tags +unreproducible
thanks

Rob Browning <r...@defaultvalue.org> writes:

> Nathaniel Smith <n...@pobox.com> writes:
>
>> And sometimes I've even had it fail on https://wrong.host.badssl.com
>> after setting this (but not always).  However, it always happily loads
>> https://self-signed.badssl.com, which means it's providing no
>> protection at all against MITM attacks.
>
> So with 24.5+1-6+b2, right now I'm seeing exceptions for both addresses
> via emacs -Q:
>
>   (require 'gnutls)
>   (setq gnutls-verify-error t)
>   (url-retrieve-synchronously "https://wrong.host.badssl.com";)
>   (url-retrieve-synchronously "https://self-signed.badssl.com";)
>
> But perhaps this could be the intermittent success you mention?

As yet, both of these retrievals have always succeeded for me (just
tested again with emacs24-lucid 24.5+1-6+b2).

> In any case, I'm investigating the patch
>
>   
> http://git.savannah.gnu.org/cgit/emacs.git/commit/?id=ccae04f205db7cffa0f247a463272f6c5af77122
>
> mentioned here:
>
>   https://debbugs.gnu.org/cgi/bugreport.cgi?bug=20465
>
> referred to via:
>
>   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816063#15

While we might decide to add this patch anyway, so far it's not clear to
me that it's related to the core problem originally reported here.

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4

Reply via email to