Mercurial > emacs

changeset 110679:400dd9dfdb7b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Give up on using gnutls-cli for starttls.
author Katsumi Yamaoka <yamaoka@jpl.org>
date Fri, 01 Oct 2010 12:56:44 +0000
parents 7e83565f8d0e
children 3bc79f337a57
files lisp/ChangeLog lisp/gnus/ChangeLog lisp/gnus/nnimap.el lisp/net/tls.el
diffstat 4 files changed, 20 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/lisp/ChangeLog	Fri Oct 01 05:25:21 2010 -0700
+++ b/lisp/ChangeLog	Fri Oct 01 12:56:44 2010 +0000
@@ -1,3 +1,10 @@
+2010-10-01  Lars Magne Ingebrigtsen  <larsi@gnus.org>
+
+	* net/tls.el (tls-starttls-switches): Give up on using starttls with
+	gnutls-cli.
+	(tls-program): Add --insecure to be consistent with the defaults from
+	openssl s_client.  Now all three commands are insecure.
+
 2010-10-01  Eli Zaretskii  <eliz@gnu.org>
 
 	* makefile.w32-in (DEST, TAGS, TAGS-LISP, TAGS-nmake)
--- a/lisp/gnus/ChangeLog	Fri Oct 01 05:25:21 2010 -0700
+++ b/lisp/gnus/ChangeLog	Fri Oct 01 12:56:44 2010 +0000
@@ -1,3 +1,8 @@
+2010-10-01  Lars Magne Ingebrigtsen  <larsi@gnus.org>
+
+	* nnimap.el (nnimap-extend-tls-programs): Only extend those programs
+	for starttls that tls.el implements; i.e. openssl.
+
 2010-10-01  Katsumi Yamaoka  <yamaoka@jpl.org>
 
 	* gravatar.el: Don't load image.el that XEmacs doesn't provide.
--- a/lisp/gnus/nnimap.el	Fri Oct 01 05:25:21 2010 -0700
+++ b/lisp/gnus/nnimap.el	Fri Oct 01 12:56:44 2010 +0000
@@ -404,7 +404,11 @@
     (unless (consp programs)
       (setq programs (list programs)))
     (dolist (program programs)
-      (push (concat program " " "%s") result))
+      (when (assoc (car (split-string program)) tls-starttls-switches)
+	(push (if (not (string-match "%s" program))
+		  (concat program " " "%s")
+		program)
+	      result)))
     (nreverse result)))
 
 (defun nnimap-find-parameter (parameter elems)
--- a/lisp/net/tls.el	Fri Oct 01 05:25:21 2010 -0700
+++ b/lisp/net/tls.el	Fri Oct 01 12:56:44 2010 +0000
@@ -76,12 +76,11 @@
   :group 'tls)
 
 (defvar tls-starttls-switches
-  '(("gnutls-cli" "-s")
-    ("openssl" "-starttls imap"))
+  '(("openssl" "-starttls imap"))
   "Alist of programs and the switches necessary to get starttls behaviour.")
 
-(defcustom tls-program '("gnutls-cli %s -p %p %h"
-			 "gnutls-cli %s -p %p %h --protocols ssl3"
+(defcustom tls-program '("gnutls-cli --insecure -p %p %h"
+			 "gnutls-cli --insecure -p %p %h --protocols ssl3"
 			 "openssl s_client %s -connect %h:%p -no_ssl2 -ign_eof")
   "List of strings containing commands to start TLS stream to a host.
 Each entry in the list is tried until a connection is successful.