~michel-slm/elpher

1

elpher-socks-always and elpher-gemini-TLS-cert-checks

Christopher Howard <christopher@librehacker.com>
Details
Message ID
<87wmk7kvjl.fsf@librehacker.com>
DKIM signature
missing
Download raw message
6 months ago 
Hi, as mentioned earlier, I'm happy to report that the elpher SOCKS wrapper is working great. However, there is one little hangup for me. Personally, I like to have elpher-gemini-TLS-cert-checks set to ON — as it doesn't bother me to have to explicitly accept a new cert, as opposed to the alternative of not checking certs at all. However, it seems that enabling elpher-socks-always somehow causes cert checking to be once again disabled. Do you know if this is an issue in the elpher code, or something happening back in socks.el?

-- 
📛 Christopher Howard
🚀 gemini://gem.librehacker.com
🌐 http://gem.librehacker.com

בראשית ברא אלהים את השמים ואת הארץ
J.P. <jp@neverwas.me>
Details
Message ID
<87wmk70x9k.fsf@neverwas.me>
In-Reply-To
<87wmk7kvjl.fsf@librehacker.com> (view parent)
DKIM signature
pass
Download raw message
6 months ago 
Christopher Howard <christopher@librehacker.com> writes:

> Hi, as mentioned earlier, I'm happy to report that the elpher SOCKS wrapper is
> working great. However, there is one little hangup for me. Personally, I like
> to have elpher-gemini-TLS-cert-checks set to ON — as it doesn't bother me to
> have to explicitly accept a new cert, as opposed to the alternative of not
> checking certs at all. However, it seems that enabling elpher-socks-always
> somehow causes cert checking to be once again disabled. Do you know if this is
> an issue in the elpher code, or something happening back in socks.el?

The problem is on the Emacs side. As things stand, you can't have `nsm'
checks without also leaking DNS. See [1] (in particular, the first two
patches), and reply to that bug thread if you'd like to see any action
on this front. Thanks.

[1] https://debbugs.gnu.org/cgi/bugreport.cgi?bug=53941#76
Reply to thread Export thread (mbox)