* Re: emacs-25 eaa0058: Improve documentation of 'gnutls-verify-error' [not found] ` <20170509190630.CFCC021038@vcs0.savannah.gnu.org> @ 2017-05-10 7:26 ` Michael Albinus 2017-05-15 19:54 ` Ted Zlatanov 0 siblings, 1 reply; 2+ messages in thread From: Michael Albinus @ 2017-05-10 7:26 UTC (permalink / raw) To: emacs-devel eliz@gnu.org (Eli Zaretskii) writes: > (defcustom gnutls-verify-error nil > - "If non-nil, this should be a list of checks per hostname regex or t." > + "If non-nil, this should be t or a list of checks per hostname regex. > +If nil, the default, failures in certificate verification will be > +logged (subject to `gnutls-log-level'), but the connection will be > +allowed to proceed. > +If the value is a list, it should have the form > + > + ((HOST-REGEX FLAGS...) (HOST-REGEX FLAGS...) ...) > + > +where each HOST-REGEX is a regular expression to be matched > +against the hostname, and FLAGS is either t or a list of > +one or more verification flags. The supported flags and the > +corresponding conditions to be tested are: > + > + :trustfiles -- certificate must be issued by a trusted authority. > + :hostname -- hostname must match presented certificate's host name. > + t -- all of the above conditions are tested. > + > +If the condition test fails, an error will be signaled. > + > +If the value of this variable is t, every connection will be subjected > +to all of the tests described above." > :group 'gnutls > :version "24.4" > :type '(choice Wouldn't this be a candidate for connection-local variables? Ted? Best regards, Michael. ^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: emacs-25 eaa0058: Improve documentation of 'gnutls-verify-error' 2017-05-10 7:26 ` emacs-25 eaa0058: Improve documentation of 'gnutls-verify-error' Michael Albinus @ 2017-05-15 19:54 ` Ted Zlatanov 0 siblings, 0 replies; 2+ messages in thread From: Ted Zlatanov @ 2017-05-15 19:54 UTC (permalink / raw) To: emacs-devel On Wed, 10 May 2017 09:26:09 +0200 Michael Albinus <michael.albinus@gmx.de> wrote: MA> eliz@gnu.org (Eli Zaretskii) writes: >> (defcustom gnutls-verify-error nil >> - "If non-nil, this should be a list of checks per hostname regex or t." >> + "If non-nil, this should be t or a list of checks per hostname regex. ... MA> Wouldn't this be a candidate for connection-local variables? MA> Ted? Yes! It's on my TODO list, I promise. I want to finish the GnuTLS work first. I am sure that doing settings ad-hoc in each gnutls-* variable is the wrong way long-term and the connection-local profiles are the right way, so the necessary work now is to rewrite the gnutls-* settings but keep backwards compatibility. If anyone is interested, go for it... otherwise, I'll work on it when I have a chance. Thanks! Ted ^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-05-15 19:54 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20170509190629.21265.64192@vcs0.savannah.gnu.org>
[not found] ` <20170509190630.CFCC021038@vcs0.savannah.gnu.org>
2017-05-10 7:26 ` emacs-25 eaa0058: Improve documentation of 'gnutls-verify-error' Michael Albinus
2017-05-15 19:54 ` Ted Zlatanov
Code repositories for project(s) associated with this external index https://git.savannah.gnu.org/cgit/emacs.git https://git.savannah.gnu.org/cgit/emacs/org-mode.git This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.