From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Joost Kremers Newsgroups: gmane.emacs.help Subject: Re: smtpmail/starttls starts connection but never sends Date: 14 Nov 2012 20:42:46 GMT Message-ID: References: <874nksanw7.fsf@gmail.com> NNTP-Posting-Host: plane.gmane.org X-Trace: ger.gmane.org 1352925914 25242 80.91.229.3 (14 Nov 2012 20:45:14 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 14 Nov 2012 20:45:14 +0000 (UTC) To: help-gnu-emacs@gnu.org Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Wed Nov 14 21:45:24 2012 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1TYjpq-0000Na-OM for geh-help-gnu-emacs@m.gmane.org; Wed, 14 Nov 2012 21:45:22 +0100 Original-Received: from localhost ([::1]:46491 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TYjpg-0005I4-UA for geh-help-gnu-emacs@m.gmane.org; Wed, 14 Nov 2012 15:45:12 -0500 Original-Path: usenet.stanford.edu!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail Original-Newsgroups: gnu.emacs.help Original-Lines: 39 Original-X-Trace: individual.net y8EiLKnCBm9Yzs4XfgY5EwZ3uuuFlGqRltJf1VAmRpwMYZSFxDqlLyP04ro1BCntoW Cancel-Lock: sha1:eLClcHEZCbIpBwT1JLsjJC3EPC0= Mail-Copies-To: nobody X-Editor: Emacs of course! User-Agent: slrn/pre1.0.0-18 (Linux) Original-Xref: usenet.stanford.edu gnu.emacs.help:195371 X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Original-Sender: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.help:87694 Archived-At: Hi William, William Gardella wrote: > I wonder if you've tried playing around with the `tls-checktrust' > variable. If you (setq tls-checktrust 'ask), you should be able to > manually accept untrusted SSL/TLS keys by responding to a dialog in > Emacs. Along with setting `tls-checktrust' to ask, you can set > `tls-program' to have a command line that will allow you to call > gnutls-cli with your own private list of certificates. For me here in > Debian GNU/Linux, the following is a working TLS configuration that > checks certs but also lets me use invalid/self-signed ones when I wish: > > (setq tls-checktrust 'ask > tls-program > '("gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h" > "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3" > "openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof")) I haven't been able to try this for the simple reason that I haven't been able to find out where OS X stores its certificates... > Maybe this will help you if gnutls --insecure is no longer working. Well, right now, --insecure is the only thing that does work. What puzzles me is that --tofu should also work, from what I read about it, but it doesn't. The connection appears to be established, but the mail is not sent and the connection remains open, it seems. > If the above doesn't work, you can use strace or dtrace to see where in > the TLS-calling process Emacs hangs. You can also try writing out an > `open-network-stream' function call of your Emacs trying to talk to your > mail server and stepping through it with (edebug-defun). and how would I go about doing that? :-) -- Joost Kremers joostkremers@yahoo.com Selbst in die Unterwelt dringt durch Spalten Licht EN:SiS(9)