Re: Network Security Manager merge time?

[Robert Pluim]

Lars Magne Ingebrigtsen <address@hidden> writes:

> Robert Pluim <address@hidden> writes:
>
>> I don't think I'm using TLS either:
>>
>>  gnus-secondary-select-methods
>>  '(
>>    (nntp "eternal"
>>       (nntp-address "news.eternal-september.org")))
>>
>> and my .authinfo entry specifies only nntp.
>
> It will upgrade via STARTTLS to encrypted automatically.
>
>> If I set nsm-security-level to 'low it all works.
>
> Hm.  What does
>
> (gnutls-peer-status 
>   (open-network-stream
>    "nntpd" (get-buffer-create "*nntp*") "news.eternal-september.org" "nntp"
>    :end-of-command "^\\([2345]\\|[.]\\).*\n"
>    :capability-command "HELP\r\n"
>    :success "^3"
>    :starttls-function
>    (lambda (capabilities)
>      (if (not (string-match "STARTTLS" capabilities))
>          nil
>        "STARTTLS\r\n"))))
>
> evaluate to for you?  (On different security levels.)

With low:

(:warnings ((:self-signed "certificate signer was not found (self-signed)") 
(:invalid "certificate could not be verified")) :certificate (:version 3 
:serial-number "0f:79:de" :issuer "O=Root CA,OU=http://www.cacert.org,CN=CA 
Cert Signing Authority,address@hidden" :valid-from "2014-08-31" :valid-to 
"2015-02-27" :subject "CN=news.eternal-september.org" ...))

With paranoid:

Debugger entered--Lisp error: (wrong-type-argument processp nil)
  gnutls-peer-status(nil)
  eval((gnutls-peer-status (open-network-stream "nntpd" (get-buffer-create 
"*nntp*") "news.eternal-september.org" "nntp" :end-of-command 
"^\\([2345]\\|[.]\\).*\n" :capability-command "HELP\n" :success "^3" 
:starttls-function (function (lambda (capabilities) (if (not (string-match 
"STARTTLS" capabilities)) nil "STARTTLS\n"))))) nil)
  eval-last-sexp-1(nil)
  eval-last-sexp(nil)
  call-interactively(eval-last-sexp nil nil)
  command-execute(eval-last-sexp)

and *nntp* contains

200 mx02.eternal-september.org InterNetNews NNRP server INN 2.6.0 (20141110 
snapshot) ready (posting ok)
100 Legal commands
  ARTICLE [message-ID|number]
  AUTHINFO USER name|PASS password|SASL mechanism [initial-response]|GENERIC 
program [argument ...]
  BODY [message-ID|number]
  CAPABILITIES [keyword]
  DATE
  GROUP newsgroup
  HDR header [message-ID|range]
  HEAD [message-ID|number]
  HELP
  IHAVE message-ID
  LAST
  LIST [ACTIVE [wildmat]|ACTIVE.TIMES [wildmat]|COUNTS 
[wildmat]|DISTRIB.PATS|DISTRIBUTIONS|HEADERS 
[MSGID|RANGE]|MODERATORS|MOTD|NEWSGROUPS [wildmat]|OVERVIEW.FMT|SUBSCRIPTIONS 
[wildmat]]
  LISTGROUP [newsgroup [range]]
  MODE READER
  NEWGROUPS [yy]yymmdd hhmmss [GMT]
  NEWNEWS wildmat [yy]yymmdd hhmmss [GMT]
  NEXT
  OVER [range]
  POST
  QUIT
  STARTTLS
  STAT [message-ID|number]
  XGTITLE [wildmat]
  XHDR header [message-ID|range]
  XOVER [range]
  XPAT header message-ID|range pattern [pattern ...]
Report problems to <address@hidden>.
.
382 Begin TLS negotiation now
100 Legal commands
  ARTICLE [message-ID|number]
  AUTHINFO USER name|PASS password|SASL mechanism [initial-response]|GENERIC 
program [argument ...]
  BODY [message-ID|number]
  CAPABILITIES [keyword]
  DATE
  GROUP newsgroup
  HDR header [message-ID|range]
  HEAD [message-ID|number]
  HELP
  IHAVE message-ID
  LAST
  LIST [ACTIVE [wildmat]|ACTIVE.TIMES [wildmat]|COUNTS 
[wildmat]|DISTRIB.PATS|DISTRIBUTIONS|HEADERS 
[MSGID|RANGE]|MODERATORS|MOTD|NEWSGROUPS [wildmat]|OVERVIEW.FMT|SUBSCRIPTIONS 
[wildmat]]
  LISTGROUP [newsgroup [range]]
  MODE READER
  NEWGROUPS [yy]yymmdd hhmmss [GMT]
  NEWNEWS wildmat [yy]yymmdd hhmmss [GMT]
  NEXT
  OVER [range]
  POST
  QUIT
  STARTTLS
  STAT [message-ID|number]
  XGTITLE [wildmat]
  XHDR header [message-ID|range]
  XOVER [range]
  XPAT header message-ID|range pattern [pattern ...]
Report problems to <address@hidden>.
.

Process nntpd<2> deleted