[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#22297: 24.5; gnutls builds do not verify https by default
From: |
Lars Magne Ingebrigtsen |
Subject: |
bug#22297: 24.5; gnutls builds do not verify https by default |
Date: |
Sun, 03 Jan 2016 10:43:37 +0100 |
User-agent: |
Gnus/5.130014 (Ma Gnus v0.14) Emacs/25.1.50 (gnu/linux) |
Glyph Lefkowitz <glyph@twistedmatrix.com> writes:
> ;; This elisp program illustrates the issue.
>
> (require 'cl)
> (let ((bad-hosts
> (loop for bad
> in `("https://wrong.host.badssl.com/"
> "https://self-signed.badssl.com/")
> if (condition-case e
> (url-retrieve
> bad (lambda (retrieved) t))
> (error nil))
> collect bad)))
> (if bad-hosts
> (error (format "tls misconfigured; retrieved %s ok"
> bad-hosts))
> (url-retrieve "https://badssl.com"
> (lambda (retrieved) t))))
I'm unable to reproduce the problem. With an Emacs built with GnuTLS, I
get warnings about invalid certificates.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no