From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/65767 Path: news.gmane.org!not-for-mail From: Reiner Steib Newsgroups: gmane.emacs.gnus.general,gmane.emacs.devel Subject: Re: [Patch] Make tls.el support certificate verification Date: Sat, 24 Nov 2007 22:31:28 +0100 Message-ID: References: <877imqtdhb.fsf@denkblock.local> <87zlzc35bh.fsf@mocca.josefsson.org> <87ps063ixd.fsf@mocca.josefsson.org> <87zlxo4lwr.fsf@denkblock.local> <87d4uaksur.fsf@denkblock.local> <877ikhlrgs.fsf@denkblock.local> Reply-To: Reiner Steib NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1195942893 32015 80.91.229.12 (24 Nov 2007 22:21:33 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sat, 24 Nov 2007 22:21:33 +0000 (UTC) Cc: emacs-devel@gnu.org, ding@gnus.org To: Elias Oltmanns Original-X-From: ding-owner+M14265@lists.math.uh.edu Sat Nov 24 23:21:39 2007 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.50) id 1Iw3NY-0008Iv-IH for ding-account@gmane.org; Sat, 24 Nov 2007 23:21:36 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1Iw3NC-0007L6-Hu; Sat, 24 Nov 2007 16:21:14 -0600 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1Iw3NB-0007Kl-2M for ding@lists.math.uh.edu; Sat, 24 Nov 2007 16:21:13 -0600 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtp (Exim 4.67) (envelope-from ) id 1Iw3N4-0005Yu-NB for ding@lists.math.uh.edu; Sat, 24 Nov 2007 16:21:12 -0600 Original-Received: from mail.uni-ulm.de ([134.60.1.11]) by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian)) id 1Iw3N1-0004VP-00 for ; Sat, 24 Nov 2007 23:21:03 +0100 Original-Received: from bridgekeeper.physik.uni-ulm.de (bridgekeeper.physik.uni-ulm.de [134.60.41.37]) by mail.uni-ulm.de (8.14.1/8.14.1) with ESMTP id lAOML2NM024533; Sat, 24 Nov 2007 23:21:02 +0100 (MET) Original-Received: from localhost (bridgekeeper.physik.uni-ulm.de [134.60.41.37]) by bridgekeeper.physik.uni-ulm.de (Postfix) with ESMTP id 0C6CF12D6C; Sat, 24 Nov 2007 23:21:02 +0100 (CET) X-Face: 3Phac&+dw=IZHjhua]bp}LH<*p{qzj8u+ Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:65767 gmane.emacs.devel:84079 Archived-At: On Sat, Nov 17 2007, Elias Oltmanns wrote: > Reiner Steib wrote: >> Sorry for the delay, I didn't have a change do commit your changes >> during the past week (I'm not at home and I don't have a reasonable >> internet connection at the moment). > > Alright. Thanks for clarifying. Committed. Thank you for your contributions. Some remarks for future contributions: - The ChangeLog entries should be per function / per variable, e.g.: * tls.el (tls-certtool-program, tls-hostmismatch): New variables. (tls-checktrust): New variable. Check if GNU TLS complained about a mismatch between the hostname provided in the certificate and the name of the host connnecting to. (open-tls-stream): Use them. Check certificates against trusted root certificates. - defcustoms don't need the leading "*" in the doc string. (In many Emacs lisp files they still exist, but they will be removed eventually.) - defcustoms should have a version tag. See http://article.gmane.org/gmane.emacs.gnus.commits/5529 for my cosmetic/style changes. Would it be useful to add the strings suggested in the doc string of `tls-checktrust' to `tls-program'? Or provide them as custom options for `tls-program'? Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/