[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Deprecate TLS1.0 support in emacs
|
From: |
Andreas Schwab |
|
Subject: |
Re: Deprecate TLS1.0 support in emacs |
|
Date: |
Wed, 12 Jul 2017 16:55:55 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) |
On Jul 12 2017, Robert Pluim <address@hidden> wrote:
> Andreas Schwab <address@hidden> writes:
>
>> On Jul 12 2017, Robert Pluim <address@hidden> wrote:
>>
>>> @@ -231,6 +231,27 @@ nsm-check-protocol
>>> host port protocol)))
>>> (delete-process process)
>>> nil)
>>> + ((and protocol
>>> + (string-match "TLS1.0" protocol)
>>> + (not (memq :tls1.0 (plist-get settings :conditions)))
>>> + (not
>>> + (nsm-query
>>> + host port status :tls1.0
>>> + "The connection to %s:%s uses the %s protocol, which is unsafe."
>>> + host port protocol)))
>>> + (delete-process process)
>>> + nil)
>>> + ((and protocol
>>> + (eq network-security-level 'paranoid)
>>> + (string-match "TLS1.1" protocol)
>>
>> Why string-match?
>
> It's what the surrounding code uses to check for ssl. You'd prefer
> string-equal ?
Is TLS1.10 or TLS101 unsafe?
Andreas.
--
Andreas Schwab, SUSE Labs, address@hidden
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."
- Deprecate TLS1.0 support in emacs, Robert Pluim, 2017/07/12
- Re: Deprecate TLS1.0 support in emacs, Lars Ingebrigtsen, 2017/07/12
- Re: Deprecate TLS1.0 support in emacs, Robert Pluim, 2017/07/12
- Re: Deprecate TLS1.0 support in emacs, Lars Ingebrigtsen, 2017/07/12
- Re: Deprecate TLS1.0 support in emacs, Robert Pluim, 2017/07/13
- Re: Deprecate TLS1.0 support in emacs, Richard Stallman, 2017/07/13
- Re: Deprecate TLS1.0 support in emacs, Robert Pluim, 2017/07/13