Mention TLS problem in the README

Also make gnutls-cli insecure again, for bug-to-bug compatibility with openssl.
emacs-circe · Nov 18, 2015 · d3e6391 · d3e6391
1 parent 5caab8e
commit d3e6391
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -85,6 +85,11 @@ add something like the following:
 With this in your configuration, you can use `M-x circe RET Freenode
 RET` to connect to Freenode using these settings.
 
+_Please note:_ Circe uses the `openssl` or `gnutls-cli` command line
+programs to connect via TLS. These tools do not by default verify the
+server certificate. If you want to verify the server certificate,
+customize the `tls-program` variable.
+
 ## Features
 
 - Sensible defaults

diff --git a/make-tls-process.el b/make-tls-process.el
@@ -29,7 +29,7 @@
 
 (defcustom tls-connection-command
   (if (executable-find "gnutls-cli")
-      "gnutls-cli -p %p %h"
+      "gnutls-cli --insecure -p %p %h"
     "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")
   "The command to use to create a TLS connection.