From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/65234
Path: news.gmane.org!not-for-mail
From: Simon Josefsson <simon@josefsson.org>
Newsgroups: gmane.emacs.devel,gmane.emacs.gnus.general
Subject: Re: [Patch] Make tls.el support certificate verification
Date: Mon, 24 Sep 2007 09:12:18 +0200
Message-ID: <87zlzc35bh.fsf@mocca.josefsson.org>
References: <877imqtdhb.fsf@denkblock.local>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: sea.gmane.org 1190617959 5257 80.91.229.12 (24 Sep 2007 07:12:39 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Mon, 24 Sep 2007 07:12:39 +0000 (UTC)
Cc: ding@gnus.org, emacs-devel@gnu.org
To: Elias Oltmanns <eo@nebensachen.de>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Sep 24 09:12:35 2007
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.50)
	id 1IZi7K-0008K2-3W
	for ged-emacs-devel@m.gmane.org; Mon, 24 Sep 2007 09:12:30 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1IZi7H-0003vY-Bu
	for ged-emacs-devel@m.gmane.org; Mon, 24 Sep 2007 03:12:27 -0400
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1IZi7E-0003vN-LP
	for emacs-devel@gnu.org; Mon, 24 Sep 2007 03:12:24 -0400
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1IZi7C-0003uu-SW
	for emacs-devel@gnu.org; Mon, 24 Sep 2007 03:12:23 -0400
Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1IZi7C-0003ur-MQ
	for emacs-devel@gnu.org; Mon, 24 Sep 2007 03:12:22 -0400
Original-Received: from mx20.gnu.org ([199.232.41.8])
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <simon@josefsson.org>) id 1IZi7C-00046J-5N
	for emacs-devel@gnu.org; Mon, 24 Sep 2007 03:12:22 -0400
Original-Received: from yxa.extundo.com ([83.241.177.38])
	by mx20.gnu.org with esmtp (Exim 4.60)
	(envelope-from <simon@josefsson.org>) id 1IZi7B-000282-Ak
	for emacs-devel@gnu.org; Mon, 24 Sep 2007 03:12:21 -0400
Original-Received: from mocca.josefsson.org (yxa.extundo.com [83.241.177.38])
	(authenticated bits=0)
	by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id
	l8O7CIbR026351
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Mon, 24 Sep 2007 09:12:19 +0200
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
Mail-Copies-To: nobody
X-Hashcash: 1:22:070924:eo@nebensachen.de::b11EG14GqVXUzjbp:1Gtt
X-Hashcash: 1:22:070924:ding@gnus.org::nirqZSfU4xuJmU3O:81M9
X-Hashcash: 1:22:070924:emacs-devel@gnu.org::BkE/sSeK32mRSHYD:f9Ks
In-Reply-To: <877imqtdhb.fsf@denkblock.local> (Elias Oltmanns's message of
	"Mon, 17 Sep 2007 01:08:48 +0200")
User-Agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux)
X-Virus-Scanned: ClamAV version 0.88.2,
	clamav-milter version 0.88.2 on yxa.extundo.com
X-Virus-Status: Clean
X-detected-kernel: Linux 2.6, seldom 2.4 (older, 4)
X-Detected-Kernel: Linux 2.6, seldom 2.4 (older, 4)
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:79673 gmane.emacs.gnus.general:65234
Archived-At: <http://permalink.gmane.org/gmane.emacs.gnus.general/65234>

Elias Oltmanns <eo@nebensachen.de> writes:

> Hi all,
>
> since there is a copy of tls.el in gnus but the emacs22 copy is moved to
> lisp/net, I'm not quite sure as to who is ultimately maintaining it.
> Hence, I'm sending this to both lists.

Hi!  Thanks for the patch.  I think it should be installed in both
CVS's, although perhaps tls.el should be removed from the Gnus
repository.  Others on the ding list, which Emacs version does Gnus in
CVS require?  If that emacs version has tls.el, I'm not sure it makes
sense to keep tls.el in the Gnus repository.

> Please find attached a patch (to current gnus trunk) that adds all it
> needs to facilitate the certificate verification features of gnutls-cli
> and openssl.

I did not test it, but it looks good.  Possibly the CA/client
certificate should get its own variable instead?  But that's not
important.

However, we need a copyright assignment to be able to use your patch
since it was over 10 lines of code.  I'll send it privately.

/Simon