bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#16978: 24.3; SSL/TLS with multiple man-in-the-middle vulnerabilities

From: Ted Zlatanov
Subject: bug#16978: 24.3; SSL/TLS with multiple man-in-the-middle vulnerabilities
Date: Mon, 17 Mar 2014 17:33:56 -0400
User-agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) 
On Tue, 11 Mar 2014 18:04:25 +0100 Jens Lechtenboerger 
<jens.lechtenboerger@fsfe.org> wrote: 

JL> I'm now on GNU Emacs 24.3.50.1.  I can't get gnutls-verify-error to
JL> work.  So far I only tried that with NNTPS, not SMTP.  If I set
JL> gnutls-verify-error to t, the TCP connection to port 563 is closed
JL> immediately (on the wire I see FIN/ACK immediately after the
JL> three-way handshake; no TLS related data at all).
JL> Afterwards, the server is shown as offline in the server buffer.
JL> gnus-server-open-server fails as long as gnutls-verify-error is t.

Hi Jens,

I've tested this:

(require 'gnutls)
(setq gnutls-verify-error t)
(open-gnutls-stream "tls" "tls-buffer" "imap.gmail.com" "imaps")
(open-gnutls-stream "tls" "tls-buffer" "localhost" "imaps")

I just made a small change to allow the t in the above, so please update
to the latest.

Can you please run `gnutls-serv' with the right options and hit it
directly, and see if that replicates the issue?

Thanks
Ted
reply via email to
[Prev in Thread] Current Thread [Next in Thread]