bug-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#25061: consider adding %COMPAT to default gnutls priority string


From: Andy Wingo
Subject: bug#25061: consider adding %COMPAT to default gnutls priority string
Date: Fri, 10 Feb 2017 16:51:39 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)

On Mon 30 Jan 2017 09:01, address@hidden (Ludovic Courtès) writes:

> Lars Ingebrigtsen <address@hidden> skribis:
>
>> Ted Zlatanov <address@hidden> writes:
>>
>>> On Thu, 01 Dec 2016 21:25:29 +0100 address@hidden (Ludovic Courtès) wrote: 
>>>
>>> LC> Ted Zlatanov <address@hidden> skribis:
>>>
>>>>> We could break down %COMPAT to all its components and find which ones
>>>>> are causing the issue.
>>>
>>> LC> %DUMBFW may be that option (info "(gnutls) Priority Strings"):
>>>
>>> LC> will add a private extension with bogus data that make the
>>> LC> client hello exceed 512 bytes. This avoids a black hole
>>> LC> behavior in some firewalls. This is the [_rfc7685_] client
>>> LC> hello padding extension, also enabled with %COMPAT.
>>>
>>> Nice. Could you or Andy verify if it resolves the originally reported
>>> problem? I think it's very reasonable to add it to the default, if it does.
>>
>> Yes, I think so, too.  Did anyone of you check whether it fixed the problems?
>
> I’m just a passerby so I haven’t tested.  ;-)
>
> I think Andy has been traveling lately but he might be able to check
> later.

I tried checking (had to remember what I was doing to begin with!) and
was not able to reproduce the original problem, and therefore couldn't
test NORMAL:%COMPAT or NORMAL:%DUMBFW :/  Sorry :/

I was trying to just do this:

  ;; uncomment to test original proposed workaround
  ;; (setq gnutls-algorithm-priority "NORMAL:%COMPAT")
  (setq gnutls-log-level 2)
  (url-retrieve "https://mirror.hydra.gnu.org/";
                #'(lambda (status)
                    (message "success")))

and evaluating that last form a number of times.  Not very scientific :P
I was unable to reproduce the problem though.

Andy





reply via email to

[Prev in Thread] Current Thread [Next in Thread]