headers
Magnus Henoch | 15 May 2012 23:58
Picon
Gravatar

STARTTLS uses native GnuTLS on Emacs 24

Hi all,

I just committed a change to the master branch that makes jabber.el use
native GnuTLS support, if your Emacs is new enough (i.e. version 24) and
has such support compiled in.

It should verify certificates by default, and refuse to connect to
servers with invalid certificates.  You can disable the checks per
server by adding the server name to jabber-invalid-certificate-servers.

Testing would be appreciated.  I've just given it a quick run on a
GnuTLS-enabled Emacs, so I _hope_ I haven't broken it on older Emacsen.
Also, it would be interesting to know if this works on Windows; I
remember that it was quite painful to get Emacs to talk to
gnutls-cli...

Regards,
Magnus

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
Permalink | Reply |
headers
Magnus Henoch | 17 May 2012 12:00
Picon
Gravatar

Re: STARTTLS uses native GnuTLS on Emacs 24

Hm, it seems like this makes Emacs segfault or something on Mac OS X. Need to investigate when I have time…

On May 15, 2012 10:46 PM, "Magnus Henoch" <magnus.henoch <at> gmail.com> wrote:
Hi all,

I just committed a change to the master branch that makes jabber.el use
native GnuTLS support, if your Emacs is new enough (i.e. version 24) and
has such support compiled in.

It should verify certificates by default, and refuse to connect to
servers with invalid certificates.  You can disable the checks per
server by adding the server name to jabber-invalid-certificate-servers.

Testing would be appreciated.  I've just given it a quick run on a
GnuTLS-enabled Emacs, so I _hope_ I haven't broken it on older Emacsen.
Also, it would be interesting to know if this works on Windows; I
remember that it was quite painful to get Emacs to talk to
gnutls-cli...

Regards,
Magnus


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Emacs-jabber-general mailing list
Emacs-jabber-general <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/emacs-jabber-general
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Emacs-jabber-general mailing list
Emacs-jabber-general <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/emacs-jabber-general
Permalink | Reply |
headers
Richard Lewis | 17 May 2012 15:50
Picon
Gravatar

Re: STARTTLS uses native GnuTLS on Emacs 24

At Tue, 15 May 2012 22:58:19 +0100,
Magnus Henoch wrote:

> I just committed a change to the master branch that makes jabber.el use
> native GnuTLS support, if your Emacs is new enough (i.e. version 24) and
> has such support compiled in.
> 
> Testing would be appreciated.

One test it would be interesting to carry out is seeing what happens
when the host OS drops the network connection or internet routing. In
my experience, Emacs' networking implementations are quite susceptible
to this and tend to cause Emacs to hang.

I get this occasionally when using public wireless networks. But you
could probably simulate the situation at home with a modem-router and,
leaving your LAN enabled, disable the modem part of the device so that
packets can't be routed to the internet. Then see what happens to
Emacs.

Richard

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
Permalink | Reply |

Gmane