Unfortunately, this 1-byte change -- while a good idea -- is
ineffective on its own, because emacs does not verify TLS connections
by default... and in fact the gnutls configuration in Debian's emacs
is somehow so broken that it doesn't check certificates *even if*
certificate checking is enabled :
Removing the "forwarded" flag since upstream are wanting a much more
complicated change (and are not actually working on it, it seems):
https://lists.gnu.org/archive/html/emacs-devel/2015-05/msg00110.html
In Debian, we can assume that GnuTLS will be present and skip the whole HTTP
failback. All
Package: emacs24
Version: 24.5+1-1
Severity: normal
Tags: patch
emacs currently uses http://elpa.gnu.org as the default built-in package
repository.
Fortunately, that server already works over HTTPS too, so my patch simply
changes the default config to use an HTTPS URL for this.
I will submit th
3 matches
Mail list logo
