From: Lars Magne Ingebrigtsen <larsi@gnus.org>
To: ding@gnus.org
Subject: Automatic STARTTLS upgrades (was: gnutls status)
Date: Sun, 28 Nov 2010 03:36:20 +0100 [thread overview]
Message-ID: <m3r5e6uqcb.fsf_-_@quimbies.gnus.org> (raw)
In-Reply-To: <m31v667ph5.fsf@quimbies.gnus.org>
Lars Magne Ingebrigtsen <larsi@gnus.org> writes:
> What the hey. I've now altered NNTP to use proto-stream, and it'll
> switch on STARTTLS now if the server supports it.
But I'm wondering about the defaults a bit. This could be brittle and
slow if things don't actually work.
So let's take the worst-case scenarios:
* First we open a normal network connection, and we say "CAPABILITY" in
one way or another. This should be safe, but it's one extra round
trip.
* If the server says that it supports STARTTLS, we enable either:
** If Emacs has gnutls support, we just enable STARTTLS. One extra
round trip.
** If Emacs doesn't, we sever the connection, and start it again with
starttls.el, which defaults to gnutls-cli. This may fail because of
a faulty gnutls-cli installation, in which case we error out. But it
it's successful, then it's a close, an open, and an STARTTLS
enablement. So that's at least a ... big handful of extra round
trips.
* We then do the TLS negotiation. This is at least one round trip, but
it's probably more. It may fail for any number of reasons. For
instance, inn may be compiled with TLS support, but not have the
certificates. Or they may be grossly invalid. In that case, we error
out.
* On success, we do CAPABILITY again, since they have a tendency to
change after STARTTLS in some protocols.
* We're done!
So, as you can see, this introduces many new, interesting failure modes,
which have to be mitigated somehow.
First of all, I've now switched off opportunistic STARTTLS upgrades if
we don't have an Emacs with built-in gnutls support.
Secondly, I think if the STARTTLS stuff fails for any reason, the
connection should go back to being a plain network connection. Is that
possible with the built-in gnutls stuff, Ted? Otherwise, proto-stream
has to reopen the connection...
--
(domestic pets only, the antidote for overdose, milk.)
larsi@gnus.org * Lars Magne Ingebrigtsen
next prev parent reply other threads:[~2010-11-28 2:36 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-25 17:29 gnutls status Julien Danjou
2010-11-26 0:28 ` Lars Magne Ingebrigtsen
2010-11-26 12:13 ` Ted Zlatanov
2010-11-26 12:51 ` Julien Danjou
2010-11-26 15:02 ` Stefan Monnier
2010-11-26 15:56 ` Julien Danjou
2010-11-26 18:42 ` Stefan Monnier
2010-11-27 9:36 ` Julien Danjou
2010-11-27 14:28 ` Stefan Monnier
2010-11-28 9:55 ` Lars Magne Ingebrigtsen
2010-11-26 14:10 ` Lars Magne Ingebrigtsen
2010-11-27 14:18 ` Lars Magne Ingebrigtsen
2010-11-27 14:40 ` Lars Magne Ingebrigtsen
2010-11-27 15:31 ` Lars Magne Ingebrigtsen
2010-11-27 16:04 ` Lars Magne Ingebrigtsen
2010-11-27 16:37 ` Steinar Bang
2010-11-27 16:41 ` Lars Magne Ingebrigtsen
2010-11-27 16:59 ` Lars Magne Ingebrigtsen
2010-11-27 17:33 ` Dan Christensen
2010-11-27 17:36 ` Lars Magne Ingebrigtsen
2010-11-27 17:42 ` Lars Magne Ingebrigtsen
2010-11-28 2:36 ` Lars Magne Ingebrigtsen [this message]
2010-11-28 12:28 ` Automatic STARTTLS upgrades Lars Magne Ingebrigtsen
2010-11-28 13:34 ` Lars Magne Ingebrigtsen
2010-12-14 22:59 ` gnutls status Ted Zlatanov
2011-03-01 21:52 ` Ted Zlatanov
2011-03-05 11:01 ` Lars Magne Ingebrigtsen
2011-03-05 14:46 ` Ted Zlatanov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m3r5e6uqcb.fsf_-_@quimbies.gnus.org \
--to=larsi@gnus.org \
--cc=ding@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).