[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The netsec thread
|
From: |
Lars Ingebrigtsen |
|
Subject: |
Re: The netsec thread |
|
Date: |
Wed, 04 Sep 2019 15:12:14 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Robert Pluim <address@hidden> writes:
> - (let ((unsafe-renegotiation (not (plist-get status :safe-renegotiation))))
> - (and unsafe-renegotiation
> - (format-message
> - "safe renegotiation is not supported, connection not protected
> from impersonators"))))
> + (when (string-version-lessp (plist-get status :protocol) "TLS1.3")
> + (let ((unsafe-renegotiation (not (plist-get status
> :safe-renegotiation))))
> + (and unsafe-renegotiation
> + (format-message
> + "safe renegotiation is not supported, connection not protected
> from impersonators")))))
After Paul's patch, I think it would make sense to just check for
whether :safe-renegotiation is present at all, and not check for
protocol version here. I.e., use `plist-member' first.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
- Re: The netsec thread, Robert Pluim, 2019/09/03
- Re: The netsec thread, Paul Eggert, 2019/09/03
- Re: The netsec thread, Robert Pluim, 2019/09/03
- Re: The netsec thread, Paul Eggert, 2019/09/03
- Re: The netsec thread, Robert Pluim, 2019/09/03
- Re: The netsec thread,
Lars Ingebrigtsen <=
- Re: The netsec thread, Robert Pluim, 2019/09/04
- Re: The netsec thread, Paul Eggert, 2019/09/04
- Re: The netsec thread, Robert Pluim, 2019/09/04
- Re: The netsec thread, Robert Pluim, 2019/09/05
- Re: The netsec thread, Paul Eggert, 2019/09/05
- Re: The netsec thread, Robert Pluim, 2019/09/05
- Re: The netsec thread, Lars Ingebrigtsen, 2019/09/04