error' Date: Wed, 10 May 2017 09:26:09 +0200 Message-ID: <87lgq5goku.fsf@detlef> References: <20170509190629.21265.64192@vcs0.savannah.gnu.org> <20170509190630.CFCC021038@vcs0.savannah.gnu.org> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: blaine.gmane.org 1494401223 3236 195.159.176.226 (10 May 2017 07:27:03 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Wed, 10 May 2017 07:27:03 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed May 10 09:26:58 2017 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1d8M1P-0000Vu-3a for ged-emacs-devel@m.gmane.org; Wed, 10 May 2017 09:26:55 +0200 Original-Received: from localhost ([::1]:40874 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d8M1P-00054e-Bc for ged-emacs-devel@m.gmane.org; Wed, 10 May 2017 03:26:55 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:48418) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d8M0n-00054G-Hs for emacs-devel@gnu.org; Wed, 10 May 2017 03:26:18 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d8M0k-0006q7-DS for emacs-devel@gnu.org; Wed, 10 May 2017 03:26:17 -0400 Original-Received: from mout.gmx.net ([212.227.15.18]:62138) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1d8M0k-0006pS-31 for emacs-devel@gnu.org; Wed, 10 May 2017 03:26:14 -0400 Original-Received: from detlef.gmx.de ([213.220.145.27]) by mail.gmx.com (mrgmx003 [212.227.17.190]) with ESMTPSA (Nemesis) id 0LikE1-1dl0DX34ZR-00cyI5 for ; Wed, 10 May 2017 09:26:10 +0200 In-Reply-To: <20170509190630.CFCC021038@vcs0.savannah.gnu.org> (Eli Zaretskii's message of "Tue, 9 May 2017 15:06:30 -0400 (EDT)") X-Provags-ID: V03:K0:u0UQKCCnZ9oUjuPGon8k/hD8JsINNid6Gv9dIP+H7wnaVVyM64a kMrnmycUJKyp/k6CdiQTE+G0f/+jBDmrubFVRmEUlWLmPD5fA5k+9U/awp8hOH3uUL53RwA Ib4tMtm1S2NoCgRVybvh54sIHvVfbLhf08RJFRflHD/U44e/iHCHbHyw36IiNM31jpqfcfD m6lkr/61QJy6mB5F5de0g== X-UI-Out-Filterresults: notjunk:1;V01:K0:/RCai/4c1D0=:xIEWjT6V5qNN1lRRCO17fR 2Vr5xAquPDS6PoFflRZc+lF2erE0qigZXrtNE+2oiAZ8jE6wb9/DQo+hT1NF4GSEMjiu3boy1 GwTPEyYx++Z4PwUtj6n8rZjG9ofjCrE+9s/+0yJtbV3KK/aWH6ShphXIS1Y7TTDUSAAMCztf2 qEfYm2MIrXfkmK6maXeb0MHPlzKTVCZTInrAbdAwrt71wB9M/qzsxTcZ4g803AidYSTJqZ+JB NKVsqgm5RNhZoJET7DyVr8Zoo9FthGRruSTBCLfoFdYRsauQZW23eBUQduwvtxnJR6eAAp2fC PX5CerFg8yFchrpz/jfltuVTVONRtgjApXv9X917nd2ARJy2YuBqxYIY3t0gD5yscIhLXSsUL UUFPRWCEVwbqNKOsVNrd8r9kvL+NIXN0xwV6VdkT5Q4YGHBlpuIboeyPOx/QDQkUtCCs5gO75 n/j2OEIfQqln/EkRWpnDV2fgI3LeFpAdAubM4LmjkBny+phwWoTbOeBoqAzNBlQXEKYQF/qz3 7KcoiysSLUnn8vOlIhBLuP2ElE+1vjLWPw7zwkcoQBD/FuiWznOMwR+BN1N84KxE9SPX/6wvG qVcFGG9oVL04FWqhxXr5McMTx4vN2GKyrj+xL6YQ+NKe4QS+Hk8Dg+8nHaPPKWj5cJglKERjg DxvEhoC9H/Cm1ISR9hVxlEk+yU67BU7Ct5uZ7EelcxqnBfMuM6ptu0vqmhhbIrCu3VE4TJcLk 4I3tMwcLH+eP2Vz6hHDBwdpJQ+KAlWa6Hc3NszBy8mjkmO+NYP4Q9XBwu2jsPuu5mYpOiF+f X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 212.227.15.18 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:214742 Archived-At: eliz@gnu.org (Eli Zaretskii) writes: > (defcustom gnutls-verify-error nil > - "If non-nil, this should be a list of checks per hostname regex or t." > + "If non-nil, this should be t or a list of checks per hostname regex. > +If nil, the default, failures in certificate verification will be > +logged (subject to `gnutls-log-level'), but the connection will be > +allowed to proceed. > +If the value is a list, it should have the form > + > + ((HOST-REGEX FLAGS...) (HOST-REGEX FLAGS...) ...) > + > +where each HOST-REGEX is a regular expression to be matched > +against the hostname, and FLAGS is either t or a list of > +one or more verification flags. The supported flags and the > +corresponding conditions to be tested are: > + > + :trustfiles -- certificate must be issued by a trusted authority. > + :hostname -- hostname must match presented certificate's host name. > + t -- all of the above conditions are tested. > + > +If the condition test fails, an error will be signaled. > + > +If the value of this variable is t, every connection will be subjected > +to all of the tests described above." > :group 'gnutls > :version "24.4" > :type '(choice Wouldn't this be a candidate for connection-local variables? Ted? Best regards, Michael.