[Gnus] Connecting to Eternal September with TLS?

help-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnus] Connecting to Eternal September with TLS?

From:	Anssi Saari
Subject:	[Gnus] Connecting to Eternal September with TLS?
Date:	Wed, 16 Mar 2016 10:00:32 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)

Last week I was able to connect to Eternal September nntp server with
this:

(setq gnus-select-method '(nntp "news.eternal-september.org"
                                (nntp-open-connection-function
                                nntp-open-tls-stream)
                                (nntp-port-number 563)
                                (nntp-address
                                "news.eternal-september.org")))

The computer was rebooted during the weekend, presumably some updates
were installed. It's running Ubuntu 14.04.3 LTS, GNU Emacs 24.3.1, Gnus
v5.13 (not administrated by me).

Today I get this:

gnutls.c: [0] (Emacs) fatal error: The signature algorithm is not
supported.
gnutls.el: (err=[-106] The signature algorithm is not supported.) boot:
(:priority NORMAL :hostname news.eternal-september.org :loglev\
el 0 :min-prime-bits 256 :trustfiles
(/etc/ssl/certs/ca-certificates.crt) :crlfiles nil :keylist nil
:verify-flags nil :verify-error n\
il :verify-hostname-error nil :callbacks nil)

With more loglevel I got this:

gnutls.c: [1] (Emacs) allocating credentials
gnutls.c: [2] (Emacs) allocating x509 credentials
gnutls.c: [2] (Emacs) using default verification flags
gnutls.c: [1] (Emacs) setting the trustfile:
/etc/ssl/certs/ca-certificates.crt
gnutls.c: [1] (Emacs) gnutls callbacks
gnutls.c: [1] (Emacs) gnutls_init
gnutls.c: [1] (Emacs) got non-default priority string: NORMAL
gnutls.c: [1] (Emacs) setting the priority string
gnutls.c: [2] ASSERT: gnutls_constate.c:695

gnutls.c: [2] EXT[0x3f9bdd0]: Sending extension SAFE RENEGOTIATION (1
bytes)

gnutls.c: [2] EXT[SIGA]: sent signature algo (4.2) DSA-SHA256

gnutls.c: [2] EXT[SIGA]: sent signature algo (4.1) RSA-SHA256

gnutls.c: [2] EXT[SIGA]: sent signature algo (2.1) RSA-SHA1

gnutls.c: [2] EXT[SIGA]: sent signature algo (2.2) DSA-SHA1

gnutls.c: [2] EXT[0x3f9bdd0]: Sending extension SIGNATURE ALGORITHMS (10
bytes)

gnutls.c: [1] (Emacs) non-fatal error: Resource temporarily unavailable,
try again. [75 times]
gnutls.c: [2] EXT[0x3f9bdd0]: Parsing extension 'SAFE
RENEGOTIATION/65281' (1 bytes)

gnutls.c: [2] ASSERT: auth_cert.c:1127

gnutls.c: [2] ASSERT: gnutls_kx.c:705

gnutls.c: [2] ASSERT: gnutls_handshake.c:2777

gnutls.c: [0] (Emacs) fatal error: The signature algorithm is not
supported.
gnutls.el: (err=[-106] The signature algorithm is not supported.) boot:
(:priority NORMAL :hostname news.eternal-september.org :loglevel 2
:min-prime-bits 256 :trustfiles (/etc/ssl/certs/ca-certificates.crt)
:crlfiles nil :keylist nil :verify-flags nil :verify-error nil
:verify-hostname-error nil :callbacks nil)
gnutls.c: [2] (Emacs) Deallocating x509 credentials
>>> (gnutls-error nntpd -106)

And with a wild guess after visiting an ssl checker website I think I
might need MD5 for signature checking. gnutls.el mentions
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 but I don't know how to specify that
from Gnus.

[Prev in Thread]

Current Thread

[Next in Thread]

[Gnus] Connecting to Eternal September with TLS?, Anssi Saari <=
- Re: [Gnus] Connecting to Eternal September with TLS?, Lars Magne Ingebrigtsen, 2016/03/16

Prev by Date: Re: pari.el : Process stty in windows ?
Next by Date: Re: Using Emacs nXML mode to validate XHTML5 using the v.Nu schemas: support for HTTP-based schema URI?
Previous by thread: How to paste under terminal emacs?
Next by thread: Re: [Gnus] Connecting to Eternal September with TLS?
Index(es):
- Date
- Thread