[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnus] Connecting to Eternal September with TLS?
From: |
Lars Magne Ingebrigtsen |
Subject: |
Re: [Gnus] Connecting to Eternal September with TLS? |
Date: |
Wed, 16 Mar 2016 11:53:29 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1.50 (gnu/linux) |
Anssi Saari <as@sci.fi> writes:
> And with a wild guess after visiting an ssl checker website I think I
> might need MD5 for signature checking. gnutls.el mentions
> GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 but I don't know how to specify that
> from Gnus.
Here's an easy test case:
(open-network-stream
"nntpd" (get-buffer-create "*foo*")
"news.eternal-september.org" "nntp"
:type 'starttls
:end-of-command "^\\([2345]\\|[.]\\).*\n"
:capability-command "HELP\r\n"
:success "^3"
:starttls-function
(lambda (capabilities)
(if (not (string-match "STARTTLS" capabilities))
nil
"STARTTLS\r\n")))
First of all, I think the error message is lacking. It should say more
about what's failing.
As to the bug -- gnutls by default now refuses to deal with MD5
certificates. We could override that, and instead let the network
security manager notify the user that the connection isn't safe.
I think that's a better solution, but others may differ.
(I've reported this with `M-x report-emacs-bug'.)
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no